feat: add findex impl - client and server sides

[Manuthor]

Prerequisites:

• cloudproof_findex: add a basic REST client Findex implementation (old Findex Cloud not reusable): feat(findex): add basic REST client instanciation - without Findex Cloud cloudproof_rust#72
  • Adapt cloudproof_rust for Findex v7.
    • A POC has been done for Findex v7 slightly changing the rest-interface for the new REST basic interface (without the custom Findex Cloud AuthorizationToken). Old work on Findex Cloud is kept for non regression.
  • Replace rust macro with classical Rust impl (vscode does not support macros)
  • Make Findex REST Backend instantiable (and usable) in other bindings (FFI, Wasm, pyo3)
  • Adapt other cloudproof_* langages repos and make the CI OK
• findex repository:
  • Release the findex 7.0.0to be used incloudproof_rust`
  • [Findex v6] - Add missing serialization impls for structs Tokens, TokenWithEncryptedValueList and TokenToEncryptedValueMap: fix: Add missing serialization impls for structs Tokens, TokenWithEncryptedValueList and TokenToEncryptedValueMap. findex#88
  • Eventually release the 6.0.1 to be used in cloudproof_rust
• Auth0:
  • Create a proper findex-server Auth0 tenant
  • Configure it, create a test JWT token for user [email protected]
  • Use this token in tests

Client:

• Authentication JWT + PKCS12. Clap action login and logout
• Clap action server-version
• Findex
  • Indexing using REST Findex client interface:
    • with an arbitrary dataset
    • with any dataset on clap input
  • Findex implementation:
    • Add indexes
    • Delete indexes
    • Search keywords
    • Compact
• KMS integration:
  • Generate and get the Findex key from a KMS server
  • Delegate encryption in Findex to KMS
  • Encrypt indexed data using KMS: done in https://github.com/Cosmian/cli/tree/all_cli
    • hybrid encryption KEM - DEM with:
      KEM: RFC5649 (done by KMS with ckms)
      DEM: AES GCM (done locally by ckms)
• Rename FindexClient to RestClient
• Merge CLI in ckms Reexpose ckms in new repo https://github.com/Cosmian/cli. Same for cosmian_findex_cli

Server:

• Authentication JWT + PKCS12. Reuse KMS Auth middleware
• Add enpoints for indexing/searching with findex (server "just" INSERT and SELECT data, does not know the Findex master key)
• Database trait for all databases impls
• Database support:
  • Redis
  • [ ] Sqlite Won't be done for Findex v6 version
• Add an authorization system with 3 roles (reader, writer, admin):
  • Adapt endpoints to index and search using an ID
  • Add routes for authorization (grant, revoke)
  • Authorize clients (add role) for a specific ID
• Add routes to write and read encrypted datasets
• [ ] Convert TOML conf in JSON Won't be done unless a real need occurs

Closes #1
Closes #4
Closes #6
Closes #9
Closes #3

[tbrezot]

Since we don't want the key to be client-side, this should be replaced by a JWT, or at least an enum Key | JWT

[Manuthor]

Do you mean the Findex key only persist in a KMS?

[tbrezot]

Exactly. We need to decide whether we want to allow both flows or only the KMS-as-crypto-oracle one. Supporting both will need to switch to Findex-v7 which is more modular.

[tbrezot]

This seems strange to me.

If I follow you well, upon calling a CLI command, you call this function process with the client object (idk what it is). But since I doubt you serialize and store this client upon returning from the CLI, it means it is instantiated each time the CLI is called. Moreover, it seems to me that only one Findex operation can be performed per CLI invocation. Therefore I conclude that this clone is useless since the caller of process will not reuse this FindexClient.

Please, point to me where my reasoning is flawed.

More generally, I do not understand where the necessity of this FindexClient object and this action mechanism comes from. Imho, the ideally simplistic flow is:

1. user invokes the CLI with some arguments
2. the CLI parses its conf/ENV variables to findex the server URL. If it cannot be found, it becomes a required argument.
3. the CLI parses the provided arguments, returning an error upon reading an invalid one. There are 3 (or 4) possible commands: search, insert, delete (additionally compact). The validity of the rest of the argument depends on the identity of the command, and thus the main body of the CLI is just a match on the parsed command.
4. after parsing all arguments, if no error was thrown, then it means the parsed command will be performed: the CLI therefore instantiates a Findex object.
5. The CLI runs the appropriate Findex command with its arguments, and returns the result to the user.

As I said, this is rather simplistic and may need to be developed, for example in order to add a non-Findex command like it seems you are planning to. However, I don't think we need dedicated types with their own proceed functions and to pass around some FindexClient object.

[Manuthor]

The FindexClient is just a HTTPS Client which is initialized once and then pass to clap actions. About this clone, your reasoning is correct, I've removed the shared reference and passed directly the object to be consumed by actions. Yes the CLI instantiates a HTTPS client each time and does not chain Findex operations (that's what we want).
About the CLI flow, since the 4 operations search, add, delete and compact have different arguments, the 4 corresponding process functions (which are basic functions) are used:

• to parse those arguments
• to give them properly to Findex API
• to display to stdout the Findex output

[tbrezot]

It seems this is just an HTTPS client. I would suggest not to store it in some FindexClient. This would make everything simpler to read (this HTTPS client has nothing to do with Findex, and could be used by any other protocol built over HTTPS).

[Manuthor]

FindexClient could be renamed at least I suppose

[tbrezot]

I wouldn't use a default value here, but return an error upon failure to parse this information.

[Manuthor]

the idea was to give the format of the URL redis://XXXX:6379

[tbrezot]

Prerequisites:

* `cloudproof_findex`: add a basic REST client Findex implementation (old Findex Cloud not reusable): [feat(findex): add basic REST client instanciation - without Findex Cloud cloudproof_rust#72](https://github.com/Cosmian/cloudproof_rust/pull/72)
  
  * [x]  Create the `findex-cloud` feature and keep `rest-interface` for the new REST basic interface (without the custom Findex Cloud `AuthorizationToken`). Old work on Findex Cloud is kept for non regression.
  * [x]  Replace rust macro with classical Rust impl (vscode does not support macros)
  * [x]  Make Findex REST Backend instantiable (and usable) in other bindings (FFI, Wasm, pyo3)
  * [ ]  Adapt other `cloudproof_*` langages repos and make the CI OK
  * [ ]  Release the `cloudproof_findex` 6.1.0`to be used in`findex-server`

* `findex` repository:
  
  * [x]  Add missing serialization impls for structs `Tokens`, `TokenWithEncryptedValueList` and `TokenToEncryptedValueMap`: [fix: Add missing serialization impls for structs `Tokens`, `TokenWithEncryptedValueList` and `TokenToEncryptedValueMap`. findex#88](https://github.com/Cosmian/findex/pull/88)
  * [ ]  Release the 6.0.1 to be used in `cloudproof_rust`

* `Auth0`:
  
  * [x]  Create a proper `findex-server` Auth0 tenant
  * [ ]  Configure it, create a test JWT token for user `[email protected]`
  * [ ]  Use this token in tests

Client:

* [x]  Authentication JWT + PKCS12. Clap action `login` and `logout`

* [x]  Clap action `server-version`

* Findex
  
  * Indexing using REST Findex client interface:
    
    * [x]  with an arbitrary dataset
    * [ ]  with any dataset on clap input
  * [ ]  Searching words

* Encrypt indexed data using KMS:
  
  * [ ]  hybrid encryption KEM - DEM with:
    KEM: RFC5649 (done by KMS with ckms)
    DEM: AES GCM  (done locally by ckms)

* [ ]  Merge CLI in `ckms`

Server:

* [x]  Authentication JWT + PKCS12. Reuse KMS Auth middleware

* [x]  Add enpoints for indexing/searching with findex (server "just" INSERT and SELECT data, does not know the Findex master key)

* [x]  Database trait for all databases impls

* [ ]  Database support:
  
  * [x]  Redis
  * [ ]  Sqlite

* [ ]  Authorization: Multiple clients to index and search on the same datasets. Adapt endpoints to index and search using an `ID`

* [ ]  Convert TOML conf in JSON

UI

* User interface should allowed at least:
  
  * [ ]  Authenticating to the server (JWT at least)
  * [ ]  Indexing arbitrary datasets
  * [ ]  Searching words
  * [ ]  Save encrypted either on a S3 storage or on a managed database (another Redis, ...)

Great summary. Some questions:

• how are you planning to introduce the KMS in the decryption process? It seems to me that it would require forking Findex v6 since it hard-codes the use of AES/SHA3 in the implementation of the EncryptedValue. The v7 is more flexible since the crypto component is abstracted behind a trait and can therefore be selected at compile-time.
• do you really want to "merge the cli in ckms"?
• do you really want a JSON config file ? JSON is overly complex for the task imho
• I didn't get your authorization bullet: is it the separation between different indexes?

[HatemMn]

@Manuthor some updates of the cosmian all big :

• We will keep the findex v6 of cloudproof for this PR
• According to Bruno UI is not a priority

[HatemMn]

The following points were done with my commits, edit them according to nesecssituy

• Create a proper findex-server Auth0 tenant
• Configure it, create a test JWT token for user [email protected]
• Use this token in tests

[Manuthor]

The following points were done with my commits, edit them according to nesecssituy

* Create a proper findex-server Auth0 tenant

* Configure it, create a test JWT token for user [[email protected]](mailto:[email protected])

* Use this token in tests

done

[HatemMn]

Test