fix: replace User subkeys HashSet by Vec to preserve keys order

Cosmian · Oct 13, 2023 · 673ac96 · 673ac96
1 parent 52217fe
commit 673ac96
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 18 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_cover_crypt"
-version = "12.0.3"
+version = "13.0.0"
 authors = [
   "Théophile Brezot <[email protected]>",
   "Bruno Grieder <[email protected]>",
@@ -30,7 +30,6 @@ hybridized_bench = []
 [dependencies]
 base64 = { version = "0.21.0", optional = true }
 cosmian_crypto_core = { version = "9.2.0", default-features = false, features = ["ser", "sha3", "aes", "curve25519"] }
-itertools = "0.11"
 pqc_kyber = { version = "0.4", features = ["std", "hazmat"] }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"

diff --git a/src/core/mod.rs b/src/core/mod.rs
@@ -76,14 +76,13 @@ pub struct MasterSecretKey {
     s2: R25519PrivateKey,
     pub subkeys: HashMap<Partition, Subkey>,
     kmac_key: Option<SymmetricKey<KMAC_KEY_LENGTH>>,
-    history: Option<HashMap<Partition, Subkey>>,
 }
 
 #[derive(Debug, PartialEq, Eq)]
 pub struct UserSecretKey {
     a: R25519PrivateKey,
     b: R25519PrivateKey,
-    pub subkeys: HashSet<Subkey>,
+    pub subkeys: Vec<Subkey>,
     kmac: Option<KmacSignature>,
 }
 

diff --git a/src/core/primitives.rs b/src/core/primitives.rs
@@ -7,7 +7,6 @@ use cosmian_crypto_core::{
     kdf256, reexport::rand_core::CryptoRngCore, FixedSizeCBytes, R25519PrivateKey, R25519PublicKey,
     RandomFixedSizeCBytes, SymmetricKey,
 };
-use itertools::Itertools;
 use pqc_kyber::{
     indcpa::{indcpa_dec, indcpa_enc, indcpa_keypair},
     KYBER_INDCPA_BYTES, KYBER_INDCPA_PUBLICKEYBYTES, KYBER_INDCPA_SECRETKEYBYTES, KYBER_SYMBYTES,
@@ -42,9 +41,8 @@ fn compute_user_key_kmac(msk: &MasterSecretKey, usk: &UserSecretKey) -> Option<K
     user_key_bytes.extend_from_slice(&usk.a.to_bytes());
     user_key_bytes.extend_from_slice(&usk.b.to_bytes());
 
-    // Sort keys to make KMAC deterministic
-    let ordered_keys = usk.subkeys.iter().sorted_by_key(|(_, x_i)| x_i.as_bytes());
-    for (sk_i, x_i) in ordered_keys {
+    // KMAC is deterministic because subkeys is a Vec preserving keys order
+    for (sk_i, x_i) in &usk.subkeys {
         if let Some(sk_i) = sk_i {
             user_key_bytes.extend_from_slice(sk_i);
         }
@@ -116,7 +114,6 @@ pub fn setup(
             s2,
             subkeys: sub_sk,
             kmac_key,
-            history: None,
         },
         MasterPublicKey {
             g1,
@@ -375,7 +372,7 @@ pub fn refresh(
 
     for partition in decryption_set {
         if let Some(x_i) = msk.subkeys.get(partition) {
-            usk.subkeys.insert(x_i.clone());
+            usk.subkeys.push(x_i.clone());
         }
     }
 
@@ -669,7 +666,7 @@ mod tests {
         let usk_ = UserSecretKey::deserialize(&bytes)?;
         assert!(verify_user_key_kmac(&msk, &usk_).is_ok());
 
-        usk.subkeys.insert((None, R25519PrivateKey::new(&mut rng)));
+        usk.subkeys.push((None, R25519PrivateKey::new(&mut rng)));
         // KMAC verify will fail after modifying the user key
         assert!(verify_user_key_kmac(&msk, &usk).is_err());
 

diff --git a/src/core/serialization.rs b/src/core/serialization.rs
@@ -144,15 +144,12 @@ impl Serializable for MasterSecretKey {
             Err(_) => None,
         };
 
-        let history = None;
-
         Ok(Self {
             s,
             s1,
             s2,
             subkeys,
             kmac_key,
-            history,
         })
     }
 }
@@ -197,7 +194,7 @@ impl Serializable for UserSecretKey {
         let a = R25519PrivateKey::try_from_bytes(de.read_array::<{ R25519PrivateKey::LENGTH }>()?)?;
         let b = R25519PrivateKey::try_from_bytes(de.read_array::<{ R25519PrivateKey::LENGTH }>()?)?;
         let n_partitions = <usize>::try_from(de.read_leb128_u64()?)?;
-        let mut subkeys = HashSet::with_capacity(n_partitions);
+        let mut subkeys = Vec::with_capacity(n_partitions);
         for _ in 0..n_partitions {
             let is_hybridized = de.read_leb128_u64()?;
             let sk_i = if is_hybridized == 1 {
@@ -206,7 +203,7 @@ impl Serializable for UserSecretKey {
                 None
             };
             let x_i = de.read_array::<{ R25519PrivateKey::LENGTH }>()?;
-            subkeys.insert((sk_i, R25519PrivateKey::try_from_bytes(x_i)?));
+            subkeys.push((sk_i, R25519PrivateKey::try_from_bytes(x_i)?));
         }
         let kmac = de.read_array::<{ KMAC_LENGTH }>().ok();
 

diff --git a/src/test_utils/mod.rs b/src/test_utils/mod.rs
@@ -142,7 +142,7 @@ mod tests {
 
         // try to modify the user key and refresh
         let part = Partition::from(vec![1, 6]);
-        usk.subkeys.insert(msk.subkeys.get(&part).unwrap().clone());
+        usk.subkeys.push(msk.subkeys.get(&part).unwrap().clone());
         assert!(cover_crypt
             .refresh_user_secret_key(&mut usk, &decryption_policy, &msk, &policy, false)
             .is_err());
@@ -264,7 +264,8 @@ mod tests {
         let new_decryption_policy =
             AccessPolicy::from_boolean_expression("Security Level::Top Secret && Department::HR")?;
 
-        // refreshing the user key will remove access to removed partitions even if we keep old rotations
+        // refreshing the user key will remove access to removed partitions even if we
+        // keep old rotations
         cover_crypt.refresh_user_secret_key(
             &mut top_secret_fin_usk,
             &new_decryption_policy,