chore: Merge branch 'release/v9.3.0'

.github/workflows/ci.yml

@@ -16,7 +16,7 @@ jobs:
       subcommands: |
         python3 scripts/download_wasm.py
         npm install
-      kms-version: 4.5.0
+      kms-version: 4.6.0
       findex-cloud-version: 0.3.1
 
   lint:
@@ -33,7 +33,7 @@ jobs:
     with:
       subcommands: |
         npm test
-      kms-version: 4.5.0
+      kms-version: 4.6.0
       kms-jwe-key: '{"kty": "OKP","d": "MPEVJwdRqGM_qhJOUb5hR0Xr9EvwMLZGnkf-eDj5fU8","use": "enc","crv": "X25519","kid": "DX3GC+Fx3etxfRJValQNbqaB0gs=","x":
         "gdF-1TtAjsFqNWr9nwhGUlFG38qrDUqYgcILgtYrpTY","alg": "ECDH-ES"}'
       findex-cloud-version: 0.3.1
@@ -50,7 +50,7 @@ jobs:
       extension: so
       destination: linux-x86-64
       os: ubuntu-20.04
-      kms-version: 4.5.0
+      kms-version: 4.6.0
       findex-cloud-version: 0.3.1
       copy_fresh_build: false
       copy_regression_files: |
@@ -64,7 +64,7 @@ jobs:
     with:
       branch: develop
       target: x86_64-unknown-linux-gnu
-      kms-version: 4.5.0
+      kms-version: 4.6.0
       copy_fresh_build: false
       copy_regression_files: |
         cp ./cloudproof_js/non_regression_vector.json tests/data/cover_crypt/non_regression/js_non_regression_vector.json
@@ -95,7 +95,7 @@ jobs:
         sleep 5
         cd ../test
         node chrome.mjs http://localhost:8090 http://kms:9998
-      kms-version: 4.5.0
+      kms-version: 4.6.0
       findex-cloud-version: 0.3.1
 
   example_reactjs:
@@ -110,7 +110,7 @@ jobs:
         sleep 5
         cd ../test
         node chrome.mjs http://localhost:8090 http://kms:9998
-      kms-version: 4.5.0
+      kms-version: 4.6.0
       findex-cloud-version: 0.3.1
 
   example_browser:
@@ -123,7 +123,7 @@ jobs:
         python3 -m http.server &
         sleep 3
         node test.mjs
-      kms-version: 4.5.0
+      kms-version: 4.6.0
       findex-cloud-version: 0.3.1
 
   example_webpack:
@@ -143,7 +143,7 @@ jobs:
         cd examples/nodejs
         npm install
         node test.mjs 10
-      kms-version: 4.5.0
+      kms-version: 4.6.0
       findex-cloud-version: 0.3.1
 
   example_imdb:

CHANGELOG.md

@@ -2,6 +2,15 @@
 
 All notable changes to this project will be documented in this file.
 
+## [9.3.0] - 2023-09-22
+
+### Features
+
+- Support import of Certificate and PrivateKey (with tags)
+- Export object wrapped
+- Import of a wrapped key
+- Use 4.6.0 KMS version
+
 ## [9.2.0] - 2023-08-22
 
 ### Features

README.md

@@ -23,12 +23,12 @@ The library is available under a dual licensing scheme Affero GPL/v3 and commerc
 The library is based on:
 
 - [CoverCrypt](https://github.com/Cosmian/cover_crypt) algorithm which allows
-creating ciphertexts for a set of attributes and issuing user keys with access
-policies over these attributes. `CoverCrypt` offers Post-Quantum resistance.
+  creating ciphertexts for a set of attributes and issuing user keys with access
+  policies over these attributes. `CoverCrypt` offers Post-Quantum resistance.
 
 - [Findex](https://github.com/Cosmian/findex) which is a cryptographic protocol designed to securely make search queries on
-an untrusted cloud server. Thanks to its encrypted indexes, large databases can
-securely be outsourced without compromising usability.
+  an untrusted cloud server. Thanks to its encrypted indexes, large databases can
+  securely be outsourced without compromising usability.
 
 - [FPE](https://github.com/Cosmian/cloudproof_rust/tree/main/crates/fpe) provides `Format Preserving Encryption` (FPE) techniques for use in a zero-trust environment. These techniques are based on FPE-FF1 which is described in [NIST:800-38G](https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-38g.pdf).
 
@@ -65,7 +65,7 @@ Local encryption and decryption with [CoverCrypt](https://github.com/Cosmian/cov
 This table shows the minimum version correspondence between the various components.
 
 | `cloudproof_js` | CoverCrypt lib | Findex | KMS Server |
-|-----------------|----------------|--------|------------|
+| --------------- | -------------- | ------ | ---------- |
 | 1.0.6           | 6.0.1          | 0.5.0  | 2.2.0      |
 | 3.1.0           | 6.0.7          | 0.7.0  | 2.3.0      |
 | 3.1.0, 4.\*     | 6.0.7          | 0.7.0  | 2.3.0      |
@@ -76,9 +76,11 @@ This table shows the minimum version correspondence between the various componen
 
 From the version 8.0.0, `cloudproof_js` depends on [cloudproof_rust](https://github.com/Cosmian/cloudproof_rust) which wraps the interfaces of `CoverCrypt` and `Findex`.
 
-| `cloudproof_js` | Cloudproof Rust lib |
-|-----------------|---------------------|
-| 8.0.0           | 1.0.0               |
-| 8.1.0           | 1.1.0               |
-| 9.0.0           | 2.0.1               |
-| 9.1.0,9.1.1     | 2.1.0               |
+| `cloudproof_js` | Cloudproof Rust lib | KMS Server |
+| --------------- | ------------------- | ---------- |
+| 8.0.0           | 1.0.0               | 4.2.0      |
+| 8.1.0           | 1.1.0               | 4.3.0      |
+| 9.0.0           | 2.0.1               | 4.3.0      |
+| 9.1.0,9.1.1     | 2.1.0               | 4.3.0      |
+| 9.2.0           | 2.2.1               | 4.5.0      |
+| 9.3.0           | 2.2.3               | 4.6.0      |

docker-compose.yml

@@ -5,7 +5,7 @@ version: '3'
 services:
   kms:
     container_name: kms
-    image: ghcr.io/cosmian/kms:4.5.0
+    image: ghcr.io/cosmian/kms:4.6.0
     ports:
       - 9998:9998
     environment:

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cloudproof_js",
-  "version": "9.2.0",
+  "version": "9.3.0",
   "license": "MIT",
   "description": "Cosmian Cloudproof javascript client library",
   "author": "Bruno Grieder<bruno.grieder@cosmian.com>, Pauline Hochard<pauline.hochard@cosmian.com>, Emmanuel Coste<emmanuel.coste@cosmian.com>, Thibaud Dauce<thibaud.dauce@cosmian.com>",

scripts/download_wasm.py

@@ -1,10 +1,9 @@
 # -*- coding: utf-8 -*-
-import urllib.request
 import shutil
 import ssl
+import urllib.request
 import zipfile
-
-from os import path, remove, getenv
+from os import getenv, path, remove
 
 
 def files_to_be_copied(name: str):
@@ -74,6 +73,6 @@ def download_wasm(version: str) -> bool:
 
 
 if __name__ == '__main__':
-    RET = download_wasm('v2.2.1')
+    RET = download_wasm('v2.2.3')
     if RET is False and getenv('GITHUB_ACTIONS'):
         download_wasm('last_build/feature/findex_5_0_0')

src/anonymization/hash.ts

@@ -9,7 +9,6 @@ export class Hasher {
 
   /**
    * Creates a Hasher instance with the specified hash function and salt.
-   *
    * @param {string} hasherMethod - The name of the hash function to use.
    * @param {Iterable<number>|undefined} [salt] - The optional salt to use in the hash function.
    */
@@ -37,7 +36,6 @@ export class Hasher {
 
   /**
    * Applies the hash function to the specified elements and returns the resulting hash value.
-   *
    * @param {string|Iterable<number>} data - The elements to apply the hash function to.
    * @returns {string} The resulting hash value as a string.
    */

src/anonymization/noise.ts

@@ -9,31 +9,27 @@ import {
 interface NoiseGenerator {
   /**
    * Apply noise to a floating point number.
-   *
    * @param data - The input number to apply noise to.
    * @returns The result of applying noise to the input number.
    */
   apply_on_float: (data: number) => number
 
   /**
    * Apply noise to a BigInt.
-   *
    * @param data - The input BigInt to apply noise to.
    * @returns The result of applying noise to the input BigInt.
    */
   apply_on_int: (data: bigint) => bigint
 
   /**
    * Apply noise to a date string.
-   *
    * @param data - The input date string to apply noise to.
    * @returns The result of applying noise to the input date string.
    */
   apply_on_date: (data: string) => string
 
   /**
    * Apply correlated noise to an array of floating point numbers.
-   *
    * @param data - The input array of floating point numbers to apply correlated noise to.
    * @param factors - The array of correlation factors to use.
    * @returns The result of applying correlated noise to the input array of floating point numbers.
@@ -45,7 +41,6 @@ interface NoiseGenerator {
 
   /**
    * Apply correlated noise to an array of BigInts.
-   *
    * @param data - The input array of BigInts to apply correlated noise to.
    * @param factors - The array of correlation factors to use.
    * @returns The result of applying correlated noise to the input array of BigInts.
@@ -57,7 +52,6 @@ interface NoiseGenerator {
 
   /**
    * Apply correlated noise to an array of date strings.
-   *
    * @param data - The input array of date strings to apply correlated noise to.
    * @param factors - The array of correlation factors to use.
    * @returns The result of applying correlated noise to the input array of date strings.
@@ -79,7 +73,6 @@ class Noise {
 
   /**
    * Creates a new instance of `Noise`.
-   *
    * @param noise - The noise generator to use.
    */
   constructor(noise: NoiseGenerator) {
@@ -88,7 +81,6 @@ class Noise {
 
   /**
    * Applies noise to the input data.
-   *
    * @param data - The input data to apply noise to.
    * @returns The input data with noise applied.
    * @throws An error if the type of `data` is not supported.
@@ -107,7 +99,6 @@ class Noise {
 
   /**
    * Applies correlated noise to the input data.
-   *
    * @param data - The input data to apply noise to.
    * @param factors - The factors to use for applying noise.
    * @returns The input data with noise applied.
@@ -161,13 +152,11 @@ class Noise {
 
 /**
  * A class representing a noise generator with parameters.
- *
  * @augments Noise
  */
 export class NoiseWithParameters extends Noise {
   /**
    * Creates a new instance of `NoiseWithParameters`.
-   *
    * @param methodName - the noise distribution to use ("Gaussian" or "Laplace")
    * @param mean - The mean value for generating noise.
    * @param stdDev - The standard deviation value for generating noise.
@@ -179,13 +168,11 @@ export class NoiseWithParameters extends Noise {
 
 /**
  * A class representing a noise generator with bounds.
- *
  * @augments Noise
  */
 export class NoiseWithBounds extends Noise {
   /**
    * Creates a new instance of `NoiseWithBounds`.
-   *
    * @param methodName - the noise distribution to use ("Gaussian", "Laplace" or "Uniform")
    * @param minBound - The minimum bound for generating noise.
    * @param maxBound - The maximum bound for generating noise.

src/anonymization/number.ts

@@ -12,7 +12,6 @@ export class NumberAggregator {
   private readonly _numberAggregator: WebAssemblyNumberAggregator
   /**
    * Creates an instance of NumberAggregator.
-   *
    * @param powerOfTen The desired power of ten to round the measurements to.
    */
   constructor(powerOfTen: number) {
@@ -21,7 +20,6 @@ export class NumberAggregator {
 
   /**
    * Applies the number aggregator on the provided data.
-   *
    * @param data The number or bigint to apply the number aggregator on.
    * @returns The rounded value of the data.
    * @throws An error if the type of data is not supported.
@@ -38,15 +36,13 @@ export class NumberAggregator {
 }
 /**
  * A data anonymization technique to round dates to the unit of time specified.
- *
  * @class
  */
 export class DateAggregator {
   private readonly _dateAggregator: WebAssemblyDateAggregator
 
   /**
    * Creates a new instance of the `DateAggregator`.
-   *
    * @param {string} timeUnit - The unit of time to round the date to.
    */
   constructor(timeUnit: string) {
@@ -55,7 +51,6 @@ export class DateAggregator {
 
   /**
    * Applies the `DateAggregator` to the given date.
-   *
    * @param {string} data - The date to apply the `DateAggregator` to.
    * @returns {string} - The rounded date string.
    * @throws {Error} - If the input data is not a valid date string.

src/cover_crypt/decryption.ts

@@ -29,7 +29,6 @@ export class CoverCryptHybridDecryption {
 
   /**
    * Decrypts a CoverCrypt ciphertext header using the given user decryption key
-   *
    * @param {Uint8Array} encryptedHeader CoverCrypt encrypted header
    * @param {object} options Additional optional options to the encryption
    * @param {Uint8Array} options.authenticationData Data use to authenticate the encrypted value when decrypting (if use, should be use during
@@ -57,7 +56,6 @@ export class CoverCryptHybridDecryption {
 
   /**
    * Decrypts a AES256-GCM block
-   *
    * @param {Uint8Array} symmetricKey AES key
    * @param {Uint8Array} encryptedBytes Encrypted block
    * @param {object} options Additional optional options to the encryption
@@ -85,7 +83,6 @@ export class CoverCryptHybridDecryption {
 
   /**
    * Hybrid decrypt wrapper: CoverCrypt decrypt then AES decrypt
-   *
    * @param  {Uint8Array} ciphertext the encrypted data
    * @param {object} options Additional optional options to the encryption
    * @param {Uint8Array} options.authenticationData Data use to authenticate the encrypted value when decrypting (if use, should be use during
@@ -103,7 +100,6 @@ export class CoverCryptHybridDecryption {
 
 /**
  * Hybrid decrypt wrapper: CoverCrypt decrypt then AES decrypt
- *
  * @param decryptionKey the user key to decrypt
  * @param {Uint8Array} ciphertext the encrypted data
  * @param {object} options Additional optional options to the encryption

src/cover_crypt/encryption.ts

@@ -37,7 +37,6 @@ export class CoverCryptHybridEncryption {
 
   /**
    * Generate and encrypt a symmetric key using the public key and policy.
-   *
    * @param {string} accessPolicy Encrypt with this access policy
    * @param {object} options Additional optional options to the encryption
    * @param {Uint8Array} options.headerMetadata Data encrypted in the header
@@ -77,7 +76,6 @@ export class CoverCryptHybridEncryption {
 
   /**
    * Encrypts a AES256-GCM block
-   *
    * @param {Uint8Array} symmetricKey Symmetric key to use to encrypt
    * @param {Uint8Array} plaintext Stuff to encrypt
    * @param {object} options Additional optional options to the encryption
@@ -105,7 +103,6 @@ export class CoverCryptHybridEncryption {
 
   /**
    * Hybrid encrypt wrapper: CoverCrypt encrypt then AES encrypt
-   *
    * @param {string} accessPolicy Encrypt with this access policy
    * @param {Uint8Array} plaintext Stuff to encrypt
    * @param {object} options Additional optional options to the encryption
@@ -133,7 +130,6 @@ export class CoverCryptHybridEncryption {
 
 /**
  * Hybrid encrypt wrapper: CoverCrypt encrypt then AES encrypt
- *
  * @param {Policy} policy CoverCrypt global policy
  * @param {Uint8Array} publicKey Master public key
  * @param {string} accessPolicy Encrypt with this access policy