require 'colored2' require 'zlib' require 'logger' require 'sym/configuration' require 'sym/constants' require 'sym/version' require 'sym/errors' Sym::Configuration.configure do |config| config.password_cipher = 'AES-128-CBC' config.data_cipher = 'AES-256-CBC' config.private_key_cipher = config.data_cipher config.compression_enabled = true config.compression_level = Zlib::BEST_COMPRESSION config.encrypted_file_extension = 'enc' config.default_key_file = Sym::Constants.sym_key_file config.password_cache_timeout = 300 # When nil is selected, providers are auto-detected. config.password_cache_default_provider = nil config.password_cache_arguments = { memcached: { args: %w(127.0.0.1:11211), opts: { namespace: 'sym', compress: true, expires_in: config.password_cache_timeout} } } end require 'sym/extensions/stdlib' require 'sym/extensions/class_methods' require 'sym/extensions/instance_methods' # # == Using Sym Library # # This library is a "wrapper" that allows you to take advantage of the # symmetric encryption functionality provided by the {OpenSSL} gem (and the # underlying C library). In order to use the library in your ruby classes, you # should _include_ the module {Sym}. # # The including class is decorated with four instance methods from the # module {Sym::Extensions::InstanceMethods} and two class methods from # {Sym::Extensions::ClassMethods} – for specifics, please refer there. # # The two main instance methods are +#encr+ and +#decr+, which as the name # implies, perform two-way symmetric encryption and decryption of any Ruby object # that can be +marshaled+. # # Two additional instance methods +#encr_password+ and +#decr_password+ turn on # password-based encryption, which actually uses a password to construct a 128-bit # long private key, and then uses that in the encryption of the data. # You could use them to encrypt data with a password instead of a randomly # generated private key. # # The library comes with a rich CLI interface, which is mostly encapsulated under the # +Sym::App+ namespace. # # The +sym+ executable that is the "app" in this case, and is a _user_ of the # API methods +#encr+ and +#decr+. # # Create a new key with +#create_private_key+ class method, which returns a new # key every time it's called, or with +#private_key+ class method, which either # assigns, or creates and caches the private key at a class level. # # == Example # # require 'sym' # # class TestClass # include Sym # # read the key from environmant variable and assign to this class. # private_key ENV['PRIVATE_KEY'] # # def sensitive_value=(value) # @sensitive_value = encr(value, self.class.private_key) # end # # def sensitive_value # decr(@sensitive_value, self.class.private_key) # end # end # # == Private Key # # They private key can be generated by +TestClass.create_private_key+ # which returns but does not store a new random 256-bit key. # # The key can be assigned and saved, or auto-generated and saved using the # +#private_key+ method on the class that includes the +Sym+ module. # # Each class including the +Sym+ module would get their own +#private_key# # class-instance variable accessor, and a possible value. # module Sym def self.included(klass) klass.instance_eval do include ::Sym::Extensions::InstanceMethods extend ::Sym::Extensions::ClassMethods class << self def private_key(value = nil) if value @private_key= value elsif @private_key @private_key else @private_key= self.create_private_key end @private_key end end end end class << self def config Sym::Configuration.config end def default_key_file config.default_key_file end def default_key File.read(default_key_file) rescue nil end def default_key? File.exist?(default_key_file) end end end