nimbussecure 0.5.1 → 0.5.2

data/README.md

@@ -1,47 +1,60 @@
 # Nimbus Secure Store Client
 This gem provides the functionality required to talk to the Nimbus Secure
 service.
-Nimbus Secure is a service that provides highly encrypted storage of
-keys, passwords, tokens, and other private information necessary for running
-an application.
-For instance, you may store database credentials, service credentials,
+
+Nimbus Secure is a service that provides your web application with just-in-time access
+to the credentials and other sensitive data your application needs to operate,
+without exposing those credentials to inappropriate outside access.
+
+Examples of sensitive data you can store includes database credentials, service credentials,
 session cookie encryption keys, AWS keys, and other sensitive information
 without fear of them being stolen or accessible from any unauthorized
 individual.
-The data is stored encrypted, and the encryption keys are not communicated
-to the Nimbus Secure, meaning no one other than you may have access
-to this secure information.
+
+Nimbus Secure stores your sensitive data encrypted using an encryption key,
+and provides an API for your application to get access to the credentials in a safe and secure manner.
+No one who has access to your application, even your application source code, needs access to your
+production secret credentials. Nimbus Secure makes sure that only your application,
+and those you specifically authorize, have access.
+
+Security is essential to us, so you never have to send your unencrypted sensitive data, or your
+encryption key to Nimbus Secure for any reason. All encryption and decryption occurs in your personal
+web browser when you are accessing your data via our web site, and inside your
+application when you are accessing your data via this gem from your application.
 
 # The Service
 To use this Gem, you must sign up for the service by visiting
-www.nimbus secure.com and signing up for an account. Both
+www.nimbussecure.com and signing up for an account. Both
 paid and free accounts are available.
 
-Once you sign up for the service, you create crypt keys, which are
+Once you sign up for the service, you create encryption keys, which are
 secured tokens used to encrypt and decrypt the data you store within
-the service. While you set up the crypt keys from the service
-website, the crypt keys themselves are never sent to our servers,
+the service. While you set up the encryption keys from the service
+website, the encryption keys themselves are never sent to our servers,
 only you and anyone or system you authorize by giving them your
-crypt key will have access to the stored data within the service.
+encryption key will have access to the stored data within the service.
+Within our service, we refer to your encryption key via a unique human
+readable identifier you assign to your encryption keys.
 
-You may create as many crypt keys as you desire. Typically, one per
+You may create as many encryption keys as you desire. Typically, one per
 service or system is a good choice. Additionally, you can add new
-crypt keys and roll your data over to use a new crypt key very
-easily in order to increase your security (key rotation). Each crypt
+encryption keys and roll your data over to use a new encryption key very
+easily in order to increase your security (key rotation). Each encryption
 key has a name for easy identification, and we store a salted digest
-of the key itself to verify correctness when it is provided.
+of the key itself to verify correctness when it is used.
 
-Once your crypt keys are setup, you then enter all your sensitive data
-as "stored keys". Stored keys are encrypted using your specified
-crypt_keys before they are uploaded to our servers.
+Once your encryption keys are setup, you then enter all your sensitive data
+as "stored data". Stored data is encrypted using your specified
+encryption keys *before* they are uploaded to our servers.
 
-For security purposes, anytime the website or this Gem require a
-crypt key, it must be provided by you (the user of the website or Gem),
-and the value provided is checked against a stored signed digest
-for valdity before it is used to perform the requested encryption/decryption.
+For security purposes, anytime the website or this Gem require an
+encryption key (in order to encrypt or decrypt your sensitive data),
+it must be provided by you (the user of the website or your application configuration
+using the gem). The value provided is checked against a stored signed digest
+for validity before it is used to perform the requested encryption/decryption.
 The requested encryption/decryption occurs entirely within the client's
 computer (user's browser for the website, application server for users
-of the Gem), and is never communicated with Nimbus Secure directly.
+of the gem), and is never communicated with Nimbus Secure directly.
 
 # Using the Secured Data
 Once you have your data uploaded to your service, you can then
@@ -50,33 +63,36 @@ interface (or command line) to download and decrypt the stored
 credential so you may use it within your application.
 
 # Needed Credentials
-In order to use this Gem, you need two pieces of secure information.
+In order to use this gem, you need two pieces of secure information besides the name of your account.
 The first is an API key that provides access to the API and allows
 you to access your online account. You can create an API key by
 logging into the service.
 
-The second is the crypt key that you created above that is used
+The second is the encryption key that you created above that is used
 to encrypt/decrypt your stored data. If you used more than one key,
 then you will need all the encrypted keys.
 
-Typically, you store these two pieces of information outside of your
-application source repository itself, and only provide them to your
-application during application startup (typically via ENVIRONMENT
-variables or other boot parameters). That way, you do not have
+This information is stored in a configuration file on the computer
+that will be using the gem. Typically, the configuration file is
+stored outside of your application source repository, and is only
+available on your application server to users with trusted access
+to those servers. You do not typically need access to this file in order
+to deploy or update your application, such as by using tools such
+as Capistrano. That way, you do not have
 to share the credentials or persist them source repository.
 
-Given these two pieces of information, this Gem, and the properly
+Given this configuration file and this gem, and the properly
 setup service, you can dynamically grab all your sensitive credentials
 and data needed to run your application. This typically happens during
 your application boot up process.
 
-# Setup
+# Quick Setup
 For a complete set of instructions on how to setup and use Nimbus Secure,
 please go to https://www.nimbussecure.com, login, and click on "Instructions"
 in the top menu bar.
 
 # Command Line
-You must complete the set of instructions under 'Setup' above for this to work
+You must complete the set of instructions under 'Quick Setup' above for this to work
 properly.
 
 Once ready, you can do things like this:
@@ -85,8 +101,8 @@ Once ready, you can do things like this:
 
 will return a list of information about your account.
 
-Assuming you have a stored key with a name "testmessage" setup, with an approprate encryption key.
-Then the following can be used to retrieve and decrypt a stored key:
+Assuming you have setup a stored key with the name "testmessage" and an appropriate encryption key,
+then the following can be used to retrieve and decrypt the stored key:
 
   nimbussecure lookup testmessage
 
@@ -96,8 +112,8 @@ The decrypted value in the stored key will be sent to stdout.
 You must complete the set of instructions under 'Setup' above for this to work
 properly.
 
-Assuming you have a stored key with a name "testmessage" setup, with an approprate encryption key.
-Then the following can be used to retrieve and decrypt a stored key:
+Assuming you have setup a stored key with the name "testmessage" and an appropriate encryption key,
+then the following can be used to retrieve and decrypt the stored key:
 
 require 'nimbussecure'
 stored_value=nimbussecure.lookup_value "testmessage"

data/bin/nimbussecure

@@ -19,6 +19,7 @@ Where:
     <value> is the specific value being encrypted and stored.
 
 Config File
+-----------
 The config file should look like the following:
 ================
 account: myacct
@@ -39,9 +40,9 @@ NOTE:
     You can find your API Key by clicking on \"API Keys\" when you are logged into
     the Nimbus Secure website.
   crypt_keys:
-    This is a set of key/value pairs. The key is the name as defined in your
-    Nimbus Secure \"Encryption Keys\" section, and the value is the secret value
-    you used when you created your encryption key.
+    This is a set of key/value pairs. The key is the name as defined in the
+    Nimbus Secure \"Encryption Keys\" section of the website, and the value is
+    the secret value you used when you created your encryption key.
 
 Version: #{NimbusSecure::VERSION}
 "
@@ -81,8 +82,8 @@ def account
   begin
     account=keystore.account
     puts "  Name: #{account.name}"
-    puts "  # Crypt Keys: #{account.num_crypt_keys}"
-    puts "  # Stored Keys: #{account.num_stored_keys}"
+    puts "  # Encryption Keys: #{account.num_crypt_keys}"
+    puts "  # Stored Values: #{account.num_stored_keys}"
   rescue => error
     puts "Error: #{error}"
   end

data/bin/nimbussecure_setup

@@ -13,7 +13,7 @@ Usage:
     nimbussecure_setup <account_id> <apikey> [filename]
 
 This program will generate a default ~/.nimbussecure.yml file for use by the Nimbus Secure
-Gem. It will fill in all the basic information needed, and will access Nimbus Secure to get
+gem. It will fill in all the basic information needed, and will access Nimbus Secure to get
 a complete list of your encryption keys, adding a line for each.
 
  See https://www.nimbussecure.com for more information.

data/lib/nimbussecure/version.rb

@@ -1,3 +1,3 @@
 class NimbusSecure
-  VERSION = "0.5.1"
+  VERSION = "0.5.2"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nimbussecure
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.5.2
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-08-03 00:00:00.000000000 Z
+date: 2012-08-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &70345215642340 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,10 +21,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70345215642340
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: vcr
-  requirement: &70345215641920 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +37,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70345215641920
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: fakeweb
-  requirement: &70345215641480 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,10 +53,15 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70345215641480
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: faraday
-  requirement: &70345215641000 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,10 +69,15 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70345215641000
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: gibberish
-  requirement: &70345215640540 !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -65,7 +85,12 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70345215640540
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Client library for NimbusSecure
 email:
 - lee@nimbussecure.com
@@ -121,7 +146,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: nimbussecure
-rubygems_version: 1.8.15
+rubygems_version: 1.8.24
 signing_key: 
 specification_version: 3
 summary: Client library for NimbusSecure