EctoCrypto

EctoCrypto provides Ecto types and utilities for saving data in encrypted or hashed formats.

The goal is to provide easy to use, sane, and secure cryptographic functionality that can be dropped directly into Ecto schemas.

Further documentation at https://hexdocs.pm/ecto_crypto/getting-started.html.

Installation

The package can be installed by adding ecto_crypto to your list of dependencies in mix.exs:

def deps do
  [
    {:ecto_crypto, "~> 0.1.0"}
  ]
end

How does it work?

The following assumes that you have a database table generated with the following migration:

defmodule Repo.Migrations.CreateTestSchema do
  use Ecto.Migration

  def change do
    create table(:test_schema) do
      add :encrypted_string, :binary
    end
  end
end

To create an ecto schema with a field that automatically encrypted at the field level upon being inserted to the database, use the EctoCrypto.EctoTypes.EncryptedBinaryEcto type in the schema.

defmodule TestSchema do
  use Ecto.Schema
  import Ecto.Changeset

  schema "test_schema" do
    field(:encrypted_string, EctoCrypto.EctoTypes.EncryptedBinary)
  end

  @fields ~w(encrypted_string)a

  def changeset(attrs) do
    changeset(%TestSchema{}, attrs)
  end

  def changeset(%TestSchema{} = schema, attrs) do
    cast(schema, attrs, @fields)
  end
end

When interacting with this schema in elixir, the field should behave like a regular string or binary field. At the database level, the field will be encrypted.

The inspiration for this project comes from the excellent tutorial at https://github.com/dwyl/phoenix-ecto-encryption-example.