diff --git a/.rustfmt.toml b/.rustfmt.toml deleted file mode 100644 index 882cef03..00000000 --- a/.rustfmt.toml +++ /dev/null @@ -1,43 +0,0 @@ -# Specifies which edition is used by the parser. -# Default value: "2015" -edition = "2018" - -# How imports should be grouped into use statements. Imports will be merged or split to the configured level of granularity. -# Default value: Preserve -imports_granularity = "Crate" - -# Format the metavariable matching patterns in macros. -# Default value: false -format_macro_matchers = true - -# Format string literals where necessary -# Default value: false -format_strings = true - -# Reorder impl items. type and const are put first, then macros and methods. -# Default value: false -reorder_impl_items = true - -# Controls the strategy for how imports are grouped together. -# Default value: Preserve -group_imports = "StdExternalCrate" - -# Add trailing semicolon after break, continue and return -# Default value: true -trailing_semicolon = true - -# Enable unstable features on the unstable channel. -# Default value: false -unstable_features = true - -# Use field initialize shorthand if possible. -# Default value: false -use_field_init_shorthand = true - -# Break comments to fit on the line -# Default value: false -wrap_comments = true - -# Which version of the formatting rules to use. Version::One is backwards-compatible with Rustfmt 1.0. Other versions are only backwards compatible within a major version number. -# Default value: "One" -version = "Two" diff --git a/benches/benches.rs b/benches/benches.rs index 12be9d3c..27f82783 100644 --- a/benches/benches.rs +++ b/benches/benches.rs @@ -1,5 +1,5 @@ -use cosmian_cover_crypt::{AccessPolicy, api::Covercrypt, cc_keygen, traits::KemAc}; -use criterion::{BatchSize, Criterion, criterion_group, criterion_main}; +use cosmian_cover_crypt::{api::Covercrypt, cc_keygen, traits::KemAc, AccessPolicy}; +use criterion::{criterion_group, criterion_main, BatchSize, Criterion}; const C_ENC_APS: [(&str, usize); 5] = [ ("SEC::LOW && (DPT::MKG) ", 1), diff --git a/examples/decrypt.rs b/examples/decrypt.rs index 96a23531..5c74dd83 100644 --- a/examples/decrypt.rs +++ b/examples/decrypt.rs @@ -6,12 +6,12 @@ const HEADER: &str = "/m73Gzm5LhMZmNEpFubAuQJUu3QzyOH1fJCrJynNWprMuzGViQ1nlE6v11 fn main() { use base64::{ - Engine, alphabet::STANDARD, engine::{GeneralPurpose, GeneralPurposeConfig}, + Engine, }; - use cosmian_cover_crypt::UserSecretKey; use cosmian_cover_crypt::api::Covercrypt; + use cosmian_cover_crypt::UserSecretKey; use cosmian_crypto_core::bytes_ser_de::Serializable; let config: GeneralPurposeConfig = GeneralPurposeConfig::default(); diff --git a/examples/encrypt.rs b/examples/encrypt.rs index 22d1b724..d8c82318 100644 --- a/examples/encrypt.rs +++ b/examples/encrypt.rs @@ -1,5 +1,5 @@ use cosmian_cover_crypt::{ - AccessPolicy, EncryptedHeader, MasterPublicKey, MasterSecretKey, api::Covercrypt, + api::Covercrypt, AccessPolicy, EncryptedHeader, MasterPublicKey, MasterSecretKey, }; /// Generates a new USK and encrypted header and prints them. @@ -12,9 +12,9 @@ fn generate_new(cc: &Covercrypt, _msk: &mut MasterSecretKey, mpk: &MasterPublicK { use base64::{ - Engine, alphabet::STANDARD, engine::{GeneralPurpose, GeneralPurposeConfig}, + Engine, }; use cosmian_crypto_core::bytes_ser_de::Serializable; diff --git a/examples/runme.rs b/examples/runme.rs index 8cf02ab5..f4e699af 100644 --- a/examples/runme.rs +++ b/examples/runme.rs @@ -1,6 +1,6 @@ //! This is the demo given in `README.md` and `lib.rs` -use cosmian_cover_crypt::{AccessPolicy, EncryptedHeader, api::Covercrypt, test_utils::cc_keygen}; +use cosmian_cover_crypt::{api::Covercrypt, test_utils::cc_keygen, AccessPolicy, EncryptedHeader}; fn main() { let cc = Covercrypt::default(); @@ -31,23 +31,19 @@ fn main() { EncryptedHeader::generate(&cc, &mpk, &enc_policy, None, None).unwrap(); // user cannot decrypt the newly encrypted header - assert!( - new_encrypted_header - .decrypt(&cc, &usk, None) - .unwrap() - .is_none() - ); + assert!(new_encrypted_header + .decrypt(&cc, &usk, None) + .unwrap() + .is_none()); // refresh user secret key, do not grant old encryption access cc.refresh_usk(&mut msk, &mut usk, false).unwrap(); // The user with refreshed key is able to decrypt the newly encrypted header. - assert!( - new_encrypted_header - .decrypt(&cc, &usk, None) - .unwrap() - .is_some() - ); + assert!(new_encrypted_header + .decrypt(&cc, &usk, None) + .unwrap() + .is_some()); // But it cannot decrypt old ciphertexts assert!(encrypted_header.decrypt(&cc, &usk, None).unwrap().is_none()); diff --git a/src/abe_policy/access_policy.rs b/src/abe_policy/access_policy.rs index 089f6d57..4d85acad 100644 --- a/src/abe_policy/access_policy.rs +++ b/src/abe_policy/access_policy.rs @@ -10,7 +10,7 @@ use std::{ ops::{BitAnd, BitOr}, }; -use crate::{Error, abe_policy::QualifiedAttribute}; +use crate::{abe_policy::QualifiedAttribute, Error}; /// An access policy is a boolean expression of qualified attributes. #[derive(Debug, Clone, PartialEq, Eq)] diff --git a/src/abe_policy/access_structure.rs b/src/abe_policy/access_structure.rs index 1b3958d3..ed1bf3fa 100644 --- a/src/abe_policy/access_structure.rs +++ b/src/abe_policy/access_structure.rs @@ -1,12 +1,12 @@ -use std::collections::{HashMap, HashSet, hash_map::Entry}; +use std::collections::{hash_map::Entry, HashMap, HashSet}; use crate::{ - Error, abe_policy::{ AccessPolicy, Attribute, AttributeStatus, Dimension, EncryptionHint, QualifiedAttribute, Right, }, data_struct::Dict, + Error, }; use super::Version; @@ -351,7 +351,7 @@ mod serialization { use super::*; use cosmian_crypto_core::bytes_ser_de::{ - Deserializer, Serializable, Serializer, to_leb128_len, + to_leb128_len, Deserializer, Serializable, Serializer, }; impl Serializable for AccessStructure { diff --git a/src/abe_policy/dimension.rs b/src/abe_policy/dimension.rs index 73c134a1..b6a85a4f 100644 --- a/src/abe_policy/dimension.rs +++ b/src/abe_policy/dimension.rs @@ -1,12 +1,12 @@ use std::{ - collections::{HashMap, hash_map::Entry}, + collections::{hash_map::Entry, HashMap}, fmt::Debug, }; use serde::{Deserialize, Serialize}; -use super::{AttributeStatus, attribute::EncryptionHint}; -use crate::{Error, data_struct::Dict}; +use super::{attribute::EncryptionHint, AttributeStatus}; +use crate::{data_struct::Dict, Error}; type Name = String; @@ -240,7 +240,7 @@ impl Dimension { mod serialization { use cosmian_crypto_core::bytes_ser_de::{ - Deserializer, Serializable, Serializer, to_leb128_len, + to_leb128_len, Deserializer, Serializable, Serializer, }; use super::*; diff --git a/src/abe_policy/rights.rs b/src/abe_policy/rights.rs index 43204e45..ab4af98b 100644 --- a/src/abe_policy/rights.rs +++ b/src/abe_policy/rights.rs @@ -1,4 +1,4 @@ -use cosmian_crypto_core::bytes_ser_de::{Deserializer, Serializable, Serializer, to_leb128_len}; +use cosmian_crypto_core::bytes_ser_de::{to_leb128_len, Deserializer, Serializable, Serializer}; use std::{hash::Hash, ops::Deref}; use crate::Error; diff --git a/src/abe_policy/tests.rs b/src/abe_policy/tests.rs index 0a672a59..e085f98d 100644 --- a/src/abe_policy/tests.rs +++ b/src/abe_policy/tests.rs @@ -1,4 +1,4 @@ -use crate::{Error, abe_policy::AccessStructure}; +use crate::{abe_policy::AccessStructure, Error}; use super::EncryptionHint; @@ -77,21 +77,17 @@ fn test_edit_anarchic_attributes() { assert_eq!(structure.attributes().count(), 7); // Try renaming Research to already used name MKG - assert!( - structure - .rename_attribute(&QualifiedAttribute::new("DPT", "RD"), "MKG".to_string(),) - .is_err() - ); + assert!(structure + .rename_attribute(&QualifiedAttribute::new("DPT", "RD"), "MKG".to_string(),) + .is_err()); // Rename RD to Research - assert!( - structure - .rename_attribute( - &QualifiedAttribute::new("DPT", "RD"), - "Research".to_string(), - ) - .is_ok() - ); + assert!(structure + .rename_attribute( + &QualifiedAttribute::new("DPT", "RD"), + "Research".to_string(), + ) + .is_ok()); let order: Vec<_> = structure .attributes() @@ -103,28 +99,22 @@ fn test_edit_anarchic_attributes() { // Add new attribute Sales let new_attr = QualifiedAttribute::new("DPT", "Sales"); - assert!( - structure - .add_attribute(new_attr.clone(), EncryptionHint::Classic, None) - .is_ok() - ); + assert!(structure + .add_attribute(new_attr.clone(), EncryptionHint::Classic, None) + .is_ok()); assert_eq!(structure.attributes().count(), 8); // Try adding already existing attribute HR let duplicate_attr = QualifiedAttribute::new("DPT", "HR"); - assert!( - structure - .add_attribute(duplicate_attr, EncryptionHint::Classic, None) - .is_err() - ); + assert!(structure + .add_attribute(duplicate_attr, EncryptionHint::Classic, None) + .is_err()); // Try adding attribute to non existing dimension let missing_dimension = QualifiedAttribute::new("Missing", "dimension"); - assert!( - structure - .add_attribute(missing_dimension.clone(), EncryptionHint::Classic, None) - .is_err() - ); + assert!(structure + .add_attribute(missing_dimension.clone(), EncryptionHint::Classic, None) + .is_err()); // Remove research attribute let delete_attr = QualifiedAttribute::new("DPT", "Research"); @@ -201,11 +191,9 @@ fn test_edit_hierarchic_attributes() { ); // Rename ordered dimension - assert!( - structure - .rename_attribute(&QualifiedAttribute::new("SEC", "LOW"), "WOL".to_string(),) - .is_ok() - ); + assert!(structure + .rename_attribute(&QualifiedAttribute::new("SEC", "LOW"), "WOL".to_string(),) + .is_ok()); let order = structure.attributes().map(|q| q.name).collect::>(); assert!(order.contains(&"WOL".to_string())); diff --git a/src/ae.rs b/src/ae.rs index 2c8dfbe9..9b657dc4 100644 --- a/src/ae.rs +++ b/src/ae.rs @@ -1,10 +1,10 @@ use cosmian_crypto_core::{ - Aes256Gcm, Dem, FixedSizeCBytes, Instantiable, Nonce, RandomFixedSizeCBytes, SymmetricKey, - reexport::rand_core::CryptoRngCore, + reexport::rand_core::CryptoRngCore, Aes256Gcm, Dem, FixedSizeCBytes, Instantiable, Nonce, + RandomFixedSizeCBytes, SymmetricKey, }; use zeroize::Zeroizing; -use crate::{Error, traits::AE}; +use crate::{traits::AE, Error}; impl AE<{ Self::KEY_LENGTH }> for Aes256Gcm { type Error = Error; diff --git a/src/api.rs b/src/api.rs index 3de1d1fd..e786c751 100644 --- a/src/api.rs +++ b/src/api.rs @@ -1,20 +1,20 @@ use std::sync::{Mutex, MutexGuard}; -use cosmian_crypto_core::{CsRng, Secret, SymmetricKey, kdf256, reexport::rand_core::SeedableRng}; +use cosmian_crypto_core::{kdf256, reexport::rand_core::SeedableRng, CsRng, Secret, SymmetricKey}; use zeroize::Zeroizing; use super::{ - core::MIN_TRACING_LEVEL, core::primitives::{prune, update_msk, usk_keygen}, + core::MIN_TRACING_LEVEL, traits::AE, }; use crate::{ - AccessPolicy, Error, core::{ - MasterPublicKey, MasterSecretKey, SHARED_SECRET_LENGTH, UserSecretKey, XEnc, primitives::{decaps, encaps, full_decaps, refresh, rekey, setup}, + MasterPublicKey, MasterSecretKey, UserSecretKey, XEnc, SHARED_SECRET_LENGTH, }, traits::{KemAc, PkeAc}, + AccessPolicy, Error, }; #[derive(Debug)] pub struct Covercrypt { diff --git a/src/core/kem.rs b/src/core/kem.rs index 8a60b38d..be5e1e73 100644 --- a/src/core/kem.rs +++ b/src/core/kem.rs @@ -1,14 +1,14 @@ use cosmian_crypto_core::bytes_ser_de::{Deserializer, Serializable, Serializer}; -use cosmian_crypto_core::{Secret, reexport::rand_core::CryptoRngCore}; +use cosmian_crypto_core::{reexport::rand_core::CryptoRngCore, Secret}; use ml_kem::{ - EncodedSizeUser, KemCore, array::Array, kem::{Decapsulate, Encapsulate}, + EncodedSizeUser, KemCore, }; use zeroize::Zeroize; use crate::traits::Kem; -use crate::{Error, core::SHARED_SECRET_LENGTH}; +use crate::{core::SHARED_SECRET_LENGTH, Error}; #[derive(Debug, PartialEq, Clone)] pub struct EncapsulationKey512(Box<::EncapsulationKey>); @@ -135,7 +135,7 @@ impl Kem for MlKem512 { #[cfg(test)] mod tests { use cosmian_crypto_core::{ - CsRng, bytes_ser_de::test_serialization, reexport::rand_core::SeedableRng, + bytes_ser_de::test_serialization, reexport::rand_core::SeedableRng, CsRng, }; use super::*; diff --git a/src/core/mod.rs b/src/core/mod.rs index 4d0f4a0e..87996006 100644 --- a/src/core/mod.rs +++ b/src/core/mod.rs @@ -5,13 +5,13 @@ use std::{ hash::Hash, }; -use cosmian_crypto_core::{SymmetricKey, reexport::rand_core::CryptoRngCore}; +use cosmian_crypto_core::{reexport::rand_core::CryptoRngCore, SymmetricKey}; use crate::{ - Error, abe_policy::{AccessStructure, Right}, data_struct::{RevisionMap, RevisionVec}, traits::{Kem, Nike}, + Error, }; mod kem; diff --git a/src/core/nike.rs b/src/core/nike.rs index 92250bda..7d59b1cb 100644 --- a/src/core/nike.rs +++ b/src/core/nike.rs @@ -3,9 +3,9 @@ use cosmian_crypto_core::reexport::rand_core::CryptoRngCore; pub use cosmian_crypto_core::R25519PrivateKey as Scalar; pub use cosmian_crypto_core::R25519PublicKey as EcPoint; -use crate::Error; use crate::traits::KhNike; use crate::traits::Nike; +use crate::Error; pub struct R25519; @@ -36,7 +36,7 @@ impl KhNike for R25519 {} #[cfg(test)] mod tests { use cosmian_crypto_core::{ - CsRng, bytes_ser_de::test_serialization, reexport::rand_core::SeedableRng, + bytes_ser_de::test_serialization, reexport::rand_core::SeedableRng, CsRng, }; use super::*; diff --git a/src/core/primitives.rs b/src/core/primitives.rs index 2e622bd3..2226b676 100644 --- a/src/core/primitives.rs +++ b/src/core/primitives.rs @@ -5,25 +5,25 @@ use std::{ }; use cosmian_crypto_core::{ - RandomFixedSizeCBytes, Secret, SymmetricKey, bytes_ser_de::Serializable, reexport::rand_core::{CryptoRngCore, RngCore}, + RandomFixedSizeCBytes, Secret, SymmetricKey, }; use tiny_keccak::{Hasher, IntoXof, Kmac, Shake, Xof}; use zeroize::Zeroize; use crate::{ - Error, abe_policy::{AccessStructure, AttributeStatus, EncryptionHint, Right}, core::{ - EcPoint, Encapsulation, KmacSignature, MIN_TRACING_LEVEL, MasterPublicKey, MasterSecretKey, - RightPublicKey, RightSecretKey, SHARED_SECRET_LENGTH, SIGNATURE_LENGTH, SIGNING_KEY_LENGTH, - Scalar, TAG_LENGTH, TracingSecretKey, UserId, UserSecretKey, XEnc, kem::MlKem512, - nike::R25519, + kem::MlKem512, nike::R25519, EcPoint, Encapsulation, KmacSignature, MasterPublicKey, + MasterSecretKey, RightPublicKey, RightSecretKey, Scalar, TracingSecretKey, UserId, + UserSecretKey, XEnc, MIN_TRACING_LEVEL, SHARED_SECRET_LENGTH, SIGNATURE_LENGTH, + SIGNING_KEY_LENGTH, TAG_LENGTH, }, data_struct::{RevisionMap, RevisionVec}, traits::{Kem, Nike}, + Error, }; fn xor_2(lhs: &[u8; LENGTH], rhs: &[u8; LENGTH]) -> [u8; LENGTH] { @@ -240,11 +240,14 @@ pub fn encaps( let (tag, ss) = j_hash(&S, &c, &coordinate_encapsulations)?; - Ok((ss, XEnc { - tag, - c, - encapsulations: coordinate_encapsulations, - })) + Ok(( + ss, + XEnc { + tag, + c, + encapsulations: coordinate_encapsulations, + }, + )) } /// Attempts opening the Covercrypt encapsulation using the given USK. Returns diff --git a/src/core/serialization/mod.rs b/src/core/serialization/mod.rs index f56aa4b6..0f008e60 100644 --- a/src/core/serialization/mod.rs +++ b/src/core/serialization/mod.rs @@ -3,21 +3,21 @@ use std::collections::{HashMap, HashSet, LinkedList}; use cosmian_crypto_core::{ + bytes_ser_de::{to_leb128_len, Deserializer, Serializable, Serializer}, FixedSizeCBytes, SymmetricKey, - bytes_ser_de::{Deserializer, Serializable, Serializer, to_leb128_len}, }; use super::{ - RightPublicKey, RightSecretKey, SIGNATURE_LENGTH, SIGNING_KEY_LENGTH, TAG_LENGTH, - TracingPublicKey, TracingSecretKey, UserId, nike::EcPoint, + nike::EcPoint, RightPublicKey, RightSecretKey, TracingPublicKey, TracingSecretKey, UserId, + SIGNATURE_LENGTH, SIGNING_KEY_LENGTH, TAG_LENGTH, }; use crate::{ - Error, abe_policy::{AccessStructure, Right}, core::{ - Encapsulation, MasterPublicKey, MasterSecretKey, SHARED_SECRET_LENGTH, UserSecretKey, XEnc, + Encapsulation, MasterPublicKey, MasterSecretKey, UserSecretKey, XEnc, SHARED_SECRET_LENGTH, }, data_struct::{RevisionMap, RevisionVec}, + Error, }; impl Serializable for TracingPublicKey { @@ -497,20 +497,20 @@ mod tests { use std::collections::HashMap; use cosmian_crypto_core::{ - CsRng, bytes_ser_de::test_serialization, reexport::rand_core::SeedableRng, + bytes_ser_de::test_serialization, reexport::rand_core::SeedableRng, CsRng, }; use super::*; use crate::{ - AccessPolicy, abe_policy::{AttributeStatus, EncryptionHint}, api::Covercrypt, core::{ - MIN_TRACING_LEVEL, primitives::{encaps, setup, update_msk, usk_keygen}, + MIN_TRACING_LEVEL, }, test_utils::cc_keygen, traits::KemAc, + AccessPolicy, }; #[test] diff --git a/src/core/tests.rs b/src/core/tests.rs index dc8f164d..1d597e7d 100644 --- a/src/core/tests.rs +++ b/src/core/tests.rs @@ -1,6 +1,6 @@ use std::collections::{HashMap, HashSet}; -use cosmian_crypto_core::{Aes256Gcm, CsRng, reexport::rand_core::SeedableRng}; +use cosmian_crypto_core::{reexport::rand_core::SeedableRng, Aes256Gcm, CsRng}; use crate::{ abe_policy::{AccessPolicy, AttributeStatus, EncryptionHint, Right}, @@ -11,8 +11,8 @@ use crate::{ }; use super::{ - MIN_TRACING_LEVEL, primitives::{setup, usk_keygen}, + MIN_TRACING_LEVEL, }; /// This test asserts that it is possible to encapsulate a key for a given diff --git a/src/data_struct/dictionary.rs b/src/data_struct/dictionary.rs index 594a37df..d3390ba8 100644 --- a/src/data_struct/dictionary.rs +++ b/src/data_struct/dictionary.rs @@ -1,6 +1,6 @@ use std::{ borrow::Borrow, - collections::{HashMap, hash_map::Entry}, + collections::{hash_map::Entry, HashMap}, fmt::{self, Debug}, hash::Hash, marker::PhantomData, @@ -8,9 +8,9 @@ use std::{ }; use serde::{ - Deserialize, Deserializer, Serialize, de::{MapAccess, Visitor}, ser::SerializeMap, + Deserialize, Deserializer, Serialize, }; use super::error::Error; @@ -307,11 +307,14 @@ mod tests { // Iterators assert_eq!(d.values().collect::>(), vec!["Foox", "Bar", "Baz"]); - assert_eq!(d.iter().collect::>(), vec![ - (&String::from("ID1"), &String::from("Foox")), - (&String::from("ID2_bis"), &String::from("Bar")), - (&String::from("ID3"), &String::from("Baz")), - ]); + assert_eq!( + d.iter().collect::>(), + vec![ + (&String::from("ID1"), &String::from("Foox")), + (&String::from("ID2_bis"), &String::from("Bar")), + (&String::from("ID3"), &String::from("Baz")), + ] + ); // Remove assert!(d.remove(&String::from("Missing")).is_none()); diff --git a/src/data_struct/revision_map.rs b/src/data_struct/revision_map.rs index 39e20acc..a0bc35b7 100644 --- a/src/data_struct/revision_map.rs +++ b/src/data_struct/revision_map.rs @@ -1,8 +1,8 @@ use std::{ borrow::Borrow, collections::{ - HashMap, LinkedList, hash_map::{Entry, OccupiedEntry, VacantEntry}, + HashMap, LinkedList, }, fmt::Debug, hash::Hash, diff --git a/src/data_struct/revision_vec.rs b/src/data_struct/revision_vec.rs index 416edfdb..d46d1644 100644 --- a/src/data_struct/revision_vec.rs +++ b/src/data_struct/revision_vec.rs @@ -1,4 +1,4 @@ -use std::collections::{LinkedList, VecDeque, linked_list}; +use std::collections::{linked_list, LinkedList, VecDeque}; /// A `RevisionVec` is a vector that stores pairs containing a key /// and a sequence of values. Inserting a new value in the sequence @@ -208,24 +208,30 @@ mod tests { // Iterators let depth_iter: Vec<_> = revision_vec.flat_iter().collect(); - assert_eq!(depth_iter, vec![ - (&1, &"a\"".to_string()), - (&1, &"a'".to_string()), - (&1, &"a".to_string()), - (&2, &"b".to_string()), - (&3, &"c'".to_string()), - (&3, &"c".to_string()), - ]); + assert_eq!( + depth_iter, + vec![ + (&1, &"a\"".to_string()), + (&1, &"a'".to_string()), + (&1, &"a".to_string()), + (&2, &"b".to_string()), + (&3, &"c'".to_string()), + (&3, &"c".to_string()), + ] + ); let breadth_iter: Vec<_> = revision_vec.bfs().collect(); - assert_eq!(breadth_iter, vec![ - &"a\"".to_string(), - &"b".to_string(), - &"c'".to_string(), - &"a'".to_string(), - &"c".to_string(), - &"a".to_string(), - ]); + assert_eq!( + breadth_iter, + vec![ + &"a\"".to_string(), + &"b".to_string(), + &"c'".to_string(), + &"a'".to_string(), + &"c".to_string(), + &"a".to_string(), + ] + ); // Retain revision_vec.retain(|key| key == &1); diff --git a/src/encrypted_header.rs b/src/encrypted_header.rs index d4a9277d..4afc1ce5 100644 --- a/src/encrypted_header.rs +++ b/src/encrypted_header.rs @@ -1,11 +1,11 @@ use cosmian_crypto_core::{ - Aes256Gcm, CryptoCoreError, Dem, FixedSizeCBytes, Instantiable, Nonce, RandomFixedSizeCBytes, - Secret, SymmetricKey, kdf256, + kdf256, Aes256Gcm, CryptoCoreError, Dem, FixedSizeCBytes, Instantiable, Nonce, + RandomFixedSizeCBytes, Secret, SymmetricKey, }; use crate::{ - Error, MasterPublicKey, UserSecretKey, XEnc, abe_policy::AccessPolicy, api::Covercrypt, - core::SHARED_SECRET_LENGTH, traits::KemAc, + abe_policy::AccessPolicy, api::Covercrypt, core::SHARED_SECRET_LENGTH, traits::KemAc, Error, + MasterPublicKey, UserSecretKey, XEnc, }; /// Encrypted header holding a `Covercrypt` encapsulation of a 256-byte secret, and metadata @@ -46,10 +46,13 @@ impl EncryptedHeader { let mut secret = Secret::default(); kdf256!(&mut *secret, &*seed, &[1u8]); - Ok((secret, Self { - encapsulation, - encrypted_metadata, - })) + Ok(( + secret, + Self { + encapsulation, + encrypted_metadata, + }, + )) } /// Decrypts the header with the given user secret key. @@ -105,7 +108,7 @@ mod serialization { use super::*; use cosmian_crypto_core::bytes_ser_de::{ - Deserializer, Serializable, Serializer, to_leb128_len, + to_leb128_len, Deserializer, Serializable, Serializer, }; impl Serializable for EncryptedHeader { diff --git a/src/test_utils/mod.rs b/src/test_utils/mod.rs index 6a0d3c50..f45aa7b7 100644 --- a/src/test_utils/mod.rs +++ b/src/test_utils/mod.rs @@ -1,4 +1,4 @@ -use crate::{Error, MasterPublicKey, MasterSecretKey, abe_policy::gen_structure, api::Covercrypt}; +use crate::{abe_policy::gen_structure, api::Covercrypt, Error, MasterPublicKey, MasterSecretKey}; //pub mod non_regression; @@ -18,10 +18,10 @@ mod tests { use super::*; use crate::{ - EncryptedHeader, abe_policy::{AccessPolicy, EncryptionHint, QualifiedAttribute}, api::Covercrypt, traits::KemAc, + EncryptedHeader, }; #[test] @@ -44,21 +44,17 @@ mod tests { EncryptedHeader::generate(&cc, &mpk, &secret_sales_ap, None, None)?; // User cannot decrypt new message without refreshing its key - assert!( - encrypted_header - .decrypt(&cc, &low_secret_usk, None) - .unwrap() - .is_none() - ); + assert!(encrypted_header + .decrypt(&cc, &low_secret_usk, None) + .unwrap() + .is_none()); cc.refresh_usk(&mut msk, &mut low_secret_usk, false)?; - assert!( - encrypted_header - .decrypt(&cc, &low_secret_usk, None) - .unwrap() - .is_none() - ); + assert!(encrypted_header + .decrypt(&cc, &low_secret_usk, None) + .unwrap() + .is_none()); Ok(()) } @@ -84,24 +80,20 @@ mod tests { // update the master keys let _ = cc.update_msk(&mut msk)?; - assert!( - encrypted_header - .decrypt(&cc, &top_secret_fin_usk, None) - .unwrap() - .is_some() - ); + assert!(encrypted_header + .decrypt(&cc, &top_secret_fin_usk, None) + .unwrap() + .is_some()); let _new_decryption_policy = AccessPolicy::parse("SEC::TOP && DPT::HR")?; // Refreshing the USK removes the keys associated to rights that do not exist anymore in // the MSK, even if it is asked to preserve the old secrets. cc.refresh_usk(&mut msk, &mut top_secret_fin_usk, true)?; - assert!( - encrypted_header - .decrypt(&cc, &top_secret_fin_usk, None) - .unwrap() - .is_none() - ); + assert!(encrypted_header + .decrypt(&cc, &top_secret_fin_usk, None) + .unwrap() + .is_none()); Ok(()) } @@ -129,12 +121,10 @@ mod tests { // update the master keys let mpk = cc.update_msk(&mut msk)?; - assert!( - encrypted_header - .decrypt(&cc, &top_secret_fin_usk, None) - .unwrap() - .is_some() - ); + assert!(encrypted_header + .decrypt(&cc, &top_secret_fin_usk, None) + .unwrap() + .is_some()); // Can not encrypt using deactivated attribute let top_secret_ap = AccessPolicy::parse("SEC::TOP && DPT::FIN")?; @@ -143,21 +133,17 @@ mod tests { // refresh the user key and preserve old secrets cc.refresh_usk(&mut msk, &mut top_secret_fin_usk, true)?; - assert!( - encrypted_header - .decrypt(&cc, &top_secret_fin_usk, None) - .unwrap() - .is_some() - ); + assert!(encrypted_header + .decrypt(&cc, &top_secret_fin_usk, None) + .unwrap() + .is_some()); // refresh the user key and remove old secrets cc.refresh_usk(&mut msk, &mut top_secret_fin_usk, false)?; - assert!( - encrypted_header - .decrypt(&cc, &top_secret_fin_usk, None) - .unwrap() - .is_some() - ); + assert!(encrypted_header + .decrypt(&cc, &top_secret_fin_usk, None) + .unwrap() + .is_some()); Ok(()) } @@ -185,22 +171,18 @@ mod tests { // update the master keys let _ = cc.update_msk(&mut msk)?; - assert!( - encrypted_header - .decrypt(&cc, &top_secret_fin_usk, None) - .unwrap() - .is_some() - ); + assert!(encrypted_header + .decrypt(&cc, &top_secret_fin_usk, None) + .unwrap() + .is_some()); // refresh the user key and preserve old secrets let _new_decryption_policy = AccessPolicy::parse("SEC::TOP && DPT::Finance")?; cc.refresh_usk(&mut msk, &mut top_secret_fin_usk, false)?; - assert!( - encrypted_header - .decrypt(&cc, &top_secret_fin_usk, None) - .unwrap() - .is_some() - ); + assert!(encrypted_header + .decrypt(&cc, &top_secret_fin_usk, None) + .unwrap() + .is_some()); Ok(()) } @@ -262,22 +244,18 @@ mod tests { EncryptedHeader::generate(&cc, &mpk, &top_secret_ap.clone(), None, None)?; // Decryption fails without refreshing the user key - assert!( - encrypted_header - .decrypt(&cc, &top_secret_fin_usk, None) - .unwrap() - .is_none() - ); + assert!(encrypted_header + .decrypt(&cc, &top_secret_fin_usk, None) + .unwrap() + .is_none()); cc.refresh_usk(&mut msk, &mut top_secret_fin_usk, false)?; // The refreshed key can decrypt the header - assert!( - encrypted_header - .decrypt(&cc, &top_secret_fin_usk, None) - .unwrap() - .is_some() - ); + assert!(encrypted_header + .decrypt(&cc, &top_secret_fin_usk, None) + .unwrap() + .is_some()); Ok(()) } diff --git a/src/traits.rs b/src/traits.rs index 1430382f..cfcd6e0f 100644 --- a/src/traits.rs +++ b/src/traits.rs @@ -1,4 +1,4 @@ -use cosmian_crypto_core::{Secret, SymmetricKey, reexport::rand_core::CryptoRngCore}; +use cosmian_crypto_core::{reexport::rand_core::CryptoRngCore, Secret, SymmetricKey}; use std::ops::Add; use std::ops::Mul; use zeroize::Zeroizing;