Encrypted data administrationSource:
Encrypted data administration; functions for setting up, adding users, etc.
data_admin_init(path_data, path_user = NULL, quiet = FALSE) data_admin_authorise( path_data = NULL, hash = NULL, path_user = NULL, yes = FALSE, quiet = FALSE ) data_admin_list_requests(path_data = NULL) data_admin_list_keys(path_data = NULL)
Path to the data set. We will store a bunch of things in a hidden directory within this path. By default in most functions we will search down the tree until we find the .cyphr directory
Path to the directory with your ssh key. Usually this can be omitted.
Suppress printing of informative messages.
A vector of hashes to add. If provided, each hash can be the binary or string representation of the hash to add. Or omit to add each request.
Skip the confirmation prompt? If any request is declined then the function will throw an error on exit.
data_admin_init initialises the system; it will create a
data key if it does not exist and authorise you. If it already
exists and you do not have access it will throw an error.
data_admin_authorise authorises a key by creating a key to
the data that the user can use in conjunction with their personal
data_admin_list_requests lists current requests.
data_admin_list_keys lists known keys that can access the
data. Note that this is not secure; keys not listed here
may still be able to access the data (if a key was authorised and
moved elsewhere for example). Conversely, if the user has deleted
or changed their key they will not be able to access the data
despite the key being listed here.
# The workflow here does not really lend itself to an example, # please see the vignette instead. # First we need a set of user ssh keys. In a non example # environment your personal ssh keys will probably work well, but # hopefully they are password protected so cannot be used in # examples. The password = FALSE argument is only for testing, # and should not be used for data that you care about. path_ssh_key <- tempfile() cyphr::ssh_keygen(path_ssh_key, password = FALSE) # Initialise the data directory, using this key path. Ordinarily # the path_user argument would not be needed because we would be # using your user ssh keys: path_data <- tempfile() dir.create(path_data, FALSE, TRUE) cyphr::data_admin_init(path_data, path_user = path_ssh_key) #> Generating data key #> Authorising ourselves #> Adding key 15:56:03:80:e5:47:4e:da:ff:02:ce:10:86:48:0e:c0:79:05:d1:bb:74:84:cd:cc:17:34:30:39:59:60:4b:75 #> user: root #> host: e0175ae1a84f #> date: 2023-11-19 04:38:35.412282 #> Verifying # Now you can get the data key key <- cyphr::data_key(path_data, path_user = path_ssh_key) # And encrypt things with it cyphr::encrypt_string("hello", key) #>  7e b9 8e 0c db 3b 60 52 ca ef ef a9 e4 88 fc 2b 03 6c 4d b5 e7 72 6f b2 38 #>  1d 7e 2f 16 fa fa bb 02 a2 4a 38 e7 c5 8d 7a 0b 0e fc dd 4a # See the vignette for more details. This is not the best medium # to explore this. # Cleanup unlink(path_ssh_key, recursive = TRUE) unlink(path_data, recursive = TRUE)