File encryption
🔧

File encryption

When using Flametree’s API server, FIA offers the capablity to encrypt files using a user-supplied password. This means that files in passage between your host PC and our server, and saved to the filestore on the server, cannot be ready by anyone but yourself. If you lose the password, we cannot recover your files!

Encryption is very straightforward to use. Simply

  • make sure you have installed the cryptography library on your home system (see ‘Notes’ below);
  • assign a password to FT_STRING_ENCRYPTION_PASSWORD in the JSON structure you pass to the API;
  • when calling UploadFile, set the last (optional) argument to this password. Your Python code will look as follows:
data = {
    FT_MATRIX_PORTFOLIO   : "PF.csv",
    FT_MATRIX_BENCHMARK   : "BM.csv",
    FT_MATRIX_SECURITY    : "SECURITIES.csv",
		...
    FT_INT_NDP            : "2",
    FT_STRING_ZIP_FILE    : "RESULTS.zip",
    FT_STRING_ENCRYPTION_PASSWORD : "super_secret_password"
}
fia.UploadFile(data[FT_MATRIX_PORTFOLIO],  username, password, data[FT_STRING_ENCRYPTION_PASSWORD])
fia.UploadFile(data[FT_MATRIX_SECURITY],   username, password, data[FT_STRING_ENCRYPTION_PASSWORD])
fia.UploadFile (data[FT_MATRIX_BENCHMARK], username, password, data[FT_STRING_ENCRYPTION_PASSWORD])

Then call FIA using the RunJson command. Everything will run as usual, except that the results file will be encrypted when you download the results using

fia.DownloadFile(data[FT_STRING_ZIP_FILE], username, password)

In this case, you will have to use pkzip, 7z or a similar tool to decrypt the results file, using the intial password you supplied. For instance, after downloading the results file, right-click on it and call ‘Extract files’ using 7zip. A dialog simlar to the following will appear:

image

Enter your password into the ‘Password’ field and press OK. The decrypted files will be written to the nominated directory (here, ‘RESULTS’).

Notes

If you use an empty password, or a password made of spaces only, no encryption is performed. Files will be transmitted and stored en clair.

Encryption uses the following commands from the Python cryptography library:

kdf = PBKDF2HMAC( algorithm=hashes.SHA256(), length=32, salt=salt, iterations=390000)
        key = base64.urlsafe_b64encode(kdf.derive(encryption_password.encode()))
        f = Fernet(key)
         
        # Encrypt file
        with open(filename, "rb") as file:
            file_data = file.read()
            encrypted_data = f.encrypt(file_data)

To install the library from the Windows command prompt, enter

python -m pip install cryptography

or ask your IT resource.

For more information about the cryptography library, visit https://cryptography.io/en/latest/.