chore: Merge branch 'release/v2.4.0'

.github/workflows/build.yml

@@ -13,10 +13,12 @@ jobs:
     with:
       project-name: cloudproof_rust
       toolchain: stable
-      kms-version: feat-edit_policy
-      findex-cloud-version: 0.1.0
-      branch-java: feat/edit_policy
-      branch-js: feat/edit_policy
-      branch-flutter: feat/edit_policy
-      branch-python: feat/edit_policy
+      kms-version: 4.9.1
+      findex-cloud-version: 0.3.1
+      branch-java: fix/rename_findex_trait
+      branch-js: fix/rename_calbacks_to_backend
+      branch-kms-js: v2.0.0
+      branch-flutter: fix/use_insert_entry_in_compact
+      branch-python: fix/use_insert_entry_in_compact
+      exclusions: --exclude=cloudproof_findex
     secrets: inherit

.github/workflows/ci.yml

@@ -8,14 +8,32 @@ jobs:
     uses: Cosmian/reusable_workflows/.github/workflows/cargo-nursery-base.yml@develop
     with:
       toolchain: stable
+      exclusions: --exclude=cloudproof_findex
 
   cargo-doc:
     uses: Cosmian/reusable_workflows/.github/workflows/cargo-doc.yml@develop
     with:
       toolchain: stable
+      exclusions: --exclude=cloudproof_findex
 
   test_and_dry_publish:
     runs-on: ubuntu-latest
+    services:
+      findex_cloud:
+        image: ghcr.io/cosmian/findex_cloud:0.3.1
+        ports:
+          - 8080:8080
+
+      redis:
+        image: redis
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 6379:6379
+
     steps:
       - uses: actions/checkout@v1
       - name: Set up cargo cache
@@ -28,14 +46,30 @@ jobs:
             ~/.cargo/registry/cache/
             ~/.cargo/git/db/
             target/
-          key: ${{ runner.os }}-cargo-semver-
-          restore-keys: ${{ runner.os }}-cargo-semver-
+          key: ${{ runner.os }}-cargo-individual-tests-
+          restore-keys: ${{ runner.os }}-individual-tests-
 
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: nightly-2023-06-27
+          toolchain: stable
           override: true
 
       - name: Run python tests
         run: |
           bash scripts/test_python.sh
+
+      - name: Test ffi feature for cloudproof_findex
+        run: |
+          cargo clippy --workspace -p cloudproof_findex --all-targets --features ffi -- -D warnings
+          cargo test --release --workspace -p cloudproof_findex --all-targets --features ffi
+
+      - name: Test wasm feature for cloudproof_findex
+        run: |
+          cargo clippy --workspace -p cloudproof_findex --all-targets --features wasm -- -D warnings
+          cargo test --release --workspace -p cloudproof_findex --all-targets --features wasm
+
+      - name: Test python feature for cloudproof_findex
+        run: |
+          cargo clippy --workspace -p cloudproof_findex --all-targets --features python -- -D warnings
+          # Not testable but "bash scripts/test_python.sh" should be enough
+          # cargo test --release --workspace -p cloudproof_findex --all-targets --features python

.pre-commit-config.yaml

@@ -7,7 +7,7 @@
 
 # See https://pre-commit.com for more information
 # See https://pre-commit.com/hooks.html for more hooks
-exclude: crates/findex/tests/sqlite/datasets|crates/findex/tests/redis
+exclude: crates/findex/datasets|crates/findex/tests/redis
 repos:
   - repo: https://github.com/compilerla/conventional-pre-commit
     rev: v2.1.1
@@ -38,6 +38,12 @@ repos:
       - id: dockerfile_lint
       - id: markdown-toc
 
+  - repo: https://github.com/tcort/markdown-link-check
+    rev: v3.11.2
+    hooks:
+      - id: markdown-link-check
+        args: [-q]
+
   - repo: https://github.com/jumanjihouse/pre-commit-hook-yamlfmt
     rev: 0.2.2
     hooks:
@@ -74,11 +80,6 @@ repos:
       # - id: git-check
       - id: shellcheck
 
-  - repo: https://github.com/doublify/pre-commit-rust
-    rev: v1.0
-    hooks:
-      - id: cargo-check
-
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.4.0
     hooks:
@@ -118,7 +119,7 @@ repos:
         args: [--skip-string-normalization]
 
   - repo: https://github.com/Cosmian/git-hooks.git
-    rev: v1.0.14
+    rev: v1.0.24
     hooks:
       # - id: dprint-toml-fix
       - id: stable-cargo-format
@@ -127,10 +128,22 @@ repos:
       - id: cargo-audit-deny-warnings
       - id: cargo-outdated
       - id: cargo-udeps
+        args: [--exclude=cloudproof_findex]
       - id: cargo-machete
+      - id: docker-compose-up
       - id: cargo-tests-all
-      - id: cargo-test-doc
-      - id: clippy-autofix-all
-      - id: clippy-autofix-pedantic
-      - id: clippy-autofix-others
-      - id: clippy-all-targets-all-features
+        args: [--exclude=cloudproof_findex]
+
+      # cloudproof_findex excluded from clippy
+      - id: clippy-autofix-all-no-findex
+      - id: clippy-autofix-pedantic-no-findex
+      - id: clippy-autofix-others-no-findex
+      - id: clippy-all-targets-all-features-no-findex
+
+      # clippy only with cloudproof_findex
+      - id: clippy-autofix-ffi-findex
+      - id: clippy-autofix-python-findex
+      - id: clippy-autofix-wasm-findex
+
+      - id: stable-cargo-format
+      - id: docker-compose-down

CHANGELOG.md

@@ -2,6 +2,12 @@
 
 All notable changes to this project will be documented in this file.
 
+## [2.4.0] - 2023-11-21
+
+### Features
+
+- Support Findex v6 through all interfaces: FFI, Wasm and Python
+
 ## [2.3.0] - 2023-11-06
 
 ### Features

Cargo.toml

@@ -15,18 +15,23 @@ resolver = "1"
 [workspace.dependencies]
 async-trait = "0.1.74"
 base64 = "0.21.5"
-cosmian_crypto_core = "9.3.0"
-cosmian_ffi_utils = "0.1.2"
+cosmian_crypto_core = { version = "9.3.0", default-features = false }
+cosmian_ffi_utils = "0.1.3"
 hex = "0.4.3"
 js-sys = "0.3"
-pyo3 = { version = "0.19.2", features = ["extension-module", "abi3", "abi3-py37", "generate-import-lib"] }
+pyo3 = { version = "0.20.0", features = [
+  "extension-module",
+  "abi3",
+  "abi3-py37",
+  "generate-import-lib",
+] }
 rand = "0.8"
 thiserror = "1.0"
 tracing = "0.1"
 tracing-log = "0.1"
 tracing-subscriber = { version = "0.3", features = ["env-filter"] }
 tracing-tree = "0.2"
-wasm-bindgen = "0.2.88"
+wasm-bindgen = "0.2.89"
 
 [profile.release]
 lto = true

README.md

@@ -1,12 +1,12 @@
 # Cosmian Cloudproof Data Protection Library
 
-![Build status](https://github.com/Cosmian/cloudproof_rust/actions/workflows/ci.yml/badge.svg)
-![Build status](https://github.com/Cosmian/cloudproof_rust/actions/workflows/build.yml/badge.svg)
-![Build status](https://github.com/Cosmian/cloudproof_rust/actions/workflows/benches.yml/badge.svg)
+![Build status](https://github.com/Cosmian/cloudproof_rust/actions/workflows/ci.yml/badge.svg?branch=main)
+![Build status](https://github.com/Cosmian/cloudproof_rust/actions/workflows/build.yml/badge.svg?branch=main)
+![Build status](https://github.com/Cosmian/cloudproof_rust/actions/workflows/benches.yml/badge.svg?branch=main)
 
 Cloudproof Encryption provides libraries and tools to encrypt and securely index large repositories of data with advanced, high-performance security primitives with Post-Quantum resistance.
 
-See [the use cases and benefits](https://docs.cosmian.com/cloudproof_encryption/use_cases_benefits/) and a description of the [cryptosystems](https://docs.cosmian.com/cloudproof_encryption/crypto_systems/) used.
+See [an introduction to Cosmian libraries](https://docs.cosmian.com/cloudproof_encryption/how_it_works/) and a description of the [cryptosystems](https://docs.cosmian.com/cloudproof_encryption/crypto_systems/) used.
 
 The libraries are available in multiple languages to facilitate encryption close to the data source and decryption close to the decryption target, including mobile devices and browsers.
 
@@ -103,7 +103,7 @@ The `.so` libraries can then be found in `target/release/`.
 From the root directory:
 
 ```bash
-wasm-pack build -t web --release --features wasm_bindgen
+wasm-pack build -t web --release --features wasm
 ```
 
 The `.wasm` libraries can then be found in `pkg/`.
@@ -118,8 +118,7 @@ From the root directory:
 maturin build --release --manifest-path crates/<cover_crypt or findex>/Cargo.toml --features python
 ```
 
-**Note**: when a new function or class is added to the PyO3 interface, its
-signature needs to be added to
+**Note**: when a new function or class is added to the PyO3 interface, its signature needs to be added to
 [`**init**.pyi`](./crates/<cover*crypt or findex>/python/cloudproof*<cover_crypt or findex>/**init**.pyi).
 
 To run tests on the Python interface, run:
@@ -132,7 +131,7 @@ The `.whl` libraries can then be found in `target/wheels/`.
 
 ### Building the library for a different glibc
 
-Go to the [build](build/glibc-2.17/) directory for an example on how to build for GLIBC 2.17
+Go to the [build](glibc-2.17/) directory for an example on how to build for GLIBC 2.17
 
 ## Benchmarks
 

crates/aesgcm/Cargo.toml

@@ -1,24 +1,24 @@
 [package]
 name = "cloudproof_aesgcm"
-version = "0.1.2"
+version = "0.1.3"
 authors = ["Emmanuel Coste<[email protected]>"]
 edition = "2021"
 license-file = "../../LICENSE.md"
 repository = "https://github.com/cosmian/cloudproof_rust/"
 description = "Cosmian AES256GCM library"
 
 [lib]
-crate-type = ["cdylib", "rlib", "staticlib"]
+crate-type = ["cdylib", "lib", "staticlib"]
 name = "cloudproof_aesgcm"
 
 [features]
 default = []
 ffi = ["cosmian_ffi_utils"]
 python = ["pyo3"]
-wasm_bindgen = ["js-sys", "wasm-bindgen"]
+wasm = ["js-sys", "wasm-bindgen"]
 
 [dependencies]
-cosmian_crypto_core = { workspace = true }
+cosmian_crypto_core = { workspace = true, features = ["aes"] }
 
 # Optional dependencies
 cosmian_ffi_utils = { workspace = true, optional = true }
@@ -27,4 +27,4 @@ pyo3 = { workspace = true, optional = true }
 wasm-bindgen = { workspace = true, optional = true }
 
 [dev-dependencies]
-wasm-bindgen-test = "0.3.38"
+wasm-bindgen-test = "0.3.39"

crates/aesgcm/src/error.rs

@@ -3,7 +3,7 @@ use std::{array::TryFromSliceError, fmt::Display};
 use cosmian_crypto_core::CryptoCoreError;
 #[cfg(feature = "python")]
 use pyo3::{exceptions::PyException, PyErr};
-#[cfg(feature = "wasm_bindgen")]
+#[cfg(feature = "wasm")]
 use wasm_bindgen::JsValue;
 
 #[derive(Debug)]
@@ -33,7 +33,7 @@ impl From<TryFromSliceError> for AesGcmError {
     }
 }
 
-#[cfg(feature = "wasm_bindgen")]
+#[cfg(feature = "wasm")]
 impl From<AesGcmError> for JsValue {
     fn from(value: AesGcmError) -> Self {
         Self::from_str(&format!("Cloudproof error: {value:?}"))

crates/aesgcm/src/ffi/aesgcm.rs

@@ -1,4 +1,4 @@
-use cosmian_ffi_utils::{ffi_read_bytes, ffi_unwrap, ffi_write_bytes};
+use cosmian_ffi_utils::{ffi_read_bytes, ffi_unwrap, ffi_write_bytes, ErrorCode};
 
 use crate::{decrypt, encrypt};
 
@@ -26,18 +26,18 @@ unsafe extern "C" fn aesgcm(
     let output = if encrypt_flag {
         ffi_unwrap!(
             encrypt(key_bytes, nonce_bytes, input_data_bytes, authenticated_data),
-            "AES-256 GCM encryption error"
+            "AES-256 GCM encryption error",
+            ErrorCode::Encryption
         )
     } else {
         ffi_unwrap!(
             decrypt(key_bytes, nonce_bytes, input_data_bytes, authenticated_data),
-            "AES-256 GCM decryption error"
+            "AES-256 GCM decryption error",
+            ErrorCode::Decryption
         )
     };
 
     ffi_write_bytes!("output_ptr", &output, output_ptr, output_len);
-
-    0
 }
 
 #[no_mangle]

crates/aesgcm/src/lib.rs

@@ -1,14 +1,14 @@
 /// The `cloudproof_rust` subcrate `aesgcm` brings the standard AES256 GCM
 /// implementation which has been audited by the NCC Group, with no significant
-/// findings. Refer to https://research.nccgroup.com/2020/02/26/public-report-rustcrypto-aes-gcm-and-chacha20poly1305-implementation-review/
+/// findings. Refer to <https://research.nccgroup.com/2020/02/26/public-report-rustcrypto-aes-gcm-and-chacha20poly1305-implementation-review/>
 
 #[cfg(feature = "ffi")]
 pub mod ffi;
 
 #[cfg(feature = "python")]
 pub mod pyo3;
 
-#[cfg(feature = "wasm_bindgen")]
+#[cfg(feature = "wasm")]
 pub mod wasm_bindgen;
 
 mod core;

crates/aesgcm/src/wasm_bindgen/tests.rs

@@ -20,7 +20,7 @@ fn test_encrypt_decrypt() {
         ciphertext.to_vec(),
         key.to_vec(),
         nonce.to_vec(),
-        authentication_data.clone(),
+        authentication_data,
     )
     .unwrap();
     assert_eq!(plaintext.to_vec(), cleartext.to_vec());

crates/anonymization/Cargo.toml

@@ -1,21 +1,21 @@
 [package]
 name = "cloudproof_anonymization"
-version = "0.1.1"
+version = "0.1.2"
 authors = ["Hugo Rosenkranz-costa<[email protected]>"]
 edition = "2021"
 license-file = "../../LICENSE.md"
 repository = "https://github.com/cosmian/cloudproof_rust/"
 description = "Cosmian Cloudproof Anonymization library"
 
 [lib]
-crate-type = ["cdylib", "rlib"]
+crate-type = ["cdylib", "lib", "staticlib"]
 name = "cloudproof_anonymization"
 
 [features]
 default = []
 ffi = []
 python = ["pyo3"]
-wasm_bindgen = ["js-sys", "wasm-bindgen"]
+wasm = ["js-sys", "wasm-bindgen"]
 
 # waiting for ffi and js
 [package.metadata.cargo-udeps.ignore]
@@ -24,8 +24,11 @@ normal = ["js-sys", "wasm-bindgen"]
 [dependencies]
 argon2 = "0.5"
 base64 = { workspace = true }
-chrono = { version = "0.4", default-features = false, features = ["clock", "wasmbind"] }
-cosmian_crypto_core = { workspace = true }
+chrono = { version = "0.4", default-features = false, features = [
+  "clock",
+  "wasmbind",
+] }
+cosmian_crypto_core = { workspace = true, features = ["sha3"] }
 hex = { workspace = true }
 rand = { workspace = true }
 rand_distr = "0.4"
@@ -40,4 +43,4 @@ wasm-bindgen = { workspace = true, optional = true }
 
 [dev-dependencies]
 approx = "0.5.1"
-wasm-bindgen-test = "0.3.38"
+wasm-bindgen-test = "0.3.39"