Cloak
Cloak makes it easy to encrypt fields in your Ecto schemas.
Example
Fields are encrypted with custom Ecto.Type modules which Cloak helps you
create.
defmodule MyApp.EctoSchema do
use Ecto.Schema
schema "table_name" do
field :encrypted_field, MyApp.Encrypted.Binary
# ...
end
endWhen Ecto writes these fields to the database, it encrypts the values into a binary blob, using a configured encryption algorithm chosen by you.
iex> Repo.insert!(%MyApp.EctoSchema{encrypted_field: "plaintext"})
08:46:08.862 [debug] QUERY OK db=3.4ms
INSERT INTO "table_name" ("encrypted_field") VALUES ($1) RETURNING "id", "encrypted_field" [<<1,10, 65, 69, 83, 46, 67, 84, 82, 46, 86, 49, 69, 92, 173, 219, 203, 238, 26, 58, 236, 5, 104, 23, 12, 10, 182, 31, 221, 89, 22, 58, 34, 79, 109, 30, 70, 254, 56, 93, 102, 84>>]Likewise, when Ecto reads the field out of the database, it will automatically decrypt the value.
iex> Repo.get(MyApp.EctoSchema, 1)
%MyApp.EctoSchema{encrypted_field: "plaintext"}Notable Features
- Transparent, easy to use encryption for database fields
- Fully compatible with umbrella projects (as of 0.7.0)
- Bring your own encryption algorithm, if you want
- Mix task for key rotation:
mix cloak.migrate
Security Notes
Provided encryption algorithms are based on Erlang’s :crypto module. The
following algorithms come with Cloak:
- AES.GCM
- AES.CTR
Provided encryption algorithms use random IVs for each encryption. This means that the same value will not encrypt to the same value twice. As a result, encrypted columns are not queryable. (However, Cloak has your back and provides easy ways to create hashed, queryable columns)
Cloak encrypts data at rest in the database. The data in your Ecto structs at runtime is not encrypted.
Cloak’s Ecto.Type modules do not support user-specific encryption keys,
due to limitations on the Ecto.Type behaviour. However, you can still use
Cloak’s ciphers to implement these in your application logic.
Documentation
Detailed documentation and guides are available on Hex.