fix: decrypt test example

Cosmian · Mar 1, 2023 · d0a531c · d0a531c
1 parent 305e20a
commit d0a531c
Show file tree

Hide file tree

Showing 13 changed files with 91 additions and 104 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -81,7 +81,7 @@ repos:
       - id: cargo-check
 
   - repo: https://github.com/Cosmian/git-hooks.git
-    rev: v1.0.6
+    rev: v1.0.7
     hooks:
       - id: cargo-update
       - id: cargo-outdated

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,29 +7,16 @@ All notable changes to this project will be documented in this file.
 ### Refactor
 
 - [**breaking**] Move all interfaces (FFI, Wasm, pyo3) to `cloudproof_rust` repository
+- remove unneeded dependencies
+- remove inline macros
+- remove serde wherever possible
 
 ### Testing
 
 - Re-expose non-regression mechanism
 
 ---
 
-## [11.0.0] - 2023-02-28
-
-
-### Changed
-
-- use 16-bytes tag
-
-### Removed
-
-- unneeded dependencies
-- inline macros
-- serde whereever possible
-- interfaces
-
----
-
 ## [10.0.0] - 2023-02-02
 
 ### Documentation

diff --git a/Cargo.toml b/Cargo.toml
@@ -37,4 +37,3 @@ tiny-keccak = { version = "2.0.2", features = ["shake"] }
 
 [dev-dependencies]
 criterion = { version = "0.4", features = ["html_reports"], default_features = false }
-
diff --git a/benches/BENCHMARKS_classic.md b/benches/BENCHMARKS_classic.md
@@ -3,10 +3,10 @@
 ## Table of Contents
 
 - [Benchmark Results](#benchmark-results)
-    - [Header encryption](#header-encryption)
-    - [Header encryption + decryption](#header-encryption-+-decryption)
-    - [Key serialization](#key-serialization)
-    - [Header serialization](#header-serialization)
+  - [Header encryption](#header-encryption)
+  - [Header encryption + decryption](#header-encryption-and-decryption)
+  - [Key serialization](#key-serialization)
+  - [Header serialization](#header-serialization)
 
 ## Benchmark Results
 
@@ -16,7 +16,7 @@
 |:-------|:------------------------------------|:------------------------------------|:------------------------------------|:------------------------------------|:------------------------------------ |
 |        | `293.43 us` (✅ **1.00x**)           | `367.53 us` (*1.25x slower*)      | `450.77 us` (*1.54x slower*)      | `588.11 us` (*2.00x slower*)      | `627.62 us` (*2.14x slower*)       |
 
-### Header encryption + decryption
+### Header encryption and decryption
 
 |        | `ciphertexts with 1 partition(s), usk with 1 partitions`          | `ciphertexts with 2 partition(s), usk with 1 partitions`          | `ciphertexts with 3 partition(s), usk with 1 partitions`          | `ciphertexts with 4 partition(s), usk with 1 partitions`          | `ciphertexts with 5 partition(s), usk with 1 partitions`          | `ciphertexts with 1 partition(s), usk with 2 partitions`          | `ciphertexts with 2 partition(s), usk with 2 partitions`          | `ciphertexts with 3 partition(s), usk with 2 partitions`          | `ciphertexts with 4 partition(s), usk with 2 partitions`          | `ciphertexts with 5 partition(s), usk with 2 partitions`          | `ciphertexts with 1 partition(s), usk with 3 partitions`          | `ciphertexts with 2 partition(s), usk with 3 partitions`          | `ciphertexts with 3 partition(s), usk with 3 partitions`          | `ciphertexts with 4 partition(s), usk with 3 partitions`          | `ciphertexts with 5 partition(s), usk with 3 partitions`           |
 |:-------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------|:------------------------------------------------------------------ |
@@ -26,7 +26,7 @@
 
 |        | `MSK`                     | `MPK`                             | `USK 1 partition`                |
 |:-------|:--------------------------|:----------------------------------|:-------------------------------- |
-|        | `443.45 ns` (✅ **1.00x**) | `85.07 us` (*191.84x slower*)   | `58.34 ns` (🚀 **7.60x faster**)  |
+|        | `443.45 ns` (✅ **1.00x**) | `85.07 us` (*191.84x slower*)   | `58.34 ns` (**7.60x faster**)  |
 
 ### Header serialization
 

diff --git a/benches/BENCHMARKS_hybridized.md b/benches/BENCHMARKS_hybridized.md
@@ -3,10 +3,10 @@
 ## Table of Contents
 
 - [Benchmark Results](#benchmark-results)
-    - [Header encryption](#header-encryption)
-    - [Header encryption + decryption](#header-encryption-+-decryption)
-    - [Key serialization](#key-serialization)
-    - [Header serialization](#header-serialization)
+  - [Header encryption](#header-encryption)
+  - [Header encryption + decryption](#header-encryption-and-decryption)
+  - [Key serialization](#key-serialization)
+  - [Header serialization](#header-serialization)
 
 ## Benchmark Results
 
@@ -16,7 +16,7 @@
 |:--|:---------------------------|:-----------------------------|:-----------------------------|:-----------------------------|:---------------------------|
 |   | `361.16 us` (✅ **1.00x**)  | `508.30 us` (*1.41x slower*) | `693.84 us` (*1.92x slower*) | `851.50 us` (*2.36x slower*) | `1.01 ms` (*2.79x slower*) |
 
-### Header encryption + decryption
+### Header encryption and decryption
 
 |   | `ciphertexts with 1 partition(s), usk with 1 partitions` | `ciphertexts with 2 partition(s), usk with 1 partitions` | `ciphertexts with 3 partition(s), usk with 1 partitions` | `ciphertexts with 4 partition(s), usk with 1 partitions` | `ciphertexts with 5 partition(s), usk with 1 partitions` | `ciphertexts with 1 partition(s), usk with 2 partitions` | `ciphertexts with 2 partition(s), usk with 2 partitions` | `ciphertexts with 3 partition(s), usk with 2 partitions` | `ciphertexts with 4 partition(s), usk with 2 partitions` | `ciphertexts with 5 partition(s), usk with 2 partitions` | `ciphertexts with 1 partition(s), usk with 3 partitions` | `ciphertexts with 2 partition(s), usk with 3 partitions` | `ciphertexts with 3 partition(s), usk with 3 partitions` | `ciphertexts with 4 partition(s), usk with 3 partitions` | `ciphertexts with 5 partition(s), usk with 3 partitions` |
 |:--|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|:---------------------------------------------------------|
@@ -26,7 +26,7 @@
 
 |   | `MSK`                     | `MPK`                        | `USK 1 partition`                 |
 |:--|:--------------------------|:-----------------------------|:----------------------------------|
-|   | `978.19 ns` (✅ **1.00x**) | `86.63 us` (*88.56x slower*) | `141.37 ns` (🚀 **6.92x faster**) |
+|   | `978.19 ns` (✅ **1.00x**) | `86.63 us` (*88.56x slower*) | `141.37 ns` (**6.92x faster**) |
 
 ### Header serialization
 

diff --git a/benches/benches.rs b/benches/benches.rs
@@ -74,10 +74,11 @@ fn policy() -> Result<Policy, Error> {
 fn get_access_policies() -> (Vec<AccessPolicy>, Vec<AccessPolicy>) {
     // Access policy with 1 partition
     #[allow(unused_mut)]
-    let mut access_policies = vec![
-        AccessPolicy::from_boolean_expression("Department::FIN && Security Level::Protected")
-            .unwrap(),
-    ];
+    let mut access_policies =
+        vec![
+            AccessPolicy::from_boolean_expression("Department::FIN && Security Level::Protected")
+                .unwrap(),
+        ];
 
     #[cfg(feature = "full_bench")]
     {
@@ -122,10 +123,11 @@ fn get_access_policies() -> (Vec<AccessPolicy>, Vec<AccessPolicy>) {
     // The intersection between the user access policies and the encryption
     // policies is always "Department::FIN && Security Level::Protected" only.
     #[allow(unused_mut)]
-    let mut user_access_policies = vec![
-        AccessPolicy::from_boolean_expression("Department::FIN && Security Level::Protected")
-            .unwrap(),
-    ];
+    let mut user_access_policies =
+        vec![
+            AccessPolicy::from_boolean_expression("Department::FIN && Security Level::Protected")
+                .unwrap(),
+        ];
 
     #[cfg(feature = "full_bench")]
     {
@@ -279,7 +281,7 @@ fn bench_header_decryption(c: &mut Criterion) {
                 .expect("cannot generate user private key")
         })
         .collect();
-    let mut group = c.benchmark_group("Header encryption + decryption");
+    let mut group = c.benchmark_group("Header encryption and decryption");
     for (n_partitions_usk, usk) in user_decryption_keys.iter().enumerate() {
         for (n_partition_ct, access_policy) in access_policies.iter().enumerate() {
             group.bench_function(

diff --git a/benches/generate.sh b/benches/generate.sh
@@ -11,4 +11,5 @@ cargo criterion --features full_bench --message-format=json | criterion-table >b
 cargo criterion --features full_bench,hybridized_bench --message-format=json | criterion-table >benches/BENCHMARKS_hybridized.md
 
 sed -i "s/❌ //g" benches/BENCHMARKS*.md
+sed -i "s/🚀 //g" benches/BENCHMARKS*.md
 # sed -i "s/✅ //g" benches/BENCHMARKS*.md
diff --git a/examples/decrypt.rs b/examples/decrypt.rs
@@ -6,8 +6,8 @@ fn main() {
             engine::{GeneralPurpose, GeneralPurposeConfig},
             Engine,
         };
-        use cosmian_cover_crypt::{
-            api::EncryptedHeader, interfaces::statics::UserSecretKey, CoverCryptStruct,
+        use cosmian_cover_crypt::statics::{
+            CoverCryptX25519Aes256, EncryptedHeader, UserSecretKey,
         };
         use cosmian_crypto_core::bytes_ser_de::Serializable;
 

diff --git a/examples/runme.rs b/examples/runme.rs
@@ -77,23 +77,19 @@ fn main() {
         EncryptedHeader::generate(&cover_crypt, &policy, &mpk, &access_policy, None, None).unwrap();
 
     // user cannot decrypt the newly encrypted header
-    assert!(
-        new_encrypted_header
-            .decrypt(&cover_crypt, &usk, None)
-            .is_err()
-    );
+    assert!(new_encrypted_header
+        .decrypt(&cover_crypt, &usk, None)
+        .is_err());
 
     // refresh user secret key, do not grant old encryption access
     cover_crypt
         .refresh_user_secret_key(&mut usk, &access_policy, &msk, &policy, false)
         .unwrap();
 
     // The user with refreshed key is able to decrypt the newly encrypted header.
-    assert!(
-        new_encrypted_header
-            .decrypt(&cover_crypt, &usk, None)
-            .is_ok()
-    );
+    assert!(new_encrypted_header
+        .decrypt(&cover_crypt, &usk, None)
+        .is_ok());
 
     // But it cannot decrypt old ciphertexts
     assert!(encrypted_header.decrypt(&cover_crypt, &usk, None).is_err());

diff --git a/src/core/api.rs b/src/core/api.rs
@@ -215,14 +215,23 @@ pub struct EncryptedHeader<
 }
 
 impl<
-    const TAG_LENGTH: usize,
-    const SYM_KEY_LENGTH: usize,
-    const PK_LENGTH: usize,
-    const SK_LENGTH: usize,
-    KeyPair,
-    DEM,
-    CoverCryptScheme,
-> EncryptedHeader<TAG_LENGTH, SYM_KEY_LENGTH, PK_LENGTH, SK_LENGTH, KeyPair, DEM, CoverCryptScheme>
+        const TAG_LENGTH: usize,
+        const SYM_KEY_LENGTH: usize,
+        const PK_LENGTH: usize,
+        const SK_LENGTH: usize,
+        KeyPair,
+        DEM,
+        CoverCryptScheme,
+    >
+    EncryptedHeader<
+        TAG_LENGTH,
+        SYM_KEY_LENGTH,
+        PK_LENGTH,
+        SK_LENGTH,
+        KeyPair,
+        DEM,
+        CoverCryptScheme,
+    >
 where
     KeyPair: DhKeyPair<PK_LENGTH, SK_LENGTH>,
     DEM: Dem<SYM_KEY_LENGTH>,

diff --git a/src/core/serialization.rs b/src/core/serialization.rs
@@ -218,11 +218,12 @@ impl<const SYM_KEY_LENGTH: usize> Serializable for KeyEncapsulation<SYM_KEY_LENG
 }
 
 impl<
-    const TAG_LENGTH: usize,
-    const ENCAPSULATION_LENGTH: usize,
-    const PUBLIC_KEY_LENGTH: usize,
-    DhPublicKey: KeyTrait<PUBLIC_KEY_LENGTH>,
-> Serializable for Encapsulation<TAG_LENGTH, ENCAPSULATION_LENGTH, PUBLIC_KEY_LENGTH, DhPublicKey>
+        const TAG_LENGTH: usize,
+        const ENCAPSULATION_LENGTH: usize,
+        const PUBLIC_KEY_LENGTH: usize,
+        DhPublicKey: KeyTrait<PUBLIC_KEY_LENGTH>,
+    > Serializable
+    for Encapsulation<TAG_LENGTH, ENCAPSULATION_LENGTH, PUBLIC_KEY_LENGTH, DhPublicKey>
 {
     type Error = Error;
 
@@ -260,14 +261,14 @@ impl<
 }
 
 impl<
-    const TAG_LENGTH: usize,
-    const SYM_KEY_LENGTH: usize,
-    const PK_LENGTH: usize,
-    const SK_LENGTH: usize,
-    KeyPair,
-    DEM,
-    CoverCryptScheme,
-> Serializable
+        const TAG_LENGTH: usize,
+        const SYM_KEY_LENGTH: usize,
+        const PK_LENGTH: usize,
+        const SK_LENGTH: usize,
+        KeyPair,
+        DEM,
+        CoverCryptScheme,
+    > Serializable
     for EncryptedHeader<
         TAG_LENGTH,
         SYM_KEY_LENGTH,

diff --git a/src/test_utils/mod.rs b/src/test_utils/mod.rs
@@ -54,11 +54,11 @@ mod tests {
     #[test]
     fn read_policy() {
         // Can read a `Policy`
-        let policy_str = include_bytes!("../../tests_data/policy.json");
+        let policy_str = include_bytes!("./tests_data/policy.json");
         Policy::try_from(policy_str.as_slice()).unwrap();
 
         // Can read a `LegacyPolicy`
-        let legacy_policy_str = include_bytes!("../../tests_data/legacy_policy.json");
+        let legacy_policy_str = include_bytes!("./tests_data/legacy_policy.json");
         serde_json::from_slice::<LegacyPolicy>(legacy_policy_str).unwrap();
 
         // Can read `LegacyPolicy` as `Policy`
@@ -220,11 +220,9 @@ mod tests {
         )?;
 
         // Decryption fails without refreshing the user key
-        assert!(
-            encrypted_header
-                .decrypt(&cover_crypt, &top_secret_fin_usk, None)
-                .is_err()
-        );
+        assert!(encrypted_header
+            .decrypt(&cover_crypt, &top_secret_fin_usk, None)
+            .is_err());
 
         cover_crypt.refresh_user_secret_key(
             &mut top_secret_fin_usk,
@@ -237,11 +235,9 @@ mod tests {
         )?;
 
         // The refreshed key can decrypt the header
-        assert!(
-            encrypted_header
-                .decrypt(&cover_crypt, &top_secret_fin_usk, None)
-                .is_ok()
-        );
+        assert!(encrypted_header
+            .decrypt(&cover_crypt, &top_secret_fin_usk, None)
+            .is_ok());
 
         Ok(())
     }

diff --git a/src/test_utils/non_regression.rs b/src/test_utils/non_regression.rs
@@ -226,16 +226,14 @@ impl NonRegressionTestVector {
         // top_secret_fin_key
         self.low_secret_fin_test_vector
             .decrypt(&self.top_secret_fin_key.key)?;
-        assert!(
-            self.low_secret_mkg_test_vector
-                .decrypt(&self.top_secret_fin_key.key)
-                .is_err()
-        );
-        assert!(
-            self.top_secret_mkg_test_vector
-                .decrypt(&self.top_secret_fin_key.key)
-                .is_err()
-        );
+        assert!(self
+            .low_secret_mkg_test_vector
+            .decrypt(&self.top_secret_fin_key.key)
+            .is_err());
+        assert!(self
+            .top_secret_mkg_test_vector
+            .decrypt(&self.top_secret_fin_key.key)
+            .is_err());
 
         // top_secret_mkg_fin_key
         self.low_secret_fin_test_vector
@@ -245,18 +243,16 @@ impl NonRegressionTestVector {
         self.top_secret_mkg_test_vector
             .decrypt(&self.top_secret_mkg_fin_key.key)?;
 
-        assert!(
-            self.low_secret_fin_test_vector
-                .decrypt(&self.medium_secret_mkg_key.key)
-                .is_err()
-        );
+        assert!(self
+            .low_secret_fin_test_vector
+            .decrypt(&self.medium_secret_mkg_key.key)
+            .is_err());
         self.low_secret_mkg_test_vector
             .decrypt(&self.medium_secret_mkg_key.key)?;
-        assert!(
-            self.top_secret_mkg_test_vector
-                .decrypt(&self.medium_secret_mkg_key.key)
-                .is_err()
-        );
+        assert!(self
+            .top_secret_mkg_test_vector
+            .decrypt(&self.medium_secret_mkg_key.key)
+            .is_err());
         Ok(())
     }
 }