Skip to content
This repository has been archived by the owner on Jun 20, 2024. It is now read-only.

Implement new endpoints required by htsget #372

Open
aaperis opened this issue Feb 12, 2024 · 0 comments
Open

Implement new endpoints required by htsget #372

aaperis opened this issue Feb 12, 2024 · 0 comments
Assignees
@MalinAhlberg @dbampalikis
Milestone
GDI MS7: Early ad...

Comments

@aaperis
Copy link
Contributor

aaperis commented Feb 12, 2024
edited by MalinAhlberg
Loading

Endpoint needed:

  • Index file endpoint (should exist, just make sure it works)

    • ([see GET("/s3/*path"] --GET to https://<endpoint-index>/id.bam.bai)

  • Encrypted file size (should it contain the size of the crypt4gh header too?)

    • make sure it has the correct endpoint (HEAD to https://<endpoint-file>/id.bam.c4gh)
    • HEAD("/s3/*path") gives decrypted filesize in set in Content-Length in the headers here and below
    • add HEAD("/s3-encrypted/*path"), which shares code, but use ArchiveSize instead
    • add http response header server-additional-bytes, stating the size of the crypt4gh header
    • [optional] add http response header client-additional-bytes, stating the size of the crypt4gh header that the client will get
    • the size should be set in the Content-Length

  • [see "/header/*path"] return header size

    • currently we are returning the whole header - change to return only the size
    • <endpoint-crypt4gh-header-size> in ARCHITECHURE.md
    • see code but looks like it returns the actual file
    • make sure that the public keys that from user vs server (htsget) and repository (us) create headers of the same size (since we're using the size of the crypt4gh header in the db) (probably: talk to jocke and stefan).

  • (For the underlying BAM/VCF header) Initially full file - implement encrypted header: partial file. starting from scratch, if time allows. [see "/s3-encrypted/*path"]

    • possible to return the whole file, encrypted with the repo's key
    • check if possible to return partial from beginning of the file
    • [have a full file version in branch, test. start with the partial file (start: 0, end: n)].
    • htsget will send a http header range: bytes=0-x, use this rather than the params. The range can be expected to match the cryp4gh block boundaries.

  • Get client and server key (they will be used for the re-encryption service)

    • the server-public-key is the one coming from htsget and should be used from the requests that come from htsget
    • the client-public-key is the one used for the final request. it should again be used for the re-encryption, but only for the last request, coming from the user, not the htsget-server
    • extract from http headers
    • make sure we know which requests come from user vs htsget and use correct key
    • send to re-encryption server, get file encrypted with that key
    • usage: when htsget makes the request /s3-encrypted/*path". (implemented later: when client makes the final call, for now use s3/*path)
@aaperis aaperis changed the title Implement new endpoint requires by htsget Implement new endpoint required by htsget Feb 12, 2024
@dbampalikis dbampalikis changed the title Implement new endpoint required by htsget Implement new endpoints required by htsget Feb 12, 2024
@MalinAhlberg MalinAhlberg mentioned this issue Feb 27, 2024
Merged
@MalinAhlberg MalinAhlberg mentioned this issue Apr 29, 2024
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@MalinAhlberg MalinAhlberg

@dbampalikis dbampalikis

Labels
None yet
Projects
None yet
Milestone
GDI MS7: Early adopter nodes deployed...
Development

No branches or pull requests
4 participants
@viklund @MalinAhlberg @dbampalikis @aaperis