sym 2.10.0 → 3.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 56818db540e6c43dd9825242a599ea43813fbc032bb2b2dc548750f4a523c154
4
- data.tar.gz: b8bdb57e5cd45d2b6d3bd7c5af2112a34a920451c7b6a2b0fdeae22618827241
3
+ metadata.gz: 96b146e9f4e68299d11d3aa550f32cf34c85de0ce8b91829e2d7db0e39d9da8a
4
+ data.tar.gz: c55848a53c59090e471b207d3e170fa803aa61969f4689c4cdffe507ebe8babf
5
5
  SHA512:
6
- metadata.gz: 9538a2c263afcb8b85ab4c9e6045333245b1ec91a9a35d3eeb83109f802be6663d3c66dfc5218f17df634925f74fe1407be4ef1a177d877e7fe1b2e5a6840883
7
- data.tar.gz: aab737dcbc3da264f6d11b7a5b56a35cf5bba196663eeefcb808e81f93d4226ad3a53b025887f6e961d601b316236e806bf9ca5c26d7d1721bbf4ed31775cef6
6
+ metadata.gz: 1a577c64acd5fb45c06526757602810b210c9fc4af413961be85618abdb88754e3689b4e7d78ed1dd3714abb22484bae86d7111b6a6c887568ab57c818cdc94e
7
+ data.tar.gz: dd26342b6c02825c85f847268f4a69f0da85dd42bcae7e6064515bf88c32f17eb08e19e9b65758825dbb28ff5b7fd0a878dcc9b2e0fb83be915120b0ce0284ae
@@ -1,16 +1,30 @@
1
1
  # Changelog
2
2
 
3
- ## [Unreleased](https://github.com/kigster/sym/tree/HEAD)
3
+ ## [v2.10.1](https://github.com/kigster/sym/tree/v2.10.1) (2020-08-15)
4
4
 
5
- [Full Changelog](https://github.com/kigster/sym/compare/v2.8.5...HEAD)
5
+ [Full Changelog](https://github.com/kigster/sym/compare/v2.10.0...v2.10.1)
6
6
 
7
7
  **Closed issues:**
8
8
 
9
+ - This gem is failing on environment without HOME \(like AWS Lambda\) [\#25](https://github.com/kigster/sym/issues/25)
10
+
11
+ **Merged pull requests:**
12
+
13
+ - Refactor and changes to support custom user\_home. [\#30](https://github.com/kigster/sym/pull/30) ([kigster](https://github.com/kigster))
14
+
15
+ ## [v2.10.0](https://github.com/kigster/sym/tree/v2.10.0) (2020-08-14)
16
+
17
+ [Full Changelog](https://github.com/kigster/sym/compare/v2.8.5...v2.10.0)
18
+
19
+ **Closed issues:**
20
+
21
+ - Switch to Codecov for test coverage [\#29](https://github.com/kigster/sym/issues/29)
9
22
  - Ruby 2.7 warnings [\#24](https://github.com/kigster/sym/issues/24)
10
23
  - Error and process hang on Windows [\#17](https://github.com/kigster/sym/issues/17)
11
24
 
12
25
  **Merged pull requests:**
13
26
 
27
+ - Switch to Codecov for test coverage; version bump 2.10.0 [\#28](https://github.com/kigster/sym/pull/28) ([kigster](https://github.com/kigster))
14
28
  - Fix remaining 2.7 warnings; memcached & keychain [\#27](https://github.com/kigster/sym/pull/27) ([kigster](https://github.com/kigster))
15
29
  - Adding Rubocop, and fixing minor issues. [\#21](https://github.com/kigster/sym/pull/21) ([kigster](https://github.com/kigster))
16
30
  - First pass on Version 2.9.0 — dropping the coin gem [\#20](https://github.com/kigster/sym/pull/20) ([kigster](https://github.com/kigster))
@@ -27,6 +41,7 @@
27
41
 
28
42
  **Merged pull requests:**
29
43
 
44
+ - Fix error when ENV\[EDITOR\] is nil [\#18](https://github.com/kigster/sym/pull/18) ([JustinNazari](https://github.com/JustinNazari))
30
45
  - README: Use SVG badge \[ci skip\] [\#16](https://github.com/kigster/sym/pull/16) ([olleolleolle](https://github.com/olleolleolle))
31
46
 
32
47
  ## [v2.8.4](https://github.com/kigster/sym/tree/v2.8.4) (2018-04-13)
@@ -184,7 +199,6 @@
184
199
 
185
200
  **Merged pull requests:**
186
201
 
187
- - Fix error when ENV\[EDITOR\] is nil [\#18](https://github.com/kigster/sym/pull/18) ([JustinNazari](https://github.com/JustinNazari))
188
202
  - added require to fix loading issue on ubuntu [\#4](https://github.com/kigster/sym/pull/4) ([bosswissam](https://github.com/bosswissam))
189
203
 
190
204
  ## [v1.6.4](https://github.com/kigster/sym/tree/v1.6.4) (2016-08-23)
data/LICENSE CHANGED
@@ -1,6 +1,6 @@
1
- Copyright © 2016 Konstantin Gredeskoul, all rights reserved.
1
+ Copyright © 2016-2020 Konstantin Gredeskoul, All Rights Reserved.
2
2
 
3
- MIT License
3
+ Distributed under MIT License
4
4
 
5
5
  Permission is hereby granted, free of charge, to any person obtaining
6
6
  a copy of this software and associated documentation files (the
@@ -16,17 +16,16 @@ image:https://ruby-gem-downloads-badge.herokuapp.com/sym?extension=svg[Sym Downl
16
16
  image:https://codecov.io/gh/kigster/sym/branch/master/graphs/sunburst.svg[Coverage Map,link=https://codecov.io/gh/kigster/sym]
17
17
  ====
18
18
 
19
- Please checkout the following post — _http://kig.re/2017/03/10/dead-simple-encryption-with-sym.html[Dead Simple Encryption with Sym]_ — that announced the initial release of this library, and provides further in-depth discussion. Your donation of absolutely any amount is very much appreciated but never required.
19
+ Please checkout the following post — _http://kig.re/2017/03/10/dead-simple-encryption-with-sym.html[Dead Simple Encryption with Sym]_ — that announced the initial release of this library, and provides further in-depth discussion. Your donation of absolutely any amount is much appreciated but never required.
20
20
 
21
- image::https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif[Donate,link=https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FSFYYNEQ8RKWU]
21
+ image:https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif[Donate,link=https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FSFYYNEQ8RKWU]
22
22
 
23
23
  == Introduction
24
24
 
25
- ====
26
- *sym* is an open source command line utility and Ruby API which makes it very _easy to add reliable encryption and decryption_ of sensitive data to an application or a project written in any language.
27
- ====
25
+ NOTE: *SYM* is an open source command line utility and a Ruby library, which makes it _trivial to encrypt your application secrets with mathematically proven models and ciphers offered in a much larger project — Open SSL.
28
26
 
29
- * Unlike many existing encryption tools, *sym* focuses on narrowing the gap between convenience and security, by offering enhanced usability and a streamlined ruby API and a CLI. The primary goal of the library is to make encryption very easy and transparent. +
27
+
28
+ Unlike many existing encryption tools, *sym* focuses on narrowing the gap between convenience and security, by offering enhanced usability and a streamlined ruby API and a CLI. The primary goal of the library is to make encryption very easy and transparent. +
30
29
 
31
30
  * *sym* uses the _https://en.wikipedia.org/wiki/Symmetric-key_algorithm[Symmetric Encryption]_ algorithm. This means that the same key is used to encrypt and decrypt data. In addition to the key, the encryption uses a randomized IV vector, which is automatically generated per each encryption and serialized with the data. Result of encryption is zlib-compressed, and base64 encoded, to be suitable for storage as string. The generated keys are also base64-encoded for convenience. +
32
31
 
@@ -85,7 +84,6 @@ Most common use-cases include:
85
84
  This gem includes two primary components:
86
85
 
87
86
  . *<<cli,Rich command line interface CLI>>* with many features to streamline encryption/decryption, and to be integrated into the deployment flow. +
88
- +
89
87
  . Ruby APIs:
90
88
  ** *<<rubyapi,Key Generation, Encryption & Decryption API>>*
91
89
  *** is activated by including `Sym` module in a class, it adds easy to use `encr`/`decr` methods.
@@ -192,7 +190,8 @@ My secret data
192
190
 
193
191
  # Lets now save common flags in the SYM_ARGS bash variable:
194
192
  ❯ export SYM_ARGS="-ck my-new-key"
195
- sym -df secret.enc
193
+ # To have sym parse the SYM_ARGS variable, we must activate this feature with -A
194
+ ❯ sym -Adf secret.enc
196
195
  My secret data
197
196
  ----
198
197
 
@@ -235,6 +234,11 @@ Example: here we edit an encrypted file in `vim`, while using interactive mode t
235
234
 
236
235
  Note the `diff` shown after save.
237
236
 
237
+ ==== CLI Help Reference
238
+
239
+ image::design/sym-help.png[Sym Help,width=651]
240
+
241
+
238
242
  +++<a name="rubyapi">++++++</a>+++
239
243
 
240
244
  == Ruby API
@@ -621,7 +625,23 @@ To release a new version, update the version number in `version.rb`, and then ru
621
625
  [discrete]
622
626
  ==== Contributing
623
627
 
624
- Bug reports and pull requests are welcome on GitHub at https://github.com/kigster/sym
628
+ Bug reports and pull requests are welcome on GitHub at https://github.com/kigster/sym.
629
+
630
+ ===== UML
631
+
632
+ Here are a couple of UML diagrams depicting the current, and possibly future state of the codebase.
633
+
634
+ ''''
635
+
636
+ ===== Current Design
637
+
638
+ image::design/sym-class-dependency-vertical.png[UML Vertical]
639
+
640
+ ''''
641
+
642
+ ===== Future Design
643
+
644
+ image::design/sym-class-dependency-future-refactor.png[UML Refactor]
625
645
 
626
646
  === License
627
647
 
data/Rakefile CHANGED
@@ -25,9 +25,9 @@ end
25
25
  task :build => :permissions
26
26
 
27
27
  YARD::Rake::YardocTask.new(:doc) do |t|
28
- t.files = %w(lib/**/*.rb exe/*.rb - README.md LICENSE)
29
- t.options.unshift('--title', '"Sym – Symmetric Key Encryption for Your Data"')
30
- t.after = -> { exec('open doc/index.html') }
28
+ t.files = %w(lib/**/*.rb exe/*.rb - README.adoc CHANGELOG.md LICENSE)
29
+ t.options.unshift('--title', '"Sym – Symmetric Encryption for Humins"')
30
+ t.after = -> { Thread.new { sleep 5; exec('open doc/index.html') } }
31
31
  end
32
32
 
33
33
  RSpec::Core::RakeTask.new(:spec)
@@ -0,0 +1,34 @@
1
+ #!/usr/bin/env bash
2
+ # vim: ft=bash
3
+ unset DEBUG
4
+
5
+ [[ -d ~/.bashmatic ]] || bash -c "$(curl -fsSL http://bit.ly/bashmatic-1-2-0)"
6
+ source "${HOME}/.bashmatic/init.sh" 1>/dev/null
7
+
8
+ function chlog() {
9
+ run.set-all abort-on-error show-output-on
10
+
11
+ command -v github_changelog_generator >/dev/null || {
12
+ h1 'Installing changelog ruby gem...'
13
+ gem.install github_changelog_generator
14
+ }
15
+
16
+ if [[ -z "${GITHUB_TOKEN}" ]]; then
17
+ error "Please set GITHUB_TOKEN environment variable."
18
+ return 1
19
+ else
20
+ info "GitHub token found, starting CHANGELOG generation..."
21
+ fi
22
+
23
+ run "github_changelog_generator --no-verbose -u kigster -p sym -t ${GITHUB_TOKEN}"
24
+ }
25
+
26
+ chlog "$@"
27
+
28
+
29
+
30
+
31
+
32
+
33
+
34
+
Binary file
data/lib/sym.rb CHANGED
@@ -14,7 +14,7 @@ Sym::Configuration.configure do |config|
14
14
  config.compression_enabled = true
15
15
  config.compression_level = Zlib::BEST_COMPRESSION
16
16
  config.encrypted_file_extension = 'enc'
17
- config.default_key_file = Sym::Constants::SYM_KEY_FILE
17
+ config.default_key_file = Sym::Constants.sym_key_file
18
18
 
19
19
  config.password_cache_timeout = 300
20
20
 
@@ -18,7 +18,6 @@ module Sym
18
18
  class << self
19
19
  attr_accessor :exit_code
20
20
  attr_accessor :stdin, :stdout, :stderr
21
-
22
21
  end
23
22
 
24
23
  self.exit_code = 0
@@ -56,10 +56,10 @@ module Sym
56
56
  # brings in #parse(Array[String] args)
57
57
  include CLISlop
58
58
 
59
- attr_accessor :opts, :application, :outputs, :stdin, :stdout, :stderr, :kernel
60
-
59
+ attr_accessor :opts, :application, :outputs, :stdin, :stdout, :stderr, :kernel, :args
61
60
 
62
61
  def initialize(argv, stdin = STDIN, stdout = STDOUT, stderr = STDERR, kernel = nil)
62
+ self.args = argv
63
63
  self.stdin = stdin
64
64
  self.stdout = stdout
65
65
  self.stderr = stderr
@@ -71,37 +71,46 @@ module Sym
71
71
 
72
72
  begin
73
73
  # Re-map any legacy options to the new options
74
- self.opts = parse(argv)
74
+ self.opts = parse(args)
75
+
76
+ if opts[:user_home]
77
+ Constants.user_home = opts[:user_home]
78
+ raise InvalidSymHomeDirectory, "#{opts[:user_home]} does not exist!" unless Dir.exist?(Constants.user_home)
79
+ end
80
+
81
+ # Deal with SYM_ARGS and -A
75
82
  if opts[:sym_args]
76
- append_sym_args(argv)
77
- self.opts = parse(argv)
83
+ if non_empty_array?(sym_args)
84
+ args << sym_args
85
+ args.flatten!
86
+ args.compact!
87
+ args.delete('-A')
88
+ args.delete('--sym-args')
89
+ self.opts = parse(args)
90
+ end
78
91
  end
79
92
 
80
93
  # Disable coloring if requested, or if piping STDOUT
81
94
  if opts[:no_color] || !self.stdout.tty?
82
95
  Colored2.disable! # reparse options without the colors to create new help msg
83
- self.opts = parse(argv)
96
+ self.opts = parse(args)
84
97
  end
85
98
 
86
99
  rescue StandardError => e
87
100
  log :error, "#{e.message}" if opts
88
101
  error exception: e
89
- exit 127 if stdin == STDIN
102
+ quit!(127) if stdin == STDIN
90
103
  end
91
104
 
92
- self.application = ::Sym::Application.new(opts, stdin, stdout, stderr, kernel)
105
+ self.application = ::Sym::Application.new(self.opts, stdin, stdout, stderr, kernel)
93
106
  end
94
107
 
95
- def append_sym_args(argv)
96
- if env_args = sym_args
97
- argv << env_args.split(' ')
98
- argv.flatten!
99
- argv.compact!
100
- end
108
+ def quit!(code = 0)
109
+ exit(code)
101
110
  end
102
111
 
103
112
  def sym_args
104
- ENV[Sym::Constants::ENV_ARGS_VARIABLE_NAME]
113
+ (ENV['SYM_ARGS']&.split(/\s+/) || [])
105
114
  end
106
115
 
107
116
  def execute!
@@ -131,17 +140,22 @@ module Sym
131
140
  end
132
141
 
133
142
  def opts_present
134
- o = opts.to_hash
135
- o.keys.map { |k| opts[k] ? nil : k }.compact.each { |k| o.delete(k) }
136
- o
143
+ opts.to_hash.tap do |o|
144
+ o.keys.map { |k| opts[k] ? nil : k }.compact.each { |k| o.delete(k) }
145
+ end
137
146
  end
138
147
 
139
- private
140
-
141
148
  def log(*args)
142
149
  Sym::App.log(*args, **opts.to_hash)
143
150
  end
144
151
 
152
+
153
+ private
154
+
155
+ def non_empty_array?(object)
156
+ object.is_a?(Array) && !object.empty?
157
+ end
158
+
145
159
  def error(hash)
146
160
  hash.merge!(config: opts.to_hash) if opts
147
161
  hash.merge!(command: @command) if @command
@@ -55,6 +55,7 @@ module Sym
55
55
  o.separator 'Create a new private key:'.yellow
56
56
  o.bool '-g', '--generate', ' generate a new private key'
57
57
  o.bool '-p', '--password', ' encrypt the key with a password'
58
+
58
59
  if Sym::App.osx?
59
60
  o.string '-x', '--keychain', '[key-name] '.blue + 'write the key to OS-X Keychain'
60
61
  end
@@ -67,7 +68,7 @@ module Sym
67
68
  o.separator ' '
68
69
  o.separator 'Password Cache:'.yellow
69
70
  o.bool '-c', '--cache-passwords', ' enable password cache'
70
- o.integer '-u', '--cache-timeout', '[seconds]'.blue + ' expire passwords after'
71
+ o.integer '-z', '--cache-timeout', '[seconds]'.blue + ' expire passwords after'
71
72
  o.string '-r', '--cache-provider', '[provider]'.blue + ' cache provider, one of ' + "#{Sym::App::Password::Providers.provider_list}"
72
73
 
73
74
  o.separator ' '
@@ -89,8 +90,14 @@ module Sym
89
90
 
90
91
  o.separator ' '
91
92
  o.separator 'Utility:'.yellow
93
+ o.separator " The following flag helps with Sym installation by hooking to \n" +
94
+ " your #{'~/.bashrc'.bold.yellow}. If you are running Sym on an environment without \n" +
95
+ " user home available, you may need to force set user's home to any existing\n" +
96
+ " directory using the #{'--user-home'.bold.blue} flag.\n"
97
+
92
98
  o.string '-B', '--bash-support', '[file]'.blue + ' append bash completion & utils to a file'+ "\n" +
93
99
  ' such as ~/.bash_profile or ~/.bashrc'
100
+ o.string '-u', '--user-home', '[DIR]'.blue + " Overrides #{'${HOME}'.green} ==> supports AWS Lambda\n"
94
101
 
95
102
  o.separator ' '
96
103
  o.separator 'Help & Examples:'.yellow
@@ -15,7 +15,7 @@ module Sym
15
15
  file = opts[:bash_support]
16
16
 
17
17
  out = ''
18
- Sym::Constants::Bash::CONFIG.each_pair do |key, config|
18
+ Sym::Constants.config.each_pair do |key, config|
19
19
  script_name = key.to_s
20
20
 
21
21
  # This removes the old version of this file.
@@ -1,43 +1,59 @@
1
1
  require 'logger'
2
2
  module Sym
3
+ #
4
+ # This module is responsible for installing Sym BASH extensions.
5
+ #
3
6
  module Constants
4
- module Bash
5
7
 
6
- BASH_FILES = Dir.glob("#{File.expand_path('../../../bin', __FILE__)}/sym.*.bash").freeze
8
+ BASH_FILES = Dir.glob("#{File.expand_path('../../bin', __dir__)}/sym.*.bash").freeze
7
9
 
8
- CONFIG = {}
10
+ class << self
11
+ attr_reader :user_home
9
12
 
10
- class << self
11
- def register_bash_files!
12
- BASH_FILES.each do |bash_file|
13
- register_bash_extension bash_file, CONFIG
14
- end
15
- end
13
+ def user_home=(value)
14
+ @user_home = value
15
+ register_bash_files!
16
+ end
16
17
 
17
- private
18
+ def config
19
+ @config ||= {}
20
+ end
18
21
 
19
- def register_bash_extension(bash_file, hash)
20
- source_file = File.basename(bash_file)
21
- home_file = "#{Dir.home}/.#{source_file}"
22
+ def sym_key_file
23
+ "#{user_home}/.sym.key"
24
+ end
22
25
 
23
- hash[source_file.gsub(/sym\./, '').gsub(/\.bash/, '').to_sym] = {
24
- dest: home_file,
25
- source: bash_file,
26
- script: "[[ -f #{home_file} ]] && source #{home_file}"
27
- }
26
+ def register_bash_files!
27
+ BASH_FILES.each do |bash_file|
28
+ register_bash_extension bash_file
28
29
  end
29
30
  end
30
31
 
31
- self.register_bash_files!
32
+ private
33
+
34
+ def register_bash_extension(bash_file)
35
+ return unless user_home && Dir.exist?(user_home)
36
+
37
+ source_file = File.basename(bash_file)
38
+ home_file = "#{user_home}/.#{source_file}"
39
+ config_key = source_file.gsub(/sym\./, '').gsub(/\.bash/, '').to_sym
40
+
41
+ config[config_key] = {
42
+ dest: home_file,
43
+ source: bash_file,
44
+ script: "[[ -f #{home_file} ]] && source #{home_file}"
45
+ }
46
+ end
32
47
  end
33
48
 
49
+ self.user_home ||= ::Dir.home rescue nil
50
+ self.user_home ||= '/tmp'
51
+
52
+ self.register_bash_files!
53
+
34
54
  module Log
35
55
  NIL = Logger.new(nil).freeze # empty logger
36
56
  LOG = Logger.new(STDERR).freeze
37
57
  end
38
-
39
- ENV_ARGS_VARIABLE_NAME = 'SYM_ARGS'.freeze
40
- SYM_KEY_FILE = "#{Dir.home}/.sym.key".freeze
41
-
42
58
  end
43
59
  end
@@ -10,6 +10,8 @@ module Sym
10
10
 
11
11
  class PasswordError < Sym::Errors::Error; end
12
12
 
13
+ class InvalidSymHomeDirectory < Sym::Errors::Error; end
14
+
13
15
  class NoPasswordProvided < Sym::Errors::PasswordError; end
14
16
 
15
17
  class PasswordsDontMatch < Sym::Errors::PasswordError; end
@@ -1,33 +1,57 @@
1
1
  module Sym
2
- VERSION = '2.10.0'.freeze
2
+ VERSION = '3.0.0'
3
3
  DESCRIPTION = <<~eof
4
- Sym is a ruby library (gem) that offers both the command line interface (CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption and decryption of sensitive data to your development or deployment workflow.
5
-
6
- For additional security the private key itself can be encrypted with a user-generated password. For decryption using the key the password can be input into STDIN, or be defined by an ENV variable, or an OS-X Keychain Entry.
7
-
8
- Unlike many other existing encryption tools, Sym focuses on getting out of your way by offering a streamlined interface with password caching (if MemCached is installed and running locally) in hopes to make encryption of application secrets nearly completely transparent to the developers.
9
-
10
- Sym uses symmetric 256-bit key encryption with the AES-256-CBC cipher, same cipher as used by the US Government.
11
-
12
- For password-protecting the key Sym uses AES-128-CBC cipher. The resulting data is zlib-compressed and base64-encoded. The keys are also base64 encoded for easy copying/pasting/etc.
13
-
14
- Sym accomplishes encryption transparency by combining several convenient features:
4
+
5
+ Sym is a ruby library (gem) that offers both the command line interface
6
+ (CLI) and a set of rich Ruby APIs, which make it rather trivial to add
7
+ encryption and decryption of sensitive data to your development or deployment
8
+ workflow.
15
9
 
16
- 1. Sym can read the private key from multiple source types, such as pathname, an environment variable name, a keychain entry, or CLI argument. You simply pass either of these to the -k flag — one flag that works for all source types.
10
+ For additional security the private key itself can be encrypted with a
11
+ user-generated password. For decryption using the key the password can be
12
+ input into STDIN, or be defined by an ENV variable, or an OS-X Keychain Entry.
17
13
 
18
- 2. By utilizing OS-X Keychain on a Mac, Sym offers truly secure way of storing the key on a local machine, much more secure then storing it on a file system,
14
+ Unlike many other existing encryption tools, Sym focuses on getting out of
15
+ your way by offering a streamlined interface with password caching (if
16
+ MemCached is installed and running locally) in hopes to make encryption of
17
+ application secrets nearly completely transparent to the developers.
19
18
 
20
- 3. By using a local password cache (activated with -c) via an in-memory provider such as memcached, sym invocations take advantage of password cache, and only ask for a password once per a configurable time period,
21
-
22
- 4. By using SYM_ARGS environment variable, where common flags can be saved. This is activated with sym -A,
19
+ Sym uses symmetric 256-bit key encryption with the AES-256-CBC cipher,
20
+ same cipher as used by the US Government.
23
21
 
24
- 5. By reading the key from the default key source file ~/.sym.key which requires no flags at all,
22
+ For password-protecting the key Sym uses AES-128-CBC cipher. The resulting
23
+ data is zlib-compressed and base64-encoded. The keys are also base64 encoded
24
+ for easy copying/pasting/etc.
25
25
 
26
- 6. By utilizing the --negate option to quickly encrypt a regular file, or decrypt an encrypted file with extension .enc
26
+ Sym accomplishes encryption transparency by combining several convenient features:
27
+
28
+ 1. Sym can read the private key from multiple source types, such as pathname,
29
+ an environment variable name, a keychain entry, or CLI argument. You simply
30
+ pass either of these to the -k flag — one flag that works for all source types.
31
+
32
+ 2. By utilizing OS-X Keychain on a Mac, Sym offers truly secure way of
33
+ storing the key on a local machine, much more secure then storing it on a file system,
34
+
35
+ 3. By using a local password cache (activated with -c) via an in-memory provider
36
+ such as memcached, sym invocations take advantage of password cache, and
37
+ only ask for a password once per a configurable time period,
27
38
 
28
- 7. By implementing the -t (edit) mode, that opens an encrypted file in your $EDITOR, and replaces the encrypted version upon save & exit, optionally creating a backup.
39
+ 4. By using SYM_ARGS environment variable, where common flags can be saved. This
40
+ is activated with sym -A,
41
+
42
+ 5. By reading the key from the default key source file ~/.sym.key which
43
+ requires no flags at all,
44
+
45
+ 6. By utilizing the --negate option to quickly encrypt a regular file, or decrypt
46
+ an encrypted file with extension .enc
47
+
48
+ 7. By implementing the -t (edit) mode, that opens an encrypted file in your $EDITOR,
49
+ and replaces the encrypted version upon save & exit, optionally creating a backup.
50
+
51
+ 8. By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.
52
+
53
+ Please refer the module documentation available here:
54
+ https://www.rubydoc.info/gems/sym
29
55
 
30
- 8. By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.
31
-
32
56
  eof
33
57
  end
@@ -52,6 +52,7 @@ Gem::Specification.new do |spec|
52
52
  spec.add_dependency 'highline'
53
53
  spec.add_dependency 'dalli'
54
54
 
55
+ spec.add_development_dependency 'asciidoctor'
55
56
  spec.add_development_dependency 'aruba'
56
57
  spec.add_development_dependency 'bundler'
57
58
  spec.add_development_dependency 'irbtools'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sym
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.10.0
4
+ version: 3.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Konstantin Gredeskoul
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-08-14 00:00:00.000000000 Z
11
+ date: 2020-08-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: colored2
@@ -80,6 +80,20 @@ dependencies:
80
80
  - - ">="
81
81
  - !ruby/object:Gem::Version
82
82
  version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: asciidoctor
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
83
97
  - !ruby/object:Gem::Dependency
84
98
  name: aruba
85
99
  requirement: !ruby/object:Gem::Requirement
@@ -234,35 +248,38 @@ dependencies:
234
248
  - - ">="
235
249
  - !ruby/object:Gem::Version
236
250
  version: '0'
237
- description: "Sym is a ruby library (gem) that offers both the command line interface
238
- (CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption
239
- and decryption of sensitive data to your development or deployment workflow.\n\nFor
240
- additional security the private key itself can be encrypted with a user-generated
241
- password. For decryption using the key the password can be input into STDIN, or
242
- be defined by an ENV variable, or an OS-X Keychain Entry. \n\nUnlike many other
243
- existing encryption tools, Sym focuses on getting out of your way by offering a
244
- streamlined interface with password caching (if MemCached is installed and running
245
- locally) in hopes to make encryption of application secrets nearly completely transparent
246
- to the developers. \n\nSym uses symmetric 256-bit key encryption with the AES-256-CBC
247
- cipher, same cipher as used by the US Government. \n\nFor password-protecting the
248
- key Sym uses AES-128-CBC cipher. The resulting data is zlib-compressed and base64-encoded.
249
- The keys are also base64 encoded for easy copying/pasting/etc.\n\nSym accomplishes
250
- encryption transparency by combining several convenient features:\n \n 1. Sym can
251
- read the private key from multiple source types, such as pathname, an environment
252
- variable name, a keychain entry, or CLI argument. You simply pass either of these
253
- to the -k flag — one flag that works for all source types.\n \n 2. By utilizing
254
- OS-X Keychain on a Mac, Sym offers truly secure way of storing the key on a local
255
- machine, much more secure then storing it on a file system,\n \n 3. By using a
256
- local password cache (activated with -c) via an in-memory provider such as memcached,
257
- sym invocations take advantage of password cache, and only ask for a password once
258
- per a configurable time period, \n\n 4. By using SYM_ARGS environment variable,
259
- where common flags can be saved. This is activated with sym -A,\n \n 5. By reading
260
- the key from the default key source file ~/.sym.key which requires no flags at all,\n
261
- \n 6. By utilizing the --negate option to quickly encrypt a regular file, or decrypt
262
- an encrypted file with extension .enc\n \n 7. By implementing the -t (edit) mode,
263
- that opens an encrypted file in your $EDITOR, and replaces the encrypted version
264
- upon save & exit, optionally creating a backup.\n \n 8. By offering the Sym::MagicFile
265
- ruby API to easily read encrypted files into memory.\n\n"
251
+ description: "\n Sym is a ruby library (gem) that offers both the command line interface
252
+ \n (CLI) and a set of rich Ruby APIs, which make it rather trivial to add \n encryption
253
+ and decryption of sensitive data to your development or deployment \n workflow.\n
254
+ \n For additional security the private key itself can be encrypted with a \n user-generated
255
+ password. For decryption using the key the password can be \n input into STDIN,
256
+ or be defined by an ENV variable, or an OS-X Keychain Entry. \n \n Unlike many other
257
+ existing encryption tools, Sym focuses on getting out of \n your way by offering
258
+ a streamlined interface with password caching (if \n MemCached is installed and
259
+ running locally) in hopes to make encryption of \n application secrets nearly completely
260
+ transparent to the developers. \n \n Sym uses symmetric 256-bit key encryption with
261
+ the AES-256-CBC cipher, \n same cipher as used by the US Government. \n \n For password-protecting
262
+ the key Sym uses AES-128-CBC cipher. The resulting \n data is zlib-compressed and
263
+ base64-encoded. The keys are also base64 encoded \n for easy copying/pasting/etc.\n
264
+ \n Sym accomplishes encryption transparency by combining several convenient features:\n
265
+ \ \n 1. Sym can read the private key from multiple source types, such as pathname,
266
+ \n an environment variable name, a keychain entry, or CLI argument. You simply
267
+ \n pass either of these to the -k flag — one flag that works for all source
268
+ types.\n \n 2. By utilizing OS-X Keychain on a Mac, Sym offers truly secure way
269
+ of \n storing the key on a local machine, much more secure then storing it
270
+ on a file system,\n \n 3. By using a local password cache (activated with -c)
271
+ via an in-memory provider \n such as memcached, sym invocations take advantage
272
+ of password cache, and \n only ask for a password once per a configurable time
273
+ period, \n \n 4. By using SYM_ARGS environment variable, where common flags can
274
+ be saved. This \n is activated with sym -A,\n \n 5. By reading the key from
275
+ the default key source file ~/.sym.key which \n requires no flags at all,\n
276
+ \ \n 6. By utilizing the --negate option to quickly encrypt a regular file, or
277
+ decrypt \n an encrypted file with extension .enc\n \n 7. By implementing
278
+ the -t (edit) mode, that opens an encrypted file in your $EDITOR, \n and replaces
279
+ the encrypted version upon save & exit, optionally creating a backup.\n \n 8.
280
+ By offering the Sym::MagicFile ruby API to easily read encrypted files into memory.\n\nPlease
281
+ refer the module documentation available here:\nhttps://www.rubydoc.info/gems/sym\n
282
+ \n"
266
283
  email:
267
284
  - kigster@gmail.com
268
285
  executables:
@@ -285,6 +302,7 @@ files:
285
302
  - README.adoc
286
303
  - Rakefile
287
304
  - SYM-CLI.md
305
+ - bin/changelog
288
306
  - bin/console
289
307
  - bin/setup
290
308
  - bin/sym.completion.bash
@@ -292,6 +310,7 @@ files:
292
310
  - codecov.yml
293
311
  - design/ascii-cinema.png
294
312
  - design/sym-class-dependency-future-refactor.png
313
+ - design/sym-class-dependency-vertical.png
295
314
  - design/sym-class-dependency.graffle
296
315
  - design/sym-class-dependency.pdf
297
316
  - design/sym-class-dependency.png