# # Symmetric Encryption for Ruby # --- # For the development and test environments the test symmetric encryption keys # can be placed directly in the source code. # And therefore no RSA private key is required development: &development_defaults key: 1234567890ABCDEF1234567890ABCDEF iv: 1234567890ABCDEF cipher_name: aes-128-cbc encoding: :base64strict test: <<: *development_defaults release: # Since the key to encrypt and decrypt with must NOT be stored along with the # source code, we only hold a RSA key that is used to unlock the file # containing the actual symmetric encryption key private_rsa_key: | <%= OpenSSL::PKey::RSA.generate(2048).to_s.each_line.collect { |line| " #{line}" }.join('') %> # List Symmetric Key files in the order of current / latest first ciphers: - # Filename containing Symmetric Encryption Key encrypted using the # RSA public key derived from the private key above key_filename: <%= File.join(key_path, "#{app_name}_release.key") %> iv_filename: <%= File.join(key_path, "#{app_name}_release.iv") %> cipher_name: aes-256-cbc # Base64 encode encrypted data without newlines encoding: :base64strict version: 1 production: # Since the key to encrypt and decrypt with must NOT be stored along with the # source code, we only hold a RSA key that is used to unlock the file # containing the actual symmetric encryption key private_rsa_key: | <%= OpenSSL::PKey::RSA.generate(2048).to_s.each_line.collect { |line| " #{line}" }.join('') %> # List Symmetric Key files in the order of current / latest first ciphers: - # Filename containing Symmetric Encryption Key encrypted using the # RSA public key derived from the private key above key_filename: <%= File.join(key_path, "#{app_name}_production.key") %> iv_filename: <%= File.join(key_path, "#{app_name}_production.iv") %> cipher_name: aes-256-cbc # Base64 encode encrypted data without newlines encoding: :base64strict version: 1