#
# Symmetric Encryption for Ruby
#
---
# For the development and test environments the test symmetric encryption keys
# can be placed directly in the source code.
# And therefore no key encryption key is required
development:         &development_defaults
  key:               1234567890ABCDEF
  iv:                1234567890ABCDEF
  cipher_name:       aes-128-cbc
  encoding:          :base64strict
  always_add_header: true

test:
  <<: *development_defaults

release:
  # Since the encryption key must NOT be stored along with the
  # source code, only store the key encryption key here.
  private_rsa_key: |
<%= SymmetricEncryption::KeyEncryptionKey.generate.each_line.collect { |line| "    #{line}" }.join('') %>

  # List Symmetric Key files in the order of current / latest first
  ciphers:
    -
      # Name of the file containing the encrypted key and iv.
      key_filename:      <%= File.join(key_path, "#{app_name}_release.key") %>
      iv_filename:       <%= File.join(key_path, "#{app_name}_release.iv") %>
      cipher_name:       aes-256-cbc
      encoding:          :base64strict
      version:           1
      always_add_header: true

production:
  # Since the encryption key must NOT be stored along with the
  # source code, only store the key encryption key here.
  private_rsa_key: |
<%= SymmetricEncryption::KeyEncryptionKey.generate.each_line.collect { |line| "    #{line}" }.join('') %>

  # List Symmetric Key files in the order of current / latest first
  ciphers:
    -
      # Name of the file containing the encrypted key and iv.
      key_filename:      <%= File.join(key_path, "#{app_name}_production.key") %>
      iv_filename:       <%= File.join(key_path, "#{app_name}_production.iv") %>
      cipher_name:       aes-256-cbc
      encoding:          :base64strict
      version:           1
      always_add_header: true