lib/sym.rb
require 'colored2'
require 'zlib'
require 'logger'
require 'sym/configuration'
require 'sym/constants'
require 'sym/version'
require 'sym/errors'
Sym::Configuration.configure do |config|
config.password_cipher = 'AES-128-CBC'
config.data_cipher = 'AES-256-CBC'
config.private_key_cipher = config.data_cipher
config.compression_enabled = true
config.compression_level = Zlib::BEST_COMPRESSION
config.encrypted_file_extension = 'enc'
config.default_key_file = Sym::Constants.sym_key_file
config.password_cache_timeout = 300
# When nil is selected, providers are auto-detected.
config.password_cache_default_provider = nil
config.password_cache_arguments = {
memcached: {
args: %w(127.0.0.1:11211),
opts: { namespace: 'sym',
compress: true,
expires_in: config.password_cache_timeout}
}
}
end
require 'sym/extensions/stdlib'
require 'sym/extensions/class_methods'
require 'sym/extensions/instance_methods'
#
# == Using Sym Library
#
# This library is a "wrapper" that allows you to take advantage of the
# symmetric encryption functionality provided by the {OpenSSL} gem (and the
# underlying C library). In order to use the library in your ruby classes, you
# should _include_ the module {Sym}.
#
# The including class is decorated with four instance methods from the
# module {Sym::Extensions::InstanceMethods} and two class methods from
# {Sym::Extensions::ClassMethods} – for specifics, please refer there.
#
# The two main instance methods are +#encr+ and +#decr+, which as the name
# implies, perform two-way symmetric encryption and decryption of any Ruby object
# that can be +marshaled+.
#
# Two additional instance methods +#encr_password+ and +#decr_password+ turn on
# password-based encryption, which actually uses a password to construct a 128-bit
# long private key, and then uses that in the encryption of the data.
# You could use them to encrypt data with a password instead of a randomly
# generated private key.
#
# The library comes with a rich CLI interface, which is mostly encapsulated under the
# +Sym::App+ namespace.
#
# The +sym+ executable that is the "app" in this case, and is a _user_ of the
# API methods +#encr+ and +#decr+.
#
# Create a new key with +#create_private_key+ class method, which returns a new
# key every time it's called, or with +#private_key+ class method, which either
# assigns, or creates and caches the private key at a class level.
#
# == Example
#
# require 'sym'
#
# class TestClass
# include Sym
# # read the key from environmant variable and assign to this class.
# private_key ENV['PRIVATE_KEY']
#
# def sensitive_value=(value)
# @sensitive_value = encr(value, self.class.private_key)
# end
#
# def sensitive_value
# decr(@sensitive_value, self.class.private_key)
# end
# end
#
# == Private Key
#
# They private key can be generated by +TestClass.create_private_key+
# which returns but does not store a new random 256-bit key.
#
# The key can be assigned and saved, or auto-generated and saved using the
# +#private_key+ method on the class that includes the +Sym+ module.
#
# Each class including the +Sym+ module would get their own +#private_key#
# class-instance variable accessor, and a possible value.
#
module Sym
def self.included(klass)
klass.instance_eval do
include ::Sym::Extensions::InstanceMethods
extend ::Sym::Extensions::ClassMethods
class << self
def private_key(value = nil)
if value
@private_key= value
elsif @private_key
@private_key
else
@private_key= self.create_private_key
end
@private_key
end
end
end
end
class << self
def config
Sym::Configuration.config
end
def default_key_file
config.default_key_file
end
def default_key
File.read(default_key_file) rescue nil
end
def default_key?
File.exist?(default_key_file)
end
end
end