shhh 1.5.4 → 1.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a18f2fa8ab3ca75426c0eccec0ddb42ca59c71ee
-  data.tar.gz: 2459a7f861d35612ab3e607a87999e9c98e071a2
+  metadata.gz: 5d5c47820b4c177b5647c092f84686ef74b169fa
+  data.tar.gz: 26ae8727ec033817a6b9cb7c9fc834d952138c40
 SHA512:
-  metadata.gz: 031191a168e9e6aa553f3950c8a29c2dc26c15ae4f5b8baeb402b0da3a51036268e66aeb90d409c9ecad439ac259e1f04d54cd823f3d3cca380de196f2df392e
-  data.tar.gz: 76c711a907e9b97ef72c0ac83c30f8f47e24574c3398ec67d246a9fb8270db3c8761abeeed8d0737dbea89aff4d21fe1313da75603a9d92e215605057e8144dd
+  metadata.gz: 9b9fbca8b285a087362d86a87b8f596878956a08c288fa34ebb31cf23dc5ef88c02765bce1a8388a713c437c44c40057dd165de2c61d4acd2006ea49e78ca483
+  data.tar.gz: 11813a61d0d08a6badebd7363188966226f08c77f1f038e2a49ca69a7b1578b87dd5b3ef3accb0479b7c3779284f7c0be280294879478ad858e9831b1daf2915

data/.travis.yml

@@ -4,7 +4,7 @@ env:
 rvm:
   - 2.2.5
   - 2.3.1
-script: "bundle exec rspec"
+script: "rake"
 notifications:
   email:
     recipients:

data/README.md

@@ -1,3 +1,4 @@
+
 # Shhh — Your Encryption Best Friend
 
 [![Gem Version](https://badge.fury.io/rb/shhh.svg)](https://badge.fury.io/rb/shhh)
@@ -22,8 +23,8 @@ And finally, in addition to the rich CLI interface of the `shhh` executable, the
 
 ### How It Works
 
-  1.  You start with a piece of sensitive data, say it's called _X_. 
-  2.  _X_ is  currently a file on your file system, unencrypted. 
+  1.  You start with a piece of sensitive data, say it's called _X_.
+  2.  _X_ is  currently a file on your file system, unencrypted.
   2. You use __shhh__ (with `-g` — for "generate")  to make a new encryption key. The key is 256 bits, or 32 bytes, or 45 bytes when base64-encoded.
   3. You must save this key somewhere safe. We'll talk about this further.
   4. You use __shhh__ (with `-e`) to encrypt _X_ with the key, and save into _Y_.
@@ -35,7 +36,7 @@ And finally, in addition to the rich CLI interface of the `shhh` executable, the
 
 The `shhh` executable as well as the Ruby API provide:
 
- * Symmetric data encryption with: 
+ * Symmetric data encryption with:
    * the cipher `AES-256-CBC` used by the US Government
    * 256-bit private key
      *  which can be auto-generated, and is a *base64-encoded* string which is 45 characters long. The *decoded* secret is always 32 characters long (or 256 bytes long).
@@ -44,23 +45,22 @@ The `shhh` executable as well as the Ruby API provide:
  * Rich command line interface with some innovative features, such as inline  editing of an encrypted file, using your favorite `$EDITOR`.
  * Data handling:
    * Automatic compression of the data upon encryption
-   * Automatic base64 encryption to make all encrypted strings fit onto a single line. 
+   * Automatic base64 encryption to make all encrypted strings fit onto a single line.
    * This makes the format suitable for YAML or JSON configuration files, where only the values are encrypted.
- * Rich Ruby API 
+ * Rich Ruby API
  * (OS-X Only): Ability to create, add and delete generic password entries from the Mac OS-X KeyChain, and to leverage the KeyChain to store sensitive private keys.
 
 ### Symmetric Encryption
 
-Symmetric encryption simply means that we are using the same private key to encrypt and decrypt. 
+Symmetric encryption simply means that we are using the same private key to encrypt and decrypt.
 In addition to the private key, the encryption uses an IV vector. The library completely hides `iv` from the user, generates one random `iv` per encryption, and stores it together with the field itself (*base64-encoded*).
 
 ## Installation
 
 If you plan on using the library in your ruby project with Bundler managing its dependencies, just include the following line in your `Gemfile`:
 
-```ruby
-gem 'shhh'
-```
+    gem 'shhh'
+
 And then run `bundle`.
 
 Or install it into the global namespace with `gem install` command:
@@ -69,6 +69,12 @@ Or install it into the global namespace with `gem install` command:
     $ shhh -h
     $ shhh -E # see examples
 
+### BASH Completion (Optional Step)
+
+After gem installation, an message will tell you to install a shown BASH script to your `~/.bashrc` or equivalent.
+
+Should you choose to install it (this part is optional), you will be able to use "tab-tab" after typing `shhh` and you'll be able to choose from all supported flags.
+
 ## Usage
 
 ### Private Keys
@@ -76,7 +82,7 @@ Or install it into the global namespace with `gem install` command:
 This library relies on the existance of the 32-byte private key (aka, *a secret*) to perform encryption and decryption.
 
 The key can be easily:
- 
+
  * generated by this gem and displayed, copied to the clipboard, or saved to the KeyChain
  * one way or another must be kept very well protected and secure from attackers
  * can be fetched from the the Keychain in subsequent encryption/decryption steps
@@ -90,8 +96,8 @@ Encrypted private key will be considerably longer, perhaps 200-300 characters lo
 When the private key is encrypted, `shhh` will request the password every time it is used. We are looking at adding a caching layer with a configuerable timeout, so that the password is only re-entered once per given period.
 
 ### Command Line (CLI)
- 
-You can generate using the command line, or in a programmatic way. First we'll discuss the command line usage, and in a later section we'll discuss Ruby API provided by the gem. 
+
+You can generate using the command line, or in a programmatic way. First we'll discuss the command line usage, and in a later section we'll discuss Ruby API provided by the gem.
 
 #### Generating and Using Private Keys
 
@@ -111,36 +117,36 @@ Or create a password-protected key, and save it to a file:
 
     shhh -gcp -o ~/.secret
     # New Password:     ••••••••••
-    # Confirm Password: •••••••••• 
+    # Confirm Password: ••••••••••
 
 You can subsequently use the private key by either:
 
-1. passing the `-k [key value]` flag 
-2. passing the `-K [key file]` flag3.  
+1. passing the `-k [key value]` flag
+2. passing the `-K [key file]` flag3.
 3. pasting or typing the key with the `-i` (interactive) flag
 4. passing the `-x [keychain access entry name]` flag to read from Mac OS-X KeyChain Access's generic password field.
 
 #### Using KeyChain Access on Mac OS-X
 
-On Mac OS-X there is a third option – using the Keychain Access Manager behind the scenes. Apple released a `security` command line tool, which this library uses to securely store a key/value pair of the key name and the actual private key in your OS-X KeyChain. The advantages of this method are numerous: 
+On Mac OS-X there is a third option – using the Keychain Access Manager behind the scenes. Apple released a `security` command line tool, which this library uses to securely store a key/value pair of the key name and the actual private key in your OS-X KeyChain. The advantages of this method are numerous:
 
  * The private key won't be lying around your file system unencrypted, so if your Mac is ever stolen, you don't need to worry about the keys running wild.
  * If you sync your keychain with iCloud you will have access to it on other machines
 
-To activate the KeyChain mode on the Mac, use `-x <keyname>` field instead of `-k` or `-K`, and add it to `-g` when generating a key. The `keyname` is what you name this particular key base on where it's going to be used. For example, you may call it `staging`, etc. 
+To activate the KeyChain mode on the Mac, use `-x <keyname>` field instead of `-k` or `-K`, and add it to `-g` when generating a key. The `keyname` is what you name this particular key base on where it's going to be used. For example, you may call it `staging`, etc.
 
 The following command generates the private key and immediately stores it in the KeyChain access under the name provided:
 
     shhh -g -x staging
 
 Now, whenever you need to encrypt something, in addition to the `-k` and `-K` you can also choose `-x staging`. This will retrieve the key from the KeyChain access, and use it for encryption/decryption.
-    
+
 Finally, you can delete a key from KeyChain access by running:
-    
+
     shhh --keychain-del staging
-    
+
 #### KeyChain Key Management
-    
+
 Another tiny executable supplied with this library is called `keychain`
 
 ```bash
@@ -152,46 +158,56 @@ You can use this to add an existing key that can be used with the `shhh` later.
 
 This may be a good time to take a look at the full help message for the `shhh` tool, shown naturally with a `-h` or `--help` option.
 
-```bash
-❯ shhh -h
+```
+Shhh (1.6.1) – encrypt/decrypt data with a private key
 
 Usage:
-    shhh [options]
+   # Generate a new key:
+   shhh -g [ -c ] [ -p ] [ -x keychain ] [ -o keyfile | -q | ]  
 
+   # Encrypt/Decrypt 
+   shhh [ -d | -e ] [ -f <file> | -s <string> ] 
+        [ -k key | -K keyfile | -x keychain | -i ] 
+        [ -o <output file> ] 
+ 
+   # Edit an encrypted file in $EDITOR 
+   shhh -t -f <file> [ -b ][ -k key | -K keyfile | -x keychain | -i ] 
+ 
 Modes:
   -e, --encrypt                 encrypt mode
   -d, --decrypt                 decrypt mode
-  -t, --edit                    decrypt, open an encr. file in vim
-
+  -t, --edit                    edit an encrypted file in an $EDITOR
+ 
 Create a private key:
   -g, --generate                generate a new private key
   -p, --password                encrypt the key with a password
   -c, --copy                    copy the new key to the clipboard
-
+  -x, --keychain     [key-name] add to (or read from) the OS-X Keychain
+ 
 Provide a private key:
   -i, --interactive             Paste or type the key interactively
   -k, --private-key  [key]      private key as a string
   -K, --keyfile      [key-file] private key from a file
-
-Use your KeyChain password entry to store a private key:
-  -x, --keychain     [key-name] add to, or read the key from Keychain
-  --keychain-del     [key-name] delete keychain entry with that name
-
+ 
 Data:
   -s, --string       [string]   specify a string to encrypt/decrypt
   -f, --file         [file]     filename to read from
   -o, --output       [file]     filename to write to
-  -b, --backup                  create a backup file in the edit mode
-
+ 
 Flags:
+  --keychain-del     [key-name] delete keychain entry with that name
+  -b, --backup                  create a backup file in the edit mode
   -v, --verbose                 show additional information
-  -q, --quiet                   silence all output
   -T, --trace                   print a backtrace of any errors
-  -E, --examples                show several examples
-  -L, --language                natural language examples
+  -q, --quiet                   silence all output
   -V, --version                 print library version
   -N, --no-color                disable color output
+ 
+Help & Examples:
+  -E, --examples                show several examples
+  -L, --language                natural language examples
   -h, --help                    show help
+
 ```
 
 ### CLI Usage Examples
@@ -224,7 +240,7 @@ Decrypt a previously encrypted string:
 Encrypt a file and save it to shhh.enc:
 
     shhh -e -f app-shhh.yml -o app-shhh.enc -k $KEY
-    
+
 Decrypt an encrypted file and print it to STDOUT:
 
     shhh -df app-shhh.enc -k $KEY
@@ -237,11 +253,11 @@ In this mode several flags are of importance:
 
     -b (--backup)   – will create a backup of the original file
     -v (--verbose) - will show additional info about file sizes
-      
-Here is a full command that opens a file specified by `-f | --file`, using the key specified in `-K | --key-file`, in the editor defined by the `$EDITOR` environment variable (or if not set – defaults to `/bin/vi`)". 
+
+Here is a full command that opens a file specified by `-f | --file`, using the key specified in `-K | --keyfile`, in the editor defined by the `$EDITOR` environment variable (or if not set – defaults to `/bin/vi`)".
 
 NOTE: while much effort has been made to ensure that the gem is bug free, the reality is that no software is bug free. Please make sure to backup your encrypted file before doing it for the first few times to get familiar with the command.
-     
+
 To edit an encrypted file in $EDITOR, while asking to paste the key (`-i | --interactive`), while creating a backup file (`-b | --backup`):
 
     shhh -tibf data.enc
@@ -256,76 +272,85 @@ To edit an encrypted file in $EDITOR, while asking to paste the key (`-i | --int
 
 ### Natural Language Processing
 
-When shhh is called, and when none of the arguments contain a dash, then the the NLP (natural language processing) Translator is invoked. The Translator is based on a very simple algorithm:
-
- * ignore all of the ambiguous words, or words with duplicate meaning
- * unambiguously map arguments to the regular options (the double-dash version)
- * words that already match double-dash options are double-dashed
- * the mapping of words into --options is performed
- * the result is parsed
+When shhh is invoked, and the first argument does not begin with a dash,
+then the the NLP (natural language processing) Translator is invoked.
+The Translator is based on a very simple algorithm:
 
-When verbose is provided as an argument, you will additionally see the command line arguments that NLP system had produced following the mapping of the actual arguments. This may be helpful in diagnosis of why a particular sentence is not recognized.
+  * ignore any of the words tagged STRIPPED. These are the ambiguous words, or words with duplicate meaning.
+  * map the remaining arguments to regular double-dashed options using the DICTIONARY
+  * words that are a direct match for a --option are automatically double-dashed
+  * remaining words are left as is (these would be file names, key names, etc).
+  * finally, the resulting "new" command line is parsed with regular options.
+  * When arguments include "verbose", NLP system will print "before" and "after"
+    of the arguments, so that any issues can be debugged and corrected.
 
-CURRENTLY IGNORED WORDS:
+#### CURRENTLY IGNORED WORDS:
 
-    and, a, the, it, item, to, key, with, about, for, of, new, make
+    and, a, the, it, item, to, key, with, about, for, of, new, make, store, in, print
 
-CURRENTLY DICTIONARY
+#### REGULAR WORD MAPPING
 
-                          clipboard >————————➤ copy
-                             unlock >————————➤ decrypt
-                               open >————————➤ edit
-                               lock >————————➤ encrypt
-                                    >————————➤ backup
-                                    >————————➤ keychain
-                               read >————————➤ file
-                             create >————————➤ generate
-                     ask enter type >————————➤ interactive
-                               from >————————➤ keyfile
-                         save write >————————➤ output
-                      using private >————————➤ private_key
-                              value >————————➤ string
-       silently quietly silent shhh >————————➤ quiet
-           secure secured protected >————————➤ password
+```
+________________________________________________________________________
+                          clipboard   ───────➤   --copy
+                             unlock   ───────➤   --decrypt
+                               open   ───────➤   --edit
+                               lock   ───────➤   --encrypt
+                                      ───────➤   --backup
+                                      ───────➤   --keychain
+                               read   ───────➤   --file
+                             create   ───────➤   --generate
+                     ask enter type   ───────➤   --interactive
+                               from   ───────➤   --keyfile
+                         save write   ───────➤   --output
+                      using private   ───────➤   --private_key
+                              value   ───────➤   --string
+       silently quietly silent shhh   ───────➤   --quiet
+           secure secured protected   ───────➤   --password
+________________________________________________________________________
+```
 
-EXAMPLES
+#### EXAMPLES
 
 ```bash
-# generate a new private key and copy to the clipboard
-shhh make new key and copy it to the clipboard
+# generate a new private key and copy to the clipboard but do not print to terminal
+shhh create new key to clipboard quietly
 
 # generate and save to a file a password-protected key, silently
 shhh create a secure key and save it to "my.key"
 
 # encrypt a plain text string with a key, and save the output to a file
-shhh encrypt string "secret string" using $KEY save to file.enc
+shhh encrypt string "secret string" using $(cat my.key) save to file.enc
 
 # decrypt a previously encrypted string:
-shhh decrypt string $ENC using a $KEY
+shhh decrypt string $ENC using $(cat my.key)
 
-# encrypt shhh.yml with key from $KEYFILE and save it to shhh.enc
-shhh encrypt shhh.yml with key from $KEYFILE and save it to shhh.enc
+# encrypt "file.txt" with key from my.key and save it to file.enc
+shhh encrypt file file.txt with key from my.key and save it to file.enc
 
 # decrypt an encrypted file and print it to STDOUT:
-shhh decrypt file data.enc using $KEY
+shhh decrypt file file.enc with key from "my.key"
 
-# edit an encrypted file in $EDITOR, ask for key, create a backup
-shhh edit file ecrets.enc ask for a key and make a backup
+# edit an encrypted file in $EDITOR, ask for key, and create a backup upon save
+shhh edit file file.enc ask for a key and make a backup
 
 # generate a new password-encrypted key, save it to your Keychain:
-shhh generate key with a password to keychain "kyname"
+shhh create a new protected key store in keychain "my-keychain-key"
+
+# print the key stored in the keychain item "my-keychain-key"
+shhh print keychain "my-keychain-key"
 
 # use the new key to encrypt a file:
-shhh encrypt with keychain item "keyname" file password.txt save to passwords.enc
+shhh encrypt with keychain "my-keychain-key" file "password.txt" and write to "passwords.enc"
 ```
 
 ### Ruby API
 
 To use this library you must include the main `Shhh` module into your library.
 
-Any class including `Shhh` will be decorated with new class methods `#private_key` and `#create_private_key`, as well as instance methods `#encr`, and `#decr`. 
+Any class including `Shhh` will be decorated with new class methods `#private_key` and `#create_private_key`, as well as instance methods `#encr`, and `#decr`.
 
-`#create_private_key` will generate a new key each time it's called, while `#private_key` will either assign an existing key (if a value is passed), or generate and save a new key in the class instance variable. Therefore each class including `Shhh` will use it's own key (unless the key is assigned). 
+`#create_private_key` will generate a new key each time it's called, while `#private_key` will either assign an existing key (if a value is passed), or generate and save a new key in the class instance variable. Therefore each class including `Shhh` will use it's own key (unless the key is assigned).
 
 The following example illustrates this point:
 
@@ -360,7 +385,7 @@ require 'shhh'
 class TestClass
   include Shhh
   private_key ENV['SECRET']
-  
+
   def sensitive_value=(value)
     @sensitive_value = encr(value, self.class.private_key)
   end
@@ -370,6 +395,21 @@ class TestClass
 end
 ```
 
+#### Full Application API
+
+Since the command line interface offers more than just encryption/decryption, it is available via `Shhh::Application` class.
+
+The class is instantiated with a hash that would be otherwise generated by `Slop.parse(argv)` – ie, typical `options`.
+
+Here is an example:
+
+```ruby
+require 'shhh/application'
+
+key  = Shhh::Application.new(generate: true).execute 
+# => returns a new private key
+```
+
 ### Configuration
 
 The library offers a typical `Shhh::Configuration` class which can be used to tweak some of the internals of the gem. This is really meant for a very advanced user who knows what she is doing. The following snippet is actually part of the Configuration class itself, but can be overridden by your code that uses and initializes this library. `Configuration` is a singleton, so changes to it will propagate to any subsequent calls to the gem.
@@ -377,7 +417,7 @@ The library offers a typical `Shhh::Configuration` class which can be used to tw
 ```ruby
 require 'zlib'
 Shhh::Configuration.configure do |config|
-  config.password_cipher = 'AES-128-CBC'  # 
+  config.password_cipher = 'AES-128-CBC'  #
   config.data_cipher = 'AES-256-CBC'
   config.private_key_cipher = config.data_cipher
   config.compression_enabled = true
@@ -402,16 +442,16 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 Bug reports and pull requests are welcome on GitHub at https://github.com/kigster/shhh.
 
 ## Feature Ideas
- 
+
 ### Natural Language Based API
 
 This is the proposed mini-idea/specification for an alternative CLI that is at a feature parity with the standard flag-based CLI.
 
-    shhh generate key to the clipboard and keychain 
-    shhh encrypt file 'hello' using $key [to output.enc] 
+    shhh generate key to the clipboard and keychain
+    shhh encrypt file 'hello' using $key [to output.enc]
     shhh edit 'passwords.enc' using $key
     shhh decrypt /etc/secrets encrypted with $key save to ./secrets
-    shhh encrypt with keychain $item file $input   
+    shhh encrypt with keychain $item file $input
 
 ## License
 

data/exe/shhh

@@ -8,8 +8,8 @@ require 'shhh'
 #ARGV.any?{ |a| a =~ /^-/ } ?
 begin
 ARGV.first =~ /^-/  ?
-  ::Shhh::App::CLI.new(ARGV.dup).run :
-  ::Shhh::App::NLP::Translator.new(ARGV.dup).translate.and.run
+  ::Shhh::App::CLI.new(ARGV.dup).execute :
+  ::Shhh::App::NLP::Translator.new(ARGV.dup).translate.and.execute
 rescue Interrupt => e
   STDERR.flush
   STDERR.puts "Interrupt, #{e.message}, exiting."

data/lib/shhh/app/args.rb

@@ -1,24 +1,41 @@
 module Shhh
   module App
-    class Args < Struct.new(:opts, :argv)
-      MODE = %i(encrypt decrypt generate edit keychain)
-      KEY  = %i(private_key interactive keyfile keychain)
-      OUTPUT = %i(output quiet)
 
-      def mode?; is(MODE); end
-      def key?; is(KEY); end
+    class Args
+
+      OPTIONS_MODE_SELECTED  = %i(encrypt decrypt generate edit keychain)
+      OPTIONS_REQUIRE_KEY    = %i(encrypt decrypt edit)
+      OPTIONS_SPECIFY_KEY    = %i(private_key interactive keyfile keychain)
+      OPTIONS_SPECIFY_OUTPUT = %i(output quiet)
+
+      attr_accessor :opts, :selected_options
+
+      def initialize(opts)
+        self.opts             = opts
+        self.selected_options = opts.keys.reject { |k| !opts[k] }
+      end
+
+      # TODO: generate these methods dynamically
+      def do_options_specify_mode?
+        do?(OPTIONS_MODE_SELECTED)
+      end
+
+      def do_options_specify_key?
+        do?(OPTIONS_SPECIFY_KEY)
+      end
+
+      def do_options_require_key?
+        do?(OPTIONS_REQUIRE_KEY)
+      end
 
       def output_class
-        output_type = OUTPUT.find{|o| opts[o] } # includes nil
+        output_type = OPTIONS_SPECIFY_OUTPUT.find { |o| opts[o] } # includes nil
         Shhh::App::Output.outputs[output_type]
       end
 
       private
-      def is(list)
-        !options_for(list).empty?
-      end
-      def options_for(of)
-        of.map{ |o| opts[o] }.compact
+      def do?(list)
+        !(list & selected_options).empty?
       end
 
     end

data/lib/shhh/app/cli.rb

@@ -1,11 +1,10 @@
-
-#!/usr/bin/env ruby
 require 'slop'
 require 'shhh'
 require 'colored2'
 require 'yaml'
+require 'forwardable'
 require 'openssl'
-require 'shhh/app'
+require 'shhh/application'
 require 'shhh/errors'
 require 'shhh/app/commands'
 require 'shhh/app/keychain'
@@ -53,91 +52,66 @@ module Shhh
     # in a cross-platform way inside the {Shhh::App::Keychain} module.
 
     class CLI
-      attr_accessor :opts, :args, :outputs, :output_proc,
-                    :action, :password, :key, :input_handler, :key_handler
+
+      extend Forwardable
+
+      def_delegators :@application, :command
+
+      attr_accessor :opts, :application, :outputs, :output_proc
 
       def initialize(argv)
         begin
-          self.opts = parse(argv.dup)
+          argv_copy = argv.dup
+          dict      = false
+          if argv_copy.include?('--dictionary')
+            dict = true
+            argv_copy.delete('--dictionary')
+          end
+          self.opts = parse(argv_copy)
+          if dict
+            options = opts.parser.unused_options + opts.parser.used_options
+            puts options.map{|o| o.to_s.gsub(/.*(--[\w-]+).*/, '\1') }.sort.join(' ')
+            exit 0
+          end
         rescue StandardError => e
           error exception: e
           return
         end
 
+        configure_color(argv)
 
-        self.args = ::Shhh::App::Args.new(opts, argv)
+        self.application = ::Shhh::Application.new(opts)
 
-        configure_color(argv)
         select_output_stream
-        initialize_input_handler
-        initialize_key_handler
 
-        self.action        = { opts[:encrypt] => :encr, opts[:decrypt] => :decr }[true]
       end
 
-      def run
+      def execute
         return Shhh::App.exit_code if Shhh::App.exit_code != 0
-        unless opts[:generate]
-          self.key = PrivateKey::Handler.new(opts,
-                                             input_handler).key
-        end
 
-        if command
-          STDERR.puts '   Running command: '.dark + "#{command.to_s}" if opts[:verbose]
-          result = command.run
-          output_proc.call(result)
+        result = application.execute
+        if result.is_a?(Hash)
+          self.output_proc = ::Shhh::App::Args.new({}).output_class
+          error(result)
         else
-          # command was not found. Reset output to printing, and return an error.
-          self.output_proc = Args.new(Hash.new, []).output_class
-          command_not_found_error!
+          self.output_proc.call(result)
         end
-
-      rescue ::OpenSSL::Cipher::CipherError => e
-        error type:      'Cipher Error',
-              details:   e.message,
-              reason:    'Perhaps either the secret is invalid, or encrypted data is corrupt.',
-              exception: e
-
-      rescue Shhh::Errors::InvalidEncodingPrivateKey => e
-        error type:      'Private Key Error',
-              details:   'Private key does not appear to be properly encoded. ',
-              reason:    (opts[:password] ? nil : 'Perhaps the key is password-protected?'),
-              exception: e
-
-      rescue Shhh::Errors::InvalidPasswordPrivateKey => e
-        error type:      'Error',
-              details:   'Invalid password, private key can not decrypted.'
-
-      rescue Shhh::Errors::Error => e
-        error type:      'Error',
-              details:   e.message,
-              exception: e
-
-      rescue StandardError => e
-        error exception: e
       end
 
+      private
+
       def error(hash)
         Shhh::App.error(hash.merge(config: (opts ? opts.to_hash : {})))
       end
 
-      def editor
-        ENV['EDITOR'] || '/bin/vi'
-      end
-
-      def command
-        @command_class ||= Shhh::App::Commands.find_command_class(opts)
-        @command       ||= @command_class.new(self) if @command_class
-      end
-
-      private
-
       def select_output_stream
-        out_klass = self.args.output_class
-        raise "Can not determine output class from arguments #{opts.to_hash}" unless
-          out_klass && out_klass.is_a?(Class)
+        output_klass = application.args.output_class
 
-        self.output_proc = out_klass.new(self).output_proc
+        unless output_klass && output_klass.is_a?(Class)
+          raise "Can not determine output class from arguments #{opts.to_hash}"
+        end
+
+        self.output_proc = output_klass.new(self).output_proc
       end
 
       def configure_color(argv)
@@ -147,77 +121,64 @@ module Shhh
         end
       end
 
-      def initialize_input_handler(handler = Input::Handler.new)
-        self.input_handler = handler
-      end
-
-      def initialize_key_handler
-        self.key_handler = PrivateKey::Handler.new(self.opts, input_handler)
-      end
-
-
-      def command_not_found_error!
-        if key
-          h             = opts.to_hash
-          supplied_opts = h.keys.select { |k| h[k] }.join(', ')
-          error type:    'Options Error',
-                details: 'Unable to determined what command to run',
-                reason:  "You provided the following options: #{supplied_opts.bold.yellow}",
-                comments: opts.to_s
-        else
-          raise Shhh::Errors::NoPrivateKeyFound.new('Private key is required')
-        end
-      end
-
       def parse(arguments)
         Slop.parse(arguments) do |o|
-          o.banner = 'Usage:'.bold.yellow
-          o.separator '    shhh [options]'.green
+          o.banner = "Shhh (#{Shhh::VERSION}) – encrypt/decrypt data with a private key\n".bold.white
+          o.separator 'Usage:'.yellow
+          o.separator '   # Generate a new key:'.dark
+          o.separator '   shhh -g '.green.bold +
+                      '[ -c ] [ -p ] [ -x keychain ] [ -o keyfile | -q | ]  '.green
+          o.separator ''
+          o.separator '   # Encrypt/Decrypt '.dark
+          o.separator '   shhh [ -d | -e ] '.green.bold +
+          '[ -f <file> | -s <string> ] '.green
+          o.separator '        [ -k key | -K keyfile | -x keychain | -i ] '.green
+          o.separator '        [ -o <output file> ] '.green
+          o.separator ' '
+          o.separator '   # Edit an encrypted file in $EDITOR '.dark
+          o.separator '   shhh -t -f <file> [ -b ]'.green.bold +
+          '[ -k key | -K keyfile | -x keychain | -i ] '.green
           o.separator ' '
           o.separator 'Modes:'.yellow
-          o.bool '-h', '--help', '           show help'
+          o.bool '-e', '--encrypt', '           encrypt mode'
           o.bool '-d', '--decrypt', '           decrypt mode'
-          o.bool '-t', '--edit', '           decrypt, open an encr. file in ' + editor
+          o.bool '-t', '--edit', '           decrypt, open an encr. file in an $EDITOR'
           o.separator ' '
           o.separator 'Create a private key:'.yellow
           o.bool '-g', '--generate', '           generate a new private key'
           o.bool '-p', '--password', '           encrypt the key with a password'
           o.bool '-c', '--copy', '           copy the new key to the clipboard'
+          if Shhh::App.is_osx?
+            o.string '-x', '--keychain', '[key-name] '.blue + 'add to (or read from) the OS-X Keychain'
+          end
           o.separator ' '
           o.separator 'Provide a private key:'.yellow
           o.bool '-i', '--interactive', '           Paste or type the key interactively'
           o.string '-k', '--private-key', '[key]   '.blue + '   private key as a string'
           o.string '-K', '--keyfile', '[key-file]'.blue + ' private key from a file'
-          if Shhh::App.is_osx?
-            o.separator ' '
-            o.separator 'Use your KeyChain password entry to store a private key:'.yellow
-            o.string '-x', '--keychain', '[key-name] '.blue + 'add to, or read the key from Keychain'
-            o.string '--keychain-del', '[key-name] '.blue + 'delete keychain entry with that name'
-          end
           o.separator ' '
           o.separator 'Data:'.yellow
           o.string '-s', '--string', '[string]'.blue + '   specify a string to encrypt/decrypt'
           o.string '-f', '--file', '[file]  '.blue + '   filename to read from'
           o.string '-o', '--output', '[file]  '.blue + '   filename to write to'
-          o.bool '-b',  '--backup',      '           create a backup file in the edit mode'
           o.separator ' '
-          o.separator 'Flags:'.bold.yellow
-          o.bool '-v',  '--verbose',     '           show additional information'
-          o.bool '-q',  '--quiet',       '           silence all output'
-          o.bool '-T',  '--trace',       '           print a backtrace of any errors'
-          o.bool '-E',  '--examples',    '           show several examples'
-          o.bool '-L',  '--language',    '           natural language examples'
-          o.bool '-V',  '--version',     '           print library version'
-          o.bool '-N',  '--no-color',    '           disable color output'
-          o.bool '-e',  '--encrypt',     '           encrypt mode'
-          o.separator ''
-          o.on '--dictionary' do
-            puts o.to_a.map{ |w| "#{w.flags.reject{|f| f.to_s !~ /--/ }.first.to_s}" }.join(' ')
-            exit 0
+          o.separator 'Flags:'.yellow
+          if Shhh::App.is_osx?
+            o.string '--keychain-del', '[key-name] '.blue + 'delete keychain entry with that name'
           end
+          o.bool '-b', '--backup', '           create a backup file in the edit mode'
+          o.bool '-v', '--verbose', '           show additional information'
+          o.bool '-T', '--trace', '           print a backtrace of any errors'
+          o.bool '-q', '--quiet', '           silence all output'
+          o.bool '-V', '--version', '           print library version'
+          o.bool '-N', '--no-color', '           disable color output'
+          o.separator ' '
+          o.separator 'Help & Examples:'.yellow
+          o.bool '-E', '--examples', '           show several examples'
+          o.bool '-L', '--language', '           natural language examples'
+          o.bool '-h', '--help', '           show help'
+
         end
-      rescue StandardError => e
-        raise(e)
       end
     end
   end

data/lib/shhh/app/commands/command.rb

@@ -42,26 +42,29 @@ module Shhh
           end
         end
 
-        attr_accessor :cli
+        attr_accessor :application
 
-        def initialize(cli)
-          self.cli = cli
+        def initialize(application)
+          self.application = application
         end
 
         def opts
-          cli.opts
+          application.opts
+        end
+        def opts_hash
+          application.opts_hash
         end
 
         def key
-          @key ||= cli.key
+          @key ||= application.key
         end
 
-        def run
+        def execute
           raise Shhh::Errors::AbstractMethodCalled.new(:run)
         end
 
         def to_s
-          "#{self.class.short_name.to_s.bold.yellow}, with options: #{cli.args.argv.join(' ').gsub(/--/, '').bold.green}"
+          "#{self.class.short_name.to_s.bold.yellow}, with options: #{application.args.argv.join(' ').gsub(/--/, '').bold.green}"
         end
 
       end

data/lib/shhh/app/commands/delete_keychain_item.rb

@@ -8,7 +8,7 @@ module Shhh
         required_options :keychain_del
         try_after :generate_key, :open_editor, :encrypt_decrypt
 
-        def run
+        def execute
           Shhh::App::KeyChain.new(opts[:keychain_del]).delete
         end
       end

data/lib/shhh/app/commands/encrypt_decrypt.rb

@@ -11,8 +11,8 @@ module Shhh
 
         try_after :generate_key
 
-        def run
-          send(cli.action, content, cli.key)
+        def execute
+          send(application.action, content, application.key)
         end
 
         private

data/lib/shhh/app/commands/generate_key.rb

@@ -8,19 +8,19 @@ module Shhh
 
         required_options :generate
 
-        def run
+        def execute
           retries         ||= 0
           new_private_key = self.class.create_private_key
 
           if opts[:password]
             new_private_key = encr_password(new_private_key,
-                                            cli.input_handler.new_password)
+                                            application.input_handler.new_password)
           end
 
           clipboard_copy(new_private_key) if opts[:copy]
 
           if opts[:keychain] && Shhh::App.is_osx?
-            Shhh::App::KeyChain.new(opts[:keychain]).add(new_private_key)
+            Shhh::App::KeyChain.new(opts[:keychain], opts).add(new_private_key)
           end
 
           new_private_key

data/lib/shhh/app/commands/open_editor.rb

@@ -18,7 +18,7 @@ module Shhh
 
         attr_accessor :tempfile
 
-        def run
+        def execute
           begin
             self.tempfile = ::Tempfile.new(::Base64.urlsafe_encode64(opts[:file]))
             decrypt_content(self.tempfile)
@@ -31,7 +31,7 @@ module Shhh
         end
 
         def launch_editor
-          system("#{cli.editor} #{tempfile.path}")
+          system("#{application.editor} #{tempfile.path}")
         end
 
         private
@@ -72,7 +72,7 @@ module Shhh
             out << "\n\nDiff:\n#{diff}"
             out
           else
-            raise Shhh::Errors::EditorExitedAbnormally.new("#{cli.editor} exited with #{$<}")
+            raise Shhh::Errors::EditorExitedAbnormally.new("#{application.editor} exited with #{$<}")
           end
         end
 

data/lib/shhh/app/commands/print_key.rb

@@ -4,13 +4,10 @@ module Shhh
   module App
     module Commands
       class PrintKey < Command
-        include Shhh
         required_options [ :keychain, :keyfile ]
 
-        try_after :show_examples
-
-        def run
-          cli.key
+        def execute
+          self.key
         end
       end
     end

data/lib/shhh/app/commands/show_examples.rb

@@ -7,7 +7,7 @@ module Shhh
         required_options :examples
         try_after :show_help
 
-        def run
+        def execute
           output = []
 
           output << example(comment: 'generate a new private key into an environment variable:',

data/lib/shhh/app/commands/show_help.rb

@@ -4,10 +4,10 @@ module Shhh
     module Commands
       class ShowHelp < Command
 
-        required_options :help, ->(opts) { opts.keys.all? { |k| !opts[k] } }
+        required_options :help, ->(opts) { opts.to_hash.keys.all? { |k| !opts[k] } }
         try_after :generate_key, :open_editor, :encrypt_decrypt
 
-        def run
+        def execute
           opts.to_s(prefix: ' ' * 2)
         end
       end

data/lib/shhh/app/commands/show_language_examples.rb

@@ -10,7 +10,7 @@ module Shhh
 
 
 
-        def run
+        def execute
           output = []
 
           output << Shhh::App::NLP::Base.usage

data/lib/shhh/app/commands/show_version.rb

@@ -5,7 +5,7 @@ module Shhh
       class ShowVersion < Command
         required_options :version
         try_after :show_help
-        def run
+        def execute
           "shhh (version #{Shhh::VERSION})"
         end
       end

data/lib/shhh/app/commands.rb

@@ -44,7 +44,7 @@ module Shhh
 
         def find_command_class(opts)
           self.sorted_commands.each do |command_class|
-            return command_class if command_class.options_satisfied_by?(opts.to_hash)
+            return command_class if command_class.options_satisfied_by?(opts)
           end
           nil
         end

data/lib/shhh/app/input/handler.rb

@@ -22,15 +22,16 @@ module Shhh
         end
 
         def new_password
-          password         = prompt('New Password     : ', :blue)
-          password_confirm = prompt('Confirm Password : ', :blue)
-
-          raise Shhh::Errors::PasswordsDontMatch.new(
-            'The passwords you entered do not match.') if password != password_confirm
+          password         = prompt('New Password     :  ', :blue)
 
           raise Shhh::Errors::PasswordTooShort.new(
             'Minimum length is 7 characters.') if password.length < 7
 
+          password_confirm = prompt('Confirm Password :  ', :blue)
+
+          raise Shhh::Errors::PasswordsDontMatch.new(
+          'The passwords you entered do not match.') if password != password_confirm
+
           password
         end
       end

data/lib/shhh/app/keychain.rb

@@ -54,10 +54,10 @@ module Shhh
         puts "> #{command.yellow.green}" if opts[:verbose]
         output = `#{command}`
         result = $?
-        raise Shhh::Errors::ExternalCommandError.new("Command error: #{result}, command: #{command}") unless result.success?
+        raise Shhh::Errors::KeyChainCommandError.new("Command error: #{result}, command: #{command}") unless result.success?
         output.chomp
       rescue Errno::ENOENT => e
-        raise Shhh::Errors::ExternalCommandError.new("Command error: #{e.message}, command: #{command}")
+        raise Shhh::Errors::KeyChainCommandError.new("Command error: #{e.message}, command: #{command}")
       end
 
       def stderr_off

data/lib/shhh/app/nlp/translator.rb

@@ -53,7 +53,7 @@ module Shhh
           ::Shhh::App::CLI.new(self.translated_argv)
         end
 
-        alias_method :cli, :and
+        alias_method :application, :and
 
       end
     end

data/lib/shhh/app/password/cache/client.rb

@@ -0,0 +1,46 @@
+require 'drb/drb'
+module Shhh
+  module App
+    module Password
+      module Cache
+        class Client
+          # The URI to connect to
+
+          attr_accessor :uri, :host, :port
+          attr_accessor :config
+
+          def initialize(host: nil,
+                         port: nil,
+                         config: {})
+            self.config =config
+            self.host   = host
+            self.port   = port
+          end
+
+          def uri
+            return uri if uri
+            template = 'druby://<%= host %>:<%= port %>>'
+            renderer = ERB.new template
+            self.uri = renderer.result(binding)
+          end
+
+          def start
+            raise NoMethodError, 'not implemented'
+            # Start a local DRbServer to handle callbacks.
+
+            # Not necessary for this small example, but will be required
+            # as soon as we pass a non-marshallable object as an argument
+            # to a dRuby call.
+
+            # Note: this must be called at least once per process to take any effect.
+            # This is particularly important if your application forks.
+            DRb.start_service
+            # timeserver = DRbObject.new_with_uri(SERVER_URI)
+            # puts timeserver.get_current_time
+            # sleep 10
+          end
+        end
+      end
+    end
+  end
+end

data/lib/shhh/app/password/cache/server.rb

@@ -0,0 +1,33 @@
+require 'drb/drb'
+require 'singleton'
+module Shhh
+  module App
+    module Password
+      module Cache
+        URI='druby://localhost:8787'
+
+        class Server
+          include Singleton
+
+          def lookup(key)
+            raise NoMethodError, 'not implemented'
+            return 'tasty bisquits'
+          end
+
+          FRONT_OBJECT=self.instance
+
+          def boot
+            raise NoMethodError, 'not implemented'
+            # The object that handles requests on the server
+
+            $SAFE = 1 # disable eval() and friends
+
+            DRb.start_service(URI, FRONT_OBJECT)
+            # Wait for the drb server thread to finish before exiting.
+            DRb.thread.join
+          end
+        end
+      end
+    end
+  end
+end

data/lib/shhh/app/password/cache.rb

@@ -0,0 +1,14 @@
+module Shhh
+  module App
+    module Password
+      module Cache
+        SERVER = {
+          host: '127.0.0.1',
+          port: 8787
+        }
+      end
+    end
+  end
+end
+
+Shhh.dir_r 'shhh/app/password'

data/lib/shhh/app/private_key/handler.rb

@@ -26,7 +26,7 @@ module Shhh
           @key = begin
             Detector.new(opts, input_handler).key
           rescue Shhh::Errors::Error => e
-            if Shhh::App::Args.new(opts).key? && key.nil?
+            if Shhh::App::Args.new(opts).do_options_specify_key? && key.nil?
               raise e
             end
           end

data/lib/shhh/application.rb

@@ -0,0 +1,85 @@
+require 'shhh'
+require 'colored2'
+module Shhh
+  class Application
+
+    attr_accessor :opts,
+                  :opts_hash,
+                  :args,
+                  :action,
+                  :key,
+                  :input_handler,
+                  :key_handler,
+                  :result
+
+    def initialize(opts)
+      self.opts      = opts
+      self.opts_hash = opts.to_hash
+      self.args      = ::Shhh::App::Args.new(opts_hash)
+      initialize_input_handler
+      initialize_key_handler
+      initialize_action
+    end
+
+    def initialize_action
+      self.action = if opts[:encrypt] then
+                      :encr
+                    elsif opts[:decrypt]
+                      :decr
+                    end
+    end
+
+    def execute
+      if args.do_options_require_key? || args.do_options_specify_key?
+        self.key = Shhh::App::PrivateKey::Handler.new(opts, input_handler).key
+        raise Shhh::Errors::NoPrivateKeyFound.new('Private key is required') unless self.key
+      end
+
+      unless command
+        raise Shhh::Errors::InsufficientOptionsError.new(
+          'Can not determine what to do from the options ' + opts.keys.reject { |k| !opts[k] }.to_s)
+      end
+
+      self.result = command.execute
+      return result
+
+    rescue ::OpenSSL::Cipher::CipherError => e
+      error type:      'Cipher Error',
+            details:   e.message,
+            reason:    'Perhaps either the secret is invalid, or encrypted data is corrupt.',
+            exception: e
+
+    rescue Shhh::Errors::Error => e
+      error type:    e.class.name.split(/::/)[-1],
+            details: e.message
+
+    rescue StandardError => e
+      error exception: e
+    end
+
+    def command
+      @command_class ||= Shhh::App::Commands.find_command_class(opts)
+      @command       ||= @command_class.new(self) if @command_class
+    end
+
+    private
+
+    def error(hash)
+      hash
+    end
+
+    def editor
+      ENV['EDITOR'] || '/bin/vi'
+    end
+
+
+    def initialize_input_handler(handler = ::Shhh::App::Input::Handler.new)
+      self.input_handler = handler
+    end
+
+    def initialize_key_handler
+      self.key_handler = ::Shhh::App::PrivateKey::Handler.new(self.opts, input_handler)
+    end
+
+  end
+end

data/lib/shhh/configuration.rb

@@ -34,6 +34,6 @@ module Shhh
     end
 
     attr_accessor :data_cipher, :password_cipher, :private_key_cipher
-    attr_accessor :compression_enabled, :compression_level
+    attr_accessor :compression_enabled, :compression_level, :password_cache
   end
 end

data/lib/shhh/errors.rb

@@ -5,15 +5,24 @@ module Shhh
     class Shhh::Errors::Error < StandardError; end
 
     # No secret has been provided for encryption or decryption
-    class NoPrivateKeyFound < Shhh::Errors::Error; end
-    class PasswordsDontMatch < Shhh::Errors::Error; end
-    class PasswordTooShort < Shhh::Errors::Error; end
-    class DataEncodingVersionMismatch< Shhh::Errors::Error; end
+    class InsufficientOptionsError < Shhh::Errors::Error; end
+
+    class PasswordError < Shhh::Errors::Error; end
+    class PasswordsDontMatch < Shhh::Errors::PasswordError; end
+    class PasswordTooShort < Shhh::Errors::PasswordError; end
+
     class EditorExitedAbnormally < Shhh::Errors::Error; end
-    class InvalidEncodingPrivateKey < Shhh::Errors::Error; end
-    class InvalidPasswordPrivateKey < Shhh::Errors::Error; end
+
     class FileNotFound < Shhh::Errors::Error; end
-    class ExternalCommandError < Shhh::Errors::Error; end
+
+    class DataEncodingVersionMismatch< Shhh::Errors::Error; end
+
+    class KeyError < Shhh::Errors::Error; end
+    class InvalidEncodingPrivateKey < Shhh::Errors::KeyError; end
+    class InvalidPasswordPrivateKey < Shhh::Errors::KeyError; end
+    class NoPrivateKeyFound < Shhh::Errors::KeyError; end
+
+    class KeyChainCommandError < Shhh::Errors::Error; end
 
     # Method was called on an abstract class. Override such methods in
     # subclasses, and use subclasses for instantiation of objects.

data/lib/shhh/version.rb

@@ -1,3 +1,3 @@
 module Shhh
-  VERSION = '1.5.4'
+  VERSION = '1.6.1'
 end

data/lib/shhh.rb

@@ -10,6 +10,7 @@ Shhh::Configuration.configure do |config|
   config.private_key_cipher = config.data_cipher
   config.compression_enabled = true
   config.compression_level = Zlib::BEST_COMPRESSION
+  config.password_cache = { provider: :drb, timeout: 30 }
 end
 
 #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shhh
 version: !ruby/object:Gem::Version
-  version: 1.5.4
+  version: 1.6.1
 platform: ruby
 authors:
 - Konstantin Gredeskoul
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-08-16 00:00:00.000000000 Z
+date: 2016-08-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: require_dir
@@ -218,11 +218,15 @@ files:
 - lib/shhh/app/output/file.rb
 - lib/shhh/app/output/noop.rb
 - lib/shhh/app/output/stdout.rb
+- lib/shhh/app/password/cache.rb
+- lib/shhh/app/password/cache/client.rb
+- lib/shhh/app/password/cache/server.rb
 - lib/shhh/app/private_key/base64_decoder.rb
 - lib/shhh/app/private_key/decryptor.rb
 - lib/shhh/app/private_key/detector.rb
 - lib/shhh/app/private_key/handler.rb
 - lib/shhh/app/short_name.rb
+- lib/shhh/application.rb
 - lib/shhh/cipher_handler.rb
 - lib/shhh/configuration.rb
 - lib/shhh/data.rb