Skip to content

Commit

Permalink
Merge pull request #134 from Cosmian/refresh_encaps
Browse files Browse the repository at this point in the history 
Refactoring of CoverCrypt API
  • Loading branch information
@Adamk93
Adamk93 authored May 6, 2024
2 parents 692de32 + 62f11dd commit 0f00011
Show file tree
Hide file tree
Showing 12 changed files with 332 additions and 173 deletions.
11 changes: 7 additions & 4 deletions examples/decrypt.rs
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,17 @@
const USK: &str = "sUBriVEsM8HowAKOsIs9Y5p+Xa8JwJf84rlBHXzfkg+BJ6PzK79cT37Wsku5pMVKrfi/eIWhufC2pjYNMBOUAgMAH+waKc6AuwtAaYXXUAJA0K/uc5A22nXEShVXykjZ8QIBuNMsBrpSQaW0hAZ0AFvJTlwSM2BgI8m5k4wj3kQQ9NaP4cK6VvwyFlx7ZwwMZkJoCSgfiPvN4XqeWmiw/hehgjU2HkgYDQJf9QABaUoa74qM42SBnNubVVVnPvO5zrZ++NgoIHt4VPJfsMu157i6bakhOEWJy/CduXYGqedOGsNpj+gq0VsanjqeJ9gZ6sKjCknGoTxbEipIrPUO5jqJLzmJilS0ycAhR1mYlGU9yApPithxeIMaQFAAegOUTVFDFausKPbDZ1IYEWyftONyaaelMyJF4eCQIWILEihLuoscwGkVlYmRttcNVrLDW3yHN/cFQgiBSNVOi/RTLSpdsaMtattwDcaEiRUvCxe2gfaCYQV9zPIsdfAG2TIf2MPLcqUu0EBnIohX/TKyOTavt7HB76d/pCWT7sceu/YldifCYUoWABA8GbnF6DurlVwhfYUKhThnchbP3mgsEUsy+vQlWIwvrwxgpgqaabNSwJIUCXttY6kYNjJbL5pkahaAnxYLRMcvvKfGtzwlX7ewINAFrMSUBua8abWzgIa2NWlt2/ON7tKrVIaqRMYs8KFJSSsQ4bGEhZfBjWEYacAho8bFMuqamQgxaJhyj/J+tZrA24A5ckmPSPeGOIKealWkQmy8f0oAPVsOGaQFcBwLMPe4qRl49tpM6kRgpsyOkeQYOdpQ7Rue0xMKR+UhdPJkzYcGoVlAIGRmvSQzamw0kEYYV6yWr7AHiiqPZ/AuS7RcYUzPB0tSZ9BSdJKSX1jGf2aCbPPD8DxQ6VVPqWOekHshGGBOEzqBPhxtpfQB/lhl2KG/XOgUB6Kqs/zF14oLvlBL2XU2fCaj76ydrdOlo5JSSLKU2pkWASMLNGIM5TUqBsi/D4A9lLlqW5dDOik4ujNLbMAl4Yt4HxOe+pGKhFexfwJBgdCB6IBsatK/nWnIMuW9ZZFbUQG7oTOuFMKvurQ2OsyWa9VA06ldDFWIOQyzgydm2pp3XnXKaJElyYMSE1Ef4KRgEqgYA6J8yNIoI0o092y/HUxAoWWc5PesDmeqbbaLFEFdAqJ4gerNbtS1uAQWIsJzHAC2pGgxmLE7WkaD1IQ3fFgTHPOR97EdlbbM5YGa78mUpHqS0NpYQpbHluRUbyJ9uyIcvAxHewmIKIfDKnZ1z+YG/sIccCY+tFlGxBApSym1tgRBREcgkcYUAogq5nsKY5mvhXxICTCU4WtxZLxl17CC6du5pRSH+9hAMvI2C5R/6udvXkaYc0Ki35WsO5QAHlOVLBwbKLfM9xlhPkFf9qkqgKoMfqEJDcOn79QfOVFFqSfDI9Ep7Wl2YMK3r1apC2gw9xmwjBsMkEYLq2lNH4l0OqGpXDpAQCMwyTEOs5XHjWpsgxIvDId3HDu2DCBKYhUavtYHSgHNUeITVraWmhI9ygkBVMJKLfUGIVq/UwQvhzeVFePNhhN59HuWSjCyonWG6iFQeCCb9Dq0z2DNowiOnVdDWIM5g7BRTgSKBBlE/kArtfaDPyCXENUnwOZDpka63VMCNGak45IkSPT5SN7pdkPW9uIQBaAb04uYPbnALTij4xUzLwkAqXQvjNzwE8/0JzoWmWfdf9zdi1jdzpG1ZTqir0h74gc=";
use cosmian_cover_crypt::api::EncryptedHeader;

const HEADER: &str = "dkKN4Ga3BcJyspF5FntqHYwXI/yoUugzqcF0DPCluyUckuqbpXDRgSWdnyh5k0wCNAD6BgOR3WXjjrg6bF/mR/ICzF1XqtqK5Fn0uZ7FgYkBAbjlkpf7VV3M7BrwEB1FIJ2ZhekRLPayJvvTTdE6DY9ddr3IbuzEiMASs2P5nRabJe+p1xLJ9Yp1+8roV6GgWy37m7ysu24nxtKKPiyCIh29zxt4WjG+rJZOS0iJ2ETEjGPG5yyY7LYsOwsp6tQlb/XGmqd91TxjobKOnRceYRV29E1vj/uwzyT8OtRfWVITK1v1ku4knbWPhXFGVdiUpME+QqZIrjulMPI/AKoABa925Eq8h7UM64p91288I5Lq+S8+ysIaJv2nlydxb9BZBg/NeG5YGD+NIKm0EXoDekmbX91rLktO0cgFYEhNm+43BvLLXoyD7iU2bT7dQKNMUxMyoDvhB40aOkTWKJGCFnnrLf+oSxGDkCWTNaWYCJ3qygxjETGdigQzV6bzaGh2f/pjAzRHwKJHgywW4E2BCGrM4BJZvjhl44sZ14HWLofl3hNzLfrdJLFZz7Ua3PxHlidQ+ZsZSOW61G9Xt5vwHYZDtQOMVcX7tyNTNmMoIlghHjm66H8JDtuiduy08VE+7/Bk2anWhljNX2f2a/+hOjMbzqG+zaAtgpppylkvG/WlR1xLohGlLKdAWYRETIrI0oKi8RKFNHdnuPCZRDHlHDjhc273rPvsn7FlolSSTxbjvyTacB7jNwKfxW32eEK82p04GQyVN5uEBQBZUG4heNnoba54ybeU66PbOOclgE+LoblnvE0lqv8VxbCvbM3VVxTJ0rMj8ZshcxEWDv1v8E1JkGeq3QcDK/Ww1wBDuwLhxY8xbKmD40bmS8nGkRTLDuyhtg009oboT4+SL83Dz5WXEBcwO2m8Noor0QgtMjuyCAR92gvNSvewk03Q6X80W5Rd+tvw6HMwnoevpKge56akgXnQPnx76h78jIrEZ8FDZ7g6dlqPf7Lr9PnWQKhVHZwh1CBN0Rbb0ylumpvkiSCV7kF1tqPE89LO31jmYdULuQmMclKRst+SdXWSM7t2J/CeFmTgSiJ896P95imsC3XcWvmJqk+qlBNynP/Azmn775H59UHj21t8z2sFYwYkDfDRyBSxVLW/08nz+9vVy05qmrUqej/Iv4sHHjE3cgLCD+rjPOHssoFdr4ubG441N+1HpvoxFbo0Yk/fNH9JzqQj09eA4Wx6t3fjOWYJ8CESyK7lKBANYrQ5IdYuY3tk/Z3uR/uYff2pKu6xuisLF66FVC80WokFlvCEoYLLJs/q2/16mMo7cqkbhI0SLJgaAK8wIvJUS64Xxb3+SVVPYkeVFywrAb89J0kg6txXIuOfHxGcDZu7QaEPQUos7pwnbZBeXb/Q1RHbEE6cXr1pGB6wU+0gABNzLLTRNHuu2qm33myLkNQRilOyR7EqrDmLwY3ysGE5tmxYH5+zEu7nR/rkozqwpueGmrDMibRRw14kLRCNh6YkqvKsbSg1Tg0EKZe2eLGG0mmgj5jcYqusRcVtAA==";
const USK: &str = "AubJg6rkTo7EjT2A7jswv5tq2uR5kZflMxbqogOl+WYNWUDwr8yvmgGSe7D6kHLYHHjW78VWtfV3kjRUrT3gRAsMAAEAnzQygadC4nJKHl4nP9VkHqU/62dVM4NVCkNlmFSBMgMCAQkBAPRl3kM+kOijMKDR0OjOWq2h0N+MhQzdi/uRUwKTi08HAgMJAQCbcxAJ960xi+CDtCeg/l7uux1a/DFzPUOFk94Apdt4CwIECQEAdt+vYI9Hga7eEgBhLTi97eDgp7NGCZV0JTrvKdxJlAMCBQkBAU2GnUJtqBUZ6rRtbdP6gvC5KmOjgMKk1V8p14iiL18E8lwJjdmrcweORogGSlVUZ4OW9IM+IzRJaLqfz0VMGsItYRpkLHQVmslsJxrMs0mzFWt0nsfD6bRzhlFSyWdByEOr1nCJnhClpJWAhAZSUxJe4vOlWlNJOKQDAWKA/4K6vsxRfBachXQ/9GeXbxAValix03xgLdwpszZPM/SshSKgxVIGvojFmNEU5KERtXEw9RVxXWImMVRCuMoMy4MIaRw9tSkczirJSOl9F9WT8jK8OfGSiDdbY9UFmrRijMUIw2QLeWquYtUHyCo3qwd+aTy/yFhgbhEd4vqKttk8XUIAjSuyNSGiJ7tDsNBwJjopdeOdWslOk5pccaYWSfuGo4UHomg1MvA+G5Oc0kqOzegtIAk1DdRGv1tEG1RW8YSGD7WdIyDBo0IAlhBAdRwEjwMmvrg7S5FwFlyVtoKTd9F8AFK3TKep0iO8RwJ9tXci5isYdGlCd6wasDAdEPS87PZYXWxXuLSGuMyZanE6dCJsDkRhBYh/BgWwSbOkFRQlLzyW4YRml/kufGNM+BwU6mAbmIgqcqKOL+yut/hGQCd//7QO43t+9LYXlTGmFcOPGdmNnftagNGiiNSEATwjiOi5jSG6HcRR8vhwSCdZEDBBH7UUDJpCXAMhlfRn1+Ab/9lpAnifDKKwFBeT+MFUqvtRqbAM9qxs0yeMDwkVfudkXJQcTdAlTQQSfIypF/AOjlquVipC8cp6sOlihLekenynkOKN0tRn/ZwsRHTF0qGk+9c/nvorT4GmySckjGFUMrdhauDIoOQG8gcpPhYSV5tQvxeI/QFCAO27PHSrNgM2jKRz/Liwj2C4xeJ77bQ735DLnNCf/7VRLHiPP3ksONKSdoWovUU/A5m0ZONTpyK9+5csIghLV+iyniMeKVhAsctb5BF7+EmYAIeiUOR2Kbigc3OBiyZ8qyFfA5cwwZddLQwJxKYw3vg9dlZiO+tOImNi9AlICmakS8HDv3qs/Vs5QqKiUbc1JWV9u6pQ9ne/dOC1LdUy+cMGj9Ei3IAqTQmMYKij8AdFWIowwgUaTAdqysyf6qiUpftNRCKIDmhMv7pT1tQxq2QYNLNe+SgSOLF4n8ImdSOc9CyxElVW+sSafjmmloWg/vt/OQOokzZfg/ChbgKtprrHiVJGrGctaidZ+szIFsrOh6lkSOsKJRTNgUUSg/M/lgZvrJSHNXlzVlI+foG9VIMXeeYikFe+bnidJJMXgJxLf8kD2CqFKcmTBKMK+BtKTsZIO1eNNoYJWnULZ+Gq+0OR8XdB/UxP5Qtr4cOSdRgbO4pEf1F457LDWUMM1kCEuFM277ZmjdJHhpxQ1fev9bwb+4N5MfmMnsRQdtah9gwmj7QdlquF7rekMhNT9ejHQTYViBeriJuCP5O0Q8aVbUVsNtqcAzVA3MoPOTJUrJsi2eUd6wOXYyJQfJAse9rPhhRX5yJj4qCpDsohSHl6GMONEhoX+EOknIipyrA5gKIcp4oR4BEfDIx3JZdXYgUuDIeWgjGFyWB4KSHG+lDA5QK+18m5yjUcAgIJAQBJRyFcnp4xeqU+4o2EhSGhyddvgCqaGyaEqg8x7QhEBwEDAQCXqQaNJM0LcrJZ6hsKyGpZzMyoVDcA5gd/6nDiPtwGAwECAQBz8wIlGmV3y72iGooihsWtbaJ+CjKbtkm/Mi6ApqlxAQEEAQCrKwmaGsOj2sU86qB+n5OMLYv7fJgINf1ialqCW8WzAAEJAQBDkSIuL2/Ps0u4q/HCZtjnOxqsCmrs8afW4kFSn5sgBQEBAQB2+33uGp6vrBwQpuLLbgwkYiDrWLT8FfQZx6qh4tOTCAEFAQFuTG99mFUWwOXJ3dEGoceH+z7eabZw7HrdIAJlzApZARyml2TjHhQjrfM2ExyHhmuVAmx2ZqkHJyWBTytYzOKXy5U0vHk2cACJbtLAMc9SgRwgOu6JH/2iIh6GeavhRNzxZGeXXEjIJrpAgEOlJkbaKP4HGmIFR9lSaooTrIjyrOAht+JEEA45QshBP+VBskikBvUUFSLLlmW0O/CaFnkIvQtUBzdmbxlpPvwjyY8Xx/bAKtSRgRT3kGgMd4vkwCgMSQa3uOrWJlUXJFfGaAScPKwFX8jxYvjlbgBci1pRMa6KuvuqwkMIXqZnt6V1zJEWYPkYc4fKRll0JOLps+a5TIKroTBsRHLxAZH5DuyQRNjKQ3b8OWJgNY05EVQiHKCllCalGZ28DY3mW8ULG+1KaW0EUEBQAbzkbBFcGKOVZW/pEdhVp7pWhu9pJRebeWblv7KwE/oTYSfzRqI4fHC1f/+qiSsQDCgqOLI6wlWcy8HStZ+DPtvxDRBYDcjjQxjkPlI4fbvKvpVLvGQMWZcXB8AsOnN6LnMxYYvbAedaKtqFh8r8g+nRXj05XLecUnQqeWR2u8mFxhQli7DkVuLIvXX4g/T3P3cIVp0HGEGriARFXrODNnehkHIxPxMwrDK2cAEkTYiQkrc3JkQyKw4JiJ30W1XmZG+Am3/JtSLSkk1YmJsIJUSaAdijcr10NucqctMbCgtbiwY3EZJ6Wkuqd2XBYlXyp+1gZACBs+rVhNiISlC5tSKxYkp8IykkaN7Cnt3lQGhGmND2RAPMb8xljTnrKQYgOn+rfS+TA5zKAhwQNLF0IgfYPDi0mZTMDdL3z5A7v0T1xSsaNkEQs0aDPXWbfKoqp36VU8FLUyqYsel7Qd0qyBO2ZLn8Zu5Dbjr5ifCkXkvatr7ZC3eRTY6VwuNanwSBVQPzOnNjIiWrUgdxRadwnifliecZSYXaBrxKrogZpqvbuH5xGqTzIKbXeWOGnHWLXaDAk80cEvNAqSD2UNpJCaDii2EGgw6xGl+zm57lU07nDQqcrlMYxd2TJ/PZapIWSw3cAdtwbltwWiE8XAYbDEucjlaMrXOEhw0KF5TsuqjnKnqQYmS6e4azxlpoPstqpriUVAhZlullTeFppjxqrCwXovJBjBMintjoPRR1HjDoLAz2RmU8X+/5wHp6YBe4Q1XgEEK4ZPVkbHsmOiumLU/oU8XhNUy5bEcGHvCxtG4WTqqQuEI2nASyGxoHyxAkde9LpoZGLvXMYNKysjS3Bvbcv5zWEDQ5CptrlaQGRnWhh6qoreyWObpgkW3LVIXBM9MEj+Uasb7gEmnkXi4nMUrSBiyGyxIjhooVXHjqpGPVvkVBN4kRT2/Glc4giq9onItwnsZGxWzAXtCVmEfGdPjAMFFXQaE4d9kDqhN7ASkbSzuryn6aYuc0LiCMj2VSzqeXtGoFaD48fhQiiiTlEjgwNnDZvmYzU+dMfdmwBN9RAzhGjurEUaVXBsKjpYn8i8hIZf9ZE/LovkFKwsJWae7SqKFjvKcBgiXgedojpJTahFj4TktgKS4GWL8ZMAbCGe5EH0tGcGwbZftOpr+CzWAXfIwnJy/KLcC2KSg/2ns1NTLhsNGD9c6f";

const HEADER: &str = "xjVmiELa1aImn5Z5KWZpkALkqkypgonZhhv6ZTCdtUQVjBz09pM7k1qLg9wR6lWiJi49xeIspSln4GoFwM7dJgVvdWk48RlGpUfTEIQX+zk7AQEjIukFORWf4BQTxkQ/CoZ2ivdSK0vYilRIeyOnSZ9rJU9Q7x0Rhih0NMut7KCjhoJdgkUAjilvqr9880EaoS90XhSHvzSFu5dV8i7tWHleUWdUxMiCWF1kG88H7oxGn+8bCgM/7xT8knVEbJ+Ts6m8aU9fy3Za6Of5G/eEU9j0q+DU+U3GFGkJu0IriAPTBoNh34JBe+JTecT5k92AXU7TzJV/rFYKlLVWgGk/DcTHCmZjzqr9uEBHLZWaXGhVlzpjQgqYY/bI03jx6twk78LyKLFTbLJo8f5haYxtH/47Qt5lisXkoo6ACENlOG07C8Y6Q6j/cf8CmWp9qCHcybpnU6IwZpjW8yo+6HULGpqp7cBq8L9bFZp5MYZg1xqZ8pi9rwz6jPfFAOHeX8Ke3kEK2obuy8xncbm+sVnuNLh8jaLfN04WnC3T5d/GHuSpY53zWF4cNO5+Sz04VpE0tW4ZymI6DB5bYZJts4fJEXO1jlywVL9Fea4PVsHFrdxiO72BKSBSvu63NU6khjpndP93Zv1/eyXulkKGE1YKibML/48gClU9h/s7GHqncEQ0VjB5i2C1tm0UV1imbJKspDxAl5VGJoTJZeM+4phFJVL4KpQ8Sny+WA1gTmcl0OHGD9R2YdaAM8g+j/kvCuaK8eoRi/K27GSMJry8DuVu3Zm5K++xatAgZsa9+LaJFtGrPh8Xikgks+NBQeXj3bKOHGEe0lXSmKus2n8S/MWNQr8LTyKbyGdKzSWk9RLk+OtLwRDpkUIwZnliwJJgVp4EMByAt9x56sr+V60av9PDwt0gvvbYnKj8AB4mc8W8gUkDKjCau9f0VU8FjeSd0VJOrQjiH6EY56kNltJnN8mAen2HU5LlhsIWsMnvAT/xOZkDV6OJ3zgGZEZRqJdR7R6era4QeUGBUIELmXJjSOutwmT/Q3lMxqO5MrBcO93FEMzYbGZKsmjPY2D+o8SNtUJnwqFVTn5JZBMLLopQkGnuYxnCE3r3jxLailt4cgg7EJcXZhb8xIr7af1ndu2Ewb4T6Jgc37jK55tOijSjJr7qw88IUAHp/yacJe/LsFbNsxaUtjhtdqKdbm1PBbnNFOv1+O43hcoW7PgxGk7Pt1CUAJ+gI15rAmRo/s7dFdI+TLGGHhnQFXiQO+1fsWydjjR/AV1grEj56NZNKwkH6FbThRI95D2y1V33+Tdg3nu6jbZB6MN1SMnBCURJoPRN5YB5Ed263j7v+XcsLKoXf14QNYuTCPqyigEoWEsd+yyjt2yWTjZtyte+FRdgauG+12GBrXzR6UnuaXWtl7Dl0GPmtFUALnIbUnLwQx5fBwpKluOMTpcrDHUJGupnZCdXuKJD8aF0fqzZjKkkpGMRm7yG32PeqFOzx9gKPnHUT7EOEKXMPK/NIFSXpez9GbDRkzeCXrweMiShzFBb2kGC/CIbFRJJ5wA=";

fn main() {
use base64::{
alphabet::STANDARD,
engine::{GeneralPurpose, GeneralPurposeConfig},
Engine,
};
use cosmian_cover_crypt::{Covercrypt, EncryptedHeader, UserSecretKey};
use cosmian_cover_crypt::api::Covercrypt;
use cosmian_cover_crypt::core::UserSecretKey;
use cosmian_crypto_core::bytes_ser_de::Serializable;

let config: GeneralPurposeConfig = GeneralPurposeConfig::default();
Expand All @@ -18,7 +21,7 @@ fn main() {
let usk = UserSecretKey::deserialize(&transcoder.decode(USK.as_bytes()).unwrap()).unwrap();
let encrypted_header =
EncryptedHeader::deserialize(&transcoder.decode(HEADER.as_bytes()).unwrap()).unwrap();
for _ in 0..1000 {
for _ in 0..100 {
encrypted_header
.decrypt(&cc, &usk, None)
.expect("cannot decrypt hybrid header");
Expand Down
8 changes: 4 additions & 4 deletions examples/encrypt.rs
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
use cosmian_cover_crypt::{
abe_policy::{AccessPolicy, Policy},
api::{Covercrypt, EncryptedHeader},
test_utils::policy,
Covercrypt, EncryptedHeader, MasterPublicKey, MasterSecretKey,
MasterPublicKey, MasterSecretKey,
};

/// Generates a new USK and encrypted header and prints them.
Expand Down Expand Up @@ -46,8 +47,7 @@ fn generate_new(

fn main() {
let policy = policy().expect("cannot generate policy");
let ap = AccessPolicy::parse("Department::FIN && Security Level::Top Secret")
.expect("cannot parse given access policy");
let ap = AccessPolicy::parse("Department::FIN && Security Level::Top Secret").unwrap();

let cc = Covercrypt::default();
let (mut msk, _) = cc.setup().expect("cannot generate master keys");
Expand All @@ -58,7 +58,7 @@ fn main() {
generate_new(&cc, &policy, &mut msk, &mpk);

// Encrypt header, use loop to increase its wight in the flame graph.
for _ in 0..1000 {
for _ in 0..100 {
EncryptedHeader::generate(&cc, &policy, &mpk, &ap, None, None)
.expect("cannot encrypt header");
}
Expand Down
39 changes: 27 additions & 12 deletions examples/runme.rs
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
//! This is the demo given in `README.md` and `lib.rs`

use cosmian_cover_crypt::{
abe_policy::{AccessPolicy, Attribute, DimensionBuilder, EncryptionHint, Policy},
Covercrypt, EncryptedHeader,
abe_policy::{AccessPolicy, DimensionBuilder, EncryptionHint, Policy},
api::{Covercrypt, EncryptedHeader},
};

fn main() {
Expand Down Expand Up @@ -54,36 +54,51 @@ fn main() {
.unwrap();

// Encrypt
let (_, encrypted_header) =
EncryptedHeader::generate(&cover_crypt, &policy, &mpk, &access_policy, None, None).unwrap();
let (_, encrypted_header) = EncryptedHeader::generate(
&cover_crypt,
&policy,
&mpk,
&access_policy.clone(),
None,
None,
)
.unwrap();

// The user is able to decrypt the encrypted header.
assert!(encrypted_header.decrypt(&cover_crypt, &usk, None).is_ok());
assert!(encrypted_header
.decrypt(&cover_crypt, &usk, None)
.unwrap()
.is_some());

//
// Rekey all keys using the `Security Level::Top Secret` attribute
let rekey_access_policy = AccessPolicy::Attr(Attribute::from(("Security Level", "Top Secret")));
// Rekey the user access policy.
let mpk = cover_crypt
.rekey(&rekey_access_policy, &policy, &mut msk)
.rekey(&access_policy, &policy, &mut msk)
.unwrap();

let enc_policy = AccessPolicy::parse("Security Level::Top Secret").unwrap();
// Encrypt with rotated attribute
let (_, new_encrypted_header) =
EncryptedHeader::generate(&cover_crypt, &policy, &mpk, &access_policy, None, None).unwrap();
EncryptedHeader::generate(&cover_crypt, &policy, &mpk, &enc_policy, None, None).unwrap();

// user cannot decrypt the newly encrypted header
assert!(new_encrypted_header
.decrypt(&cover_crypt, &usk, None)
.is_err());
.unwrap()
.is_none());

// refresh user secret key, do not grant old encryption access
cover_crypt.refresh_usk(&mut usk, &mut msk, false).unwrap();

// The user with refreshed key is able to decrypt the newly encrypted header.
assert!(new_encrypted_header
.decrypt(&cover_crypt, &usk, None)
.is_ok());
.unwrap()
.is_some());

// But it cannot decrypt old ciphertexts
assert!(encrypted_header.decrypt(&cover_crypt, &usk, None).is_err());
assert!(encrypted_header
.decrypt(&cover_crypt, &usk, None)
.unwrap()
.is_none());
}
12 changes: 6 additions & 6 deletions src/abe_policy/policy.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ impl Policy {
/// Adds the given dimension to the policy.
/// /!\ Invalidates all previous keys and ciphers.
pub fn add_dimension(&mut self, dim: DimensionBuilder) -> Result<(), Error> {
if self.dimensions.get(&dim.name).is_some() {
if self.dimensions.contains_key(&dim.name) {
return Err(Error::ExistingPolicy(dim.name));
}

Expand Down Expand Up @@ -184,7 +184,7 @@ impl Policy {
/// Returns an error if the access policy is invalid.
pub fn generate_semantic_space_coordinates(
&self,
ap: AccessPolicy,
ap: &AccessPolicy,
) -> Result<HashSet<Coordinate>, Error> {
let dnf = ap.to_dnf();
let mut coordinates = HashSet::new();
Expand Down Expand Up @@ -216,7 +216,7 @@ impl Policy {
/// Returns an error if the access policy is invalid.
pub fn generate_point_coordinates(
&self,
ap: AccessPolicy,
ap: &AccessPolicy,
) -> Result<HashSet<Coordinate>, Error> {
let dnf = ap.to_dnf();
let mut coordinates = HashSet::with_capacity(dnf.len());
Expand Down Expand Up @@ -318,7 +318,7 @@ mod tests {
let ap = "(Department::HR || Department::FIN) && Security Level::Low Secret";

let semantic_space_coordinates =
policy.generate_semantic_space_coordinates(AccessPolicy::parse(ap)?)?;
policy.generate_semantic_space_coordinates(&AccessPolicy::parse(ap)?)?;

// Check the number of coordinates is correct.
assert_eq!(semantic_space_coordinates.len(), (2 + 1) * (2 + 1));
Expand Down Expand Up @@ -415,7 +415,7 @@ mod tests {

assert_eq!(
policy
.generate_semantic_space_coordinates(AccessPolicy::parse(ap)?)?
.generate_semantic_space_coordinates(&AccessPolicy::parse(ap)?)?
.len(),
// remove (2 + 1) not to count "Security Level::Protected" -> "Security Level::Low Secret" twice
2 * (1 + 1) * (2 + 1) - (2 + 1)
Expand All @@ -425,7 +425,7 @@ mod tests {
|| (Department::MKG && Security Level::Medium Secret)";
assert_eq!(
policy
.generate_semantic_space_coordinates(AccessPolicy::parse(ap)?)?
.generate_semantic_space_coordinates(&AccessPolicy::parse(ap)?)?
.len(),
// remove (2 + 1) not to count "Security Level::Protected" -> "Security Level::Low Secret" twice
(1 + 1) * (2 + 1) + (1 + 1) * (3 + 1) - (2 + 1)
Expand Down
Loading

0 comments on commit 0f00011

Please sign in to comment.