1

I am trying to fetch the secret encryption key from laravel so that I can use it on the mobile app end for decrypting the data. When I run the command in the laravel

php artisan key:generate

It created the below key in the .env file in laravel. Laravel documentation says that the above command should create a 32 character string key but i get the blow string

APP_KEY=base64:H2gjrkZZAx3U6Rc7hhZG59xzNY2bSsaW1dKpo1Q1NRk=

Larvel uses the above key to encrypt the data. I need the 32 character key string to decrypt the data in other places. Above Key after removing base64: is 44 character string so I get this is not the actual string. I have tried to decode the string by using base64_decode but then it gives a binary string. I need the actual 32 character secret key

Can someone please guide how do I fetch the actual secret key string so that I can use it in other places for decrypting the data?

Regards Syed

Arif
  • 377
  • 2
  • 5
  • 21
  • What have you tried so far? Where are you stuck? Do you struggle with reading the environment variable? Or anything else? – Nico Haase Feb 17 '22 at 13:20
  • As mentioned, I have fetched the app_key from the env file but it looks like that is not accepted. I tried using H2gjrkZZAx3U6Rc7hhZG59xzNY2bSsaW1dKpo1Q1NRk= but that did not work. probably it was encoded so I decoded the above string. However, that was also throwing error. I am guessing I am making a mistake in fetching the correct part fo the string – Arif Feb 17 '22 at 13:25
  • `env('VARIABLE_NAME');` – VIKAS KATARIYA Feb 17 '22 at 13:27

2 Answers2

0

If you base64 decode H2gjrkZZAx3U6Rc7hhZG59xzNY2bSsaW1dKpo1Q1NRk= it returns a 32 character long string (binary).

But generally I would think you could use native Laravel methods for decryption and thus avoid fetching the key manually.

thephper
  • 2,342
  • 22
  • 21
  • it returns this. h#®FYÔé;FçÜs5JÆÕÒ©£T55 as binary. However, when I try using it in online tools to test decrypting the data, I get an error that the key is 46 byte while it expect 32 bit – Arif Feb 17 '22 at 13:46
  • Also, in laravel, it works fine. However, I want to get hold of the actual key to use in mobile for decrypting the data – Arif Feb 17 '22 at 13:47
0

If I understand you very well, go to your "config/app.php"

Change 'cipher' => 'AES-256-CBC',to AES-128-CBC and then re-generate the key.

Mohcin Bounouara
  • 593
  • 4
  • 18