/** * Change encryption key * * @param string|null $key * @return null|string * @throws \Exception */ public function changeEncryptionKey($key = null) { // prepare new key, encryptor and new configuration segment if (!$this->writer->checkIfWritable()) { throw new \Exception(__('Deployment configuration file is not writable.')); } if (null === $key) { $key = md5(time()); } $this->encryptor->setNewKey($key); $encryptSegment = new ConfigData(ConfigFilePool::APP_ENV); $encryptSegment->set(ConfigOptionsListConstants::CONFIG_PATH_CRYPT_KEY, $this->encryptor->exportKeys()); $configData = [$encryptSegment->getFileKey() => $encryptSegment->getData()]; // update database and config.php $this->beginTransaction(); try { $this->_reEncryptSystemConfigurationValues(); $this->_reEncryptCreditCardNumbers(); $this->writer->saveConfig($configData); $this->commit(); return $key; } catch (\Exception $e) { $this->rollBack(); throw $e; } }