re-encrypt temp commit

Dockerfile

@@ -5,7 +5,7 @@ ENV CGO_ENABLED=0
 
 COPY . .
 
-RUN go build -buildvcs=false -o ./sda-download ./cmd
+RUN set -ex; for p in cmd/*; do test -d "$p" && go build -buildvcs=false -o "sda-${p#cmd/}" "./$p"; done
 RUN echo "nobody:x:65534:65534:nobody:/:/sbin/nologin" > passwd
 
 FROM scratch

cmd/client/client.go

@@ -0,0 +1,38 @@
+package main
+
+import (
+	"context"
+	"flag"
+	"log"
+	"time"
+
+	re "github.com/neicnordic/sda-download/internal/reencrypt"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials/insecure"
+)
+
+var (
+	addr      = flag.String("addr", "localhost:5051", "the address to connect to")
+	publickey = flag.String("publickey", "NZfoJzFcOli3UWi/7U624h6fv2PufL1i2QPK8JkpmFg=", "Name to greet")
+	fileid    = flag.String("fileid", "urn:neic:001-002", "Name to greet")
+)
+
+func main() {
+	flag.Parse()
+	// Set up a connection to the server.
+	conn, err := grpc.Dial(*addr, grpc.WithTransportCredentials(insecure.NewCredentials()))
+	if err != nil {
+		log.Fatalf("did not connect: %v", err)
+	}
+	defer conn.Close()
+	c := re.NewReencryptClient(conn)
+
+	// Contact the server and print out its response.
+	ctx, cancel := context.WithTimeout(context.Background(), time.Second)
+	defer cancel()
+	r, err := c.ReencryptHeader(ctx, &re.ReencryptRequest{Fileid: *fileid, Publickey: *publickey})
+	if err != nil {
+		log.Fatalf("could not greet: %v", err)
+	}
+	log.Printf("Greeting: %s", string(r.GetHeader()))
+}

cmd/main.go → cmd/download/download.go

@@ -18,7 +18,7 @@ func init() {
 	log.Info("(1/5) Loading configuration")
 
 	// Load configuration
-	conf, err := config.NewConfig()
+	conf, err := config.NewConfig("download")
 	if err != nil {
 		log.Panicf("configuration loading failed, reason: %v", err)
 	}

cmd/reencrypt/reencrypt.go

@@ -0,0 +1,88 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"net"
+	"strings"
+
+	log "github.com/sirupsen/logrus"
+
+	"github.com/neicnordic/crypt4gh/keys"
+	"github.com/neicnordic/crypt4gh/model/headers"
+	"golang.org/x/crypto/chacha20poly1305"
+
+	"github.com/neicnordic/sda-download/internal/config"
+	"github.com/neicnordic/sda-download/internal/database"
+	re "github.com/neicnordic/sda-download/internal/reencrypt"
+	"google.golang.org/grpc"
+)
+
+// server is used to implement reencrypt.ReEncryptServer.
+type server struct {
+	re.UnimplementedReencryptServer
+}
+
+// init is run before main, it sets up configuration and other required things
+func init() {
+	log.Info("(1/5) Loading configuration")
+
+	// Load configuration
+	conf, err := config.NewConfig("reencrypt")
+	if err != nil {
+		log.Panicf("configuration loading failed, reason: %v", err)
+	}
+	config.Config = *conf
+
+	// Connect to database
+	db, err := database.NewDB(conf.DB)
+	if err != nil {
+		log.Panicf("database connection failed, reason: %v", err)
+	}
+	defer db.Close()
+	database.DB = db
+
+}
+
+// Reencrypt implements reencrypt.ReEncryptServer
+func (s *server) ReencryptHeader(ctx context.Context, in *re.ReencryptRequest) (*re.ReencryptResponse, error) {
+	log.Debugf("Received Public key: %v", in.GetPublickey())
+	log.Debugf("Received fileid: %v", in.GetFileid())
+	// Get file header
+	fileDetails, err := database.GetFile(in.GetFileid())
+	if err != nil {
+
+		return nil, err
+	}
+
+	newReaderPublicKey, err := keys.ReadPublicKey(strings.NewReader("-----BEGIN CRYPT4GH PUBLIC KEY-----\n" + in.GetPublickey() + "\n-----END CRYPT4GH PUBLIC KEY-----\n"))
+	if err != nil {
+		return nil, err
+	}
+
+	newReaderPublicKeyList := [][chacha20poly1305.KeySize]byte{}
+	newReaderPublicKeyList = append(newReaderPublicKeyList, newReaderPublicKey)
+
+	log.Debugf("header: %v", fileDetails.Header)
+	log.Debugf("crypt4ghkey path: %v", *config.Config.Grpc.Crypt4GHKey)
+
+	newheader, err := headers.ReEncryptHeader(fileDetails.Header, *config.Config.Grpc.Crypt4GHKey, newReaderPublicKeyList)
+	if err != nil {
+		return nil, err
+	}
+
+	return &re.ReencryptResponse{Header: newheader}, nil
+}
+
+func main() {
+	lis, err := net.Listen("tcp", fmt.Sprintf(":%d", *&config.Config.Grpc.Port))
+	if err != nil {
+		log.Fatalf("failed to listen: %v", err)
+	}
+	s := grpc.NewServer()
+	re.RegisterReencryptServer(s, &server{})
+	log.Printf("server listening at %v", lis.Addr())
+	if err := s.Serve(lis); err != nil {
+		log.Fatalf("failed to serve: %v", err)
+	}
+}

dev_utils/compose-no-tls.yml

@@ -1,5 +1,4 @@
 services:
-
   db:
     command: server /data
     container_name: db
@@ -19,77 +18,95 @@ services:
     volumes:
       - /tmp/data:/data
 
-  s3:
-    command: server /data
-    container_name: s3
-    environment:
-      - MINIO_ACCESS_KEY=access
-      - MINIO_SECRET_KEY=secretkey
-    healthcheck:
-      test: ["CMD", "curl", "-fq", "http://localhost:9000/minio/health/live"]
-      interval: 5s
-      timeout: 20s
-      retries: 3
-    image: minio/minio:RELEASE.2021-11-24T23-19-33Z
-    ports:
-      - "9000:9000"
+  # s3:
+  #   command: server /data
+  #   container_name: s3
+  #   environment:
+  #     - MINIO_ACCESS_KEY=access
+  #     - MINIO_SECRET_KEY=secretkey
+  #   healthcheck:
+  #     test: ["CMD", "curl", "-fq", "http://localhost:9000/minio/health/live"]
+  #     interval: 5s
+  #     timeout: 20s
+  #     retries: 3
+  #   image: minio/minio:RELEASE.2021-11-24T23-19-33Z
+  #   ports:
+  #     - "9000:9000"
 
-  createbucket:
-    container_name: buckets
-    image: minio/mc
-    depends_on:
-      s3:
-        condition: service_healthy
-    entrypoint: >
-      /bin/sh -c "
-      /usr/bin/mc config host add s3 http://s3:9000 access secretkey;
-      /usr/bin/mc mb s3/archive;
-      exit 0;
-      "
-    restart: on-failure
+  # createbucket:
+  #   container_name: buckets
+  #   image: minio/mc
+  #   depends_on:
+  #     s3:
+  #       condition: service_healthy
+  #   entrypoint: >
+  #     /bin/sh -c "
+  #     /usr/bin/mc config host add s3 http://s3:9000 access secretkey;
+  #     /usr/bin/mc mb s3/archive;
+  #     exit 0;
+  #     "
+  #   restart: on-failure
+
+  # download:
+  #   command: sda-download
+  #   container_name: download
+  #   depends_on:
+  #     db:
+  #       condition: service_healthy
+  #     s3:
+  #       condition: service_healthy
+  #     mockauth:
+  #       condition: service_started
+  #   environment:
+  #     - ARCHIVE_URL=http://s3
+  #     - ARCHIVE_TYPE=s3
+  #     - DB_HOST=db
+  #   image: neicnordic/sda-download:latest
+  #   build:
+  #     context: ..
+  #   volumes:
+  #     - ./config-notls.yaml:/config.yaml
+  #     - ./:/dev_utils/
+  #     - ./archive_data/4293c9a7-dc50-46db-b79a-27ddc0dad1c6:/tmp/4293c9a7-dc50-46db-b79a-27ddc0dad1c6
+  #   mem_limit: 256m
+  #   ports:
+  #     - "8080:8080"
+  #   restart: always
 
-  download:
-    command: sda-download
-    container_name: download
+  reencrypt:
+    command: sda-reencrypt
+    container_name: reencrypt
     depends_on:
       db:
         condition: service_healthy
-      s3:
-        condition: service_healthy
-      mockauth:
-        condition: service_started
     environment:
-      - ARCHIVE_URL=http://s3
-      - ARCHIVE_TYPE=s3
       - DB_HOST=db
     image: neicnordic/sda-download:latest
     build:
       context: ..
     volumes:
       - ./config-notls.yaml:/config.yaml
       - ./:/dev_utils/
-      - ./archive_data/4293c9a7-dc50-46db-b79a-27ddc0dad1c6:/tmp/4293c9a7-dc50-46db-b79a-27ddc0dad1c6
-    mem_limit: 256m
-    ports:
-      - "8080:8080"
-    restart: always
-
-  mockauth:
-    command:
-      - /bin/sh
-      - -c
-      - |
-        pip install --upgrade pip
-        pip install aiohttp Authlib
-        python -u /mockoidc.py
-    container_name: mockauth
-    image: python:3.10-slim
-    volumes:
-      - ./mockoidc/mockoidc.py:/mockoidc.py
     mem_limit: 256m
     ports:
-      - "8000:8000"
+      - "5051:5051"
     restart: always
 
-volumes:
-  archive:
+  # mockauth:
+  #   command:
+  #     - /bin/sh
+  #     - -c
+  #     - |
+  #       pip install --upgrade pip
+  #       pip install aiohttp Authlib
+  #       python -u /mockoidc.py
+  #   container_name: mockauth
+  #   image: python:3.10-slim
+  #   volumes:
+  #     - ./mockoidc/mockoidc.py:/mockoidc.py
+  #   mem_limit: 256m
+  #   ports:
+  #     - "8000:8000"
+  #   restart: always
+# volumes:
+#   archive: