sym 2.6.0 → 2.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4f617e5a540da0d9f51124c4ba3f8affa335593b
-  data.tar.gz: 5fe223d7450486ba4fc3b201bfb06311968f9963
+  metadata.gz: 632c170e04c0683202d0f555dc5c0a1605e9f358
+  data.tar.gz: 3ed88bd3e490657a665e69911698cdbcfb25db92
 SHA512:
-  metadata.gz: c17e78d532c9f3edbb075e1e1936619a187244a0e514b5b7600d6b686103f43af99b1f949846c489860875cb750c255bda8792ce5892163f1d968cb7498677d7
-  data.tar.gz: 4ae3a762791fcdf65417185ad0d0d3d9c85ef2d7b6db51cecd6d9ab4911768b125c10dba7e8815b92f9bb226230a92177cb309c0932253f5364b220b2ce4d687
+  metadata.gz: 044bdb0bbe730dae5399c11694fdc214c847217cc72c76df301fc14fb59b8cccb1aec7f7fd5da3e5ffa6d3a1c9cf2f426a1e4bff89429984407fa22dab1cb2c3
+  data.tar.gz: 26b4d27351d37ce6a9bb0eca94732cbb7d2a58501c65bd9a392380ea15aa45703e3ac754802a930cb712cfec4b637daccd5ff809ece85a16d2f54554409aa5dd

data/README.md

@@ -244,45 +244,33 @@ You can encrypt the private key using a custom password. This is highly recommen
 
 For this purpose, two more instance methods exist:
 
- * `encr_password(data, password, iv = nil)`
- * `decr_password(encrypted_data, password, iv = nil)`
+ * `#encr_password(data, password, iv = nil)`
+ * `#decr_password(encrypted_data, password, iv = nil)`
 
 They can be used independently of `encr` and `decr` to encrypt/decrypt any data with a password.
 
-<a name="rubyapi-app"></a>
-
-### `Sym::Application`
+<a name="magic-file"></a>
 
-Since the command line interface offers much more than just encryption/decryption of data with a key, majority of these features are available through `Sym::Application` instance.
-
-The class is instantiated with a hash that would be otherwise generated by parsing CLI arguments, typical `options`. For example, to generate the key, pass `generate: true` — essentially any flag in it's long form can be converted into a hash member.
+### Using `Sym::MagicFile` API for Reading/Writing Encrypted/Decrypted data
 
-Here is an example:
-
-```ruby
-require 'sym/application'
+This is probably the easiest way to leverage Sym-encrypted files in your application — by loading them into memory with `Sym::MagicFile`. This class provides a very simple API while supporting all of the convenience features of the rich application API (see below).
 
-key  = Sym::Application.new(generate: true).execute
-# => '75ngenJpB6zL47/8Wo7Ne6JN1pnOsqNEcIqblItpfg4='
-```
-
-### `Sym::MagicFile` for Reading Encrypted Data
-
-This is probably the easiest way to leverage Sym-encrypted files, by loading them into memory.
-
-`Sym::MagicFile` provides a very simple API for loading and reading encrypted files
-into memory, while supporting all of the convenience features of the rich
-application API.
-
-You initialize this class with just two things: a `pathname` to a file (encrypted
+You instantiate `Sym::MagicFile` with just two parameters: a `pathname` to a file (encrypted
 or not), and the `key` identifier. The identifier can either be a filename, or
 OS-X Keychain entry, or environment variable name, etc — basically it is resolve
 like any other `-k <value>` CLI flag.
 
-#### Example: Using `Sym::MagicFile` with the `RailsConfig` gem
+The following methods are available:
+
+ * `#encrypt` — returns an encrypted string representing the encrypted contents ofa file specified by the pathname.
+ * `#decrypt` — returns a decrypted string representing the decrypted contents of a file specified by  the pathname.
+ * `#encrypt_to(filename)` — encrypts the contents of a file specified by the pathname, and writes the result to a `filename`. 
+ * `#decrypt_to(filename)` — decrypts the contents of a file specified by the pathname, and writes the result to a `filename`. 
+
+#### Example: Using `Sym::MagicFile` with the `RailsConfig` (or `Settings`) gem
 
 In this example, we assume that the environment variable `$PRIVATE_KEY` contain
-the key to be used in decryption. Note that methods `#decrypt` and `#read` on `Sym::MagicFile` instance are synomymous.
+the key to be used in decryption. 
 
 ```ruby
 require 'sym/magic_file'
@@ -307,6 +295,23 @@ Settings.add_source!(
 Settings.reload!
 ```
 
+<a name="rubyapi-app"></a>
+
+### Using `Sym::Application` API
+
+Since the command line interface offers much more than just encryption/decryption of data with a key, majority of these features are available through `Sym::Application` instance.
+
+The class is instantiated with a hash that would be otherwise generated by parsing CLI arguments, typical `options`. For example, to generate the key, pass `generate: true` — essentially any flag in it's long form can be converted into a hash member.
+
+Here is an example:
+
+```ruby
+require 'sym/application'
+
+key  = Sym::Application.new(generate: true).execute
+# => '75ngenJpB6zL47/8Wo7Ne6JN1pnOsqNEcIqblItpfg4='
+```
+
 ### Ruby API Conclusion
 
 Using `Sym`'s rich ruby API you can perform both low-level encryption/decryption, as well as high-level management of encrypted files. By using `Sym::MagicFile` and/or `Sym::Application` classes you can access the entire set of functionality expressed vi the CLI, described in details below.

data/lib/sym/version.rb

@@ -1,28 +1,25 @@
 module Sym
-  VERSION = '2.6.0'
+  VERSION     = '2.6.1'
   DESCRIPTION = <<-eof
-    Sym is a command line utility plus a straightforward Ruby API that makes it easy to 
-    transparently handle sensitive data such as application secrets using symmetric
-    encryption with a 256bit key.
- 
-    Unlike many modern encryption tools, sym focuses on the streamlined interface (CLI),
-    and offers many time-saving features that make encryption/decryption of application
-    secrets and other sensitive data as seamless as possible.   
- 
-    You can encrypt the key itself with a password, for an additional layer of security.
-    You can choose to save the key to OS-X Keychain, making it difficult to get the key
-    when only disk is accessible. Using memcached or DRb sym can cache passwords so that
-    you don't have to retype it too often. Finally, the -t flag (edit mode) decrypts
-    the file on the fly, and lets you edit the unencrypted contents in $EDITOR. 
+### Sym — Symmetric Encryption Made Easy
+  
+**Sym** is a ruby library (gem) that offers both the command line interface (CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption and decryption of sensitive data to your development or deployment flow. As a layer of additional security, you can encrypt the private key itself with a password. 
 
-    Sym can read the key from many sources, including file, environment variable, 
-    keychain, or CLI argument — all of the above become arguments of -k flag: one 
-    flag to define the key no matter where it lives.
+Unlike many other existing encryption tools, Sym focuses on getting out of the way — by offering its streamlined interface, hoping to make encryption of application secrets nearly completely transparent to the developers. 
 
-    Finally, set environment variable SYM_ARGS to common flags you use, and then
-    have sym read these flags, activating this time-saving feature with -A flag.     
-     
-    Sym uses a symmetric aes-256-cbc cipher with a private key and an IV vector, 
-    and is built atop of OpenSSL.
+For the data encryption Sym uses a symmetric 256-bit key with the `AES-256-CBC` cipher, same cipher as used by the US Government. For password-protecting the key Sym uses `AES-128-CBC` cipher. The resulting data is zlib-compressed and base64-encoded. The keys are also base64 encoded for easy copying/pasting/etc.
+  
+### Massive Time Savers
+
+Sym accomplishes encryption transparency by combining convenience features:
+
+ * Sym can read the private key from multiple source types, such as: a pathname to a file, an environment variable name, a keychain entry, or CLI argument. You simply pass either of these to the `-k` flag — one flag that works for all source types
+ * By utilizing OS-X Keychain on a Mac, Sym offers truly secure way of storing the key on a local machine, much more secure then storing it on a file system
+ * By using a local password cache (activated with `-c`) via an in-memory provider such as memcached or `drb`, sym invocations take advantage of password cache, and only ask for a password once per a configurable time period
+ * By using `SYM_ARGS` environment variable, where common flags can be saved. This is activated with `sym -A`
+ * By reading the key from the default key source file `~/.sym.key` which requires no flags at all
+ * By utilizing the `--negate` option to quickly encrypt a regular file, or decrypt an encrypted file with extension `.enc`
+ * By implementing the `-t` (edit) mode, that opens an encrypted file in your `$EDITOR`, and replaces the encrypted version upon save & exit, optionally creating a backup.
+ * By offering the `Sym::MagicFile` ruby API to easily read encrypted files into memory.
   eof
 end

data/sym.gemspec

@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
   spec.authors       = ['Konstantin Gredeskoul']
   spec.email         = %w(kigster@gmail.com)
 
-  spec.summary       = %q{Super easy to use encryption library & a CLI with a strong aes-256-cbc cipher that can be used to transparently encrypt/decrypt/edit application secrets.}
+  spec.summary       = %q{Dead-simple and easy to use encryption library on top of OpenSSL, offering rich Ruby API as well as feature-rich CLI able to generate a key, encrypt/decrypt data, password-protect the keys, cache passwords, and more. Strong cipher "aes-256-cbc" used by US Government is behind data encryption.}
 
   spec.description   = Sym::DESCRIPTION
 
@@ -21,16 +21,29 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
   spec.required_ruby_version = '>= 2.2'
   spec.post_install_message = <<-EOF
-Thank you for installing this gem! We hope you like it :)  
 
-NOTE: To enable bash command line completion, please run the following 
-command, which appends sym's shell completion to the file specified
-in arguments to -B/--bash-support flag.
+Thank you for installing Sym! 
+
+BLOG POST
+=========
+http://kig.re/2017/03/10/dead-simple-encryption-with-sym.html
+
+BASH COMPLETION
+===============
+To enable bash command line completion, please run the following 
+command, which appends sym's shell completion wrapper to the file 
+specified in arguments to -B/--bash-support flag.
 
   sym -B ~/.bash_profile
+  source ~/.bash_profile
  
-Thank you for checking out Sym and happy crypting :)
-              -- KG ( github.com/kigster | twitter.com/kig )
+Thank you for using Sym and happy crypting :)
+
+For bonus points, run 'symit -h' after installing and loading bash
+completion.
+
+@kigster on Github, @kig on Twitter.
+
 EOF
   spec.add_dependency 'colored2', '~> 3'
   spec.add_dependency 'slop', '~> 4.3'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sym
 version: !ruby/object:Gem::Version
-  version: 2.6.0
+  version: 2.6.1
 platform: ruby
 authors:
 - Konstantin Gredeskoul
@@ -206,23 +206,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: "    Sym is a command line utility plus a straightforward Ruby API that
-  makes it easy to \n    transparently handle sensitive data such as application secrets
-  using symmetric\n    encryption with a 256bit key.\n \n    Unlike many modern encryption
-  tools, sym focuses on the streamlined interface (CLI),\n    and offers many time-saving
-  features that make encryption/decryption of application\n    secrets and other sensitive
-  data as seamless as possible.   \n \n    You can encrypt the key itself with a password,
-  for an additional layer of security.\n    You can choose to save the key to OS-X
-  Keychain, making it difficult to get the key\n    when only disk is accessible.
-  Using memcached or DRb sym can cache passwords so that\n    you don't have to retype
-  it too often. Finally, the -t flag (edit mode) decrypts\n    the file on the fly,
-  and lets you edit the unencrypted contents in $EDITOR. \n\n    Sym can read the
-  key from many sources, including file, environment variable, \n    keychain, or
-  CLI argument — all of the above become arguments of -k flag: one \n    flag to define
-  the key no matter where it lives.\n\n    Finally, set environment variable SYM_ARGS
-  to common flags you use, and then\n    have sym read these flags, activating this
-  time-saving feature with -A flag.     \n     \n    Sym uses a symmetric aes-256-cbc
-  cipher with a private key and an IV vector, \n    and is built atop of OpenSSL.\n"
+description: "### Sym — Symmetric Encryption Made Easy\n  \n**Sym** is a ruby library
+  (gem) that offers both the command line interface (CLI) and a set of rich Ruby APIs,
+  which make it rather trivial to add encryption and decryption of sensitive data
+  to your development or deployment flow. As a layer of additional security, you can
+  encrypt the private key itself with a password. \n\nUnlike many other existing encryption
+  tools, Sym focuses on getting out of the way — by offering its streamlined interface,
+  hoping to make encryption of application secrets nearly completely transparent to
+  the developers. \n\nFor the data encryption Sym uses a symmetric 256-bit key with
+  the `AES-256-CBC` cipher, same cipher as used by the US Government. For password-protecting
+  the key Sym uses `AES-128-CBC` cipher. The resulting data is zlib-compressed and
+  base64-encoded. The keys are also base64 encoded for easy copying/pasting/etc.\n
+  \ \n### Massive Time Savers\n\nSym accomplishes encryption transparency by combining
+  convenience features:\n\n * Sym can read the private key from multiple source types,
+  such as: a pathname to a file, an environment variable name, a keychain entry, or
+  CLI argument. You simply pass either of these to the `-k` flag — one flag that works
+  for all source types\n * By utilizing OS-X Keychain on a Mac, Sym offers truly secure
+  way of storing the key on a local machine, much more secure then storing it on a
+  file system\n * By using a local password cache (activated with `-c`) via an in-memory
+  provider such as memcached or `drb`, sym invocations take advantage of password
+  cache, and only ask for a password once per a configurable time period\n * By using
+  `SYM_ARGS` environment variable, where common flags can be saved. This is activated
+  with `sym -A`\n * By reading the key from the default key source file `~/.sym.key`
+  which requires no flags at all\n * By utilizing the `--negate` option to quickly
+  encrypt a regular file, or decrypt an encrypted file with extension `.enc`\n * By
+  implementing the `-t` (edit) mode, that opens an encrypted file in your `$EDITOR`,
+  and replaces the encrypted version upon save & exit, optionally creating a backup.\n
+  * By offering the `Sym::MagicFile` ruby API to easily read encrypted files into
+  memory.\n"
 email:
 - kigster@gmail.com
 executables:
@@ -306,11 +317,13 @@ files:
 homepage: https://github.com/kigster/sym
 licenses: []
 metadata: {}
-post_install_message: "Thank you for installing this gem! We hope you like it :)  \n\nNOTE:
-  To enable bash command line completion, please run the following \ncommand, which
-  appends sym's shell completion to the file specified\nin arguments to -B/--bash-support
-  flag.\n\n  sym -B ~/.bash_profile\n \nThank you for checking out Sym and happy crypting
-  :)\n              -- KG ( github.com/kigster | twitter.com/kig )\n"
+post_install_message: "\nThank you for installing Sym! \n\nBLOG POST\n=========\nhttp://kig.re/2017/03/10/dead-simple-encryption-with-sym.html\n\nBASH
+  COMPLETION\n===============\nTo enable bash command line completion, please run
+  the following \ncommand, which appends sym's shell completion wrapper to the file
+  \nspecified in arguments to -B/--bash-support flag.\n\n  sym -B ~/.bash_profile\n
+  \ source ~/.bash_profile\n \nThank you for using Sym and happy crypting :)\n\nFor
+  bonus points, run 'symit -h' after installing and loading bash\ncompletion.\n\n@kigster
+  on Github, @kig on Twitter.\n\n"
 rdoc_options: []
 require_paths:
 - lib
@@ -329,6 +342,8 @@ rubyforge_project:
 rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
-summary: Super easy to use encryption library & a CLI with a strong aes-256-cbc cipher
-  that can be used to transparently encrypt/decrypt/edit application secrets.
+summary: Dead-simple and easy to use encryption library on top of OpenSSL, offering
+  rich Ruby API as well as feature-rich CLI able to generate a key, encrypt/decrypt
+  data, password-protect the keys, cache passwords, and more. Strong cipher "aes-256-cbc"
+  used by US Government is behind data encryption.
 test_files: []