halite icon indicating copy to clipboard operation
halite copied to clipboard
verified publisher icon paragonie

Create a different key pr environment

Open christianostrem opened this issue 4 years ago • 3 comments

Hi,

I'm trying to find out if it's possible to create a new key per environment. I cant find any documentation on it.

Ex: .Halite.key.prod or Ex: .Halite.prod.key

christianostrem avatar Sep 21 '21 07:09 christianostrem

https://github.com/paragonie/halite/blob/master/doc/Classes/KeyFactory.md#loadauthenticationkey

You can load a key from a file. You can use environment variables to tell Halite which suffix to apply in the code that calls this. We aren't building the glue for this into Halite, of course.

paragonie-security avatar Oct 04 '21 08:10 paragonie-security

We found a way around it by using environment ( %env()% ) variables in the halite config path. Though a .halite.prod environment support would have been great.

christianostrem avatar Oct 04 '21 09:10 christianostrem

Though a .halite.prod environment support would have been great.

We're not opposed to that feature existing. We just don't think it belongs inside Halite.

For frameworks that do a lot of heavy lifting with environment variables, a separate meta-package that wraps Halite is more appropriate than us adding more cruft, technical debt, and attack surface to this cryptography library.

paragonie-security avatar Oct 05 '21 12:10 paragonie-security