IRIS-Cloudproof-Encryption

by Li XU

This application is not supported by InterSystems Corporation. Please be notified that you use it at your own risk.

0 reviews

Awards

147

Views

IPM installs

Details

Releases

Reviews

Issues

Pull requests

Utils for data Encryption in IRIS by Cloudproof from Cosmian

What's new in this version

Optimize python class and update zpm module

IRIS Cloudproof Encryption

This project implements the data Encryption in IRIS by cloudproof_py from Cosmian.

Installation

$ git clone https://github.com/xuenru/IRIS-Cloudproof-Encryption.git
$ cd IRIS-Cloudproof-Encryption
$ pip install -r requirements.txt
$ cp src/python/cosmian/ ${mgrdir}python/cosmian/

Then import and compile classes in src/Cosmian/Cloudproof

Install with ZPM

$ pip install cloudproof-py
> zpm "install iris-cloudproof-encryption"

If ZPM is not installed, you can install it using the following command.

> s r=##class(%Net.HttpRequest).%New(),r.Server="pm.community.intersystems.com",r.SSLConfiguration="ISC.FeatureTracker.SSL.Config" d r.Get("/packages/zpm/latest/installer"),$system.OBJ.LoadStream(r.HttpResponse.Data,"c")

Application Level Encryption in Interoperability

Apply the following adapters in the business processes

Cosmian.Cloudproof.CoverCryptAdapter : encrypt locally
Cosmian.Cloudproof.KmsAdapter : encrypt from a remote cosmian KMS server

Configuration and Examples

Open IRIS terminal

Encryption / Decryption

# Load the policy
> s policy =  ##class("Cosmian.Cloudproof.Utils").GetPolicy("/path/cosmian_policy.json")

For KMS encryption

# Get KmsClient
> s kmsClient = ##Class(EncryptionFhir.Util.FunctionSet).GetKMSClient("kms url","token")
Generate private and public key pair ids

d ##Class(EncryptionFhir.Util.FunctionSet).GenerateKeyPair(kmsClient, policy)

Generate decryption key uid

s decryptionKeyUid = ##class("Cosmian.Cloudproof.Utils").GenerateKMSDecryptionKeyUid(kmsClient, privateKeyUid, accessPolicy)

Decryption

s plaintext = ##class("Cosmian.Cloudproof.Utils").KMSDecrpt(kmsClient, userDecryptionUid, base64CipherText)

For local encryption

# Generate private and public key pair file for local encryption
> d ##class("Cosmian.Cloudproof.Utils").GenerateKeyPair(policy, "key path")
Generate decryption key

d ##class("Cosmian.Cloudproof.Utils").GenerateDecryptionKey(masterPrivateKey, policy, accessPolicy, "key path")

Decryption

s plaintext = ##class("Cosmian.Cloudproof.Utils").CloudProofDecrpt(userDecryptionKey, base64CipherText)

Findex Encrypted Search API

# Generate findex master key
> s masterKey = ##class("Cosmian.Cloudproof.Utils").FindexGenerateMasterKey("key path name")
Get existing findex master key

s masterKey = ##class("Cosmian.Cloudproof.Utils").FindexGetMasterKey("/pathto/findex_master.key")

Generate findex label for salt

s label = ##class("Cosmian.Cloudproof.Utils").FindexGenerateLabel("label")

Get findex interface instance

s findexInterface = ##class("Cosmian.Cloudproof.Utils").FindexGetInterface("path to db sqlite file")

Update or insert keywords index value in Findex database
data example : Set data = {"1": ["Martin", "Shepherd"], "2": ["Martial", "Wilkins"], "3": ["John", "Shepherd"]}.%ToJSON()

d ##class("Cosmian.Cloudproof.Utils").FindexUpsert(masterKey, label, findexInterface, data)

search index by keywords
keywords example : set keywords = ["She","Shepherd","John"].%ToJSON()

w ##class("Cosmian.Cloudproof.Utils").FindexSearch(masterKey, label, findexInterface, keywords)

Docs:

https://docs.cosmian.com/cloudproof_encryption/how_it_works/

encryption cryptography security

Made with

Python IPM

Install

zpm install iris-cloudproof-encryption

download archive

Repository Documentation License

Version

1.0.220 Sep, 2023