Custom encryption key

[omaresmael]

Hey,

I recently came across a use-case where I needed to use a custom encryption key instead of the default one ('key' => env('APP_KEY')). After some exploration, I found this thread on the Laracast that provided a workaround.

$newEncrypter = new \Illuminate\Encryption\Encrypter($myCustomKey, Config::get('app.cipher'));
$encrypted = $newEncrypter->encrypt($plainTextToEncrypt);
$decrypted = $newEncrypter->decrypt($encrypted);

However, I've been thinking of making a pr to allow the encrypt and decrypt helper functions to accept an optional $key parameter. By passing a specific key as an argument, the Encrypter would use that key for encryption/decryption. If no key is provided, the Encrypter would fallback to the default encryption key.

$encrypted = encrypt(
       value: $plainTextToEncrypt, key: $myCustomKey
);
$decrypted = decrypt(
        value: $encrypted, key: $myCustomKey
);

would you like to see a pr for that or do you have something else in mind
please let me know
thank you

[Kamandlou]

I think this is a good idea.
If you want help to create this PR, I will be happy to help.

[omaresmael]

Thank you @Kamandlou
I've already created it locally
I will open it today/tomorrow, I'll be grateful if you have any modifications on the pr

[drpshtiwan]

The key should be 32bit. This is how Laravel decrypts the base64 key to use in the crypt.

$key = config('app.key'); // you can make the app to generate new key and use it instead

if (Str::startsWith($key, 'base64:')) {
    $key = base64_decode(substr($key, 7));
}

$newEncrypter = new \Illuminate\Encryption\Encrypter($key, config('app.cipher'));

$encrypted = $newEncrypter->encrypt($plainTextToEncrypt);
$decrypted = $newEncrypter->decrypt($encrypted);