Skip to content

/cloak

Elixir encryption library designed for Ecto
  1. Elixir 97.1%
  2. Ruby 2.9%
Elixir Ruby
Find file
Latest commit 955e882 Jul 2, 2016 @danielberkompas Add application to installation steps 
Some people forget to do this, and it causes problems when you try to
deploy your application with ExRM.
Failed to load latest commit information.
config Decode AES environment variable keys from base64 May 20, 2016
lib Decode AES environment variable keys from base64 May 20, 2016
script Prepare for Hex release Sep 16, 2015
test Decode AES environment variable keys from base64 May 20, 2016
.gitignore Prepare for Hex release Sep 16, 2015
.kbignore Prepare for Hex release Sep 16, 2015
.travis.yml Add travis, inch Sep 22, 2015
CHANGELOG.md Update changelog for version 0.2.2 May 20, 2016
LICENSE Add license information Sep 23, 2015
README.md Add application to installation steps Jul 2, 2016
SIGNED.md Release version 0.2.2 May 20, 2016
mix.exs Bump version to 0.2.2 May 20, 2016
mix.lock Upgrade ExDoc to 0.11.1 Dec 15, 2015

README.md

Cloak

Hex Version Build Status Deps Status Inline docs

Cloak makes it easy to use encryption with Ecto.

Features

  • Transparent encryption/decryption of fields
  • Bring your own encryptor (if needed)
  • Zero-downtime migration to new encryption keys
    • Multiple keys in memory at once
    • Migration task to proactively migrate rows to a new key

Example

# key generation example (random 256-bit key)
:crypto.strong_rand_bytes(32) |> Base.encode64

# in config/config.exs
config :cloak, Cloak.AES.CTR,
  tag: "AES",
  default: true,
  keys: [
    %{tag: <<1>>, key: :base64.decode("..."), default: true}
  ]

# in your migration
defmodule MyApp.Repo.Migrations.AddSecretKeyToModel do
  use Ecto.Migration

  def change do
    alter table(:models) do
      add :secret_key, :binary
      add :encryption_version, :binary
    end

    create index(:models, [:encryption_version])
  end
end

# in your model
defmodule MyApp.Model do
  use Ecto.Schema

  schema "models" do
    field :secret_key, Cloak.EncryptedBinaryField
    field :encryption_version, :binary
  end

  def changeset(model, params \\ :empty) do
    model
    |> cast(params, ~w(secret_key), ~w(encryption_version))
    |> put_change(:encryption_version, Cloak.version)
  end
end

# Query
MyApp.Repo.one(MyApp.Model)
# => %MyApp.Model{secret_key: "Decrypted value", encryption_version: <<"AES", 1>>}

Installation

Add cloak to your hex dependencies:

defp deps do
  [{:cloak, "~> 0.2.2"}]
end

And add it to your applications in your mix.exs file:

def application do
  [applications: [:cloak]]
end

Documentation

See the hex documentation.

License

MIT.

Something went wrong with that request. Please try again.