{"id":19963757,"url":"https://github.com/cyberark/slosilo","last_synced_at":"2026-03-11T03:01:54.261Z","repository":{"id":5986461,"uuid":"7208774","full_name":"cyberark/slosilo","owner":"cyberark","description":"A Ruby interface to standard cryptographic primitives","archived":false,"fork":false,"pushed_at":"2023-10-31T17:18:03.000Z","size":227,"stargazers_count":19,"open_issues_count":2,"forks_count":4,"subscribers_count":32,"default_branch":"master","last_synced_at":"2024-06-12T04:52:48.467Z","etag":null,"topics":["conjbot-notify","conjur","core","cryptography","encryption"],"latest_commit_sha":null,"homepage":"https://conjur.org/crypto","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cyberark.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null}},"created_at":"2012-12-17T17:17:09.000Z","updated_at":"2024-05-01T19:00:21.000Z","dependencies_parsed_at":"2023-10-31T14:34:34.570Z","dependency_job_id":null,"html_url":"https://github.com/cyberark/slosilo","commit_stats":null,"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberark%2Fslosilo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberark%2Fslosilo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberark%2Fslosilo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cyberark%2Fslosilo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cyberark","download_url":"https://codeload.github.com/cyberark/slosilo/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224374779,"owners_count":17300714,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["conjbot-notify","conjur","core","cryptography","encryption"],"created_at":"2024-11-13T02:17:19.567Z","updated_at":"2026-03-11T03:01:49.222Z","avatar_url":"https://github.com/cyberark.png","language":"Ruby","readme":"# Slosilo\n\nSlosilo is providing a ruby interface to some cryptographic primitives:\n- symmetric encryption,\n- a mixin for easy encryption of object attributes,\n- asymmetric encryption and signing,\n- a keystore in a postgres sequel db -- it allows easy storage and retrieval of keys,\n- a keystore in files.\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n    gem 'slosilo'\n\nAnd then execute:\n\n    $ bundle\n\n## Compatibility\n\nVersion 3.0 introduced full transition to Ruby 3.\nConsumers who use slosilo in Ruby 2 projects, shall use slosilo V2.X.X.\n\nVersion 2.0 introduced new symmetric encryption scheme using AES-256-GCM\nfor authenticated encryption. It allows you to provide AAD on all symmetric\nencryption primitives. It's also **NOT COMPATIBLE** with CBC used in version \u003c2.\n\nThis means you'll have to migrate all your existing data. There's no easy way to\ndo this currently provided; it's recommended to create a database migration and\nput relevant code fragments in it directly. (This will also have the benefit of making\nthe migration self-contained.)\n\nSince symmetric encryption is used in processing asymetrically encrypted messages,\nthis incompatibility extends to those too.\n\n## Usage\n\n### Symmetric encryption\n\n```ruby\nsym = Slosilo::Symmetric.new\nkey = sym.random_key\n# additional authenticated data\nmessage_id = \"message 001\"\nciphertext = sym.encrypt \"secret message\", key: key, aad: message_id\n```\n\n```ruby\nsym = Slosilo::Symmetric.new\nmessage = sym.decrypt ciphertext, key: key, aad: message_id\n```\n\n### Encryption mixin\n\n```ruby\nrequire 'slosilo'\n\nclass Foo\n  attr_accessor :foo\n  attr_encrypted :foo, aad: :id\n\n  def raw_foo\n    @foo\n  end\n\n  def id\n    \"unique record id\"\n  end\nend\n\nSlosilo::encryption_key = Slosilo::Symmetric.new.random_key\n\nobj = Foo.new\nobj.foo = \"bar\"\nobj.raw_foo # =\u003e \"\\xC4\\xEF\\x87\\xD3b\\xEA\\x12\\xDF\\xD0\\xD4hk\\xEDJ\\v\\x1Cr\\xF2#\\xA3\\x11\\xA4*k\\xB7\\x8F\\x8F\\xC2\\xBD\\xBB\\xFF\\xE3\"\nobj.foo # =\u003e \"bar\"\n```\n\nYou can safely use it in ie. ActiveRecord::Base or Sequel::Model subclasses.\n\n### Asymmetric encryption and signing\n\n```ruby\nprivate_key = Slosilo::Key.new\npublic_key = private_key.public\n```\n\n#### Key dumping\n```ruby\nk = public_key.to_s # =\u003e \"-----BEGIN PUBLIC KEY----- ...\n(Slosilo::Key.new k) == public_key # =\u003e true\n```\n\n#### Encryption\n\n```ruby\nencrypted = public_key.encrypt_message \"eagle one sees many clouds\"\n# =\u003e \"\\xA3\\x1A\\xD2\\xFC\\xB0 ...\n\npublic_key.decrypt_message encrypted\n# =\u003e OpenSSL::PKey::RSAError: private key needed.\n\nprivate_key.decrypt_message encrypted\n# =\u003e \"eagle one sees many clouds\"\n```\n\n#### Signing\n\n```ruby\ntoken = private_key.signed_token \"missile launch not authorized\"\n# =\u003e {\"data\"=\u003e\"missile launch not authorized\", \"timestamp\"=\u003e\"2014-10-13 12:41:25 UTC\", \"signature\"=\u003e\"bSImk...DzV3o\", \"key\"=\u003e\"455f7ac42d2d483f750b4c380761821d\"}\n\npublic_key.token_valid? token # =\u003e true\n\ntoken[\"data\"] = \"missile launch authorized\"\npublic_key.token_valid? token # =\u003e false\n```\n\n### Keystore\n\n```ruby\nSlosilo::encryption_key = ENV['SLOSILO_KEY']\nSlosilo.adapter = Slosilo::Adapters::FileAdapter.new \"~/.keys\"\n\nSlosilo[:own] = Slosilo::Key.new\nSlosilo[:their] = Slosilo::Key.new File.read(\"foo.pem\")\n\nmsg = Slosilo[:their].encrypt_message 'bar'\np Slosilo[:own].signed_token msg\n```\n\n### Keystore in database\n\nAdd a migration to create the necessary table:\n\n    require 'slosilo/adapters/sequel_adapter/migration'\n\nRemember to migrate your database\n\n    $ rake db:migrate\n\nThen\n```ruby\nSlosilo.adapter = Slosilo::Adapters::SequelAdapter.new\n```\n\n## Contributing\n\nWe welcome contributions of all kinds to this repository. For instructions on\nhow to get started and descriptions of our development workflows, please see our\n[contributing guide](CONTRIBUTING.md).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcyberark%2Fslosilo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcyberark%2Fslosilo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcyberark%2Fslosilo/lists"}