shhh 1.3.0

data/lib/shhh/extensions/instance_methods.rb

@@ -0,0 +1,114 @@
+require 'shhh'
+require 'shhh/data'
+require 'shhh/cipher_handler'
+require 'openssl'
+module Shhh
+  module Extensions
+    # This is the module that is really included in your class
+    # when you include +Shhh+.
+    #
+    # The module provides easy access to the encryption configuration
+    # via the +#encryption_config+ method, as well as two key
+    # methods: +#encr+ and +#decr+.
+    #
+    # Methods +#encr_password+ and +#decr_password+ provide a good
+    # example of how this module can be extended to provide more uses
+    # of various ciphers, by calling into the private +_encr+ and +_decr+
+    # methods.f
+    module InstanceMethods
+      include Shhh::Data
+      include Shhh::CipherHandler
+
+      def encryption_config
+        Shhh::Configuration.config
+      end
+
+      # Expects key to be a base64 encoded key
+      def encr(data, key, iv = nil)
+        raise Shhh::Errors::NoPrivateKeyFound if key.nil?
+        _encr(data, encryption_config.data_cipher, iv) do |cipher_struct|
+          cipher_struct.cipher.key = decode_key(key)
+        end
+      end
+
+      # Expects key to be a base64 encoded key
+      def decr(encrypted_data, key, iv = nil)
+        raise Shhh::Errors::NoPrivateKeyFound if key.nil?
+        _decr(encrypted_data, encryption_config.data_cipher, iv) do |cipher_struct|
+          cipher_struct.cipher.key = decode_key(key)
+        end
+      end
+
+      def encr_password(data, password, iv = nil)
+        _encr(data, encryption_config.password_cipher, iv) do |cipher_struct|
+          key, salt                = _key_from_password(cipher_struct.cipher, password)
+          cipher_struct.cipher.key = key
+          cipher_struct.salt       = salt
+        end
+      end
+
+      def decr_password(encrypted_data, password, iv = nil)
+        _decr(encrypted_data, encryption_config.password_cipher, iv) do |cipher_struct|
+          key,                     = _key_from_password(cipher_struct.cipher, password, cipher_struct.salt)
+          cipher_struct.cipher.key = key
+        end
+      end
+
+      private
+
+      def decode_key(encoded_key)
+        Base64.urlsafe_decode64(encoded_key)
+      rescue
+        encoded_key
+      end
+
+      def _key_from_password(cipher, password, salt = nil)
+        key_len = cipher.key_len
+        salt    ||= OpenSSL::Random.random_bytes 16
+        iter    = 20000
+        digest  = OpenSSL::Digest::SHA256.new
+        key     = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iter, key_len, digest)
+        return key, salt
+      end
+
+      # Expects key to be a base64 encoded key data
+      def _encr(data, cipher_name, iv = nil, &block)
+        data, compression_enabled = encode_incoming_data(data)
+        cipher_struct             = create_cipher(direction:   :encrypt,
+                                                  cipher_name: cipher_name,
+                                                  iv:          iv)
+
+        yield cipher_struct if block_given?
+
+        encrypted_data = update_cipher(cipher_struct.cipher, data)
+        wrapper_struct = WrapperStruct.new(
+          encrypted_data: encrypted_data,
+          iv:             cipher_struct.iv,
+          cipher_name:    cipher_struct.cipher.name,
+          salt:           cipher_struct.salt,
+          compress:       !compression_enabled)
+        encode(wrapper_struct, false)
+      end
+
+      # Expects key to be a base64 encoded key data
+      def _decr(encoded_data, cipher_name, iv = nil, &block)
+        wrapper_struct = decode(encoded_data)
+        cipher_struct  = create_cipher(cipher_name: cipher_name,
+                                       iv:          wrapper_struct.iv,
+                                       direction:   :decrypt,
+                                       salt:        wrapper_struct.salt)
+        yield cipher_struct if block_given?
+        decode(update_cipher(cipher_struct.cipher, wrapper_struct.encrypted_data))
+      end
+
+
+      def encode_incoming_data(data)
+        compression_enabled = !data.respond_to?(:size) || (data.size > 100 && encryption_config.compression_enabled)
+        data                = encode(data, compression_enabled)
+        [data, compression_enabled]
+      end
+
+    end
+  end
+end
+

data/lib/shhh/version.rb

@@ -0,0 +1,3 @@
+module Shhh
+  VERSION = '1.3.0'
+end

data/lib/shhh.rb

@@ -0,0 +1,73 @@
+require 'require_dir'
+require 'colored2'
+require 'zlib'
+
+require_relative 'shhh/configuration'
+
+Shhh::Configuration.configure do |config|
+  config.password_cipher = 'AES-128-CBC'
+  config.data_cipher = 'AES-256-CBC'
+  config.private_key_cipher = config.data_cipher
+  config.compression_enabled = true
+  config.compression_level = Zlib::BEST_COMPRESSION
+end
+
+#
+# _Include_ +Shhh+ in your class to enable functionality of this library.
+#
+# Once included, you would normally use +#encr+ and +#decr+ instance methods to perform
+# encryption and decryption of object of any type using a symmetric key encryption.
+#
+# You could also use +#encr_password+ and +#decr_password+ if you prefer to encrypt
+# with a password instead. The encryption key is generated from the password in that
+# case.
+#
+# Create a new key with +#create_private_key+ class method, which returns a new key every
+# time it's called, or with +#private_key+ class method, which either assigns, or creates
+# and caches the private key at a class level.
+#
+# ```ruby
+# require 'shhh'
+# class TestClass
+#   include Shhh
+#   private_key ENV['PRIVATE_KEY']
+#
+#   def sensitive_value=(value)
+#     @sensitive_value = encr(value, self.class.private_key)
+#   end
+#
+#   def sensitive_value
+#     decr(@sensitive_value, self.class.private_key)
+#   end
+# end
+# ```
+module Shhh
+  extend RequireDir
+  init(__FILE__)
+end
+
+Shhh.dir 'shhh/extensions'
+
+module Shhh
+  def self.included(klass)
+    klass.instance_eval do
+      include ::Shhh::Extensions::InstanceMethods
+      extend ::Shhh::Extensions::ClassMethods
+      class << self
+        def private_key(value = nil)
+          if value
+            @private_key= value
+          elsif @private_key
+            @private_key
+          else
+            @private_key= self.create_private_key
+          end
+          @private_key
+        end
+      end
+    end
+  end
+end
+
+Shhh.dir 'shhh'
+Shhh.dir 'shhh/app/commands'

data/shhh.gemspec

@@ -0,0 +1,33 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'shhh/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'shhh'
+  spec.version       = Shhh::VERSION
+  spec.authors       = ['Konstantin Gredeskoul']
+  spec.email         = %w(kigster@gmail.com)
+
+  spec.summary       = %q{Simple tool to encrypt/decrypt data using symmetric aes-256-cbc encryption with a private key and an IV vector}
+  spec.description   = %q{Store sensitive data safely as encrypted strings or entire files, using symmetric aes-256-cbc encryption/decryption with a secret key and an IV vector, and YAML-friendly base64-encoded encrypted result.}
+  spec.homepage      = 'https://github.com/kigster/shhh'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'require_dir', '~> 0.1'
+  spec.add_dependency 'colored2', '~> 2.0'
+  spec.add_dependency 'slop', '~> 4.3'
+  spec.add_dependency 'activesupport'
+  spec.add_dependency 'highline', '~> 1.7'
+  spec.add_dependency 'clipboard', '~> 1.1'
+
+  spec.add_development_dependency 'codeclimate-test-reporter'
+  spec.add_development_dependency 'bundler', '~> 1.12'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_development_dependency 'yard', '~> 0.9'
+end

metadata

@@ -0,0 +1,249 @@
+--- !ruby/object:Gem::Specification
+name: shhh
+version: !ruby/object:Gem::Version
+  version: 1.3.0
+platform: ruby
+authors:
+- Konstantin Gredeskoul
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-08-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: require_dir
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+- !ruby/object:Gem::Dependency
+  name: colored2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: slop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.3'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: highline
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: clipboard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: codeclimate-test-reporter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+description: Store sensitive data safely as encrypted strings or entire files, using
+  symmetric aes-256-cbc encryption/decryption with a secret key and an IV vector,
+  and YAML-friendly base64-encoded encrypted result.
+email:
+- kigster@gmail.com
+executables:
+- keychain
+- shhh
+extensions: []
+extra_rdoc_files: []
+files:
+- ".codeclimate.yml"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- Gemfile
+- LICENSE
+- MANAGING-KEYS.md
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- exe/keychain
+- exe/shhh
+- lib/shhh.rb
+- lib/shhh/app.rb
+- lib/shhh/app/args.rb
+- lib/shhh/app/cli.rb
+- lib/shhh/app/commands.rb
+- lib/shhh/app/commands/command.rb
+- lib/shhh/app/commands/delete_keychain_item.rb
+- lib/shhh/app/commands/encrypt_decrypt.rb
+- lib/shhh/app/commands/generate_key.rb
+- lib/shhh/app/commands/open_editor.rb
+- lib/shhh/app/commands/print_key.rb
+- lib/shhh/app/commands/show_examples.rb
+- lib/shhh/app/commands/show_help.rb
+- lib/shhh/app/commands/show_version.rb
+- lib/shhh/app/input/handler.rb
+- lib/shhh/app/keychain.rb
+- lib/shhh/app/output/file.rb
+- lib/shhh/app/output/stdout.rb
+- lib/shhh/app/private_key/base64_decoder.rb
+- lib/shhh/app/private_key/decryptor.rb
+- lib/shhh/app/private_key/detector.rb
+- lib/shhh/app/private_key/handler.rb
+- lib/shhh/cipher_handler.rb
+- lib/shhh/configuration.rb
+- lib/shhh/data.rb
+- lib/shhh/data/decoder.rb
+- lib/shhh/data/encoder.rb
+- lib/shhh/data/wrapper_struct.rb
+- lib/shhh/errors.rb
+- lib/shhh/extensions/class_methods.rb
+- lib/shhh/extensions/instance_methods.rb
+- lib/shhh/version.rb
+- shhh.gemspec
+homepage: https://github.com/kigster/shhh
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.6
+signing_key: 
+specification_version: 4
+summary: Simple tool to encrypt/decrypt data using symmetric aes-256-cbc encryption
+  with a private key and an IV vector
+test_files: []