troyharvey/ReEncryptDataCommand.php

## ReEncryptDataCommand.php
<?php

namespace App\Console\Commands;

use DB;
use Illuminate\Encryption\Encrypter;
use Illuminate\Support\Str;
use Illuminate\Console\Command;

class ReEncryptData extends Command
{
    /**
     * The name and signature of the console command.
     *
     * @var string
     */
    protected $signature = 'resonate:re-encrypt';

    /**
     * The console command description.
     *
     * @var string
     */
    protected $description = 'After updating the APP_KEY we need to re-encrypt all data that was encrypted and stored in the app.';

    /**
     * Create a new command instance.
     *
     * @return void
     */
    public function __construct()
    {
        parent::__construct();
    }

    /**
     * Execute the console command.
     *
     * @return mixed
     */
    public function handle()
    {
        $oldValues = [];
        $newValues = [];

        $oldKey = $this->ask('What is the old APP_KEY?');
        $oldKey = $this->stripBase64Prefix($oldKey);

        $newKey = $this->ask('What is the new APP_KEY? (press enter for...)', env('APP_KEY'));
        $newKey = $this->stripBase64Prefix($newKey);

        do {
            $table = $this->ask('What is the name of the table?');
            $column = $this->ask('What is the name of the encrypted column?');

            $previousEncrypter = new Encrypter($oldKey, config('app.cipher'));
            $newEncrypter = new Encrypter($newKey, config('app.cipher'));

            foreach (DB::table($table)->get() as $row) {
                $oldValues[$row->id] = $row->{$column};
                $decryptedValue = $previousEncrypter->decrypt($row->{$column});
                $encryptedValue = $newEncrypter->encrypt($decryptedValue);
                $newValues[$row->id] = $encryptedValue;

                DB::table($table)
                    ->where('id', $row->id)
                    ->update([$column => $encryptedValue]);
            }

            $this->info("Here are the old values encrypted with the old key:");
            $this->info(json_encode($oldValues));

            $this->info("Here are the new values encrypted with the new key:");
            $this->info(json_encode($newValues));
        } while ($this->confirm('Do you have more columns to encrypt?'));
    }

    /**
     * Strip "base64:" off the front of the APP_KEY
     */
    public function stripBase64Prefix($key)
    {
        if (Str::startsWith($key, 'base64:')) {
            $key = base64_decode(substr($key, 7));
        }
        return $key;
    }
}
	<?php

	namespace App\Console\Commands;

	use DB;
	use Illuminate\Encryption\Encrypter;
	use Illuminate\Support\Str;
	use Illuminate\Console\Command;

	class ReEncryptData extends Command
	{
	/**
	* The name and signature of the console command.
	*
	* @var string
	*/
	protected $signature = 'resonate:re-encrypt';

	/**
	* The console command description.
	*
	* @var string
	*/
	protected $description = 'After updating the APP_KEY we need to re-encrypt all data that was encrypted and stored in the app.';

	/**
	* Create a new command instance.
	*
	* @return void
	*/
	public function __construct()
	{
	parent::__construct();
	}

	/**
	* Execute the console command.
	*
	* @return mixed
	*/
	public function handle()
	{
	$oldValues = [];
	$newValues = [];

	$oldKey = $this->ask('What is the old APP_KEY?');
	$oldKey = $this->stripBase64Prefix($oldKey);

	$newKey = $this->ask('What is the new APP_KEY? (press enter for...)', env('APP_KEY'));
	$newKey = $this->stripBase64Prefix($newKey);

	do {
	$table = $this->ask('What is the name of the table?');
	$column = $this->ask('What is the name of the encrypted column?');

	$previousEncrypter = new Encrypter($oldKey, config('app.cipher'));
	$newEncrypter = new Encrypter($newKey, config('app.cipher'));

	foreach (DB::table($table)->get() as $row) {
	$oldValues[$row->id] = $row->{$column};
	$decryptedValue = $previousEncrypter->decrypt($row->{$column});
	$encryptedValue = $newEncrypter->encrypt($decryptedValue);
	$newValues[$row->id] = $encryptedValue;

	DB::table($table)
	->where('id', $row->id)
	->update([$column => $encryptedValue]);
	}

	$this->info("Here are the old values encrypted with the old key:");
	$this->info(json_encode($oldValues));

	$this->info("Here are the new values encrypted with the new key:");
	$this->info(json_encode($newValues));
	} while ($this->confirm('Do you have more columns to encrypt?'));
	}

	/**
	* Strip "base64:" off the front of the APP_KEY
	*/
	public function stripBase64Prefix($key)
	{
	if (Str::startsWith($key, 'base64:')) {
	$key = base64_decode(substr($key, 7));
	}
	return $key;
	}
	}