envcrypt 0.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 7670f789a389fdc05ec8478eeb4072aea8de5b01
+  data.tar.gz: cbd4f2c8a1c0a10f7b3be10bc7f9a9f9efa1faee
+SHA512:
+  metadata.gz: 9a09fd0621123f10b47f68103b0ab5a2b7fba8700a8f3ebda98f549d893dc092946da69f8a9f6b579ad9c0d52f93764be333b6229ad96ac4f73a8f8acc88f548
+  data.tar.gz: 5f86edbfb5f91ed7fea2eadb629761e048e705c198357d23676190c85023efa2fb7120a78ef972543034b42007365885dd2e24fd2e941d58d5fe4863f4da04e9

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+ruby '2.0.0'

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Sterling Paramore
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,66 @@
+Envcrypt
+=========
+
+Encryptor provides an easy way to securely encrypt and decrypt secrets
+(passwords) that need to be stored for use in automated processes.
+
+**Status:** Just have a README!  Working on the rest.
+
+## Use
+
+Encrypt a secret
+````ruby
+$ envcrypt -p mypassword
+
+encrypted: xxx
+key: xxx
+````
+
+Set the key as an environment variable (bash example)
+````bash
+export ENVCRYPT_KEY=xxx
+````
+
+Decrypt the password in Ruby code
+````ruby
+require 'envcrypt'
+
+encrypted_pwd = "xxx"
+decrypted_pwd = Envcrypt::decrypt(encrypted_pwd, key: ENV['ENVCRYPT_KEY'])
+````
+
+The second argument to decrypt is **optional**.  The default `key` is
+`ENV['ENVCRYPT_KEY']`, but you have to option to set it explicitly if you want to
+get it from somewhere else.
+
+##### Optional
+
+**Need to be able to set a mode so we can use this with Heroku's version of OpenSSL.
+Not sure exactly how this will work**
+
+##### Using existing keys to encrypt secrets
+
+Secrets can also be encrypted using existing keys if you want to use
+one key to encrypt multiple secrets.
+
+````ruby
+$ envcrypt -p mypassword -k xxx
+````
+
+
+## Use case
+
+Suppose I've got a web API that only accepts plaintext passwords.  I
+need to store that password in a database or in a file somewhere to
+automate an interface with the web API.  If an attacker somehow gains
+access to the database or file, I'm screwed if I store the password as
+plaintext or use some simple obfuscation.  Envcrypt allows me to store
+an encrypted version of the password and decrypt it only when needed.
+The trick is to access the decryption key from an environment
+variable.  These can be set from the command line before launching the
+automated process, in a locked down .bashrc file, or as Heroku config
+variables.
+
+Of course, if an attacker was able to get a hold of *both* the password
+and the decryption keys, you're screwed, but security is all about making
+it difficult for attackers.

data/envcrypt.gemspec

@@ -0,0 +1,23 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+
+#require 'envcrypt/version'
+
+Gem::Specification.new do |s|
+  s.name        = "envcrypt"
+  s.version     = "0.0.0" #Birst_Command::VERSION
+  s.authors     = ["Sterling Paramore"]
+  s.email       = ["gnilrets@gmail.com"]
+  s.homepage    = "https://github.com/gnilrets"
+  s.license     = "MIT"
+  s.summary     = "Simple secure encryption/decryption of secret data"
+  s.description = "Simple secure encryption/decryption of secret data (passwords)"
+  s.rubyforge_project = "envcrypt"
+
+  s.required_ruby_version = '~> 2'
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

metadata

@@ -0,0 +1,48 @@
+--- !ruby/object:Gem::Specification
+name: envcrypt
+version: !ruby/object:Gem::Version
+  version: 0.0.0
+platform: ruby
+authors:
+- Sterling Paramore
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-05-30 00:00:00.000000000 Z
+dependencies: []
+description: Simple secure encryption/decryption of secret data (passwords)
+email:
+- gnilrets@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- LICENSE
+- README.md
+- envcrypt.gemspec
+homepage: https://github.com/gnilrets
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ~>
+    - !ruby/object:Gem::Version
+      version: '2'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: envcrypt
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Simple secure encryption/decryption of secret data
+test_files: []