/**
* Change encryption key
*
* @param string|null $key
* @return null|string
* @throws \Exception
*/
public function changeEncryptionKey($key = null)
{
// prepare new key, encryptor and new configuration segment
if (!$this->writer->checkIfWritable()) {
throw new \Exception(__('Deployment configuration file is not writable.'));
}
if (null === $key) {
$key = md5($this->random->getRandomString(ConfigOptionsListConstants::STORE_KEY_RANDOM_STRING_SIZE));
}
$this->encryptor->setNewKey($key);
$encryptSegment = new ConfigData(ConfigFilePool::APP_ENV);
$encryptSegment->set(ConfigOptionsListConstants::CONFIG_PATH_CRYPT_KEY, $this->encryptor->exportKeys());
$configData = [$encryptSegment->getFileKey() => $encryptSegment->getData()];
// update database and config.php
$this->beginTransaction();
try {
$this->_reEncryptSystemConfigurationValues();
$this->_reEncryptCreditCardNumbers();
$this->writer->saveConfig($configData);
$this->commit();
return $key;
} catch (\Exception $e) {
$this->rollBack();
throw $e;
}
}
