Slosilo is providing a ruby interface to some cryptographic primitives:
Add this line to your application's Gemfile:
gem 'slosilo'
And then execute:
$ bundle
Version 3.0 introduced full transition to Ruby 3. Consumers who use slosilo in Ruby 2 projects, shall use slosilo V2.X.X.
Version 2.0 introduced new symmetric encryption scheme using AES-256-GCM for authenticated encryption. It allows you to provide AAD on all symmetric encryption primitives. It's also NOT COMPATIBLE with CBC used in version <2.
This means you'll have to migrate all your existing data. There's no easy way to do this currently provided; it's recommended to create a database migration and put relevant code fragments in it directly. (This will also have the benefit of making the migration self-contained.)
Since symmetric encryption is used in processing asymetrically encrypted messages, this incompatibility extends to those too.
sym = Slosilo::Symmetric.new
key = sym.random_key
# additional authenticated data
message_id = "message 001"
ciphertext = sym.encrypt "secret message", key: key, aad: message_id
sym = Slosilo::Symmetric.new
message = sym.decrypt ciphertext, key: key, aad: message_id
require 'slosilo'
class Foo
attr_accessor :foo
attr_encrypted :foo, aad: :id
def raw_foo
@foo
end
def id
"unique record id"
end
end
Slosilo::encryption_key = Slosilo::Symmetric.new.random_key
obj = Foo.new
obj.foo = "bar"
obj.raw_foo # => "\xC4\xEF\x87\xD3b\xEA\x12\xDF\xD0\xD4hk\xEDJ\v\x1Cr\xF2#\xA3\x11\xA4*k\xB7\x8F\x8F\xC2\xBD\xBB\xFF\xE3"
obj.foo # => "bar"
You can safely use it in ie. ActiveRecord::Base or Sequel::Model subclasses.
private_key = Slosilo::Key.new
public_key = private_key.public
k = public_key.to_s # => "-----BEGIN PUBLIC KEY----- ...
(Slosilo::Key.new k) == public_key # => true
encrypted = public_key.encrypt_message "eagle one sees many clouds"
# => "\xA3\x1A\xD2\xFC\xB0 ...
public_key.decrypt_message encrypted
# => OpenSSL::PKey::RSAError: private key needed.
private_key.decrypt_message encrypted
# => "eagle one sees many clouds"
token = private_key.signed_token "missile launch not authorized"
# => {"data"=>"missile launch not authorized", "timestamp"=>"2014-10-13 12:41:25 UTC", "signature"=>"bSImk...DzV3o", "key"=>"455f7ac42d2d483f750b4c380761821d"}
public_key.token_valid? token # => true
token["data"] = "missile launch authorized"
public_key.token_valid? token # => false
Slosilo::encryption_key = ENV['SLOSILO_KEY']
Slosilo.adapter = Slosilo::Adapters::FileAdapter.new "~/.keys"
Slosilo[:own] = Slosilo::Key.new
Slosilo[:their] = Slosilo::Key.new File.read("foo.pem")
msg = Slosilo[:their].encrypt_message 'bar'
p Slosilo[:own].signed_token msg
Add a migration to create the necessary table:
require 'slosilo/adapters/sequel_adapter/migration'
Remember to migrate your database
$ rake db:migrate
Then
Slosilo.adapter = Slosilo::Adapters::SequelAdapter.new
We welcome contributions of all kinds to this repository. For instructions on how to get started and descriptions of our development workflows, please see our contributing guide.
FAQs
Unknown package
We found that slosilo demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.