README.md in sym-2.6.0 vs README.md in sym-2.6.1

- old
+ new

@@ -242,49 +242,37 @@ You can encrypt the private key using a custom password. This is highly recommended, because without the password the key is the only piece that stands between an attacker and decrypting your sensitive data. For this purpose, two more instance methods exist: - * `encr_password(data, password, iv = nil)` - * `decr_password(encrypted_data, password, iv = nil)` + * `#encr_password(data, password, iv = nil)` + * `#decr_password(encrypted_data, password, iv = nil)` They can be used independently of `encr` and `decr` to encrypt/decrypt any data with a password. -<a name="rubyapi-app"></a> +<a name="magic-file"></a> -### `Sym::Application` +### Using `Sym::MagicFile` API for Reading/Writing Encrypted/Decrypted data -Since the command line interface offers much more than just encryption/decryption of data with a key, majority of these features are available through `Sym::Application` instance. +This is probably the easiest way to leverage Sym-encrypted files in your application — by loading them into memory with `Sym::MagicFile`. This class provides a very simple API while supporting all of the convenience features of the rich application API (see below). -The class is instantiated with a hash that would be otherwise generated by parsing CLI arguments, typical `options`. For example, to generate the key, pass `generate: true` — essentially any flag in it's long form can be converted into a hash member. - -Here is an example: - -```ruby -require 'sym/application' - -key = Sym::Application.new(generate: true).execute -# => '75ngenJpB6zL47/8Wo7Ne6JN1pnOsqNEcIqblItpfg4=' -``` - -### `Sym::MagicFile` for Reading Encrypted Data - -This is probably the easiest way to leverage Sym-encrypted files, by loading them into memory. - -`Sym::MagicFile` provides a very simple API for loading and reading encrypted files -into memory, while supporting all of the convenience features of the rich -application API. - -You initialize this class with just two things: a `pathname` to a file (encrypted +You instantiate `Sym::MagicFile` with just two parameters: a `pathname` to a file (encrypted or not), and the `key` identifier. The identifier can either be a filename, or OS-X Keychain entry, or environment variable name, etc — basically it is resolve like any other `-k <value>` CLI flag. -#### Example: Using `Sym::MagicFile` with the `RailsConfig` gem +The following methods are available: + * `#encrypt` — returns an encrypted string representing the encrypted contents ofa file specified by the pathname. + * `#decrypt` — returns a decrypted string representing the decrypted contents of a file specified by the pathname. + * `#encrypt_to(filename)` — encrypts the contents of a file specified by the pathname, and writes the result to a `filename`. + * `#decrypt_to(filename)` — decrypts the contents of a file specified by the pathname, and writes the result to a `filename`. + +#### Example: Using `Sym::MagicFile` with the `RailsConfig` (or `Settings`) gem + In this example, we assume that the environment variable `$PRIVATE_KEY` contain -the key to be used in decryption. Note that methods `#decrypt` and `#read` on `Sym::MagicFile` instance are synomymous. +the key to be used in decryption. ```ruby require 'sym/magic_file' require 'yaml' secrets = Sym::MagicFile.new('/usr/local/etc/secrets.yml.enc', 'PRIVATE_KEY') @@ -303,9 +291,26 @@ '/usr/local/etc/secrets.yml.enc', 'PRIVATE_KEY' ).decrypt) ) Settings.reload! +``` + +<a name="rubyapi-app"></a> + +### Using `Sym::Application` API + +Since the command line interface offers much more than just encryption/decryption of data with a key, majority of these features are available through `Sym::Application` instance. + +The class is instantiated with a hash that would be otherwise generated by parsing CLI arguments, typical `options`. For example, to generate the key, pass `generate: true` — essentially any flag in it's long form can be converted into a hash member. + +Here is an example: + +```ruby +require 'sym/application' + +key = Sym::Application.new(generate: true).execute +# => '75ngenJpB6zL47/8Wo7Ne6JN1pnOsqNEcIqblItpfg4=' ``` ### Ruby API Conclusion Using `Sym`'s rich ruby API you can perform both low-level encryption/decryption, as well as high-level management of encrypted files. By using `Sym::MagicFile` and/or `Sym::Application` classes you can access the entire set of functionality expressed vi the CLI, described in details below.