Refacto: Policy & keys data structure

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_cover_crypt"
-version = "13.0.0"
+version = "13.1.0"
 authors = [
   "Théophile Brezot <[email protected]>",
   "Bruno Grieder <[email protected]>",

src/abe_policy/access_policy.rs

@@ -346,7 +346,8 @@ impl AccessPolicy {
     /// given access policy. It is an OR expression of AND expressions.
     ///
     /// - `policy`                              : global policy
-    /// - `include_lower_attributes_from_dim`   : set to `true` to combine lower attributes
+    /// - `include_lower_attributes_from_dim`   : set to `true` to combine lower
+    ///   attributes
     /// from dimension with hierarchical order
     pub fn to_attribute_combinations(
         &self,
@@ -360,12 +361,14 @@ impl AccessPolicy {
                     .get(&attr.dimension)
                     .ok_or_else(|| Error::DimensionNotFound(attr.dimension.to_string()))?;
                 let mut res = vec![vec![attr.clone()]];
-                if let Some(order) = dim_parameters.order.as_deref() {
-                    if include_lower_attributes_from_dim {
-                        // add attribute values for all attributes below the given one
-                        for name in order.iter().take_while(|&name| name != &attr.name) {
-                            res.push(vec![Attribute::new(&attr.dimension, name)]);
-                        }
+                if include_lower_attributes_from_dim && dim_parameters.is_ordered() {
+                    // TODO: optimize `Dict` for this step
+                    // add attribute values for all attributes below the given one
+                    for name in dim_parameters
+                        .get_attributes_name()
+                        .take_while(|&name| name != &attr.name)
+                    {
+                        res.push(vec![Attribute::new(&attr.dimension, name)]);
                     }
                 }
                 Ok(res)

src/abe_policy/dimension.rs

@@ -1,12 +1,12 @@
-use std::{collections::HashMap, fmt::Debug, vec};
+use std::{collections::HashMap, fmt::Debug};
 
 use serde::{Deserialize, Serialize};
 
 use super::{
     attribute::{AttributeBuilder, EncryptionHint},
     AttributeStatus,
 };
-use crate::Error;
+use crate::{data_struct::Dict, Error};
 
 ///
 /// Creates a dimension by its name and its underlying attribute properties.
@@ -69,9 +69,9 @@ impl DimensionBuilder {
 #[derive(Clone, PartialEq, Eq, Serialize, Deserialize, Debug)]
 /// Represents an `Attribute` inside a `Dimension`.
 pub struct AttributeParameters {
-    pub rotation_values: Vec<u32>,
-    pub encryption_hint: EncryptionHint,
-    pub write_status: AttributeStatus,
+    pub(crate) rotation_values: Vec<u32>,
+    pub(crate) encryption_hint: EncryptionHint,
+    pub(crate) write_status: AttributeStatus,
 }
 
 impl AttributeParameters {
@@ -94,6 +94,21 @@ impl AttributeParameters {
             .expect("Attribute should always have at least one value")
     }
 
+    pub fn rotate_current_value(&mut self, seed_id: &mut u32) {
+        *seed_id += 1;
+        self.rotation_values.push(*seed_id)
+    }
+
+    pub fn clear_old_rotation_values(&mut self) {
+        // TODO: use VecDeque ?
+        let current_val = self.get_current_rotation();
+        self.rotation_values.retain(|val| val == &current_val);
+    }
+
+    pub fn all_rotation_values(&self) -> impl '_ + DoubleEndedIterator<Item = u32> {
+        self.rotation_values.iter().copied()
+    }
+
     /// Flattens the properties of the `AttributeParameters` into a vector of
     /// tuples where each tuple contains a rotation value, the associated
     /// encryption hint, and the `read_only` flag.
@@ -110,9 +125,9 @@ type AttributeName = String;
 #[derive(Clone, Eq, PartialEq, Serialize, Deserialize, Debug)]
 /// A dimension is a space that holds attributes. It can be ordered (an
 /// dimension) or unordered (a set).
-pub struct Dimension {
-    pub order: Option<Vec<AttributeName>>,
-    pub attributes: HashMap<AttributeName, AttributeParameters>,
+pub enum Dimension {
+    Unordered(HashMap<AttributeName, AttributeParameters>),
+    Ordered(Dict<AttributeName, AttributeParameters>),
 }
 
 impl Dimension {
@@ -123,33 +138,49 @@ impl Dimension {
     ///
     /// * `dim` - The `DimensionBuilder` to base the dimension on.
     /// * `seed_id` - A mutable reference to a seed ID used for generating
-    ///   unique IDs for attributes.
+    ///   unique values for attributes.
     pub fn new(dim: &DimensionBuilder, seed_id: &mut u32) -> Self {
-        let attributes_mapping = dim
-            .attributes_properties
-            .iter()
-            .map(|attr| {
-                (
-                    attr.name.clone(),
-                    AttributeParameters::new(attr.encryption_hint, seed_id),
-                )
-            })
-            .collect();
+        let attributes_mapping = dim.attributes_properties.iter().map(|attr| {
+            (
+                attr.name.clone(),
+                AttributeParameters::new(attr.encryption_hint, seed_id),
+            )
+        });
 
         match dim.hierarchical {
-            true => Self {
-                order: Some(
-                    dim.attributes_properties
-                        .iter()
-                        .map(|attr| attr.name.clone())
-                        .collect(),
-                ),
-                attributes: attributes_mapping,
-            },
-            false => Self {
-                order: None,
-                attributes: attributes_mapping,
-            },
+            true => Self::Ordered(attributes_mapping.collect()),
+            false => Self::Unordered(attributes_mapping.collect()),
+        }
+    }
+
+    pub fn nb_attributes(&self) -> usize {
+        match self {
+            Self::Unordered(attributes) => attributes.len(),
+            Self::Ordered(attributes) => attributes.len(),
+        }
+    }
+
+    pub fn is_ordered(&self) -> bool {
+        match self {
+            Self::Unordered(_) => false,
+            Self::Ordered(_) => true,
+        }
+    }
+
+    /// Returns an iterator over the attributes name.
+    /// If the dimension is ordered, the names are returned in this order,
+    /// otherwise they are returned in arbitrary order.
+    pub fn get_attributes_name(&self) -> Box<dyn '_ + Iterator<Item = &AttributeName>> {
+        match self {
+            Self::Unordered(attributes) => Box::new(attributes.keys()),
+            Self::Ordered(attributes) => Box::new(attributes.keys()),
+        }
+    }
+
+    pub fn get_attribute(&self, attr_name: &AttributeName) -> Option<&AttributeParameters> {
+        match self {
+            Self::Unordered(attributes) => attributes.get(attr_name),
+            Self::Ordered(attributes) => attributes.get(attr_name),
         }
     }
 
@@ -169,13 +200,21 @@ impl Dimension {
         attr_name: &AttributeName,
         seed_id: &mut u32,
     ) -> Result<(), Error> {
-        match self.attributes.get_mut(attr_name) {
-            Some(attr) => {
-                *seed_id += 1;
-                attr.rotation_values.push(*seed_id);
-                Ok(())
-            }
-            None => Err(Error::AttributeNotFound(attr_name.to_string())),
+        match self {
+            Self::Unordered(attributes) => match attributes.get_mut(attr_name) {
+                Some(attr) => {
+                    attr.rotate_current_value(seed_id);
+                    Ok(())
+                }
+                None => Err(Error::AttributeNotFound(attr_name.to_string())),
+            },
+            Self::Ordered(attributes) => match attributes.get_mut(attr_name) {
+                Some(attr) => {
+                    attr.rotate_current_value(seed_id);
+                    Ok(())
+                }
+                None => Err(Error::AttributeNotFound(attr_name.to_string())),
+            },
         }
     }
 
@@ -195,20 +234,23 @@ impl Dimension {
         encryption_hint: EncryptionHint,
         seed_id: &mut u32,
     ) -> Result<(), Error> {
-        if self.order.is_some() {
-            Err(Error::OperationNotPermitted(
+        match self {
+            Self::Unordered(attributes) => {
+                if attributes.contains_key(attr_name) {
+                    Err(Error::OperationNotPermitted(
+                        "Attribute already in dimension".to_string(),
+                    ))
+                } else {
+                    attributes.insert(
+                        attr_name.clone(),
+                        AttributeParameters::new(encryption_hint, seed_id),
+                    );
+                    Ok(())
+                }
+            }
+            Self::Ordered(_) => Err(Error::OperationNotPermitted(
                 "Hierarchical dimension are immutable".to_string(),
-            ))
-        } else if self.attributes.contains_key(attr_name) {
-            Err(Error::OperationNotPermitted(
-                "Attribute already in dimension".to_string(),
-            ))
-        } else {
-            self.attributes.insert(
-                attr_name.clone(),
-                AttributeParameters::new(encryption_hint, seed_id),
-            );
-            Ok(())
+            )),
         }
     }
 
@@ -223,15 +265,14 @@ impl Dimension {
     /// Returns an error if the operation is not permitted or if the attribute
     /// is not found.
     pub fn remove_attribute(&mut self, attr_name: &AttributeName) -> Result<(), Error> {
-        if self.order.is_some() {
-            Err(Error::OperationNotPermitted(
-                "Hierarchical dimension are immutable".to_string(),
-            ))
-        } else {
-            self.attributes
+        match self {
+            Self::Unordered(attributes) => attributes
                 .remove(attr_name)
                 .map(|_| ())
-                .ok_or(Error::AttributeNotFound(attr_name.to_string()))
+                .ok_or(Error::AttributeNotFound(attr_name.to_string())),
+            Self::Ordered(_) => Err(Error::OperationNotPermitted(
+                "Hierarchical dimension are immutable".to_string(),
+            )),
         }
     }
 
@@ -245,10 +286,16 @@ impl Dimension {
     ///
     /// Returns an error if the attribute is not found.
     pub fn disable_attribute(&mut self, attr_name: &AttributeName) -> Result<(), Error> {
-        self.attributes
-            .get_mut(attr_name)
-            .map(|attr| attr.write_status = AttributeStatus::DecryptOnly)
-            .ok_or(Error::AttributeNotFound(attr_name.to_string()))
+        match self {
+            Self::Unordered(attributes) => attributes
+                .get_mut(attr_name)
+                .map(|attr| attr.write_status = AttributeStatus::DecryptOnly)
+                .ok_or(Error::AttributeNotFound(attr_name.to_string())),
+            Self::Ordered(attributes) => attributes
+                .get_mut(attr_name)
+                .map(|attr| attr.write_status = AttributeStatus::DecryptOnly)
+                .ok_or(Error::AttributeNotFound(attr_name.to_string())),
+        }
     }
 
     /// Renames an attribute with a new name.
@@ -267,24 +314,24 @@ impl Dimension {
         attr_name: &AttributeName,
         new_name: &str,
     ) -> Result<(), Error> {
-        if self.attributes.contains_key(new_name) {
-            return Err(Error::OperationNotPermitted(
-                "New attribute name is already used in the same dimension".to_string(),
-            ));
-        }
-        match self.attributes.remove(attr_name) {
-            Some(attr_params) => {
-                self.attributes.insert(new_name.to_string(), attr_params);
-                if let Some(order) = self.order.as_mut() {
-                    order.iter_mut().for_each(|name| {
-                        if name == attr_name {
-                            *name = new_name.to_string()
-                        }
-                    })
+        match self {
+            Self::Unordered(attributes) => {
+                if attributes.contains_key(new_name) {
+                    return Err(Error::OperationNotPermitted(
+                        "New attribute name is already used in the same dimension".to_string(),
+                    ));
+                }
+                match attributes.remove(attr_name) {
+                    Some(attr_params) => {
+                        attributes.insert(new_name.to_string(), attr_params);
+                        Ok(())
+                    }
+                    None => Err(Error::AttributeNotFound(attr_name.to_string())),
                 }
-                Ok(())
             }
-            None => Err(Error::AttributeNotFound(attr_name.to_string())),
+            Self::Ordered(attributes) => attributes
+                .update_key(attr_name, new_name.to_string())
+                .map_err(|e| Error::OperationNotPermitted(e.to_string())),
         }
     }
 
@@ -298,33 +345,35 @@ impl Dimension {
     ///
     /// Returns an error if the attribute is not found.
     pub fn clear_old_attribute_values(&mut self, attr_name: &AttributeName) -> Result<(), Error> {
-        self.attributes
-            .get_mut(attr_name)
-            .map(|attr| {
-                let current_val = attr.get_current_rotation();
-                attr.rotation_values.retain(|val| val == &current_val);
-            })
-            .ok_or(Error::AttributeNotFound(attr_name.to_string()))
+        match self {
+            Self::Unordered(attributes) => attributes
+                .get_mut(attr_name)
+                .map(|attr| attr.clear_old_rotation_values())
+                .ok_or(Error::AttributeNotFound(attr_name.to_string())),
+            Self::Ordered(attributes) => attributes
+                .get_mut(attr_name)
+                .map(|attr| attr.clear_old_rotation_values())
+                .ok_or(Error::AttributeNotFound(attr_name.to_string())),
+        }
     }
 
-    /// Returns the list of Attributes of this Policy.
+    /// Returns an iterator over the AttributesParameters and parameters.
     /// If the dimension is ordered, the attributes are returned in order.
-    pub fn attributes_properties(&self) -> Vec<(String, EncryptionHint)> {
-        if let Some(ordered_attrs) = &self.order {
-            ordered_attrs
-                .iter()
-                .map(|name| {
-                    (
-                        name.to_string(),
-                        self.attributes.get(name).unwrap().encryption_hint,
-                    )
-                })
-                .collect()
-        } else {
-            self.attributes
-                .iter()
-                .map(|(name, attr_params)| (name.to_string(), attr_params.encryption_hint))
-                .collect()
+    pub fn attributes_properties(&self) -> Box<dyn '_ + Iterator<Item = &AttributeParameters>> {
+        match self {
+            Self::Unordered(attributes) => Box::new(attributes.values()),
+            Self::Ordered(attributes) => Box::new(attributes.values()),
+        }
+    }
+
+    /// Returns an iterator over the Attributes names and parameters.
+    /// If the dimension is ordered, the attributes are returned in order.
+    pub fn iter_attributes(
+        &self,
+    ) -> Box<dyn '_ + Iterator<Item = (&AttributeName, &AttributeParameters)>> {
+        match self {
+            Self::Unordered(attributes) => Box::new(attributes.iter()),
+            Self::Ordered(attributes) => Box::new(attributes.iter()),
         }
     }
 }

src/abe_policy/partitions.rs

@@ -5,8 +5,8 @@ use cosmian_crypto_core::bytes_ser_de::Serializer;
 use crate::Error;
 
 /// Partition associated to a subset. It corresponds to a combination
-/// of attributes across all axes.
-#[derive(Debug, Eq, PartialEq, Clone, Hash)]
+/// of attributes across all dimensions.
+#[derive(Debug, Eq, PartialEq, PartialOrd, Ord, Clone, Hash)]
 pub struct Partition(pub(crate) Vec<u8>);
 
 impl Partition {