IRIS-Cloudproof-Encryption

Downloads15
Subscribe
0
Bookmark
0
This application is not supported by InterSystems Corporation. Please be notified that you use it at your own responsibility.
Details
Releases
Reviews
Issues

What's new in this version

Optimize python class and update zpm module

IRIS Cloudproof Encryption

This project implements the data Encryption in IRIS by cloudproof_py from Cosmian.

Installation

$ git clone https://github.com/xuenru/IRIS-Cloudproof-Encryption.git
$ cd IRIS-Cloudproof-Encryption
$ pip install -r requirements.txt
$ cp src/python/cosmian/ ${mgrdir}python/cosmian/

Then import and compile classes in src/Cosmian/Cloudproof

Install with ZPM

$ pip install cloudproof-py
> zpm "install iris-cloudproof-encryption"

If ZPM is not installed, you can install it using the following command.

> s r=##class(%Net.HttpRequest).%New(),r.Server="pm.community.intersystems.com",r.SSLConfiguration="ISC.FeatureTracker.SSL.Config" d r.Get("/packages/zpm/latest/installer"),$system.OBJ.LoadStream(r.HttpResponse.Data,"c")

Application Level Encryption in Interoperability

Apply the following adapters in the business processes

  • Cosmian.Cloudproof.CoverCryptAdapter : encrypt locally
  • Cosmian.Cloudproof.KmsAdapter : encrypt from a remote cosmian KMS server

Configuration and Examples

Open IRIS terminal

Encryption / Decryption

# Load the policy
> s policy =  ##class("Cosmian.Cloudproof.Utils").GetPolicy("/path/cosmian_policy.json")
For KMS encryption
# Get KmsClient
> s kmsClient = ##Class(EncryptionFhir.Util.FunctionSet).GetKMSClient("kms url","token")

Generate private and public key pair ids

d ##Class(EncryptionFhir.Util.FunctionSet).GenerateKeyPair(kmsClient, policy)

Generate decryption key uid

s decryptionKeyUid = ##class("Cosmian.Cloudproof.Utils").GenerateKMSDecryptionKeyUid(kmsClient, privateKeyUid, accessPolicy)

Decryption

s plaintext = ##class("Cosmian.Cloudproof.Utils").KMSDecrpt(kmsClient, userDecryptionUid, base64CipherText)

For local encryption
# Generate private and public key pair file for local encryption
> d ##class("Cosmian.Cloudproof.Utils").GenerateKeyPair(policy, "key path")

Generate decryption key

d ##class("Cosmian.Cloudproof.Utils").GenerateDecryptionKey(masterPrivateKey, policy, accessPolicy, "key path")

Decryption

s plaintext = ##class("Cosmian.Cloudproof.Utils").CloudProofDecrpt(userDecryptionKey, base64CipherText)

Findex Encrypted Search API

# Generate findex master key
> s masterKey = ##class("Cosmian.Cloudproof.Utils").FindexGenerateMasterKey("key path name")

Get existing findex master key

s masterKey = ##class("Cosmian.Cloudproof.Utils").FindexGetMasterKey("/pathto/findex_master.key")

Generate findex label for salt

s label = ##class("Cosmian.Cloudproof.Utils").FindexGenerateLabel("label")

Get findex interface instance

s findexInterface = ##class("Cosmian.Cloudproof.Utils").FindexGetInterface("path to db sqlite file")

Update or insert keywords index value in Findex database

data example : Set data = {"1": ["Martin", "Shepherd"], "2": ["Martial", "Wilkins"], "3": ["John", "Shepherd"]}.%ToJSON()

d ##class("Cosmian.Cloudproof.Utils").FindexUpsert(masterKey, label, findexInterface, data)

search index by keywords

keywords example : set keywords = ["She","Shepherd","John"].%ToJSON()

w ##class("Cosmian.Cloudproof.Utils").FindexSearch(masterKey, label, findexInterface, keywords)

Docs:

https://docs.cosmian.com/cloudproof_encryption/how_it_works/

IPM installation
zpm "install iris-cloudproof-encryption"
Rating
0 (0)
Category
Solutions
Works with
InterSystems IRISInterSystems IRIS for Health
Tags
Info
Author
Li XU
Version
1.0.2
Last updated
2023-09-20
Repository
Open
Documentation
Open
License
Link