Skip to content

Commit

Permalink
Added rca support (#143)
Browse files Browse the repository at this point in the history
Co-authored-by: David Mihalcik <dmihalcik@virtru.com>
  • Loading branch information
danielRicaud and dmihalcik-virtru authored Feb 2, 2023
1 parent d2dc4ac commit 7079d11
Show file tree
Hide file tree
Showing 7 changed files with 86 additions and 58 deletions.
80 changes: 39 additions & 41 deletions .github/workflows/roundtrip/wait-and-test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ _configure_app() {
echo "[ERROR] Couldn't ci roundtrip command line app"
return 1
fi
if ! npm i "../../../cli/opentdf-cli-${app_version}.tgz"; then
if ! npm i "../../../cli/opentdf-cli-${app_version}.tgz"; then
return 1
fi
return 0
Expand All @@ -42,50 +42,48 @@ _wait-for() {
exit 1
}

_init_server()
{
output=$(mktemp)
if ! cd "${WEB_APP_DIR}"; then
echo "[ERROR] unable to cd ${WEB_APP_DIR}"
exit 2
_init_server() {
output=$(mktemp)
if ! cd "${WEB_APP_DIR}"; then
echo "[ERROR] unable to cd ${WEB_APP_DIR}"
exit 2
fi
npm uninstall @opentdf/client
if ! npm ci; then
echo "[ERROR] Couldn't ci web-app"
exit 2
fi
if ! npm i "../lib/opentdf-client-${app_version}.tgz"; then
ls -ls ../lib/
echo "[ERROR] Couldn't install @opentdf/client tarball"
return 1
fi
npm run dev &>"$output" &
server_pid=$!
echo "Server pid: $server_pid"
echo "Output: $output"
echo "Wait:"
limit=5
for i in $(seq 1 $limit); do
if grep -q -i 'ready' "$output"; then
return 0
fi
npm uninstall @opentdf/client
if ! npm ci; then
echo "[ERROR] Couldn't ci web-app"
exit 2
if ! ps $server_pid >/dev/null; then
echo "The server died" >&2
cat "${output}"
exit 1
fi
if ! npm i "../lib/opentdf-client-${app_version}.tgz"; then
ls -ls ../lib/
echo "[ERROR] Couldn't install @opentdf/client tarball"
return 1
if [[ $i == "$limit" ]]; then
echo "[WARN] Breaking _init_server loop after ${limit} iterations"
cat "${output}"
break
fi
npm run dev &> "$output" &
server_pid=$!
echo "Server pid: $server_pid"
echo "Output: $output"
echo "Wait:"
limit=5
for i in $(seq 1 $limit); do
if grep -q -i 'ready' "$output"; then
return 0
fi
if ! ps $server_pid > /dev/null; then
echo "The server died" >&2
cat "${output}"
exit 1
fi
if [[ $i == "$limit" ]]; then
echo "[WARN] Breaking _init_server loop after ${limit} iterations"
cat "${output}"
break
fi
sleep_for=$((5 + i * i * 2))
echo "[INFO] retrying in ${sleep_for} seconds... ( ${i} / $limit ) ..."
sleep ${sleep_for}
done
sleep_for=$((5 + i * i * 2))
echo "[INFO] retrying in ${sleep_for} seconds... ( ${i} / $limit ) ..."
sleep ${sleep_for}
done
}


if ! _configure_app; then
echo "[ERROR] Couldn't configure our library and app"
exit 2
Expand All @@ -105,7 +103,7 @@ if ! cd "${WEB_APP_DIR}"; then
exit 2
fi

if ! cd tests; then
if ! cd tests; then
echo "[ERROR] Couldn't open web integration tests folder"
exit 2
fi
Expand Down
4 changes: 2 additions & 2 deletions cli/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions lib/tdf3/src/client/DecoratedReadableStream.ts
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ export async function streamToBuffer(stream: ReadableStream<Uint8Array>): Promis
export abstract class DecoratedReadableStream {
KEK: null | string;
algorithm: string;
policyUuid?: string;
tdfSize: number;
stream: ReadableStream<Uint8Array>;
on: NodeJS.EventEmitter['on'];
Expand Down
38 changes: 33 additions & 5 deletions lib/tdf3/src/client/builders.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,13 @@ import axios from 'axios';
import { arrayBufferToBuffer, inBrowser } from '../utils/index.js';
import { AttributeValidator } from './validation/index.js';
import { AttributeObject, Policy } from '../models/index.js';
import { RcaParams } from '../tdf.js';
import { type RcaParams, type RcaLink } from '../tdf.js';
import { Binary } from '../binary.js';

import { IllegalArgumentError, IllegalEnvError } from '../errors.js';
import { PemKeyPair } from '../crypto/declarations.js';
import PolicyObject from '../../../src/tdf/PolicyObject.js';
import { type EntityObject } from '../../../src/tdf/EntityObject.js';
import { EntityObject } from '../../../src/tdf/EntityObject.js';

const { get } = axios;

Expand Down Expand Up @@ -203,6 +203,12 @@ class EncryptParamsBuilder {
* @return {EncryptParamsBuilder} - this object.
*/
withStreamSource(readStream: ReadableStream<Uint8Array>): EncryptParamsBuilder {
if (!readStream?.getReader) {
throw new Error(
`Source must be a WebReadableStream. Run node streams through stream.Readable.toWeb()`
);
}

this.setStreamSource(readStream);
return this;
}
Expand Down Expand Up @@ -700,6 +706,12 @@ class DecryptParamsBuilder {
* @return {DecryptParamsBuilder} - this object.
*/
withStreamSource(stream: ReadableStream<Uint8Array>) {
if (!stream?.getReader) {
throw new Error(
`Source must be a WebReadableStream. Run node streams through stream.Readable.toWeb()`
);
}

this.setStreamSource(stream);
return this;
}
Expand Down Expand Up @@ -795,16 +807,32 @@ class DecryptParamsBuilder {
/**
* @param rcaParams
*/
setRcaSource(rcaParams: RcaParams) {
this._params.rcaSource = rcaParams;
setRcaSource(rcaParams: RcaParams | RcaLink) {
let params;

if (typeof rcaParams === 'object') {
params = { ...rcaParams };
} else if (typeof rcaParams === 'string') {
params = Object.fromEntries(new URLSearchParams(rcaParams));
}

if (!params?.pu || !params?.wu || !params?.wk || !params?.al) {
throw new Error(`RCA link [${rcaParams}] is missing parameters!`);
}

const { pu, wu, wk, al } = params;

this.setUrlSource(wu);

this._params.rcaSource = { pu, wu, wk, al };
}

/**
* Use it with .withStreamSource
* @param rcaParams
* @returns {DecryptParamsBuilder}
*/
withRcaSource(rcaParams: RcaParams): DecryptParamsBuilder {
withRcaSource(rcaParams: RcaParams | RcaLink): DecryptParamsBuilder {
this.setRcaSource(rcaParams);
return this;
}
Expand Down
15 changes: 7 additions & 8 deletions lib/tdf3/src/client/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@ export interface ClientConfig {
clientId?: string;
dpopEnabled?: boolean;
kasEndpoint?: string;
easEndpoint?: string;
// DEPRECATED Ignored
keyRewrapEndpoint?: string;
// DEPRECATED Ignored
Expand All @@ -111,7 +112,6 @@ export interface ClientConfig {
externalJwt?: string;
authProvider?: AuthProvider | AppIdAuthProvider;
readerUrl?: string;
easEndpoint?: string;
entityObjectEndpoint?: string;
}

Expand All @@ -123,6 +123,8 @@ export class Client {

kasPublicKey?: string;

easEndpoint?: string;

clientId?: string;

authProvider?: AuthProvider | AppIdAuthProvider;
Expand Down Expand Up @@ -261,6 +263,8 @@ export class Client {
payloadKey,
}: EncryptParams): Promise<AnyTdfStream | null> {
if (rcaSource && asHtml) throw new Error('rca links should be used only with zip format');
if (rcaSource && !this.kasEndpoint)
throw new Error('rca links require a kasEndpoint url to be set');

const keypair: PemKeyPair = await this._getOrCreateKeypair(opts);
const policyObject = await this._createPolicyObject(scope);
Expand Down Expand Up @@ -294,13 +298,8 @@ export class Client {
const byteLimit = asHtml ? HTML_BYTE_LIMIT : GLOBAL_BYTE_LIMIT;
const stream = await tdf.writeStream(byteLimit, rcaSource, payloadKey);
// Looks like invalid calls | stream.upsertResponse equals empty array?
if (
rcaSource &&
stream.upsertResponse &&
stream.upsertResponse[0][0]?.storageLinks?.payload?.upload
) {
const url = stream.upsertResponse[0][0].storageLinks.payload.upload;
await uploadBinaryToS3(stream.stream, url, stream.tdfSize);
if (rcaSource) {
stream.policyUuid = policyObject.uuid;
}
if (!asHtml) {
return stream;
Expand Down
2 changes: 2 additions & 0 deletions lib/tdf3/src/tdf.ts
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,8 @@ export type RcaParams = {
al: string;
};

export type RcaLink = string;

type Metadata = {
connectOptions: {
testUrl: string;
Expand Down
4 changes: 2 additions & 2 deletions web-app/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 7079d11

Please sign in to comment.