kordix
4 months ago

Encrypted value in .env

Posted 4 months ago by kordix

My goal is to write encrypted password in .env file. I've searched the web and this seems to be a solution: https://packagist.org/packages/baglerit/envariable

I need to use it without crypt facade But I can't use this in database.php

$crypt = new Illuminate\Encryption\Encrypter(env('APP_KEY'));

Shows error in console when I serve the application: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths.

I use it just in the top of the file, maybe I do it wrong?

Of course I have the APP_KEY generated

P.S I see that something changed from version 5.0

https://laravel.com/api/5.0/Illuminate/Encryption/Encrypter.html https://laravel.com/api/5.8/Illuminate/Encryption/Encrypter.html

In 5.0 it was

void __construct(string $key)

In 5.8

void __construct(string $key, string $cipher = 'AES-128-CBC')

Seems I have to add second argument with that cipher? I try:

$crypt = new Illuminate\Encryption\Encrypter(env('APP_KEY'),'AES-128-CBC');

But it doesn't work, same exception

P.P.S I try also 'AES-256-CBC'. Something seems wrong for me - 128 is for 16 length app key and 256 for 32? As I see all APP_KEY has 51 characters, without base64: its 44. Is this something about the length of APP_KEY?

P.P.S I think it's right clue, this works:

$crypt = new Illuminate\Encryption\Encrypter('ueMLteKXbdDreBOkzUFIwyPGvSQdKvUY','AES-256-CBC');

In that sense it's not throwing exception, I just added random string, it's not my APP_KEY

So why APP_KEY has inproper length? In config.app I have 'cipher' => 'AES-256-CBC',

Please sign in or create an account to participate in this conversation.