Our goal is to save sensitive data in a MySQL database in a responsible way, and be able to read/write it programmatically in a PHP web application. Asymmetric encryption would be best, but is not practical here. Symmetric encryption with a strong algorithm and hard-to-guess cipher is acceptable, but not if we store the cipher in plain text on the same server where the database credentials also live in plain text!
This work-in-progress is subject to change if/when I come up with a better scheme, but for now, the plan is to:
- store the cipher as a vault secret;
- configure TLS authentication so that our PHP application can log in, and then
- create a token that allows its bearer to read the secret (our cipher);
- use a PHP component and our cipher to encrypt/decrypt our sensitive data.