#
# Symmetric Encryption for Ruby
#
---
# For the development and test environments the test symmetric encryption keys
# can be placed directly in the source code.
# And therefore no RSA private key is required
development:   &development_defaults
  key:         1234567890ABCDEF1234567890ABCDEF
  iv:          1234567890ABCDEF
  cipher_name: aes-128-cbc
  encoding:    :base64strict

test:
  <<: *development_defaults

release:
  # Since the key to encrypt and decrypt with must NOT be stored along with the
  # source code, we only hold a RSA key that is used to unlock the file
  # containing the actual symmetric encryption key
  private_rsa_key: |
    -----BEGIN RSA PRIVATE KEY-----
    MIIEpQIBAAKCAQEAtP6lnW1Oj8T+IoxQRrFW1vtYr+jgK9w0SP7tOY2RMbuLrNEv
    ck5z5O4o2iz8UfXMEMGuMtlj0a8F4myUG6QDWuY8k1+oPHIUvK/9Z8rCmWd0Kw0U
    ATV+txSg/gdUFD11MX8fLljd9l08b79exh/MMSv0Tp21Mo+ILWDCI2YNLFSDuG95
    sgiX6as7Ji5254obY6Qa0eR21h4QafzCOp6fLhVpUV6FLnCRoTPe8usS0wwe1KIb
    byFl/J5wc6HkicibC+jD+IKKCVbX3IdGOyilyz4dQ3egnEsfBGTO5LogXrY991Jb
    HN34dhpXDkN/sI1X8p3cDyQ75Elk0PJojiBKowIDAQABAoIBABs45a3s39EN3u9R
    TU2kpJwHB8rFatoN76s+9G0glsL1I0fl2o4FsLaw/2H5PCYToxKuHsY1HidOfMMW
    c5xIqdyFHn1H+OTGf8n1alavD1/FSJqlB+o6oolkx+YNMh8tMzAzn3v4D8JbOZjR
    Hq8L30lSBBfC7prhLaktkWWDlt2gw4FcScUc24UFmKCQEtdaoZU71q2g5kWwZdRC
    W8qIXWwRYhhjUOsuiL/Is/wxx4hK7cmwEezkbwQ29aC4mYtHYq/o5BduBO6wiGkv
    F1PkySpejNIUl1D2E6noHXlJiqhE5nqp+6jw5HNE5J0JXVyo4MzA1Yn1w9Q+3D06
    1o9njDECgYEA6ztXOoEZ0BdxSokWc8uaQD6xnTj/fEcVisfspsTR6LxlYs7TFTvf
    8SqXGrIFSuMGYx/NeuTlF7qQYOxmEptJ/16UnGrT1Y+7xWCcFfmkfRlM1w7X1b/7
    f4HNp7JjFWbcm1+P3XNYiA921LtsJzP+HwKVY/1Cxzlprq5o3Lx2g/kCgYEAxPlz
    ex9pZqpUza2RQxdufoIEiwMnhSB0p0ZhCGZlApS6Yj8wr29EjvNKDcFVDK6WpsiL
    6tGzE0KZ18AAUA1FwfODrp9Qa1+EtU5aErNsf1uLBRrZkYcCwewyI/c6jb0xN5oc
    coW+ijz/Zh7Y13XGUl+Jq0pwQH2dIlr4mvQ6cnsCgYEAvAWSk5DdsRcL1yf8alIz
    2WZDUghdLlkjPurOnf50SjNMVs46qp5RQdNpNE1XLaSJVnH1LGYJOA5HmTFb5UN6
    wkQ3RU+eQvXAgOPX3zjL4bJ3WO7kVlY+EI0QdRqBWHn/m7GmrLul6Bt0QFYO/Mby
    OJc4EdQ9rECX2KhP6SA7GwECgYEAojQJNMqZMUHys6zKgkU5aFQJCbB/StF/PoBm
    R1SKuaVgFqeSn+Uwv8b4pHsgXmEnDhD3p1cn8CRYK6Kgn0tOtnihZ5spzkHKNsNe
    ySeXoQjxYjLKF1zmmGq4n4VnYnD5pp/x7RzV22B/sMiWKFeECTFDXRrfdTv7ud7P
    +kpEFyECgYEAqsZBfG77Z2kCWNwq/AJqTZk2kZ7gO7TLRjTgwHEYUog9fT5v5KHm
    KWCo0hchTvtYaJ+MM+f6I627O96LTGll3Iw35YdUjQp/Xzlke20wHoXODy8c+y6M
    QSamgNAlTe9il4I07p8xd1O1j/fTJXOuUUxK7pfA0+FGNQtEEdMeDZQ=
    -----END RSA PRIVATE KEY-----


  # List Symmetric Key files in the order of current / latest first
  ciphers:
    -
      # Filename containing Symmetric Encryption Key encrypted using the
      # RSA public key derived from the private key above
      key_filename: /etc/rails/keys/podioror_release.key
      iv_filename:  /etc/rails/keys/podioror_release.iv
      cipher_name:  aes-256-cbc
      # Base64 encode encrypted data without newlines
      encoding:     :base64strict
      version:      1

production:
  # Since the key to encrypt and decrypt with must NOT be stored along with the
  # source code, we only hold a RSA key that is used to unlock the file
  # containing the actual symmetric encryption key
  private_rsa_key: |
    -----BEGIN RSA PRIVATE KEY-----
    MIIEpQIBAAKCAQEAvU5AXXvdb813T83yBgNCtk44F8RybljZxxM43HyVXicbqdri
    S2Bt6Qc/KG1QHirOKoTl5uiBd8f4iGVPN80svNLLVetDOsmtgtkDz/pzTkcrYGRG
    5pRRtAuSp8SfUbCcM/i0KWKUqgZYHm3qlDQUgHqAjx1jSD4V6p1DIJSvrA+/jciQ
    ksueR2OPn9LkEHBArECLgJBXu8gN0JFnmfzxFpsAgtMhP7ljtJHeORhCYW+O8SSp
    ricnDxQYF8s/+hHOZah2PPKkVLfx+ZV86Ba8pDk0GCD8afM7eh24DD/YbDmIm8yE
    P02tm0ZeZfzvFNtDG3Q8kPvK0ccJOFV9GCMc2QIDAQABAoIBAGwH9ANlZIEhKC2K
    wctcoP2YtboaiZMfcWiCN7jcAAGzH75XAz0w0ohhclGH0Gjm1LC/FtQna3sHy3VL
    G2Ik3JsFULS/haZO4Y4CeoJ90r+hLcfccfm0Oswcrpy/QIxF1V5zV50mfOBqrm7v
    GydocSrAvgzuIHJhu/Afvucg8v+lIbuqrRcORULwR1ubmMCgDKGuK5Q9S5OLGDX+
    oPdQIC6azqVN6WiDtZQy/4G5t1hdnOJITXGVu3ZiLsxMEyKem1XQwPf5kPMgT6/e
    9ZSfY5JaRe2E0HC7o6I0iSc8Lga3GLZBUzl4eILmOXnteNOrjPPYlFtgE3L31Q7V
    YFY432ECgYEA4eZeuXMZ75JQalwWuwM2xWV7bpNyifj+LR/ccfxpJLcDHMlbihMM
    iGr+wfVTjO9QnkFfoQ5vc1ePfi45aTwuxr8kwub0+0+i3ps9hyMn2Ndp+y2rFv8k
    q0ahJrSmkueZ5T9P8dXxtbAukGKIrNrduchiwK1kwe1iLBBwY+rqXGsCgYEA1oef
    cc6gkWcdQqTNmUeJqwPHtJfZoS5YVfozrgEfVCFrxbcw2anD7F95dSldsvelHpNe
    aqFWsEsqUoQ+xdR9kyWjQA/9tWsJHm29gFc3VcwOvcNz/ll5mgSOgX2sutj5AmML
    Nb1Vtlkq/s2UABHEXQc+VJl4YKaMWF+fj0SYfMsCgYEAoth7OJzs+XM0XTf9etsa
    RLqffFr2mtfQA5+QPuuCsGDt8XaGcsbApibbd97uWA68wxjFY0kQtslMO93+rQoh
    fkyUp5vuxqvl8Stf82c4dmzzjYqiZ3WObZoA2fIokoY6vrQhYWilUiCrsJIXjORK
    Kn92EQfuNo510uYW3zCdufkCgYEA1eQ2xsObOB21AMNL8i1vR0DnllloNNn+XQqv
    CCg6UilYSLMTU5F9tGiksnnh4BQlX0zTcEEYK4Fl2wvbgmcQJOv7zl2jOYRUfTAx
    JorOsw5XDECZn9kZ8sPkSZtB4rF95DFX9eamVL6mrZHOpBsSyyXzsWmqqcKkX2BH
    uBJObu0CgYEA3Uu5hA65WCjP+hABYKNa+XCdd5ljysnPqp3y3BEfu/6QL9wQRLOy
    slwapCPQoxxpsEoLLEXsO7Ydw9EJxrePGw6qPji7B+nGUhs6rUlZWVr6lhJV9p3v
    X4YSzkMAbdsaYDh6oqSMN6F4vGnQ+W4uKIFsjGZccH2J6GcaCiW5imk=
    -----END RSA PRIVATE KEY-----


  # List Symmetric Key files in the order of current / latest first
  ciphers:
    -
      # Filename containing Symmetric Encryption Key encrypted using the
      # RSA public key derived from the private key above
      key_filename: /etc/rails/keys/podioror_production.key
      iv_filename:  /etc/rails/keys/podioror_production.iv
      cipher_name:  aes-256-cbc
      # Base64 encode encrypted data without newlines
      encoding:     :base64strict
      version:      1