feat: support crypto_core 9.2.0

CHANGELOG.md

@@ -2,6 +2,12 @@
 
 All notable changes to this project will be documented in this file.
 
+## [12.0.3] - 2023-09-18
+
+### Features
+
+- Support `crypto_core` v9.2.0
+
 ## [12.0.2] - 2023-09-01
 
 ### Features

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "cosmian_cover_crypt"
-version = "12.0.2"
+version = "12.0.3"
 authors = [
   "Théophile Brezot <[email protected]>",
   "Bruno Grieder <[email protected]>",
@@ -29,7 +29,7 @@ hybridized_bench = []
 
 [dependencies]
 base64 = { version = "0.21.0", optional = true }
-cosmian_crypto_core = { version = "9.1.0", default-features = false, features = ["ser", "sha3", "aes", "curve25519"] }
+cosmian_crypto_core = { version = "9.2.0", default-features = false, features = ["ser", "sha3", "aes", "curve25519"] }
 pqc_kyber = { version = "0.4", features = ["std", "hazmat"] }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"

benches/benches.rs

@@ -199,17 +199,17 @@ fn bench_serialization(c: &mut Criterion) {
 
     let mut group = c.benchmark_group("Key serialization");
     group.bench_function("MSK", |b| {
-        b.iter(|| msk.serialize().expect("cannot serialize msk"))
+        b.iter(|| msk.serialize().expect("cannot serialize msk"));
     });
     group.bench_function("MPK", |b| {
-        b.iter(|| mpk.serialize().expect("cannot serialize mpk"))
+        b.iter(|| mpk.serialize().expect("cannot serialize mpk"));
     });
 
     let usk = cover_crypt
         .generate_user_secret_key(&msk, &user_access_policies[0], &policy)
         .unwrap();
     group.bench_function("USK 1 partition", |b| {
-        b.iter(|| usk.serialize().expect("cannot serialize usk"))
+        b.iter(|| usk.serialize().expect("cannot serialize usk"));
     });
 
     // removes borrow checker warning about several mutable reference on `c`
@@ -228,7 +228,7 @@ fn bench_serialization(c: &mut Criterion) {
                         n_partition + 1
                     )
                 })
-            })
+            });
         });
     }
 }
@@ -258,7 +258,7 @@ fn bench_header_encryption(c: &mut Criterion) {
                     .unwrap_or_else(|_| {
                         panic!("cannot encrypt header for {} partition(s)", n_partition + 1)
                     })
-                })
+                });
             },
         );
     }
@@ -317,7 +317,7 @@ fn bench_header_decryption(c: &mut Criterion) {
                                     n_partitions_usk
                                 )
                             });
-                    })
+                    });
                 },
             );
         }

src/abe_policy/access_policy.rs

@@ -383,7 +383,7 @@ impl AccessPolicy {
                         let mut combined = Vec::with_capacity(value_left.len() + value_right.len());
                         combined.extend_from_slice(&value_left);
                         combined.extend_from_slice(value_right);
-                        res.push(combined)
+                        res.push(combined);
                     }
                 }
                 Ok(res)

src/abe_policy/policy.rs

@@ -424,7 +424,7 @@ fn generate_current_attribute_partitions(
     policy: &Policy,
 ) -> Result<HashSet<Partition>, Error> {
     let mut current_attr_value_per_axis = HashMap::<String, Vec<(u32, EncryptionHint)>>::new();
-    for attribute in attributes.iter() {
+    for attribute in attributes {
         let entry = current_attr_value_per_axis
             .entry(attribute.axis.clone())
             .or_default();

src/abe_policy/tests.rs

@@ -58,16 +58,16 @@ fn check_policy() {
     let attributes = policy.attributes();
     assert_eq!(security_level.len() + department.len(), attributes.len());
     for properties in &security_level.attributes_properties {
-        assert!(attributes.contains(&Attribute::new("Security Level", &properties.name)))
+        assert!(attributes.contains(&Attribute::new("Security Level", &properties.name)));
     }
     for properties in &department.attributes_properties {
-        assert!(attributes.contains(&Attribute::new("Department", &properties.name)))
+        assert!(attributes.contains(&Attribute::new("Department", &properties.name)));
     }
     for attribute in &attributes {
         assert_eq!(
             policy.attribute_values(attribute).unwrap()[0],
             policy.attribute_current_value(attribute).unwrap()
-        )
+        );
     }
 }
 
@@ -84,7 +84,7 @@ fn test_rotate_policy_attributes() -> Result<(), Error> {
         assert_eq!(
             policy.attribute_values(attribute)?[0],
             policy.attribute_current_value(attribute)?
-        )
+        );
     }
     Ok(())
 }

src/core/api.rs

@@ -1,6 +1,6 @@
 //! Defines the `Covercrypt` API.
 
-use std::{fmt::Debug, ops::DerefMut, sync::Mutex};
+use std::{fmt::Debug, sync::Mutex};
 
 use cosmian_crypto_core::{
     reexport::rand_core::SeedableRng, Aes256Gcm, CsRng, Dem, FixedSizeCBytes, Instantiable, Nonce,
@@ -172,7 +172,7 @@ impl Covercrypt {
         ad: Option<&[u8]>,
     ) -> Result<Vec<u8>, Error> {
         let aes256gcm = Aes256Gcm::new(symmetric_key);
-        let nonce = Nonce::new(self.rng.lock().expect("could not lock mutex").deref_mut());
+        let nonce = Nonce::new(&mut *self.rng.lock().expect("could not lock mutex"));
         let mut ciphertext = aes256gcm.encrypt(&nonce, plaintext, ad)?;
         let mut res =
             Vec::with_capacity(plaintext.len() + Aes256Gcm::MAC_LENGTH + Aes256Gcm::NONCE_LENGTH);

src/core/primitives.rs

@@ -5,7 +5,7 @@ use std::collections::{HashMap, HashSet};
 
 use cosmian_crypto_core::{
     kdf256, reexport::rand_core::CryptoRngCore, FixedSizeCBytes, R25519PrivateKey, R25519PublicKey,
-    RandomFixedSizeCBytes, SymmetricKey,
+    SymmetricKey,
 };
 use pqc_kyber::{
     indcpa::{indcpa_dec, indcpa_enc, indcpa_keypair},
@@ -309,7 +309,7 @@ pub fn refresh(
     keep_old_rights: bool,
 ) {
     if !keep_old_rights {
-        usk.subkeys.drain();
+        usk.subkeys.clear();
     }
 
     for partition in decryption_set {

src/core/serialization.rs

@@ -266,13 +266,13 @@ impl Serializable for EncryptedHeader {
             + to_leb128_len(
                 self.encrypted_metadata
                     .as_ref()
-                    .map(|data| data.len())
+                    .map(std::vec::Vec::len)
                     .unwrap_or_default(),
             )
             + self
                 .encrypted_metadata
                 .as_ref()
-                .map(|data| data.len())
+                .map(std::vec::Vec::len)
                 .unwrap_or_default()
     }
 
@@ -310,13 +310,13 @@ impl Serializable for CleartextHeader {
             + to_leb128_len(
                 self.metadata
                     .as_ref()
-                    .map(|data| data.len())
+                    .map(std::vec::Vec::len)
                     .unwrap_or_default(),
             )
             + self
                 .metadata
                 .as_ref()
-                .map(|data| data.len())
+                .map(std::vec::Vec::len)
                 .unwrap_or_default()
     }
 

src/lib.rs

@@ -11,7 +11,7 @@
 //! decryption rights for the post-rotation ciphertexts. A post-rotation key
 //! cannot be granted decryption rights for the pre-rotation ciphertexts.
 //!
-//! Covercryptencryption offers 128 bits of both pre- and post-quantum
+//! Covercrypt encryption offers 128 bits of both pre- and post-quantum
 //! security.
 //!
 //! The `api` module exposes the generic definition of `Covercrypt`.