Open
Description
Currently unless the key and the credentials files are changed at the same time, there could be a problem with decryption after deployment.
This can be implemented simply in diffcrypt core by allowing a comma seperated list of keys to try, skipping to the next key if decryption fails.
In theory we can also extend this to rails by doing the approach, and ensuring the rails credentials wrapper uses the correct internal diffcrypt classes that support this type of decryption.