shhh 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. checksums.yaml +7 -0
  2. data/.codeclimate.yml +25 -0
  3. data/.gitignore +12 -0
  4. data/.rspec +2 -0
  5. data/.rubocop.yml +1156 -0
  6. data/.travis.yml +13 -0
  7. data/Gemfile +6 -0
  8. data/LICENSE +22 -0
  9. data/MANAGING-KEYS.md +67 -0
  10. data/README.md +328 -0
  11. data/Rakefile +13 -0
  12. data/bin/console +14 -0
  13. data/bin/setup +8 -0
  14. data/exe/keychain +38 -0
  15. data/exe/shhh +8 -0
  16. data/lib/shhh/app/args.rb +17 -0
  17. data/lib/shhh/app/cli.rb +150 -0
  18. data/lib/shhh/app/commands/command.rb +68 -0
  19. data/lib/shhh/app/commands/delete_keychain_item.rb +17 -0
  20. data/lib/shhh/app/commands/encrypt_decrypt.rb +26 -0
  21. data/lib/shhh/app/commands/generate_key.rb +41 -0
  22. data/lib/shhh/app/commands/open_editor.rb +96 -0
  23. data/lib/shhh/app/commands/print_key.rb +18 -0
  24. data/lib/shhh/app/commands/show_examples.rb +64 -0
  25. data/lib/shhh/app/commands/show_help.rb +16 -0
  26. data/lib/shhh/app/commands/show_version.rb +14 -0
  27. data/lib/shhh/app/commands.rb +55 -0
  28. data/lib/shhh/app/input/handler.rb +35 -0
  29. data/lib/shhh/app/keychain.rb +135 -0
  30. data/lib/shhh/app/output/file.rb +23 -0
  31. data/lib/shhh/app/output/stdout.rb +11 -0
  32. data/lib/shhh/app/private_key/base64_decoder.rb +17 -0
  33. data/lib/shhh/app/private_key/decryptor.rb +50 -0
  34. data/lib/shhh/app/private_key/detector.rb +34 -0
  35. data/lib/shhh/app/private_key/handler.rb +34 -0
  36. data/lib/shhh/app.rb +45 -0
  37. data/lib/shhh/cipher_handler.rb +45 -0
  38. data/lib/shhh/configuration.rb +23 -0
  39. data/lib/shhh/data/decoder.rb +28 -0
  40. data/lib/shhh/data/encoder.rb +24 -0
  41. data/lib/shhh/data/wrapper_struct.rb +43 -0
  42. data/lib/shhh/data.rb +23 -0
  43. data/lib/shhh/errors.rb +27 -0
  44. data/lib/shhh/extensions/class_methods.rb +12 -0
  45. data/lib/shhh/extensions/instance_methods.rb +114 -0
  46. data/lib/shhh/version.rb +3 -0
  47. data/lib/shhh.rb +73 -0
  48. data/shhh.gemspec +33 -0
  49. metadata +249 -0
@@ -0,0 +1,114 @@
1
+ require 'shhh'
2
+ require 'shhh/data'
3
+ require 'shhh/cipher_handler'
4
+ require 'openssl'
5
+ module Shhh
6
+ module Extensions
7
+ # This is the module that is really included in your class
8
+ # when you include +Shhh+.
9
+ #
10
+ # The module provides easy access to the encryption configuration
11
+ # via the +#encryption_config+ method, as well as two key
12
+ # methods: +#encr+ and +#decr+.
13
+ #
14
+ # Methods +#encr_password+ and +#decr_password+ provide a good
15
+ # example of how this module can be extended to provide more uses
16
+ # of various ciphers, by calling into the private +_encr+ and +_decr+
17
+ # methods.f
18
+ module InstanceMethods
19
+ include Shhh::Data
20
+ include Shhh::CipherHandler
21
+
22
+ def encryption_config
23
+ Shhh::Configuration.config
24
+ end
25
+
26
+ # Expects key to be a base64 encoded key
27
+ def encr(data, key, iv = nil)
28
+ raise Shhh::Errors::NoPrivateKeyFound if key.nil?
29
+ _encr(data, encryption_config.data_cipher, iv) do |cipher_struct|
30
+ cipher_struct.cipher.key = decode_key(key)
31
+ end
32
+ end
33
+
34
+ # Expects key to be a base64 encoded key
35
+ def decr(encrypted_data, key, iv = nil)
36
+ raise Shhh::Errors::NoPrivateKeyFound if key.nil?
37
+ _decr(encrypted_data, encryption_config.data_cipher, iv) do |cipher_struct|
38
+ cipher_struct.cipher.key = decode_key(key)
39
+ end
40
+ end
41
+
42
+ def encr_password(data, password, iv = nil)
43
+ _encr(data, encryption_config.password_cipher, iv) do |cipher_struct|
44
+ key, salt = _key_from_password(cipher_struct.cipher, password)
45
+ cipher_struct.cipher.key = key
46
+ cipher_struct.salt = salt
47
+ end
48
+ end
49
+
50
+ def decr_password(encrypted_data, password, iv = nil)
51
+ _decr(encrypted_data, encryption_config.password_cipher, iv) do |cipher_struct|
52
+ key, = _key_from_password(cipher_struct.cipher, password, cipher_struct.salt)
53
+ cipher_struct.cipher.key = key
54
+ end
55
+ end
56
+
57
+ private
58
+
59
+ def decode_key(encoded_key)
60
+ Base64.urlsafe_decode64(encoded_key)
61
+ rescue
62
+ encoded_key
63
+ end
64
+
65
+ def _key_from_password(cipher, password, salt = nil)
66
+ key_len = cipher.key_len
67
+ salt ||= OpenSSL::Random.random_bytes 16
68
+ iter = 20000
69
+ digest = OpenSSL::Digest::SHA256.new
70
+ key = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iter, key_len, digest)
71
+ return key, salt
72
+ end
73
+
74
+ # Expects key to be a base64 encoded key data
75
+ def _encr(data, cipher_name, iv = nil, &block)
76
+ data, compression_enabled = encode_incoming_data(data)
77
+ cipher_struct = create_cipher(direction: :encrypt,
78
+ cipher_name: cipher_name,
79
+ iv: iv)
80
+
81
+ yield cipher_struct if block_given?
82
+
83
+ encrypted_data = update_cipher(cipher_struct.cipher, data)
84
+ wrapper_struct = WrapperStruct.new(
85
+ encrypted_data: encrypted_data,
86
+ iv: cipher_struct.iv,
87
+ cipher_name: cipher_struct.cipher.name,
88
+ salt: cipher_struct.salt,
89
+ compress: !compression_enabled)
90
+ encode(wrapper_struct, false)
91
+ end
92
+
93
+ # Expects key to be a base64 encoded key data
94
+ def _decr(encoded_data, cipher_name, iv = nil, &block)
95
+ wrapper_struct = decode(encoded_data)
96
+ cipher_struct = create_cipher(cipher_name: cipher_name,
97
+ iv: wrapper_struct.iv,
98
+ direction: :decrypt,
99
+ salt: wrapper_struct.salt)
100
+ yield cipher_struct if block_given?
101
+ decode(update_cipher(cipher_struct.cipher, wrapper_struct.encrypted_data))
102
+ end
103
+
104
+
105
+ def encode_incoming_data(data)
106
+ compression_enabled = !data.respond_to?(:size) || (data.size > 100 && encryption_config.compression_enabled)
107
+ data = encode(data, compression_enabled)
108
+ [data, compression_enabled]
109
+ end
110
+
111
+ end
112
+ end
113
+ end
114
+
@@ -0,0 +1,3 @@
1
+ module Shhh
2
+ VERSION = '1.3.0'
3
+ end
data/lib/shhh.rb ADDED
@@ -0,0 +1,73 @@
1
+ require 'require_dir'
2
+ require 'colored2'
3
+ require 'zlib'
4
+
5
+ require_relative 'shhh/configuration'
6
+
7
+ Shhh::Configuration.configure do |config|
8
+ config.password_cipher = 'AES-128-CBC'
9
+ config.data_cipher = 'AES-256-CBC'
10
+ config.private_key_cipher = config.data_cipher
11
+ config.compression_enabled = true
12
+ config.compression_level = Zlib::BEST_COMPRESSION
13
+ end
14
+
15
+ #
16
+ # _Include_ +Shhh+ in your class to enable functionality of this library.
17
+ #
18
+ # Once included, you would normally use +#encr+ and +#decr+ instance methods to perform
19
+ # encryption and decryption of object of any type using a symmetric key encryption.
20
+ #
21
+ # You could also use +#encr_password+ and +#decr_password+ if you prefer to encrypt
22
+ # with a password instead. The encryption key is generated from the password in that
23
+ # case.
24
+ #
25
+ # Create a new key with +#create_private_key+ class method, which returns a new key every
26
+ # time it's called, or with +#private_key+ class method, which either assigns, or creates
27
+ # and caches the private key at a class level.
28
+ #
29
+ # ```ruby
30
+ # require 'shhh'
31
+ # class TestClass
32
+ # include Shhh
33
+ # private_key ENV['PRIVATE_KEY']
34
+ #
35
+ # def sensitive_value=(value)
36
+ # @sensitive_value = encr(value, self.class.private_key)
37
+ # end
38
+ #
39
+ # def sensitive_value
40
+ # decr(@sensitive_value, self.class.private_key)
41
+ # end
42
+ # end
43
+ # ```
44
+ module Shhh
45
+ extend RequireDir
46
+ init(__FILE__)
47
+ end
48
+
49
+ Shhh.dir 'shhh/extensions'
50
+
51
+ module Shhh
52
+ def self.included(klass)
53
+ klass.instance_eval do
54
+ include ::Shhh::Extensions::InstanceMethods
55
+ extend ::Shhh::Extensions::ClassMethods
56
+ class << self
57
+ def private_key(value = nil)
58
+ if value
59
+ @private_key= value
60
+ elsif @private_key
61
+ @private_key
62
+ else
63
+ @private_key= self.create_private_key
64
+ end
65
+ @private_key
66
+ end
67
+ end
68
+ end
69
+ end
70
+ end
71
+
72
+ Shhh.dir 'shhh'
73
+ Shhh.dir 'shhh/app/commands'
data/shhh.gemspec ADDED
@@ -0,0 +1,33 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'shhh/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = 'shhh'
8
+ spec.version = Shhh::VERSION
9
+ spec.authors = ['Konstantin Gredeskoul']
10
+ spec.email = %w(kigster@gmail.com)
11
+
12
+ spec.summary = %q{Simple tool to encrypt/decrypt data using symmetric aes-256-cbc encryption with a private key and an IV vector}
13
+ spec.description = %q{Store sensitive data safely as encrypted strings or entire files, using symmetric aes-256-cbc encryption/decryption with a secret key and an IV vector, and YAML-friendly base64-encoded encrypted result.}
14
+ spec.homepage = 'https://github.com/kigster/shhh'
15
+
16
+ spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
17
+ spec.bindir = 'exe'
18
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
19
+ spec.require_paths = ['lib']
20
+
21
+ spec.add_dependency 'require_dir', '~> 0.1'
22
+ spec.add_dependency 'colored2', '~> 2.0'
23
+ spec.add_dependency 'slop', '~> 4.3'
24
+ spec.add_dependency 'activesupport'
25
+ spec.add_dependency 'highline', '~> 1.7'
26
+ spec.add_dependency 'clipboard', '~> 1.1'
27
+
28
+ spec.add_development_dependency 'codeclimate-test-reporter'
29
+ spec.add_development_dependency 'bundler', '~> 1.12'
30
+ spec.add_development_dependency 'rake', '~> 10.0'
31
+ spec.add_development_dependency 'rspec', '~> 3.0'
32
+ spec.add_development_dependency 'yard', '~> 0.9'
33
+ end
metadata ADDED
@@ -0,0 +1,249 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: shhh
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.3.0
5
+ platform: ruby
6
+ authors:
7
+ - Konstantin Gredeskoul
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2016-08-12 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: require_dir
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '0.1'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '0.1'
27
+ - !ruby/object:Gem::Dependency
28
+ name: colored2
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '2.0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '2.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: slop
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '4.3'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '4.3'
55
+ - !ruby/object:Gem::Dependency
56
+ name: activesupport
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: highline
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '1.7'
76
+ type: :runtime
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '1.7'
83
+ - !ruby/object:Gem::Dependency
84
+ name: clipboard
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '1.1'
90
+ type: :runtime
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '1.1'
97
+ - !ruby/object:Gem::Dependency
98
+ name: codeclimate-test-reporter
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: bundler
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '1.12'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: '1.12'
125
+ - !ruby/object:Gem::Dependency
126
+ name: rake
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - "~>"
130
+ - !ruby/object:Gem::Version
131
+ version: '10.0'
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - "~>"
137
+ - !ruby/object:Gem::Version
138
+ version: '10.0'
139
+ - !ruby/object:Gem::Dependency
140
+ name: rspec
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - "~>"
144
+ - !ruby/object:Gem::Version
145
+ version: '3.0'
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - "~>"
151
+ - !ruby/object:Gem::Version
152
+ version: '3.0'
153
+ - !ruby/object:Gem::Dependency
154
+ name: yard
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - "~>"
158
+ - !ruby/object:Gem::Version
159
+ version: '0.9'
160
+ type: :development
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - "~>"
165
+ - !ruby/object:Gem::Version
166
+ version: '0.9'
167
+ description: Store sensitive data safely as encrypted strings or entire files, using
168
+ symmetric aes-256-cbc encryption/decryption with a secret key and an IV vector,
169
+ and YAML-friendly base64-encoded encrypted result.
170
+ email:
171
+ - kigster@gmail.com
172
+ executables:
173
+ - keychain
174
+ - shhh
175
+ extensions: []
176
+ extra_rdoc_files: []
177
+ files:
178
+ - ".codeclimate.yml"
179
+ - ".gitignore"
180
+ - ".rspec"
181
+ - ".rubocop.yml"
182
+ - ".travis.yml"
183
+ - Gemfile
184
+ - LICENSE
185
+ - MANAGING-KEYS.md
186
+ - README.md
187
+ - Rakefile
188
+ - bin/console
189
+ - bin/setup
190
+ - exe/keychain
191
+ - exe/shhh
192
+ - lib/shhh.rb
193
+ - lib/shhh/app.rb
194
+ - lib/shhh/app/args.rb
195
+ - lib/shhh/app/cli.rb
196
+ - lib/shhh/app/commands.rb
197
+ - lib/shhh/app/commands/command.rb
198
+ - lib/shhh/app/commands/delete_keychain_item.rb
199
+ - lib/shhh/app/commands/encrypt_decrypt.rb
200
+ - lib/shhh/app/commands/generate_key.rb
201
+ - lib/shhh/app/commands/open_editor.rb
202
+ - lib/shhh/app/commands/print_key.rb
203
+ - lib/shhh/app/commands/show_examples.rb
204
+ - lib/shhh/app/commands/show_help.rb
205
+ - lib/shhh/app/commands/show_version.rb
206
+ - lib/shhh/app/input/handler.rb
207
+ - lib/shhh/app/keychain.rb
208
+ - lib/shhh/app/output/file.rb
209
+ - lib/shhh/app/output/stdout.rb
210
+ - lib/shhh/app/private_key/base64_decoder.rb
211
+ - lib/shhh/app/private_key/decryptor.rb
212
+ - lib/shhh/app/private_key/detector.rb
213
+ - lib/shhh/app/private_key/handler.rb
214
+ - lib/shhh/cipher_handler.rb
215
+ - lib/shhh/configuration.rb
216
+ - lib/shhh/data.rb
217
+ - lib/shhh/data/decoder.rb
218
+ - lib/shhh/data/encoder.rb
219
+ - lib/shhh/data/wrapper_struct.rb
220
+ - lib/shhh/errors.rb
221
+ - lib/shhh/extensions/class_methods.rb
222
+ - lib/shhh/extensions/instance_methods.rb
223
+ - lib/shhh/version.rb
224
+ - shhh.gemspec
225
+ homepage: https://github.com/kigster/shhh
226
+ licenses: []
227
+ metadata: {}
228
+ post_install_message:
229
+ rdoc_options: []
230
+ require_paths:
231
+ - lib
232
+ required_ruby_version: !ruby/object:Gem::Requirement
233
+ requirements:
234
+ - - ">="
235
+ - !ruby/object:Gem::Version
236
+ version: '0'
237
+ required_rubygems_version: !ruby/object:Gem::Requirement
238
+ requirements:
239
+ - - ">="
240
+ - !ruby/object:Gem::Version
241
+ version: '0'
242
+ requirements: []
243
+ rubyforge_project:
244
+ rubygems_version: 2.6.6
245
+ signing_key:
246
+ specification_version: 4
247
+ summary: Simple tool to encrypt/decrypt data using symmetric aes-256-cbc encryption
248
+ with a private key and an IV vector
249
+ test_files: []