sym 2.8.5 → 2.10.0

data/lib/sym/data/wrapper_struct.rb

@@ -2,24 +2,32 @@ require 'sym/errors'
 module Sym
   module Data
     class WrapperStruct < Struct.new(
-      :encrypted_data,        # [Blob] Binary encrypted data (possibly compressed)
-      :iv,                    # [String] IV used to encrypt the data
-      :cipher_name,           # [String] Name of the cipher used
-      :salt,                  # [Integer] For password-encrypted data this is the salt
-      :version,               # [Integer] Version of the cipher used
-      :compress               # [Boolean] indicates if compression should be applied
-      )
+      # [Blob] Binary encrypted data (possibly compressed)s
+      :encrypted_data,
+      # [String] IV used to encrypt the datas
+      :iv,
+      # [String] Name of the cipher used
+      :cipher_name,
+      # [Integer] For password-encrypted data this is the salt
+      :salt,
+      # [Integer] Version of the cipher used
+      :version,
+      # [Boolean] indicates if compression should be applied
+      :compress
+    )
+
+      define_singleton_method(:new, Class.method(:new))
 
       VERSION = 1
 
       attr_accessor :compressed
 
       def initialize(
-        encrypted_data:, # [Blob] Binary encrypted data (possibly compressed)
-        iv:, # [String] IV used to encrypt the data
-        cipher_name:, # [String] Name of the cipher used
-        salt: nil, # [Integer] For password-encrypted data this is the salt
-        version: VERSION, # [Integer] Version of the cipher used
+        encrypted_data:,
+        iv:,
+        cipher_name:,
+        salt: nil,
+        version: VERSION,
         compress: Sym::Configuration.config.compression_enabled
       )
         super(encrypted_data, iv, cipher_name, salt, version, compress)

data/lib/sym/errors.rb

@@ -1,16 +1,21 @@
 module Sym
   # All public exceptions of this library are here.
   module Errors
+    # @formatter:off
     # Exceptions superclass for this library.
-    class Sym::Errors::Error < StandardError; end
+    class Error < StandardError; end
 
     # No secret has been provided for encryption or decryption
     class InsufficientOptionsError < Sym::Errors::Error; end
 
     class PasswordError < Sym::Errors::Error; end
+
     class NoPasswordProvided < Sym::Errors::PasswordError; end
+
     class PasswordsDontMatch < Sym::Errors::PasswordError; end
+
     class PasswordTooShort < Sym::Errors::PasswordError; end
+
     class CantReadPasswordNoTTY < Sym::Errors::PasswordError; end
 
     class EditorExitedAbnormally < Sym::Errors::Error; end
@@ -20,13 +25,17 @@ module Sym
     class DataEncodingVersionMismatch< Sym::Errors::Error; end
 
     class KeyError < Sym::Errors::Error; end
+
     class InvalidEncodingPrivateKey < Sym::Errors::KeyError; end
-    class InvalidPasswordProvidedForThePrivateKey < Sym::Errors::KeyError; end
+
+    class WrongPasswordForKey < Sym::Errors::KeyError; end
+
     class NoPrivateKeyFound < Sym::Errors::KeyError; end
 
     class NoDataProvided < Sym::Errors::Error; end
 
     class KeyChainCommandError < Sym::Errors::Error; end
+    # @formatter:on
 
     # Method was called on an abstract class. Override such methods in
     # subclasses, and use subclasses for instantiation of objects.

data/lib/sym/extensions/instance_methods.rb

@@ -71,7 +71,7 @@ module Sym
       def make_password_key(cipher, password, salt = nil)
         key_len = cipher.key_len
         salt    ||= OpenSSL::Random.random_bytes 16
-        iter    = 20000
+        iter    = 20_000
         digest  = OpenSSL::Digest::SHA256.new
         key     = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iter, key_len, digest)
         return key, salt
@@ -87,12 +87,12 @@ module Sym
         block.call(cipher_struct) if block
 
         encrypted_data = update_cipher(cipher_struct.cipher, data)
-        wrapper_struct = WrapperStruct.new(
-          encrypted_data: encrypted_data,
-          iv:             cipher_struct.iv,
-          cipher_name:    cipher_struct.cipher.name,
-          salt:           cipher_struct.salt,
-          compress:       !compression_enabled)
+        arguments      = { encrypted_data: encrypted_data,
+                           iv:             cipher_struct.iv,
+                           cipher_name:    cipher_struct.cipher.name,
+                           salt:           cipher_struct.salt,
+                           compress:       !compression_enabled }
+        wrapper_struct = WrapperStruct.new(arguments)
         encode(wrapper_struct, false)
       end
 
@@ -107,7 +107,6 @@ module Sym
         decode(update_cipher(cipher_struct.cipher, wrapper_struct.encrypted_data))
       end
 
-
       def encode_incoming_data(data)
         compression_enabled = !data.respond_to?(:size) || (data.size > 100 && encryption_config.compression_enabled)
         data                = encode(data, compression_enabled)

data/lib/sym/extensions/stdlib.rb

@@ -1,4 +1,3 @@
-
 module Kernel
   def require_dir(___dir)
     @___dir ||= File.dirname(__FILE__)

data/lib/sym/extensions/with_retry.rb

@@ -2,7 +2,7 @@ module Sym
   module Extensions
     module WithRetry
 
-      def with_retry(retries: 3, fail_block: nil, &block)
+      def with_retry(retries: 3, fail_block: nil)
         attempts = 0
         yield if block_given?
       rescue StandardError => e

data/lib/sym/extensions/with_timeout.rb

@@ -3,7 +3,7 @@ module Sym
     module WithTimeout
 
       def with_timeout(timeout = 3)
-        status = Timeout::timeout(timeout) {
+        status = Timeout.timeout(timeout) {
           yield if block_given?
         }
       end

data/lib/sym/version.rb

@@ -1,8 +1,33 @@
 module Sym
-  VERSION     = '2.8.5'
-  DESCRIPTION = <<-eof
-Sym is a ruby library (gem) that offers both the command line interface (CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption and decryption of sensitive data to your development or deployment flow. As a layer of additional security, you can encrypt the private key itself with a password.  Unlike many other existing encryption tools, Sym focuses on getting out of the way — by offering its streamlined interface, hoping to make encryption of application secrets nearly completely transparent to the developers.  For the data encryption Sym uses a symmetric 256-bit key with the AES-256-CBC cipher, same cipher as used by the US Government. For password-protecting the key Sym uses AES-128-CBC cipher. The resulting data is zlib-compressed and base64-encoded. The keys are also base64 encoded for easy copying/pasting/etc.
-  
-Sym accomplishes encryption transparency by combining convenience features: 1) Sym can read the private key from multiple source types, such as: a pathname to a file, an environment variable name, a keychain entry, or CLI argument. You simply pass either of these to the -k flag — one flag that works for all source types. 2) By utilizing OS-X Keychain on a Mac, Sym offers truly secure way of storing the key on a local machine, much more secure then storing it on a file system, 3) By using a local password cache (activated with -c) via an in-memory provider such as memcached or drb, sym invocations take advantage of password cache, and only ask for a password once per a configurable time period, 4) By using SYM_ARGS environment variable, where common flags can be saved. This is activated with sym -A, 5) By reading the key from the default key source file ~/.sym.key which requires no flags at all, 6) By utilizing the --negate option to quickly encrypt a regular file, or decrypt an encrypted file with extension .enc 7) By implementing the -t (edit) mode, that opens an encrypted file in your $EDITOR, and replaces the encrypted version upon save & exit, optionally creating a backup. 8) By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.
+  VERSION     = '2.10.0'.freeze
+  DESCRIPTION = <<~eof
+    Sym is a ruby library (gem) that offers both the command line interface (CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption and decryption of sensitive data to your development or deployment workflow.
+    
+    For additional security the private key itself can be encrypted with a user-generated password. For decryption using the key the password can be input into STDIN, or be defined by an ENV variable, or an OS-X Keychain Entry. 
+    
+    Unlike many other existing encryption tools, Sym focuses on getting out of your way by offering a streamlined interface with password caching (if MemCached is installed and running locally) in hopes to make encryption of application secrets nearly completely transparent to the developers. 
+    
+    Sym uses symmetric 256-bit key encryption with the AES-256-CBC cipher, same cipher as used by the US Government. 
+    
+    For password-protecting the key Sym uses AES-128-CBC cipher. The resulting data is zlib-compressed and base64-encoded. The keys are also base64 encoded for easy copying/pasting/etc.
+    
+    Sym accomplishes encryption transparency by combining several convenient features:
+     
+      1. Sym can read the private key from multiple source types, such as pathname, an environment variable name, a keychain entry, or CLI argument. You simply pass either of these to the -k flag — one flag that works for all source types.
+     
+      2. By utilizing OS-X Keychain on a Mac, Sym offers truly secure way of storing the key on a local machine, much more secure then storing it on a file system,
+     
+      3. By using a local password cache (activated with -c) via an in-memory provider such as memcached, sym invocations take advantage of password cache, and only ask for a password once per a configurable time period, 
+    
+      4. By using SYM_ARGS environment variable, where common flags can be saved. This is activated with sym -A,
+     
+      5. By reading the key from the default key source file ~/.sym.key which requires no flags at all,
+     
+      6. By utilizing the --negate option to quickly encrypt a regular file, or decrypt an encrypted file with extension .enc
+     
+      7. By implementing the -t (edit) mode, that opens an encrypted file in your $EDITOR, and replaces the encrypted version upon save & exit, optionally creating a backup.
+     
+      8. By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.
+    
   eof
 end

data/sym.gemspec

@@ -1,4 +1,3 @@
-# coding: utf-8
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'sym/version'
@@ -19,48 +18,49 @@ Gem::Specification.new do |spec|
   spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
-  spec.required_ruby_version = '>= 2.2'
-  spec.post_install_message = <<-EOF
-
-Thank you for installing Sym! 
-
-BLOG POST
-=========
-http://kig.re/2017/03/10/dead-simple-encryption-with-sym.html
-
-BASH COMPLETION
-===============
-To enable bash command line completion and install highly useful
-command line BASH wrapper 'symit', please run the following 
-command after installing the gem. It appends sym's shell completion 
-wrapper to the file specified in arguments to -B flag.
-
-  sym -B ~/.bash_profile
-  source ~/.bash_profile
-  # then:
-  sym --help
-  symit --help
- 
-Thank you for using Sym and happy encrypting :)
-
-@kigster on Github, 
-    @kig on Twitter.
-
-EOF
+  spec.required_ruby_version = '>= 2.3'
+  spec.post_install_message = <<~EOF
+    
+    Thank you for installing Sym! 
+    
+    BLOG POST
+    =========
+    http://kig.re/2017/03/10/dead-simple-encryption-with-sym.html
+    
+    BASH COMPLETION
+    ===============
+    To enable bash command line completion and install highly useful
+    command line BASH wrapper 'symit', please run the following 
+    command after installing the gem. It appends sym's shell completion 
+    wrapper to the file specified in arguments to -B flag.
+    
+      sym -B ~/.bash_profile
+      source ~/.bash_profile
+      # then:
+      sym --help
+      symit --help
+     
+    Thank you for using Sym and happy encrypting :)
+    
+    @kigster on Github, 
+        @kig on Twitter.
+    
+  EOF
   spec.add_dependency 'colored2', '~> 3'
   spec.add_dependency 'slop', '~> 4.3'
   spec.add_dependency 'activesupport'
-  spec.add_dependency 'highline', '~> 1.7'
-  spec.add_dependency 'coin', '~> 0.1.8'
-  spec.add_dependency 'dalli', '~> 2.7'
+  spec.add_dependency 'highline'
+  spec.add_dependency 'dalli'
 
-  spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0'
-  spec.add_development_dependency 'simplecov'
-  spec.add_development_dependency 'irbtools'
   spec.add_development_dependency 'aruba'
   spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'irbtools'
   spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'relaxed-rubocop'
   spec.add_development_dependency 'rspec', '~> 3'
   spec.add_development_dependency 'rspec-its'
+  spec.add_development_dependency 'rubocop', '0.81.0'
+  spec.add_development_dependency 'simplecov'
+  spec.add_development_dependency 'codecov'
   spec.add_development_dependency 'yard'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sym
 version: !ruby/object:Gem::Version
-  version: 2.8.5
+  version: 2.10.0
 platform: ruby
 authors:
 - Konstantin Gredeskoul
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2018-10-13 00:00:00.000000000 Z
+date: 2020-08-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colored2
@@ -56,60 +56,60 @@ dependencies:
   name: highline
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: coin
+  name: dalli
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.8
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.8
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: dalli
+  name: aruba
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.7'
-  type: :runtime
+        version: '0'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: irbtools
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -123,7 +123,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: irbtools
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -137,7 +137,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: aruba
+  name: relaxed-rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -151,21 +151,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: rspec-its
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -179,21 +179,35 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3'
+        version: 0.81.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3'
+        version: 0.81.0
 - !ruby/object:Gem::Dependency
-  name: rspec-its
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: codecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -222,30 +236,33 @@ dependencies:
         version: '0'
 description: "Sym is a ruby library (gem) that offers both the command line interface
   (CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption
-  and decryption of sensitive data to your development or deployment flow. As a layer
-  of additional security, you can encrypt the private key itself with a password.
-  \ Unlike many other existing encryption tools, Sym focuses on getting out of the
-  way — by offering its streamlined interface, hoping to make encryption of application
-  secrets nearly completely transparent to the developers.  For the data encryption
-  Sym uses a symmetric 256-bit key with the AES-256-CBC cipher, same cipher as used
-  by the US Government. For password-protecting the key Sym uses AES-128-CBC cipher.
-  The resulting data is zlib-compressed and base64-encoded. The keys are also base64
-  encoded for easy copying/pasting/etc.\n  \nSym accomplishes encryption transparency
-  by combining convenience features: 1) Sym can read the private key from multiple
-  source types, such as: a pathname to a file, an environment variable name, a keychain
-  entry, or CLI argument. You simply pass either of these to the -k flag — one flag
-  that works for all source types. 2) By utilizing OS-X Keychain on a Mac, Sym offers
-  truly secure way of storing the key on a local machine, much more secure then storing
-  it on a file system, 3) By using a local password cache (activated with -c) via
-  an in-memory provider such as memcached or drb, sym invocations take advantage of
-  password cache, and only ask for a password once per a configurable time period,
-  4) By using SYM_ARGS environment variable, where common flags can be saved. This
-  is activated with sym -A, 5) By reading the key from the default key source file
-  ~/.sym.key which requires no flags at all, 6) By utilizing the --negate option to
-  quickly encrypt a regular file, or decrypt an encrypted file with extension .enc
-  7) By implementing the -t (edit) mode, that opens an encrypted file in your $EDITOR,
-  and replaces the encrypted version upon save & exit, optionally creating a backup.
-  8) By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.\n"
+  and decryption of sensitive data to your development or deployment workflow.\n\nFor
+  additional security the private key itself can be encrypted with a user-generated
+  password. For decryption using the key the password can be input into STDIN, or
+  be defined by an ENV variable, or an OS-X Keychain Entry. \n\nUnlike many other
+  existing encryption tools, Sym focuses on getting out of your way by offering a
+  streamlined interface with password caching (if MemCached is installed and running
+  locally) in hopes to make encryption of application secrets nearly completely transparent
+  to the developers. \n\nSym uses symmetric 256-bit key encryption with the AES-256-CBC
+  cipher, same cipher as used by the US Government. \n\nFor password-protecting the
+  key Sym uses AES-128-CBC cipher. The resulting data is zlib-compressed and base64-encoded.
+  The keys are also base64 encoded for easy copying/pasting/etc.\n\nSym accomplishes
+  encryption transparency by combining several convenient features:\n \n  1. Sym can
+  read the private key from multiple source types, such as pathname, an environment
+  variable name, a keychain entry, or CLI argument. You simply pass either of these
+  to the -k flag — one flag that works for all source types.\n \n  2. By utilizing
+  OS-X Keychain on a Mac, Sym offers truly secure way of storing the key on a local
+  machine, much more secure then storing it on a file system,\n \n  3. By using a
+  local password cache (activated with -c) via an in-memory provider such as memcached,
+  sym invocations take advantage of password cache, and only ask for a password once
+  per a configurable time period, \n\n  4. By using SYM_ARGS environment variable,
+  where common flags can be saved. This is activated with sym -A,\n \n  5. By reading
+  the key from the default key source file ~/.sym.key which requires no flags at all,\n
+  \n  6. By utilizing the --negate option to quickly encrypt a regular file, or decrypt
+  an encrypted file with extension .enc\n \n  7. By implementing the -t (edit) mode,
+  that opens an encrypted file in your $EDITOR, and replaces the encrypted version
+  upon save & exit, optionally creating a backup.\n \n  8. By offering the Sym::MagicFile
+  ruby API to easily read encrypted files into memory.\n\n"
 email:
 - kigster@gmail.com
 executables:
@@ -256,6 +273,7 @@ extra_rdoc_files: []
 files:
 - ".circleci/config.yml"
 - ".document"
+- ".envrc"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
@@ -264,13 +282,14 @@ files:
 - CHANGELOG.md
 - Gemfile
 - LICENSE
-- README.md
+- README.adoc
 - Rakefile
 - SYM-CLI.md
 - bin/console
 - bin/setup
 - bin/sym.completion.bash
 - bin/sym.symit.bash
+- codecov.yml
 - design/ascii-cinema.png
 - design/sym-class-dependency-future-refactor.png
 - design/sym-class-dependency.graffle
@@ -281,6 +300,7 @@ files:
 - design/sym-symit-help.png
 - exe/keychain
 - exe/sym
+- lib/ruby_warnings.rb
 - lib/sym.rb
 - lib/sym/app.rb
 - lib/sym/app/args.rb
@@ -308,7 +328,6 @@ files:
 - lib/sym/app/output/stdout.rb
 - lib/sym/app/password/cache.rb
 - lib/sym/app/password/providers.rb
-- lib/sym/app/password/providers/drb_provider.rb
 - lib/sym/app/password/providers/memcached_provider.rb
 - lib/sym/app/private_key/base64_decoder.rb
 - lib/sym/app/private_key/decryptor.rb
@@ -350,16 +369,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.2'
+      version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
-signing_key: 
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Dead-simple and easy to use encryption library on top of OpenSSL, offering
   rich Ruby API as well as feature-rich CLI able to generate a key, encrypt/decrypt