sym 2.10.0 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -3
- data/LICENSE +2 -2
- data/README.adoc +29 -9
- data/Rakefile +3 -3
- data/bin/changelog +34 -0
- data/design/sym-class-dependency-future-refactor.png +0 -0
- data/design/sym-class-dependency-vertical.png +0 -0
- data/design/sym-class-dependency.graffle +0 -0
- data/design/sym-class-dependency.png +0 -0
- data/design/sym-help.png +0 -0
- data/lib/sym.rb +1 -1
- data/lib/sym/app.rb +0 -1
- data/lib/sym/app/cli.rb +34 -20
- data/lib/sym/app/cli_slop.rb +8 -1
- data/lib/sym/app/commands/bash_completion.rb +1 -1
- data/lib/sym/constants.rb +39 -23
- data/lib/sym/errors.rb +2 -0
- data/lib/sym/version.rb +46 -22
- data/sym.gemspec +1 -0
- metadata +50 -31
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 96b146e9f4e68299d11d3aa550f32cf34c85de0ce8b91829e2d7db0e39d9da8a
|
4
|
+
data.tar.gz: c55848a53c59090e471b207d3e170fa803aa61969f4689c4cdffe507ebe8babf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1a577c64acd5fb45c06526757602810b210c9fc4af413961be85618abdb88754e3689b4e7d78ed1dd3714abb22484bae86d7111b6a6c887568ab57c818cdc94e
|
7
|
+
data.tar.gz: dd26342b6c02825c85f847268f4a69f0da85dd42bcae7e6064515bf88c32f17eb08e19e9b65758825dbb28ff5b7fd0a878dcc9b2e0fb83be915120b0ce0284ae
|
data/CHANGELOG.md
CHANGED
@@ -1,16 +1,30 @@
|
|
1
1
|
# Changelog
|
2
2
|
|
3
|
-
## [
|
3
|
+
## [v2.10.1](https://github.com/kigster/sym/tree/v2.10.1) (2020-08-15)
|
4
4
|
|
5
|
-
[Full Changelog](https://github.com/kigster/sym/compare/v2.
|
5
|
+
[Full Changelog](https://github.com/kigster/sym/compare/v2.10.0...v2.10.1)
|
6
6
|
|
7
7
|
**Closed issues:**
|
8
8
|
|
9
|
+
- This gem is failing on environment without HOME \(like AWS Lambda\) [\#25](https://github.com/kigster/sym/issues/25)
|
10
|
+
|
11
|
+
**Merged pull requests:**
|
12
|
+
|
13
|
+
- Refactor and changes to support custom user\_home. [\#30](https://github.com/kigster/sym/pull/30) ([kigster](https://github.com/kigster))
|
14
|
+
|
15
|
+
## [v2.10.0](https://github.com/kigster/sym/tree/v2.10.0) (2020-08-14)
|
16
|
+
|
17
|
+
[Full Changelog](https://github.com/kigster/sym/compare/v2.8.5...v2.10.0)
|
18
|
+
|
19
|
+
**Closed issues:**
|
20
|
+
|
21
|
+
- Switch to Codecov for test coverage [\#29](https://github.com/kigster/sym/issues/29)
|
9
22
|
- Ruby 2.7 warnings [\#24](https://github.com/kigster/sym/issues/24)
|
10
23
|
- Error and process hang on Windows [\#17](https://github.com/kigster/sym/issues/17)
|
11
24
|
|
12
25
|
**Merged pull requests:**
|
13
26
|
|
27
|
+
- Switch to Codecov for test coverage; version bump 2.10.0 [\#28](https://github.com/kigster/sym/pull/28) ([kigster](https://github.com/kigster))
|
14
28
|
- Fix remaining 2.7 warnings; memcached & keychain [\#27](https://github.com/kigster/sym/pull/27) ([kigster](https://github.com/kigster))
|
15
29
|
- Adding Rubocop, and fixing minor issues. [\#21](https://github.com/kigster/sym/pull/21) ([kigster](https://github.com/kigster))
|
16
30
|
- First pass on Version 2.9.0 — dropping the coin gem [\#20](https://github.com/kigster/sym/pull/20) ([kigster](https://github.com/kigster))
|
@@ -27,6 +41,7 @@
|
|
27
41
|
|
28
42
|
**Merged pull requests:**
|
29
43
|
|
44
|
+
- Fix error when ENV\[EDITOR\] is nil [\#18](https://github.com/kigster/sym/pull/18) ([JustinNazari](https://github.com/JustinNazari))
|
30
45
|
- README: Use SVG badge \[ci skip\] [\#16](https://github.com/kigster/sym/pull/16) ([olleolleolle](https://github.com/olleolleolle))
|
31
46
|
|
32
47
|
## [v2.8.4](https://github.com/kigster/sym/tree/v2.8.4) (2018-04-13)
|
@@ -184,7 +199,6 @@
|
|
184
199
|
|
185
200
|
**Merged pull requests:**
|
186
201
|
|
187
|
-
- Fix error when ENV\[EDITOR\] is nil [\#18](https://github.com/kigster/sym/pull/18) ([JustinNazari](https://github.com/JustinNazari))
|
188
202
|
- added require to fix loading issue on ubuntu [\#4](https://github.com/kigster/sym/pull/4) ([bosswissam](https://github.com/bosswissam))
|
189
203
|
|
190
204
|
## [v1.6.4](https://github.com/kigster/sym/tree/v1.6.4) (2016-08-23)
|
data/LICENSE
CHANGED
@@ -1,6 +1,6 @@
|
|
1
|
-
Copyright © 2016 Konstantin Gredeskoul,
|
1
|
+
Copyright © 2016-2020 Konstantin Gredeskoul, All Rights Reserved.
|
2
2
|
|
3
|
-
MIT License
|
3
|
+
Distributed under MIT License
|
4
4
|
|
5
5
|
Permission is hereby granted, free of charge, to any person obtaining
|
6
6
|
a copy of this software and associated documentation files (the
|
data/README.adoc
CHANGED
@@ -16,17 +16,16 @@ image:https://ruby-gem-downloads-badge.herokuapp.com/sym?extension=svg[Sym Downl
|
|
16
16
|
image:https://codecov.io/gh/kigster/sym/branch/master/graphs/sunburst.svg[Coverage Map,link=https://codecov.io/gh/kigster/sym]
|
17
17
|
====
|
18
18
|
|
19
|
-
Please checkout the following post — _http://kig.re/2017/03/10/dead-simple-encryption-with-sym.html[Dead Simple Encryption with Sym]_ — that announced the initial release of this library, and provides further in-depth discussion. Your donation of absolutely any amount is
|
19
|
+
Please checkout the following post — _http://kig.re/2017/03/10/dead-simple-encryption-with-sym.html[Dead Simple Encryption with Sym]_ — that announced the initial release of this library, and provides further in-depth discussion. Your donation of absolutely any amount is much appreciated but never required.
|
20
20
|
|
21
|
-
image
|
21
|
+
image:https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif[Donate,link=https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FSFYYNEQ8RKWU]
|
22
22
|
|
23
23
|
== Introduction
|
24
24
|
|
25
|
-
|
26
|
-
*sym* is an open source command line utility and Ruby API which makes it very _easy to add reliable encryption and decryption_ of sensitive data to an application or a project written in any language.
|
27
|
-
====
|
25
|
+
NOTE: *SYM* is an open source command line utility and a Ruby library, which makes it _trivial to encrypt your application secrets with mathematically proven models and ciphers offered in a much larger project — Open SSL.
|
28
26
|
|
29
|
-
|
27
|
+
|
28
|
+
Unlike many existing encryption tools, *sym* focuses on narrowing the gap between convenience and security, by offering enhanced usability and a streamlined ruby API and a CLI. The primary goal of the library is to make encryption very easy and transparent. +
|
30
29
|
|
31
30
|
* *sym* uses the _https://en.wikipedia.org/wiki/Symmetric-key_algorithm[Symmetric Encryption]_ algorithm. This means that the same key is used to encrypt and decrypt data. In addition to the key, the encryption uses a randomized IV vector, which is automatically generated per each encryption and serialized with the data. Result of encryption is zlib-compressed, and base64 encoded, to be suitable for storage as string. The generated keys are also base64-encoded for convenience. +
|
32
31
|
|
@@ -85,7 +84,6 @@ Most common use-cases include:
|
|
85
84
|
This gem includes two primary components:
|
86
85
|
|
87
86
|
. *<<cli,Rich command line interface CLI>>* with many features to streamline encryption/decryption, and to be integrated into the deployment flow. +
|
88
|
-
+
|
89
87
|
. Ruby APIs:
|
90
88
|
** *<<rubyapi,Key Generation, Encryption & Decryption API>>*
|
91
89
|
*** is activated by including `Sym` module in a class, it adds easy to use `encr`/`decr` methods.
|
@@ -192,7 +190,8 @@ My secret data
|
|
192
190
|
|
193
191
|
# Lets now save common flags in the SYM_ARGS bash variable:
|
194
192
|
❯ export SYM_ARGS="-ck my-new-key"
|
195
|
-
|
193
|
+
# To have sym parse the SYM_ARGS variable, we must activate this feature with -A
|
194
|
+
❯ sym -Adf secret.enc
|
196
195
|
My secret data
|
197
196
|
----
|
198
197
|
|
@@ -235,6 +234,11 @@ Example: here we edit an encrypted file in `vim`, while using interactive mode t
|
|
235
234
|
|
236
235
|
Note the `diff` shown after save.
|
237
236
|
|
237
|
+
==== CLI Help Reference
|
238
|
+
|
239
|
+
image::design/sym-help.png[Sym Help,width=651]
|
240
|
+
|
241
|
+
|
238
242
|
+++<a name="rubyapi">++++++</a>+++
|
239
243
|
|
240
244
|
== Ruby API
|
@@ -621,7 +625,23 @@ To release a new version, update the version number in `version.rb`, and then ru
|
|
621
625
|
[discrete]
|
622
626
|
==== Contributing
|
623
627
|
|
624
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/kigster/sym
|
628
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/kigster/sym.
|
629
|
+
|
630
|
+
===== UML
|
631
|
+
|
632
|
+
Here are a couple of UML diagrams depicting the current, and possibly future state of the codebase.
|
633
|
+
|
634
|
+
''''
|
635
|
+
|
636
|
+
===== Current Design
|
637
|
+
|
638
|
+
image::design/sym-class-dependency-vertical.png[UML Vertical]
|
639
|
+
|
640
|
+
''''
|
641
|
+
|
642
|
+
===== Future Design
|
643
|
+
|
644
|
+
image::design/sym-class-dependency-future-refactor.png[UML Refactor]
|
625
645
|
|
626
646
|
=== License
|
627
647
|
|
data/Rakefile
CHANGED
@@ -25,9 +25,9 @@ end
|
|
25
25
|
task :build => :permissions
|
26
26
|
|
27
27
|
YARD::Rake::YardocTask.new(:doc) do |t|
|
28
|
-
t.files = %w(lib/**/*.rb exe/*.rb - README.md LICENSE)
|
29
|
-
t.options.unshift('--title', '"Sym – Symmetric
|
30
|
-
t.after = -> { exec('open doc/index.html') }
|
28
|
+
t.files = %w(lib/**/*.rb exe/*.rb - README.adoc CHANGELOG.md LICENSE)
|
29
|
+
t.options.unshift('--title', '"Sym – Symmetric Encryption for Humins"')
|
30
|
+
t.after = -> { Thread.new { sleep 5; exec('open doc/index.html') } }
|
31
31
|
end
|
32
32
|
|
33
33
|
RSpec::Core::RakeTask.new(:spec)
|
data/bin/changelog
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
#!/usr/bin/env bash
|
2
|
+
# vim: ft=bash
|
3
|
+
unset DEBUG
|
4
|
+
|
5
|
+
[[ -d ~/.bashmatic ]] || bash -c "$(curl -fsSL http://bit.ly/bashmatic-1-2-0)"
|
6
|
+
source "${HOME}/.bashmatic/init.sh" 1>/dev/null
|
7
|
+
|
8
|
+
function chlog() {
|
9
|
+
run.set-all abort-on-error show-output-on
|
10
|
+
|
11
|
+
command -v github_changelog_generator >/dev/null || {
|
12
|
+
h1 'Installing changelog ruby gem...'
|
13
|
+
gem.install github_changelog_generator
|
14
|
+
}
|
15
|
+
|
16
|
+
if [[ -z "${GITHUB_TOKEN}" ]]; then
|
17
|
+
error "Please set GITHUB_TOKEN environment variable."
|
18
|
+
return 1
|
19
|
+
else
|
20
|
+
info "GitHub token found, starting CHANGELOG generation..."
|
21
|
+
fi
|
22
|
+
|
23
|
+
run "github_changelog_generator --no-verbose -u kigster -p sym -t ${GITHUB_TOKEN}"
|
24
|
+
}
|
25
|
+
|
26
|
+
chlog "$@"
|
27
|
+
|
28
|
+
|
29
|
+
|
30
|
+
|
31
|
+
|
32
|
+
|
33
|
+
|
34
|
+
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
data/design/sym-help.png
CHANGED
Binary file
|
data/lib/sym.rb
CHANGED
@@ -14,7 +14,7 @@ Sym::Configuration.configure do |config|
|
|
14
14
|
config.compression_enabled = true
|
15
15
|
config.compression_level = Zlib::BEST_COMPRESSION
|
16
16
|
config.encrypted_file_extension = 'enc'
|
17
|
-
config.default_key_file = Sym::Constants
|
17
|
+
config.default_key_file = Sym::Constants.sym_key_file
|
18
18
|
|
19
19
|
config.password_cache_timeout = 300
|
20
20
|
|
data/lib/sym/app.rb
CHANGED
data/lib/sym/app/cli.rb
CHANGED
@@ -56,10 +56,10 @@ module Sym
|
|
56
56
|
# brings in #parse(Array[String] args)
|
57
57
|
include CLISlop
|
58
58
|
|
59
|
-
attr_accessor :opts, :application, :outputs, :stdin, :stdout, :stderr, :kernel
|
60
|
-
|
59
|
+
attr_accessor :opts, :application, :outputs, :stdin, :stdout, :stderr, :kernel, :args
|
61
60
|
|
62
61
|
def initialize(argv, stdin = STDIN, stdout = STDOUT, stderr = STDERR, kernel = nil)
|
62
|
+
self.args = argv
|
63
63
|
self.stdin = stdin
|
64
64
|
self.stdout = stdout
|
65
65
|
self.stderr = stderr
|
@@ -71,37 +71,46 @@ module Sym
|
|
71
71
|
|
72
72
|
begin
|
73
73
|
# Re-map any legacy options to the new options
|
74
|
-
self.opts = parse(
|
74
|
+
self.opts = parse(args)
|
75
|
+
|
76
|
+
if opts[:user_home]
|
77
|
+
Constants.user_home = opts[:user_home]
|
78
|
+
raise InvalidSymHomeDirectory, "#{opts[:user_home]} does not exist!" unless Dir.exist?(Constants.user_home)
|
79
|
+
end
|
80
|
+
|
81
|
+
# Deal with SYM_ARGS and -A
|
75
82
|
if opts[:sym_args]
|
76
|
-
|
77
|
-
|
83
|
+
if non_empty_array?(sym_args)
|
84
|
+
args << sym_args
|
85
|
+
args.flatten!
|
86
|
+
args.compact!
|
87
|
+
args.delete('-A')
|
88
|
+
args.delete('--sym-args')
|
89
|
+
self.opts = parse(args)
|
90
|
+
end
|
78
91
|
end
|
79
92
|
|
80
93
|
# Disable coloring if requested, or if piping STDOUT
|
81
94
|
if opts[:no_color] || !self.stdout.tty?
|
82
95
|
Colored2.disable! # reparse options without the colors to create new help msg
|
83
|
-
self.opts = parse(
|
96
|
+
self.opts = parse(args)
|
84
97
|
end
|
85
98
|
|
86
99
|
rescue StandardError => e
|
87
100
|
log :error, "#{e.message}" if opts
|
88
101
|
error exception: e
|
89
|
-
|
102
|
+
quit!(127) if stdin == STDIN
|
90
103
|
end
|
91
104
|
|
92
|
-
self.application = ::Sym::Application.new(opts, stdin, stdout, stderr, kernel)
|
105
|
+
self.application = ::Sym::Application.new(self.opts, stdin, stdout, stderr, kernel)
|
93
106
|
end
|
94
107
|
|
95
|
-
def
|
96
|
-
|
97
|
-
argv << env_args.split(' ')
|
98
|
-
argv.flatten!
|
99
|
-
argv.compact!
|
100
|
-
end
|
108
|
+
def quit!(code = 0)
|
109
|
+
exit(code)
|
101
110
|
end
|
102
111
|
|
103
112
|
def sym_args
|
104
|
-
ENV[
|
113
|
+
(ENV['SYM_ARGS']&.split(/\s+/) || [])
|
105
114
|
end
|
106
115
|
|
107
116
|
def execute!
|
@@ -131,17 +140,22 @@ module Sym
|
|
131
140
|
end
|
132
141
|
|
133
142
|
def opts_present
|
134
|
-
|
135
|
-
|
136
|
-
|
143
|
+
opts.to_hash.tap do |o|
|
144
|
+
o.keys.map { |k| opts[k] ? nil : k }.compact.each { |k| o.delete(k) }
|
145
|
+
end
|
137
146
|
end
|
138
147
|
|
139
|
-
private
|
140
|
-
|
141
148
|
def log(*args)
|
142
149
|
Sym::App.log(*args, **opts.to_hash)
|
143
150
|
end
|
144
151
|
|
152
|
+
|
153
|
+
private
|
154
|
+
|
155
|
+
def non_empty_array?(object)
|
156
|
+
object.is_a?(Array) && !object.empty?
|
157
|
+
end
|
158
|
+
|
145
159
|
def error(hash)
|
146
160
|
hash.merge!(config: opts.to_hash) if opts
|
147
161
|
hash.merge!(command: @command) if @command
|
data/lib/sym/app/cli_slop.rb
CHANGED
@@ -55,6 +55,7 @@ module Sym
|
|
55
55
|
o.separator 'Create a new private key:'.yellow
|
56
56
|
o.bool '-g', '--generate', ' generate a new private key'
|
57
57
|
o.bool '-p', '--password', ' encrypt the key with a password'
|
58
|
+
|
58
59
|
if Sym::App.osx?
|
59
60
|
o.string '-x', '--keychain', '[key-name] '.blue + 'write the key to OS-X Keychain'
|
60
61
|
end
|
@@ -67,7 +68,7 @@ module Sym
|
|
67
68
|
o.separator ' '
|
68
69
|
o.separator 'Password Cache:'.yellow
|
69
70
|
o.bool '-c', '--cache-passwords', ' enable password cache'
|
70
|
-
o.integer '-
|
71
|
+
o.integer '-z', '--cache-timeout', '[seconds]'.blue + ' expire passwords after'
|
71
72
|
o.string '-r', '--cache-provider', '[provider]'.blue + ' cache provider, one of ' + "#{Sym::App::Password::Providers.provider_list}"
|
72
73
|
|
73
74
|
o.separator ' '
|
@@ -89,8 +90,14 @@ module Sym
|
|
89
90
|
|
90
91
|
o.separator ' '
|
91
92
|
o.separator 'Utility:'.yellow
|
93
|
+
o.separator " The following flag helps with Sym installation by hooking to \n" +
|
94
|
+
" your #{'~/.bashrc'.bold.yellow}. If you are running Sym on an environment without \n" +
|
95
|
+
" user home available, you may need to force set user's home to any existing\n" +
|
96
|
+
" directory using the #{'--user-home'.bold.blue} flag.\n"
|
97
|
+
|
92
98
|
o.string '-B', '--bash-support', '[file]'.blue + ' append bash completion & utils to a file'+ "\n" +
|
93
99
|
' such as ~/.bash_profile or ~/.bashrc'
|
100
|
+
o.string '-u', '--user-home', '[DIR]'.blue + " Overrides #{'${HOME}'.green} ==> supports AWS Lambda\n"
|
94
101
|
|
95
102
|
o.separator ' '
|
96
103
|
o.separator 'Help & Examples:'.yellow
|
data/lib/sym/constants.rb
CHANGED
@@ -1,43 +1,59 @@
|
|
1
1
|
require 'logger'
|
2
2
|
module Sym
|
3
|
+
#
|
4
|
+
# This module is responsible for installing Sym BASH extensions.
|
5
|
+
#
|
3
6
|
module Constants
|
4
|
-
module Bash
|
5
7
|
|
6
|
-
|
8
|
+
BASH_FILES = Dir.glob("#{File.expand_path('../../bin', __dir__)}/sym.*.bash").freeze
|
7
9
|
|
8
|
-
|
10
|
+
class << self
|
11
|
+
attr_reader :user_home
|
9
12
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
end
|
15
|
-
end
|
13
|
+
def user_home=(value)
|
14
|
+
@user_home = value
|
15
|
+
register_bash_files!
|
16
|
+
end
|
16
17
|
|
17
|
-
|
18
|
+
def config
|
19
|
+
@config ||= {}
|
20
|
+
end
|
18
21
|
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
+
def sym_key_file
|
23
|
+
"#{user_home}/.sym.key"
|
24
|
+
end
|
22
25
|
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
script: "[[ -f #{home_file} ]] && source #{home_file}"
|
27
|
-
}
|
26
|
+
def register_bash_files!
|
27
|
+
BASH_FILES.each do |bash_file|
|
28
|
+
register_bash_extension bash_file
|
28
29
|
end
|
29
30
|
end
|
30
31
|
|
31
|
-
|
32
|
+
private
|
33
|
+
|
34
|
+
def register_bash_extension(bash_file)
|
35
|
+
return unless user_home && Dir.exist?(user_home)
|
36
|
+
|
37
|
+
source_file = File.basename(bash_file)
|
38
|
+
home_file = "#{user_home}/.#{source_file}"
|
39
|
+
config_key = source_file.gsub(/sym\./, '').gsub(/\.bash/, '').to_sym
|
40
|
+
|
41
|
+
config[config_key] = {
|
42
|
+
dest: home_file,
|
43
|
+
source: bash_file,
|
44
|
+
script: "[[ -f #{home_file} ]] && source #{home_file}"
|
45
|
+
}
|
46
|
+
end
|
32
47
|
end
|
33
48
|
|
49
|
+
self.user_home ||= ::Dir.home rescue nil
|
50
|
+
self.user_home ||= '/tmp'
|
51
|
+
|
52
|
+
self.register_bash_files!
|
53
|
+
|
34
54
|
module Log
|
35
55
|
NIL = Logger.new(nil).freeze # empty logger
|
36
56
|
LOG = Logger.new(STDERR).freeze
|
37
57
|
end
|
38
|
-
|
39
|
-
ENV_ARGS_VARIABLE_NAME = 'SYM_ARGS'.freeze
|
40
|
-
SYM_KEY_FILE = "#{Dir.home}/.sym.key".freeze
|
41
|
-
|
42
58
|
end
|
43
59
|
end
|
data/lib/sym/errors.rb
CHANGED
data/lib/sym/version.rb
CHANGED
@@ -1,33 +1,57 @@
|
|
1
1
|
module Sym
|
2
|
-
VERSION = '
|
2
|
+
VERSION = '3.0.0'
|
3
3
|
DESCRIPTION = <<~eof
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
Sym uses symmetric 256-bit key encryption with the AES-256-CBC cipher, same cipher as used by the US Government.
|
11
|
-
|
12
|
-
For password-protecting the key Sym uses AES-128-CBC cipher. The resulting data is zlib-compressed and base64-encoded. The keys are also base64 encoded for easy copying/pasting/etc.
|
13
|
-
|
14
|
-
Sym accomplishes encryption transparency by combining several convenient features:
|
4
|
+
|
5
|
+
Sym is a ruby library (gem) that offers both the command line interface
|
6
|
+
(CLI) and a set of rich Ruby APIs, which make it rather trivial to add
|
7
|
+
encryption and decryption of sensitive data to your development or deployment
|
8
|
+
workflow.
|
15
9
|
|
16
|
-
|
10
|
+
For additional security the private key itself can be encrypted with a
|
11
|
+
user-generated password. For decryption using the key the password can be
|
12
|
+
input into STDIN, or be defined by an ENV variable, or an OS-X Keychain Entry.
|
17
13
|
|
18
|
-
|
14
|
+
Unlike many other existing encryption tools, Sym focuses on getting out of
|
15
|
+
your way by offering a streamlined interface with password caching (if
|
16
|
+
MemCached is installed and running locally) in hopes to make encryption of
|
17
|
+
application secrets nearly completely transparent to the developers.
|
19
18
|
|
20
|
-
|
21
|
-
|
22
|
-
4. By using SYM_ARGS environment variable, where common flags can be saved. This is activated with sym -A,
|
19
|
+
Sym uses symmetric 256-bit key encryption with the AES-256-CBC cipher,
|
20
|
+
same cipher as used by the US Government.
|
23
21
|
|
24
|
-
|
22
|
+
For password-protecting the key Sym uses AES-128-CBC cipher. The resulting
|
23
|
+
data is zlib-compressed and base64-encoded. The keys are also base64 encoded
|
24
|
+
for easy copying/pasting/etc.
|
25
25
|
|
26
|
-
|
26
|
+
Sym accomplishes encryption transparency by combining several convenient features:
|
27
|
+
|
28
|
+
1. Sym can read the private key from multiple source types, such as pathname,
|
29
|
+
an environment variable name, a keychain entry, or CLI argument. You simply
|
30
|
+
pass either of these to the -k flag — one flag that works for all source types.
|
31
|
+
|
32
|
+
2. By utilizing OS-X Keychain on a Mac, Sym offers truly secure way of
|
33
|
+
storing the key on a local machine, much more secure then storing it on a file system,
|
34
|
+
|
35
|
+
3. By using a local password cache (activated with -c) via an in-memory provider
|
36
|
+
such as memcached, sym invocations take advantage of password cache, and
|
37
|
+
only ask for a password once per a configurable time period,
|
27
38
|
|
28
|
-
|
39
|
+
4. By using SYM_ARGS environment variable, where common flags can be saved. This
|
40
|
+
is activated with sym -A,
|
41
|
+
|
42
|
+
5. By reading the key from the default key source file ~/.sym.key which
|
43
|
+
requires no flags at all,
|
44
|
+
|
45
|
+
6. By utilizing the --negate option to quickly encrypt a regular file, or decrypt
|
46
|
+
an encrypted file with extension .enc
|
47
|
+
|
48
|
+
7. By implementing the -t (edit) mode, that opens an encrypted file in your $EDITOR,
|
49
|
+
and replaces the encrypted version upon save & exit, optionally creating a backup.
|
50
|
+
|
51
|
+
8. By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.
|
52
|
+
|
53
|
+
Please refer the module documentation available here:
|
54
|
+
https://www.rubydoc.info/gems/sym
|
29
55
|
|
30
|
-
8. By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.
|
31
|
-
|
32
56
|
eof
|
33
57
|
end
|
data/sym.gemspec
CHANGED
@@ -52,6 +52,7 @@ Gem::Specification.new do |spec|
|
|
52
52
|
spec.add_dependency 'highline'
|
53
53
|
spec.add_dependency 'dalli'
|
54
54
|
|
55
|
+
spec.add_development_dependency 'asciidoctor'
|
55
56
|
spec.add_development_dependency 'aruba'
|
56
57
|
spec.add_development_dependency 'bundler'
|
57
58
|
spec.add_development_dependency 'irbtools'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sym
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Konstantin Gredeskoul
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-08-
|
11
|
+
date: 2020-08-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: colored2
|
@@ -80,6 +80,20 @@ dependencies:
|
|
80
80
|
- - ">="
|
81
81
|
- !ruby/object:Gem::Version
|
82
82
|
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: asciidoctor
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
83
97
|
- !ruby/object:Gem::Dependency
|
84
98
|
name: aruba
|
85
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -234,35 +248,38 @@ dependencies:
|
|
234
248
|
- - ">="
|
235
249
|
- !ruby/object:Gem::Version
|
236
250
|
version: '0'
|
237
|
-
description: "Sym is a ruby library (gem) that offers both the command line interface
|
238
|
-
(CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption
|
239
|
-
and decryption of sensitive data to your development or deployment workflow.\n
|
240
|
-
additional security the private key itself can be encrypted with a user-generated
|
241
|
-
password. For decryption using the key the password can be input into STDIN,
|
242
|
-
be defined by an ENV variable, or an OS-X Keychain Entry. \n\
|
243
|
-
existing encryption tools, Sym focuses on getting out of your way by offering
|
244
|
-
streamlined interface with password caching (if MemCached is installed and
|
245
|
-
locally) in hopes to make encryption of application secrets nearly completely
|
246
|
-
to the developers. \n\
|
247
|
-
cipher, same cipher as used by the US Government. \n\
|
248
|
-
key Sym uses AES-128-CBC cipher. The resulting data is zlib-compressed and
|
249
|
-
The keys are also base64 encoded for easy copying/pasting/etc.\n
|
250
|
-
encryption transparency by combining several convenient features:\n
|
251
|
-
read the private key from multiple source types, such as pathname,
|
252
|
-
variable name, a keychain entry, or CLI argument. You simply
|
253
|
-
to the -k flag — one flag that works for all source
|
254
|
-
OS-X Keychain on a Mac, Sym offers truly secure way
|
255
|
-
machine, much more secure then storing it
|
256
|
-
local password cache (activated with -c)
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
|
261
|
-
|
262
|
-
|
263
|
-
|
264
|
-
|
265
|
-
|
251
|
+
description: "\n Sym is a ruby library (gem) that offers both the command line interface
|
252
|
+
\n (CLI) and a set of rich Ruby APIs, which make it rather trivial to add \n encryption
|
253
|
+
and decryption of sensitive data to your development or deployment \n workflow.\n
|
254
|
+
\n For additional security the private key itself can be encrypted with a \n user-generated
|
255
|
+
password. For decryption using the key the password can be \n input into STDIN,
|
256
|
+
or be defined by an ENV variable, or an OS-X Keychain Entry. \n \n Unlike many other
|
257
|
+
existing encryption tools, Sym focuses on getting out of \n your way by offering
|
258
|
+
a streamlined interface with password caching (if \n MemCached is installed and
|
259
|
+
running locally) in hopes to make encryption of \n application secrets nearly completely
|
260
|
+
transparent to the developers. \n \n Sym uses symmetric 256-bit key encryption with
|
261
|
+
the AES-256-CBC cipher, \n same cipher as used by the US Government. \n \n For password-protecting
|
262
|
+
the key Sym uses AES-128-CBC cipher. The resulting \n data is zlib-compressed and
|
263
|
+
base64-encoded. The keys are also base64 encoded \n for easy copying/pasting/etc.\n
|
264
|
+
\n Sym accomplishes encryption transparency by combining several convenient features:\n
|
265
|
+
\ \n 1. Sym can read the private key from multiple source types, such as pathname,
|
266
|
+
\n an environment variable name, a keychain entry, or CLI argument. You simply
|
267
|
+
\n pass either of these to the -k flag — one flag that works for all source
|
268
|
+
types.\n \n 2. By utilizing OS-X Keychain on a Mac, Sym offers truly secure way
|
269
|
+
of \n storing the key on a local machine, much more secure then storing it
|
270
|
+
on a file system,\n \n 3. By using a local password cache (activated with -c)
|
271
|
+
via an in-memory provider \n such as memcached, sym invocations take advantage
|
272
|
+
of password cache, and \n only ask for a password once per a configurable time
|
273
|
+
period, \n \n 4. By using SYM_ARGS environment variable, where common flags can
|
274
|
+
be saved. This \n is activated with sym -A,\n \n 5. By reading the key from
|
275
|
+
the default key source file ~/.sym.key which \n requires no flags at all,\n
|
276
|
+
\ \n 6. By utilizing the --negate option to quickly encrypt a regular file, or
|
277
|
+
decrypt \n an encrypted file with extension .enc\n \n 7. By implementing
|
278
|
+
the -t (edit) mode, that opens an encrypted file in your $EDITOR, \n and replaces
|
279
|
+
the encrypted version upon save & exit, optionally creating a backup.\n \n 8.
|
280
|
+
By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.\n\nPlease
|
281
|
+
refer the module documentation available here:\nhttps://www.rubydoc.info/gems/sym\n
|
282
|
+
\n"
|
266
283
|
email:
|
267
284
|
- kigster@gmail.com
|
268
285
|
executables:
|
@@ -285,6 +302,7 @@ files:
|
|
285
302
|
- README.adoc
|
286
303
|
- Rakefile
|
287
304
|
- SYM-CLI.md
|
305
|
+
- bin/changelog
|
288
306
|
- bin/console
|
289
307
|
- bin/setup
|
290
308
|
- bin/sym.completion.bash
|
@@ -292,6 +310,7 @@ files:
|
|
292
310
|
- codecov.yml
|
293
311
|
- design/ascii-cinema.png
|
294
312
|
- design/sym-class-dependency-future-refactor.png
|
313
|
+
- design/sym-class-dependency-vertical.png
|
295
314
|
- design/sym-class-dependency.graffle
|
296
315
|
- design/sym-class-dependency.pdf
|
297
316
|
- design/sym-class-dependency.png
|