GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → danielberkompas → Cloak

danielberkompas / Cloak

Licence: mit
Elixir encryption library designed for Ecto

Programming Languages

elixir
2628 projects

Labels

encryptionhexecto

Projects that are alternatives of or similar to Cloak

Mssqlex
Microsoft SQL Server Adapter for Elixir
Stars: ✭ 38 (-90.8%)
Mutual labels:  ecto, hex
ecto profiler
Project for Ecto DB profiling
Stars: ✭ 16 (-96.13%)
Mutual labels:  hex, ecto
Phoenix Ecto Encryption Example
🔐 A detailed example for how to encrypt data in a Phoenix (Elixir) App before inserting into a database using Ecto Types
Stars: ✭ 166 (-59.81%)
Mutual labels:  ecto, encryption
ecto trail
EctoTrail allows to store Ecto changeset changes in a separate audit_log table.
Stars: ✭ 51 (-87.65%)
Mutual labels:  hex, ecto
Ecto mnesia
Ecto adapter for Mnesia Erlang term database.
Stars: ✭ 223 (-46%)
Mutual labels:  ecto, hex
ecto commons
Ecto common validators for Date, Time, URLs, Emails, PostalCodes, Phone Numbers, Luhn checks, etc.
Stars: ✭ 33 (-92.01%)
Mutual labels:  hex, ecto
Machinery
State machine thin layer for structs (+ GUI for Phoenix apps)
Stars: ✭ 367 (-11.14%)
Mutual labels:  ecto
Libzip
A C library for reading, creating, and modifying zip archives.
Stars: ✭ 379 (-8.23%)
Mutual labels:  encryption
Laravel Hashid
Obfuscate your data by generating reversible, non-sequential, URL-safe identifiers.
Stars: ✭ 354 (-14.29%)
Mutual labels:  encryption
Kissme
Kissme: Kotlin Secure Storage Multiplatform
Stars: ✭ 351 (-15.01%)
Mutual labels:  encryption
Docker Ipsec Vpn Server
Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
Stars: ✭ 4,356 (+954.72%)
Mutual labels:  encryption
Sharpyshell
SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications
Stars: ✭ 402 (-2.66%)
Mutual labels:  encryption
Wxhexeditor
wxHexEditor official GIT repo
Stars: ✭ 381 (-7.75%)
Mutual labels:  hex
Cingulata
Cingulata (pronounced "tchingulata") is a compiler toolchain and RTE for running C++ programs over encrypted data by means of fully homomorphic encryption techniques.
Stars: ✭ 369 (-10.65%)
Mutual labels:  encryption
Hawk
✔️ Secure, simple key-value storage for Android
Stars: ✭ 3,827 (+826.63%)
Mutual labels:  encryption
Constellation
Peer-to-peer encrypted message exchange
Stars: ✭ 365 (-11.62%)
Mutual labels:  encryption
Vbad
VBA Obfuscation Tools combined with an MS office document generator
Stars: ✭ 403 (-2.42%)
Mutual labels:  encryption
Qtox
qTox is a chat, voice, video, and file transfer IM client using the encrypted peer-to-peer Tox protocol.
Stars: ✭ 3,843 (+830.51%)
Mutual labels:  encryption
Paper trail
Track and record all the changes in your database with Ecto. Revert back to anytime in history.
Stars: ✭ 380 (-7.99%)
Mutual labels:  ecto
Ockam
End-to-end encrypted messaging and mutual authentication between cloud and edge-device applications
Stars: ✭ 395 (-4.36%)
Mutual labels:  encryption
View All Similar Projects ➔

Cloak

Hex Version Build Status Inline docs Coverage Status

Cloak is an Elixir encryption library that implements several best practices and conveniences for Elixir developers:

  • Random IVs
  • Tagged ciphertexts
  • Elixir-native configuration

Documentation

Examples

Encrypt / Decrypt

{:ok, ciphertext} = MyApp.Vault.encrypt("plaintext")
# => {:ok, <<1, 10, 65, 69, 83, 46, 71, 67, 77, 46, 86, 49, 45, 1, 250, 221,
# =>  189, 64, 26, 214, 26, 147, 171, 101, 181, 158, 224, 117, 10, 254, 140, 207, 
# =>  215, 98, 208, 208, 174, 162, 33, 197, 179, 56, 236, 71, 81, 67, 85, 229, 
# =>  ...>>}

MyApp.Vault.decrypt(ciphertext)
# => {:ok, "plaintext"}

Reencrypt With New Algorithm/Key

"plaintext"
|> MyApp.Vault.encrypt!(:aes_gcm)
|> MyApp.Vault.decrypt!()
|> MyApp.Vault.encrypt!(:aes_ctr)
|> MyApp.Vault.decrypt!()
# => "plaintext"

Configuration

config :my_app, MyApp.Vault,
  ciphers: [
    # In AES.GCM, it is important to specify 12-byte IV length for
    # interoperability with other encryption software. See this GitHub issue
    # for more details: https://github.com/danielberkompas/cloak/issues/93
    # 
    # In Cloak 2.0, this will be the default iv length for AES.GCM.
    aes_gcm: {Cloak.Ciphers.AES.GCM, tag: "AES.GCM.V1", key: <<...>>, iv_length: 12},
    aes_ctr: {Cloak.Ciphers.AES.CTR, tag: "AES.CTR.V1", key: <<...>>}
  ]

Features

Random Initialization Vectors (IV)

Every strong encryption algorithm recommends unique initialization vectors. Cloak automatically generates unique vectors using :crypto.strong_rand_bytes, and includes the IV in the ciphertext. This greatly simplifies storage and is not a security risk.

Tagged Ciphertext

Each ciphertext contains metadata about the algorithm and key which was used to encrypt it. This allows Cloak to automatically select the correct key and algorithm to use for decryption for any given ciphertext.

This makes key rotation much easier, because you can easily tell whether any given ciphertext is using the old key or the new key.

Elixir-Native Configuration

Cloak works through Vault modules which you define in your app, and add to your supervision tree.

You can have as many vaults as you wish running simultaneously in your project. (This works well with umbrella apps, or any runtime environment where you have multiple OTP apps using Cloak)

Ecto Support

You can use Cloak to transparently encrypt Ecto fields, using cloak_ecto.

Security Notes

  • Cloak is built on Erlang's crypto library, and therefore inherits its security.
  • You can implement your own cipher modules to use with Cloak, which may use any other encryption algorithms of your choice.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].