chore: Merge branch 'release/v9.7.0'

.github/workflows/ci.yml

@@ -16,7 +16,7 @@ jobs:
       subcommands: |
         python3 scripts/download_wasm.py
         npm install
-      kms-version: 4.10.0
+      kms-version: 4.11.3
       findex-cloud-version: 0.3.1
 
   lint:
@@ -34,7 +34,7 @@ jobs:
     with:
       subcommands: |
         npm test
-      kms-version: 4.10.0
+      kms-version: 4.11.3
       kms-jwe-key:
         '{"kty": "OKP","d": "MPEVJwdRqGM_qhJOUb5hR0Xr9EvwMLZGnkf-eDj5fU8","use": "enc","crv": "X25519","kid": "DX3GC+Fx3etxfRJValQNbqaB0gs=","x":
         "gdF-1TtAjsFqNWr9nwhGUlFG38qrDUqYgcILgtYrpTY","alg": "ECDH-ES"}'
@@ -48,19 +48,19 @@ jobs:
     needs: test
     uses: Cosmian/reusable_workflows/.github/workflows/cloudproof_kms_js.yml@develop
     with:
-      branch: v3.0.0
-      kms-version: 4.10.0
+      branch: v3.1.2
+      kms-version: 4.11.3
 
   cloudproof_java:
     needs: test
     uses: Cosmian/reusable_workflows/.github/workflows/cloudproof_java_in_docker.yml@develop
     with:
-      branch: develop
+      branch: fix/kmip_serialization
       target: x86_64-unknown-linux-gnu
       extension: so
       destination: linux-x86-64
       os: ubuntu-20.04
-      kms-version: 4.10.0
+      kms-version: 4.11.3
       findex-cloud-version: 0.3.1
       copy_fresh_build: false
       copy_regression_files: |
@@ -74,7 +74,7 @@ jobs:
     with:
       branch: develop
       target: x86_64-unknown-linux-gnu
-      kms-version: 4.10.0
+      kms-version: 4.11.3
       findex-cloud-version: 0.3.1
       copy_fresh_build: false
       copy_regression_files: |
@@ -107,7 +107,7 @@ jobs:
         sleep 5
         cd ../test
         node chrome.mjs http://localhost:8090 http://kms:9998
-      kms-version: 4.10.0
+      kms-version: 4.11.3
       findex-cloud-version: 0.3.1
 
   example_reactjs:
@@ -123,7 +123,7 @@ jobs:
         sleep 5
         cd ../test
         node chrome.mjs http://localhost:8090 http://kms:9998
-      kms-version: 4.10.0
+      kms-version: 4.11.3
       findex-cloud-version: 0.3.1
 
   example_browser:
@@ -137,7 +137,7 @@ jobs:
         python3 -m http.server &
         sleep 3
         node test.mjs
-      kms-version: 4.10.0
+      kms-version: 4.11.3
       findex-cloud-version: 0.3.1
 
   example_webpack:
@@ -159,7 +159,7 @@ jobs:
         cd examples/nodejs
         npm install
         node test.mjs 10
-      kms-version: 4.10.0
+      kms-version: 4.11.3
       findex-cloud-version: 0.3.1
     secrets: inherit
 

.gitignore

@@ -2,5 +2,4 @@ node_modules/
 site/*.js
 dist/
 pgdata/
-package-lock.json
 .env

CHANGELOG.md

@@ -2,6 +2,12 @@
 
 All notable changes to this project will be documented in this file.
 
+## [9.7.0] - 2024-01-29
+
+### Features
+
+- Support kms 4.11 + kms_js 3.1.2
+
 ## [9.6.0] - 2023-12-11
 
 ### Bug Fixes

README.md

@@ -60,24 +60,10 @@ npm i cloudproof_js
 
 ## Versions Correspondence
 
-Local encryption and decryption with [CoverCrypt](https://github.com/Cosmian/cover_crypt) and SSE Findex Cosmian scheme use WASM libraries which are transparent for Javascript/Typescript usage.
-
-This table shows the minimum version correspondence between the various components.
-
-| `cloudproof_js` | CoverCrypt lib | Findex | KMS Server |
-|-----------------|----------------|--------|------------|
-| 1.0.6           | 6.0.1          | 0.5.0  | 2.2.0      |
-| 3.1.0           | 6.0.7          | 0.7.0  | 2.3.0      |
-| 3.1.0, 4.\*     | 6.0.7          | 0.7.0  | 2.3.0      |
-| 5.0.0           | 7.0.0          | 0.10.0 | 3.0.0      |
-| 6.0.0           | 8.0.0          | 1.0.0  | 4.0.0      |
-| 6.0.1           | 8.0.0          | 2.0.0  | 4.0.0      |
-| 7.0.0, 7.0.1    | 10.0.0         | 2.0.1  | 4.2.0      |
-
-From the version 8.0.0, `cloudproof_js` depends on [cloudproof_rust](https://github.com/Cosmian/cloudproof_rust) which wraps the interfaces of `CoverCrypt` and `Findex`.
+[CoverCrypt](https://github.com/Cosmian/cover_crypt) and SSE [Findex](https://github.com/Cosmian/findex) scheme are wrapped in WebAssembly libraries (WASM) in [cloudproof_rust](https://github.com/Cosmian/cloudproof_rust).
 
 | `cloudproof_js` | Cloudproof Rust lib | KMS Server |
-|-----------------|---------------------|------------|
+| --------------- | ------------------- | ---------- |
 | 8.0.0           | 1.0.0               | 4.2.0      |
 | 8.1.0           | 1.1.0               | 4.3.0      |
 | 9.0.0           | 2.0.1               | 4.3.0      |
@@ -88,3 +74,4 @@ From the version 8.0.0, `cloudproof_js` depends on [cloudproof_rust](https://git
 | 9.5.0           | 2.3.0               | 4.9.0      |
 | 9.5.1           | 2.3.0               | 4.9.1      |
 | 9.6.0           | 2.4.0               | 4.10.0     |
+| 9.7.0           | 2.4.0               | 4.11.3     |

docker-compose.yml

@@ -5,7 +5,7 @@ version: "3"
 services:
   kms:
     container_name: kms
-    image: ghcr.io/cosmian/kms:4.10.0
+    image: ghcr.io/cosmian/kms:4.11.3
     ports:
       - 9998:9998
     environment:

examples/browser/index.html

@@ -1,70 +1,89 @@
-<!DOCTYPE html>
+<!doctype html>
 <html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <head>
+    <meta charset="UTF-8" />
+    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>CloudproofJS in browser</title>
-    <link rel="icon" href="data:,">
-</head>
-<body>
+    <link rel="icon" href="data:," />
+  </head>
+  <body>
     <p>This demo should work without any JS build.</p>
 
     <script src="node_modules/cloudproof_js/dist/umd/index.js"></script>
     <script>
-        const { CoverCrypt } = window.cloudproof_js;
+      const { CoverCrypt } = window.cloudproof_js
 
-        (async () => {
-            const { Policy, PolicyAxis, generateMasterKeys, generateUserSecretKey, encrypt, decrypt } = await CoverCrypt();
-
-            const policy = new Policy([
-                new PolicyAxis(
-                    "Security Level",
-                    [
-                    { name: "Low", isHybridized: false },
-                    { name: "Medium", isHybridized: false },
-                    { name: "High", isHybridized: true },
-                    ],
-                    true,
-                ),
-                new PolicyAxis(
-                    "Department",
-                    [
-                    { name: "R&D", isHybridized: false },
-                    { name: "HR", isHybridized: false },
-                    ],
-                    false,
-                ),
-            ]);
+      ;(async () => {
+        const {
+          Policy,
+          PolicyAxis,
+          generateMasterKeys,
+          generateUserSecretKey,
+          encrypt,
+          decrypt,
+        } = await CoverCrypt()
 
-            const masterKeys = generateMasterKeys(policy);
-            console.log(masterKeys);
+        const policy = new Policy([
+          new PolicyAxis(
+            "Security Level",
+            [
+              { name: "Low", isHybridized: false },
+              { name: "Medium", isHybridized: false },
+              { name: "High", isHybridized: true },
+            ],
+            true,
+          ),
+          new PolicyAxis(
+            "Department",
+            [
+              { name: "R&D", isHybridized: false },
+              { name: "HR", isHybridized: false },
+            ],
+            false,
+          ),
+        ])
 
-            const highSecretAllDepartmentsDecryptionKey = generateUserSecretKey(masterKeys.secretKey, "Security Level::High && Department::R&D && Department::HR", policy)
-            const lowSecretHRDepartmentDecryptionKey = generateUserSecretKey(masterKeys.secretKey, "Security Level::Low && Department::HR", policy)
+        const masterKeys = generateMasterKeys(policy)
+        console.log(masterKeys)
 
-            const secret = encrypt(policy, masterKeys.publicKey, "Security Level::High && Department::HR", new TextEncoder().encode("My secret!"));
-            console.log(secret);
-            
-            const decrypted = decrypt(highSecretAllDepartmentsDecryptionKey, secret);
-            const decryptedMessage = new TextDecoder().decode(decrypted.plaintext);
-            console.log(decryptedMessage);
-            
-            if (decryptedMessage !== "My secret!") {
-                throw new Error("Incorrect decrypted message");
-            }
+        const highSecretAllDepartmentsDecryptionKey = generateUserSecretKey(
+          masterKeys.secretKey,
+          "Security Level::High && Department::R&D && Department::HR",
+          policy,
+        )
+        const lowSecretHRDepartmentDecryptionKey = generateUserSecretKey(
+          masterKeys.secretKey,
+          "Security Level::Low && Department::HR",
+          policy,
+        )
 
-            try {
-                decrypt(lowSecretHRDepartmentDecryptionKey, secret);
-            } catch {
-                // should fail
-            }
+        const secret = encrypt(
+          policy,
+          masterKeys.publicKey,
+          "Security Level::High && Department::HR",
+          new TextEncoder().encode("My secret!"),
+        )
+        console.log(secret)
 
-            const element = document.createElement('div')
-            element.id = "done"
-            document.body.appendChild(element)
-        })();
+        const decrypted = decrypt(highSecretAllDepartmentsDecryptionKey, secret)
+        const decryptedMessage = new TextDecoder().decode(decrypted.plaintext)
+        console.log(decryptedMessage)
 
+        if (decryptedMessage !== "My secret!") {
+          throw new Error("Incorrect decrypted message")
+        }
+
+        try {
+          decrypt(lowSecretHRDepartmentDecryptionKey, secret)
+        } catch {
+          // should fail
+        }
+
+        const element = document.createElement("div")
+        element.id = "done"
+        document.body.appendChild(element)
+      })()
     </script>
-</body>
-</html>
+  </body>
+</html>

examples/full_text_search/.gitignore

@@ -2,4 +2,4 @@ node_modules/
 *.sqlite
 *.sqlite-journal
 *.csv
-*.tsv
+*.tsv