sym 2.8.2 → 3.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.circleci/config.yml +29 -22
- data/.envrc +7 -0
- data/.gitignore +1 -0
- data/.rubocop.yml +158 -920
- data/.rubocop_todo.yml +115 -0
- data/.travis.yml +16 -26
- data/CHANGELOG.md +239 -167
- data/Gemfile +1 -0
- data/LICENSE +2 -2
- data/README.adoc +675 -0
- data/README.pdf +29732 -19
- data/Rakefile +10 -4
- data/bin/changelog +34 -0
- data/bin/sym.completion.bash +6 -4
- data/codecov.yml +29 -0
- data/design/sym-class-dependency-future-refactor.png +0 -0
- data/design/sym-class-dependency-vertical.png +0 -0
- data/design/sym-class-dependency.graffle +0 -0
- data/design/sym-class-dependency.png +0 -0
- data/design/sym-help.png +0 -0
- data/exe/keychain +3 -3
- data/exe/sym +8 -5
- data/lib/ruby_warnings.rb +7 -0
- data/lib/sym.rb +2 -8
- data/lib/sym/app.rb +7 -9
- data/lib/sym/app/args.rb +3 -2
- data/lib/sym/app/cli.rb +34 -23
- data/lib/sym/app/cli_slop.rb +17 -11
- data/lib/sym/app/commands.rb +1 -1
- data/lib/sym/app/commands/base_command.rb +2 -1
- data/lib/sym/app/commands/bash_completion.rb +3 -3
- data/lib/sym/app/commands/keychain_add_key.rb +1 -1
- data/lib/sym/app/commands/open_editor.rb +1 -1
- data/lib/sym/app/commands/password_protect_key.rb +4 -4
- data/lib/sym/app/commands/show_examples.rb +6 -6
- data/lib/sym/app/input/handler.rb +8 -2
- data/lib/sym/app/keychain.rb +15 -9
- data/lib/sym/app/output/base.rb +1 -1
- data/lib/sym/app/output/noop.rb +2 -1
- data/lib/sym/app/password/cache.rb +1 -1
- data/lib/sym/app/password/providers.rb +3 -6
- data/lib/sym/app/private_key/decryptor.rb +2 -2
- data/lib/sym/app/private_key/detector.rb +4 -7
- data/lib/sym/app/private_key/key_source_check.rb +2 -3
- data/lib/sym/application.rb +9 -14
- data/lib/sym/configuration.rb +1 -5
- data/lib/sym/constants.rb +40 -24
- data/lib/sym/data.rb +2 -2
- data/lib/sym/data/wrapper_struct.rb +20 -12
- data/lib/sym/errors.rb +13 -2
- data/lib/sym/extensions/instance_methods.rb +11 -12
- data/lib/sym/extensions/stdlib.rb +2 -3
- data/lib/sym/extensions/with_retry.rb +1 -1
- data/lib/sym/extensions/with_timeout.rb +1 -1
- data/lib/sym/version.rb +54 -5
- data/sym.gemspec +38 -35
- metadata +132 -66
- data/.codeclimate.yml +0 -30
- data/README.md +0 -623
- data/lib/sym/app/password/providers/drb_provider.rb +0 -41
data/lib/sym/data.rb
CHANGED
@@ -11,11 +11,11 @@ module Sym
|
|
11
11
|
# the result of `Marshal.dump(data)` using Zlib, and then doing `#urlsafe_encode64` encoding
|
12
12
|
# to convert it to a string,
|
13
13
|
module Data
|
14
|
-
def encode(data, compress
|
14
|
+
def encode(data, compress: true)
|
15
15
|
Encoder.new(data, compress).data_encoded
|
16
16
|
end
|
17
17
|
|
18
|
-
def decode(data_encoded, compress
|
18
|
+
def decode(data_encoded, compress: nil)
|
19
19
|
Decoder.new(data_encoded, compress).data
|
20
20
|
end
|
21
21
|
end
|
@@ -2,24 +2,32 @@ require 'sym/errors'
|
|
2
2
|
module Sym
|
3
3
|
module Data
|
4
4
|
class WrapperStruct < Struct.new(
|
5
|
-
|
6
|
-
:
|
7
|
-
|
8
|
-
:
|
9
|
-
|
10
|
-
:
|
11
|
-
|
5
|
+
# [Blob] Binary encrypted data (possibly compressed)s
|
6
|
+
:encrypted_data,
|
7
|
+
# [String] IV used to encrypt the datas
|
8
|
+
:iv,
|
9
|
+
# [String] Name of the cipher used
|
10
|
+
:cipher_name,
|
11
|
+
# [Integer] For password-encrypted data this is the salt
|
12
|
+
:salt,
|
13
|
+
# [Integer] Version of the cipher used
|
14
|
+
:version,
|
15
|
+
# [Boolean] indicates if compression should be applied
|
16
|
+
:compress
|
17
|
+
)
|
18
|
+
|
19
|
+
define_singleton_method(:new, Class.method(:new))
|
12
20
|
|
13
21
|
VERSION = 1
|
14
22
|
|
15
23
|
attr_accessor :compressed
|
16
24
|
|
17
25
|
def initialize(
|
18
|
-
encrypted_data:,
|
19
|
-
iv:,
|
20
|
-
cipher_name:,
|
21
|
-
salt: nil,
|
22
|
-
version: VERSION,
|
26
|
+
encrypted_data:,
|
27
|
+
iv:,
|
28
|
+
cipher_name:,
|
29
|
+
salt: nil,
|
30
|
+
version: VERSION,
|
23
31
|
compress: Sym::Configuration.config.compression_enabled
|
24
32
|
)
|
25
33
|
super(encrypted_data, iv, cipher_name, salt, version, compress)
|
data/lib/sym/errors.rb
CHANGED
@@ -1,16 +1,23 @@
|
|
1
1
|
module Sym
|
2
2
|
# All public exceptions of this library are here.
|
3
3
|
module Errors
|
4
|
+
# @formatter:off
|
4
5
|
# Exceptions superclass for this library.
|
5
|
-
class
|
6
|
+
class Error < StandardError; end
|
6
7
|
|
7
8
|
# No secret has been provided for encryption or decryption
|
8
9
|
class InsufficientOptionsError < Sym::Errors::Error; end
|
9
10
|
|
10
11
|
class PasswordError < Sym::Errors::Error; end
|
12
|
+
|
13
|
+
class InvalidSymHomeDirectory < Sym::Errors::Error; end
|
14
|
+
|
11
15
|
class NoPasswordProvided < Sym::Errors::PasswordError; end
|
16
|
+
|
12
17
|
class PasswordsDontMatch < Sym::Errors::PasswordError; end
|
18
|
+
|
13
19
|
class PasswordTooShort < Sym::Errors::PasswordError; end
|
20
|
+
|
14
21
|
class CantReadPasswordNoTTY < Sym::Errors::PasswordError; end
|
15
22
|
|
16
23
|
class EditorExitedAbnormally < Sym::Errors::Error; end
|
@@ -20,13 +27,17 @@ module Sym
|
|
20
27
|
class DataEncodingVersionMismatch< Sym::Errors::Error; end
|
21
28
|
|
22
29
|
class KeyError < Sym::Errors::Error; end
|
30
|
+
|
23
31
|
class InvalidEncodingPrivateKey < Sym::Errors::KeyError; end
|
24
|
-
|
32
|
+
|
33
|
+
class WrongPasswordForKey < Sym::Errors::KeyError; end
|
34
|
+
|
25
35
|
class NoPrivateKeyFound < Sym::Errors::KeyError; end
|
26
36
|
|
27
37
|
class NoDataProvided < Sym::Errors::Error; end
|
28
38
|
|
29
39
|
class KeyChainCommandError < Sym::Errors::Error; end
|
40
|
+
# @formatter:on
|
30
41
|
|
31
42
|
# Method was called on an abstract class. Override such methods in
|
32
43
|
# subclasses, and use subclasses for instantiation of objects.
|
@@ -71,8 +71,8 @@ module Sym
|
|
71
71
|
def make_password_key(cipher, password, salt = nil)
|
72
72
|
key_len = cipher.key_len
|
73
73
|
salt ||= OpenSSL::Random.random_bytes 16
|
74
|
-
iter =
|
75
|
-
digest = OpenSSL::Digest
|
74
|
+
iter = 20_000
|
75
|
+
digest = OpenSSL::Digest.new('SHA256')
|
76
76
|
key = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iter, key_len, digest)
|
77
77
|
return key, salt
|
78
78
|
end
|
@@ -85,15 +85,15 @@ module Sym
|
|
85
85
|
iv: iv)
|
86
86
|
|
87
87
|
block.call(cipher_struct) if block
|
88
|
-
|
88
|
+
|
89
89
|
encrypted_data = update_cipher(cipher_struct.cipher, data)
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
encode(wrapper_struct, false)
|
90
|
+
arguments = { encrypted_data: encrypted_data,
|
91
|
+
iv: cipher_struct.iv,
|
92
|
+
cipher_name: cipher_struct.cipher.name,
|
93
|
+
salt: cipher_struct.salt,
|
94
|
+
compress: !compression_enabled }
|
95
|
+
wrapper_struct = WrapperStruct.new(**arguments)
|
96
|
+
encode(wrapper_struct, compress: false)
|
97
97
|
end
|
98
98
|
|
99
99
|
# Expects key to be a base64 encoded key data
|
@@ -107,10 +107,9 @@ module Sym
|
|
107
107
|
decode(update_cipher(cipher_struct.cipher, wrapper_struct.encrypted_data))
|
108
108
|
end
|
109
109
|
|
110
|
-
|
111
110
|
def encode_incoming_data(data)
|
112
111
|
compression_enabled = !data.respond_to?(:size) || (data.size > 100 && encryption_config.compression_enabled)
|
113
|
-
data = encode(data, compression_enabled)
|
112
|
+
data = encode(data, compress: compression_enabled)
|
114
113
|
[data, compression_enabled]
|
115
114
|
end
|
116
115
|
|
@@ -1,4 +1,3 @@
|
|
1
|
-
|
2
1
|
module Kernel
|
3
2
|
def require_dir(___dir)
|
4
3
|
@___dir ||= File.dirname(__FILE__)
|
@@ -14,8 +13,8 @@ class Object
|
|
14
13
|
unless self.methods.include?(:present?)
|
15
14
|
def present?
|
16
15
|
return false if self.nil?
|
17
|
-
if self.is_a?(String)
|
18
|
-
return false
|
16
|
+
if self.is_a?(String) && (self == '')
|
17
|
+
return false
|
19
18
|
end
|
20
19
|
true
|
21
20
|
end
|
data/lib/sym/version.rb
CHANGED
@@ -1,8 +1,57 @@
|
|
1
1
|
module Sym
|
2
|
-
VERSION = '
|
3
|
-
DESCRIPTION =
|
4
|
-
|
5
|
-
|
6
|
-
|
2
|
+
VERSION = '3.0.1'
|
3
|
+
DESCRIPTION = <<~eof
|
4
|
+
|
5
|
+
Sym is a ruby library (gem) that offers both the command line interface
|
6
|
+
(CLI) and a set of rich Ruby APIs, which make it rather trivial to add
|
7
|
+
encryption and decryption of sensitive data to your development or deployment
|
8
|
+
workflow.
|
9
|
+
|
10
|
+
For additional security the private key itself can be encrypted with a
|
11
|
+
user-generated password. For decryption using the key the password can be
|
12
|
+
input into STDIN, or be defined by an ENV variable, or an OS-X Keychain Entry.
|
13
|
+
|
14
|
+
Unlike many other existing encryption tools, Sym focuses on getting out of
|
15
|
+
your way by offering a streamlined interface with password caching (if
|
16
|
+
MemCached is installed and running locally) in hopes to make encryption of
|
17
|
+
application secrets nearly completely transparent to the developers.
|
18
|
+
|
19
|
+
Sym uses symmetric 256-bit key encryption with the AES-256-CBC cipher,
|
20
|
+
same cipher as used by the US Government.
|
21
|
+
|
22
|
+
For password-protecting the key Sym uses AES-128-CBC cipher. The resulting
|
23
|
+
data is zlib-compressed and base64-encoded. The keys are also base64 encoded
|
24
|
+
for easy copying/pasting/etc.
|
25
|
+
|
26
|
+
Sym accomplishes encryption transparency by combining several convenient features:
|
27
|
+
|
28
|
+
1. Sym can read the private key from multiple source types, such as pathname,
|
29
|
+
an environment variable name, a keychain entry, or CLI argument. You simply
|
30
|
+
pass either of these to the -k flag — one flag that works for all source types.
|
31
|
+
|
32
|
+
2. By utilizing OS-X Keychain on a Mac, Sym offers truly secure way of
|
33
|
+
storing the key on a local machine, much more secure then storing it on a file system,
|
34
|
+
|
35
|
+
3. By using a local password cache (activated with -c) via an in-memory provider
|
36
|
+
such as memcached, sym invocations take advantage of password cache, and
|
37
|
+
only ask for a password once per a configurable time period,
|
38
|
+
|
39
|
+
4. By using SYM_ARGS environment variable, where common flags can be saved. This
|
40
|
+
is activated with sym -A,
|
41
|
+
|
42
|
+
5. By reading the key from the default key source file ~/.sym.key which
|
43
|
+
requires no flags at all,
|
44
|
+
|
45
|
+
6. By utilizing the --negate option to quickly encrypt a regular file, or decrypt
|
46
|
+
an encrypted file with extension .enc
|
47
|
+
|
48
|
+
7. By implementing the -t (edit) mode, that opens an encrypted file in your $EDITOR,
|
49
|
+
and replaces the encrypted version upon save & exit, optionally creating a backup.
|
50
|
+
|
51
|
+
8. By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.
|
52
|
+
|
53
|
+
Please refer the module documentation available here:
|
54
|
+
https://www.rubydoc.info/gems/sym
|
55
|
+
|
7
56
|
eof
|
8
57
|
end
|
data/sym.gemspec
CHANGED
@@ -1,4 +1,3 @@
|
|
1
|
-
# coding: utf-8
|
2
1
|
lib = File.expand_path('../lib', __FILE__)
|
3
2
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
3
|
require 'sym/version'
|
@@ -19,48 +18,52 @@ Gem::Specification.new do |spec|
|
|
19
18
|
spec.bindir = 'exe'
|
20
19
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
21
20
|
spec.require_paths = ['lib']
|
22
|
-
spec.required_ruby_version = '>= 2.
|
23
|
-
spec.post_install_message =
|
24
|
-
|
25
|
-
Thank you for installing Sym!
|
26
|
-
|
27
|
-
BLOG POST
|
28
|
-
=========
|
29
|
-
http://kig.re/2017/03/10/dead-simple-encryption-with-sym.html
|
30
|
-
|
31
|
-
BASH COMPLETION
|
32
|
-
===============
|
33
|
-
To enable bash command line completion and install highly useful
|
34
|
-
command line BASH wrapper 'symit', please run the following
|
35
|
-
command after installing the gem. It appends sym's shell completion
|
36
|
-
wrapper to the file specified in arguments to -B flag.
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
Thank you for using Sym and happy encrypting :)
|
45
|
-
|
46
|
-
@kigster on Github,
|
47
|
-
|
48
|
-
|
49
|
-
EOF
|
21
|
+
spec.required_ruby_version = '>= 2.6'
|
22
|
+
spec.post_install_message = <<~EOF
|
23
|
+
|
24
|
+
Thank you for installing Sym!
|
25
|
+
|
26
|
+
BLOG POST
|
27
|
+
=========
|
28
|
+
http://kig.re/2017/03/10/dead-simple-encryption-with-sym.html
|
29
|
+
|
30
|
+
BASH COMPLETION
|
31
|
+
===============
|
32
|
+
To enable bash command line completion and install highly useful
|
33
|
+
command line BASH wrapper 'symit', please run the following
|
34
|
+
command after installing the gem. It appends sym's shell completion
|
35
|
+
wrapper to the file specified in arguments to -B flag.
|
36
|
+
|
37
|
+
sym -B ~/.bash_profile
|
38
|
+
source ~/.bash_profile
|
39
|
+
# then:
|
40
|
+
sym --help
|
41
|
+
symit --help
|
42
|
+
|
43
|
+
Thank you for using Sym and happy encrypting :)
|
44
|
+
|
45
|
+
@kigster on Github,
|
46
|
+
@kig on Twitter.
|
47
|
+
|
48
|
+
EOF
|
50
49
|
spec.add_dependency 'colored2', '~> 3'
|
51
50
|
spec.add_dependency 'slop', '~> 4.3'
|
52
51
|
spec.add_dependency 'activesupport'
|
53
|
-
spec.add_dependency 'highline'
|
54
|
-
spec.add_dependency '
|
55
|
-
spec.add_dependency 'dalli', '~> 2.7'
|
52
|
+
spec.add_dependency 'highline'
|
53
|
+
spec.add_dependency 'dalli'
|
56
54
|
|
57
|
-
spec.add_development_dependency '
|
58
|
-
spec.add_development_dependency 'simplecov'
|
59
|
-
spec.add_development_dependency 'irbtools'
|
55
|
+
spec.add_development_dependency 'asciidoctor'
|
60
56
|
spec.add_development_dependency 'aruba'
|
61
57
|
spec.add_development_dependency 'bundler'
|
58
|
+
spec.add_development_dependency 'irbtools'
|
62
59
|
spec.add_development_dependency 'rake'
|
60
|
+
spec.add_development_dependency 'relaxed-rubocop'
|
63
61
|
spec.add_development_dependency 'rspec', '~> 3'
|
64
62
|
spec.add_development_dependency 'rspec-its'
|
63
|
+
spec.add_development_dependency 'rubocop' # , '0.81.0'
|
64
|
+
spec.add_development_dependency 'rubocop-rspec' # , '0.81.0'
|
65
|
+
spec.add_development_dependency 'rubocop-rake' # , '0.81.0'
|
66
|
+
spec.add_development_dependency 'simplecov'
|
67
|
+
spec.add_development_dependency 'codecov'
|
65
68
|
spec.add_development_dependency 'yard'
|
66
69
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sym
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Konstantin Gredeskoul
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-02-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: colored2
|
@@ -56,60 +56,60 @@ dependencies:
|
|
56
56
|
name: highline
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
58
58
|
requirements:
|
59
|
-
- - "
|
59
|
+
- - ">="
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: '
|
61
|
+
version: '0'
|
62
62
|
type: :runtime
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
|
-
- - "
|
66
|
+
- - ">="
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: '
|
68
|
+
version: '0'
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
|
-
name:
|
70
|
+
name: dalli
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
72
72
|
requirements:
|
73
|
-
- - "
|
73
|
+
- - ">="
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version: 0
|
75
|
+
version: '0'
|
76
76
|
type: :runtime
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
|
-
- - "
|
80
|
+
- - ">="
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version: 0
|
82
|
+
version: '0'
|
83
83
|
- !ruby/object:Gem::Dependency
|
84
|
-
name:
|
84
|
+
name: asciidoctor
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
86
86
|
requirements:
|
87
|
-
- - "
|
87
|
+
- - ">="
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version: '
|
90
|
-
type: :
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
|
-
- - "
|
94
|
+
- - ">="
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version: '
|
96
|
+
version: '0'
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
|
-
name:
|
98
|
+
name: aruba
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
100
100
|
requirements:
|
101
|
-
- - "
|
101
|
+
- - ">="
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: '
|
103
|
+
version: '0'
|
104
104
|
type: :development
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
|
-
- - "
|
108
|
+
- - ">="
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version: '
|
110
|
+
version: '0'
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
|
-
name:
|
112
|
+
name: bundler
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
@@ -137,7 +137,7 @@ dependencies:
|
|
137
137
|
- !ruby/object:Gem::Version
|
138
138
|
version: '0'
|
139
139
|
- !ruby/object:Gem::Dependency
|
140
|
-
name:
|
140
|
+
name: rake
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
142
142
|
requirements:
|
143
143
|
- - ">="
|
@@ -151,7 +151,7 @@ dependencies:
|
|
151
151
|
- !ruby/object:Gem::Version
|
152
152
|
version: '0'
|
153
153
|
- !ruby/object:Gem::Dependency
|
154
|
-
name:
|
154
|
+
name: relaxed-rubocop
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
156
156
|
requirements:
|
157
157
|
- - ">="
|
@@ -165,7 +165,21 @@ dependencies:
|
|
165
165
|
- !ruby/object:Gem::Version
|
166
166
|
version: '0'
|
167
167
|
- !ruby/object:Gem::Dependency
|
168
|
-
name:
|
168
|
+
name: rspec
|
169
|
+
requirement: !ruby/object:Gem::Requirement
|
170
|
+
requirements:
|
171
|
+
- - "~>"
|
172
|
+
- !ruby/object:Gem::Version
|
173
|
+
version: '3'
|
174
|
+
type: :development
|
175
|
+
prerelease: false
|
176
|
+
version_requirements: !ruby/object:Gem::Requirement
|
177
|
+
requirements:
|
178
|
+
- - "~>"
|
179
|
+
- !ruby/object:Gem::Version
|
180
|
+
version: '3'
|
181
|
+
- !ruby/object:Gem::Dependency
|
182
|
+
name: rspec-its
|
169
183
|
requirement: !ruby/object:Gem::Requirement
|
170
184
|
requirements:
|
171
185
|
- - ">="
|
@@ -179,21 +193,63 @@ dependencies:
|
|
179
193
|
- !ruby/object:Gem::Version
|
180
194
|
version: '0'
|
181
195
|
- !ruby/object:Gem::Dependency
|
182
|
-
name:
|
196
|
+
name: rubocop
|
183
197
|
requirement: !ruby/object:Gem::Requirement
|
184
198
|
requirements:
|
185
|
-
- - "
|
199
|
+
- - ">="
|
186
200
|
- !ruby/object:Gem::Version
|
187
|
-
version: '
|
201
|
+
version: '0'
|
188
202
|
type: :development
|
189
203
|
prerelease: false
|
190
204
|
version_requirements: !ruby/object:Gem::Requirement
|
191
205
|
requirements:
|
192
|
-
- - "
|
206
|
+
- - ">="
|
193
207
|
- !ruby/object:Gem::Version
|
194
|
-
version: '
|
208
|
+
version: '0'
|
195
209
|
- !ruby/object:Gem::Dependency
|
196
|
-
name: rspec
|
210
|
+
name: rubocop-rspec
|
211
|
+
requirement: !ruby/object:Gem::Requirement
|
212
|
+
requirements:
|
213
|
+
- - ">="
|
214
|
+
- !ruby/object:Gem::Version
|
215
|
+
version: '0'
|
216
|
+
type: :development
|
217
|
+
prerelease: false
|
218
|
+
version_requirements: !ruby/object:Gem::Requirement
|
219
|
+
requirements:
|
220
|
+
- - ">="
|
221
|
+
- !ruby/object:Gem::Version
|
222
|
+
version: '0'
|
223
|
+
- !ruby/object:Gem::Dependency
|
224
|
+
name: rubocop-rake
|
225
|
+
requirement: !ruby/object:Gem::Requirement
|
226
|
+
requirements:
|
227
|
+
- - ">="
|
228
|
+
- !ruby/object:Gem::Version
|
229
|
+
version: '0'
|
230
|
+
type: :development
|
231
|
+
prerelease: false
|
232
|
+
version_requirements: !ruby/object:Gem::Requirement
|
233
|
+
requirements:
|
234
|
+
- - ">="
|
235
|
+
- !ruby/object:Gem::Version
|
236
|
+
version: '0'
|
237
|
+
- !ruby/object:Gem::Dependency
|
238
|
+
name: simplecov
|
239
|
+
requirement: !ruby/object:Gem::Requirement
|
240
|
+
requirements:
|
241
|
+
- - ">="
|
242
|
+
- !ruby/object:Gem::Version
|
243
|
+
version: '0'
|
244
|
+
type: :development
|
245
|
+
prerelease: false
|
246
|
+
version_requirements: !ruby/object:Gem::Requirement
|
247
|
+
requirements:
|
248
|
+
- - ">="
|
249
|
+
- !ruby/object:Gem::Version
|
250
|
+
version: '0'
|
251
|
+
- !ruby/object:Gem::Dependency
|
252
|
+
name: codecov
|
197
253
|
requirement: !ruby/object:Gem::Requirement
|
198
254
|
requirements:
|
199
255
|
- - ">="
|
@@ -220,32 +276,38 @@ dependencies:
|
|
220
276
|
- - ">="
|
221
277
|
- !ruby/object:Gem::Version
|
222
278
|
version: '0'
|
223
|
-
description: "Sym is a ruby library (gem) that offers both the command line interface
|
224
|
-
(CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption
|
225
|
-
and decryption of sensitive data to your development or deployment
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
279
|
+
description: "\n Sym is a ruby library (gem) that offers both the command line interface
|
280
|
+
\n (CLI) and a set of rich Ruby APIs, which make it rather trivial to add \n encryption
|
281
|
+
and decryption of sensitive data to your development or deployment \n workflow.\n
|
282
|
+
\n For additional security the private key itself can be encrypted with a \n user-generated
|
283
|
+
password. For decryption using the key the password can be \n input into STDIN,
|
284
|
+
or be defined by an ENV variable, or an OS-X Keychain Entry. \n \n Unlike many other
|
285
|
+
existing encryption tools, Sym focuses on getting out of \n your way by offering
|
286
|
+
a streamlined interface with password caching (if \n MemCached is installed and
|
287
|
+
running locally) in hopes to make encryption of \n application secrets nearly completely
|
288
|
+
transparent to the developers. \n \n Sym uses symmetric 256-bit key encryption with
|
289
|
+
the AES-256-CBC cipher, \n same cipher as used by the US Government. \n \n For password-protecting
|
290
|
+
the key Sym uses AES-128-CBC cipher. The resulting \n data is zlib-compressed and
|
291
|
+
base64-encoded. The keys are also base64 encoded \n for easy copying/pasting/etc.\n
|
292
|
+
\n Sym accomplishes encryption transparency by combining several convenient features:\n
|
293
|
+
\ \n 1. Sym can read the private key from multiple source types, such as pathname,
|
294
|
+
\n an environment variable name, a keychain entry, or CLI argument. You simply
|
295
|
+
\n pass either of these to the -k flag — one flag that works for all source
|
296
|
+
types.\n \n 2. By utilizing OS-X Keychain on a Mac, Sym offers truly secure way
|
297
|
+
of \n storing the key on a local machine, much more secure then storing it
|
298
|
+
on a file system,\n \n 3. By using a local password cache (activated with -c)
|
299
|
+
via an in-memory provider \n such as memcached, sym invocations take advantage
|
300
|
+
of password cache, and \n only ask for a password once per a configurable time
|
301
|
+
period, \n \n 4. By using SYM_ARGS environment variable, where common flags can
|
302
|
+
be saved. This \n is activated with sym -A,\n \n 5. By reading the key from
|
303
|
+
the default key source file ~/.sym.key which \n requires no flags at all,\n
|
304
|
+
\ \n 6. By utilizing the --negate option to quickly encrypt a regular file, or
|
305
|
+
decrypt \n an encrypted file with extension .enc\n \n 7. By implementing
|
306
|
+
the -t (edit) mode, that opens an encrypted file in your $EDITOR, \n and replaces
|
307
|
+
the encrypted version upon save & exit, optionally creating a backup.\n \n 8.
|
308
|
+
By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.\n\nPlease
|
309
|
+
refer the module documentation available here:\nhttps://www.rubydoc.info/gems/sym\n
|
310
|
+
\n"
|
249
311
|
email:
|
250
312
|
- kigster@gmail.com
|
251
313
|
executables:
|
@@ -255,25 +317,30 @@ extensions: []
|
|
255
317
|
extra_rdoc_files: []
|
256
318
|
files:
|
257
319
|
- ".circleci/config.yml"
|
258
|
-
- ".codeclimate.yml"
|
259
320
|
- ".document"
|
321
|
+
- ".envrc"
|
260
322
|
- ".gitignore"
|
261
323
|
- ".rspec"
|
262
324
|
- ".rubocop.yml"
|
325
|
+
- ".rubocop_todo.yml"
|
263
326
|
- ".travis.yml"
|
264
327
|
- ".yardopts"
|
265
328
|
- CHANGELOG.md
|
266
329
|
- Gemfile
|
267
330
|
- LICENSE
|
268
|
-
- README.
|
331
|
+
- README.adoc
|
332
|
+
- README.pdf
|
269
333
|
- Rakefile
|
270
334
|
- SYM-CLI.md
|
335
|
+
- bin/changelog
|
271
336
|
- bin/console
|
272
337
|
- bin/setup
|
273
338
|
- bin/sym.completion.bash
|
274
339
|
- bin/sym.symit.bash
|
340
|
+
- codecov.yml
|
275
341
|
- design/ascii-cinema.png
|
276
342
|
- design/sym-class-dependency-future-refactor.png
|
343
|
+
- design/sym-class-dependency-vertical.png
|
277
344
|
- design/sym-class-dependency.graffle
|
278
345
|
- design/sym-class-dependency.pdf
|
279
346
|
- design/sym-class-dependency.png
|
@@ -282,6 +349,7 @@ files:
|
|
282
349
|
- design/sym-symit-help.png
|
283
350
|
- exe/keychain
|
284
351
|
- exe/sym
|
352
|
+
- lib/ruby_warnings.rb
|
285
353
|
- lib/sym.rb
|
286
354
|
- lib/sym/app.rb
|
287
355
|
- lib/sym/app/args.rb
|
@@ -309,7 +377,6 @@ files:
|
|
309
377
|
- lib/sym/app/output/stdout.rb
|
310
378
|
- lib/sym/app/password/cache.rb
|
311
379
|
- lib/sym/app/password/providers.rb
|
312
|
-
- lib/sym/app/password/providers/drb_provider.rb
|
313
380
|
- lib/sym/app/password/providers/memcached_provider.rb
|
314
381
|
- lib/sym/app/private_key/base64_decoder.rb
|
315
382
|
- lib/sym/app/private_key/decryptor.rb
|
@@ -351,16 +418,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
351
418
|
requirements:
|
352
419
|
- - ">="
|
353
420
|
- !ruby/object:Gem::Version
|
354
|
-
version: '2.
|
421
|
+
version: '2.6'
|
355
422
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
356
423
|
requirements:
|
357
424
|
- - ">="
|
358
425
|
- !ruby/object:Gem::Version
|
359
426
|
version: '0'
|
360
427
|
requirements: []
|
361
|
-
|
362
|
-
|
363
|
-
signing_key:
|
428
|
+
rubygems_version: 3.2.8
|
429
|
+
signing_key:
|
364
430
|
specification_version: 4
|
365
431
|
summary: Dead-simple and easy to use encryption library on top of OpenSSL, offering
|
366
432
|
rich Ruby API as well as feature-rich CLI able to generate a key, encrypt/decrypt
|