Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/thatscalaguy/skunk-crypt
https://github.com/thatscalaguy/skunk-crypt
aes cats-effect encryption postg scala skunk
Last synced: 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/thatscalaguy/skunk-crypt
- Owner: ThatScalaGuy
- License: apache-2.0
- Created: 2024-07-29T12:40:11.000Z (5 months ago)
- Default Branch: main
- Last Pushed: 2024-09-18T17:26:36.000Z (3 months ago)
- Last Synced: 2024-10-01T15:59:16.181Z (3 months ago)
- Topics: aes, cats-effect, encryption, postg, scala, skunk
- Language: Scala
- Homepage: https://thatscalaguy.github.io/skunk-crypt/
- Size: 72.3 KB
- Stars: 2
- Watchers: 1
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
README
# SKUNK CRYPT
## Motivation
Possibility to store columns encrypted in the database. At the application level, the data is available in plain text. The content will be encrypted using AES.
You can encrypt the data in a nondeterministic way, meaning the same plain text will be encrypted to different cipher text each time. Alternatively, you can encrypt the data in a deterministic way, which is helpful if you want to search for the data in the database.
The library is based depend on the latest 1.0 version of the Skunk library.
## Usage
1.) Add the dependency to your project:
```scala
libraryDependencies += "de.thatscalaguy" %% "skunk-crypt" % "0.0.1"
```2.) Create a implicit CryptContext object with the keys you want to use.
```scala
implicit val c = CryptContext
.keysFromHex(
"c0e5c54c2a40c95b40d6e837a9c147d4cd7cadeccc555e679efed48f726a5fef"
)
.get
```Only the last key will be use for encryption and decryption. The other keys are used to decrypt the data encrypted with the last key. (Simple way of manuel key rotation)
3.) Use it in your code:
```scala
import de.thatscalaguy.skunkcrypt.crypt // for non deterministic encryption
import de.thatscalaguy.skunkcrypt.cryptd // for deterministic encryptionsession.execute(
sql"INSERT INTO test (string, numbers) VALUES (${crypt.text}, ${crypt.int4})".command
)("Hello", 123)session.execute(
sql"SELECT * FROM test".query(crypt.text ~ crypt.int4)
)
```All columns intended for storing encrypted data must be of type `TEXT` in the database.
e.g.:
```sql
CREATE TABLE test (
string TEXT,
numbers TEXT
)
```