Add Support to Explicitly Set Secret Before Encrypting/Decrypting #2
Description
Currently, the encrypter-bundle relies solely on the pre-configured secret defined in the configuration for all encryption and decryption operations. This setup limits flexibility, especially in cases where a temporary or alternative secret needs to be applied for specific encryption/decryption tasks.
Problem Statement: a developer may need to override the default secret for one-time encryption or decryption without altering the globally configured secret in certain scenarios. This lack of flexibility can lead to issues when secure, context-specific encryption flows are required. Currently, the bundle has no mechanism to set a temporary secret before calling the encrypt or decrypt methods.
Proposed Solution:
-
Temporary Secret Override: Introduce a method (e.g.,
setTemporarySecret($secret)) that allows the user to specify a one-time secret before invoking theencryptordecryptmethods. This secret will override the configured secret only for that specific operation. -
Reset Method: Add a
resetSecret()method to revert to the originally configured secret. This method will be useful to ensure that subsequent operations continue using the default configuration.
Proposed API Changes:
setTemporarySecret($secret): Sets a temporary secret for immediate encryption/decryption.
resetSecret(): Reverts back to the original, configured secret.
$encrypter->setTemporarySecret('temporarySecret123');
$encryptedData = $encrypter->encrypt($data);
$decryptedData = $encrypter->decrypt($encryptedData);
// Reset to the original secret for future operations
$encrypter->resetSecret();
Benefit: This enhancement would provide flexibility to handle different encryption scenarios securely and allow developers to specify an alternate secret when needed, all while ensuring the configured secret remains protected. This functionality would be handy in cases requiring on-demand encryption adjustments without modifying global settings.