Crypto Bundle Laravel Package

## Getting Started
Install the package via Composer:
```bash
composer require vendor/package-name

Publish the configuration file (if needed):

php artisan vendor:publish --provider="Vendor\PackageName\PackageServiceProvider"

For v2.1.0+, leverage the new mes_crypto.loader service to load encoded keys/secrets via a custom CryptoLoader implementation. Register it in your config/services.php:

'mes_crypto.loader' => \Vendor\PackageName\Services\CustomCryptoLoader::class,

First use case: Generate and load encrypted keys/secrets dynamically:

php artisan crypto:generate-key
php artisan crypto:generate-secret

Implementation Patterns

1. Custom CryptoLoader Integration

Use the mes_crypto.loader service to replace hardcoded keys/secrets with encrypted values loaded at runtime:

// In a service or controller
public function __construct(
    private CryptoLoader $cryptoLoader
) {}

public function fetchEncryptedData() {
    $key = $this->cryptoLoader->loadKey('encrypted_key_alias');
    $secret = $this->cryptoLoader->loadSecret('encrypted_secret_alias');
    // Use $key/$secret for API calls, DB encryption, etc.
}

2. Command-as-a-Service Workflow

Leverage KeyGeneratorCommand/SecretGeneratorCommand as services for programmatic key generation:

// In a custom Artisan command or event listener
public function handle() {
    $keyGenerator = app(KeyGeneratorCommand::class);
    $keyGenerator->handle(); // Generates and stores a new key
}

3. Encrypted Configuration

Store sensitive values in .env as encrypted strings (e.g., ENCRYPTED_API_KEY=...) and decode them via the loader:

# .env
ENCRYPTED_API_KEY=base64_or_custom_encoded_value

$apiKey = $this->cryptoLoader->decode($this->config['encrypted_api_key']);

Gotchas and Tips

Breaking Changes

• v2.1.0 removes direct access to raw key/secrets in config. Use CryptoLoader for all encrypted values.
• If extending the package, update service bindings to use the new mes_crypto.loader interface.

Debugging Tips

1. Loader Validation: Ensure your CustomCryptoLoader implements Vendor\PackageName\Contracts\CryptoLoader.
2. Artisan Commands: Verify commands are registered as services in app/Console/Kernel.php:

   protected $commands = [
       \Vendor\PackageName\Commands\KeyGeneratorCommand::class,
       \Vendor\PackageName\Commands\SecretGeneratorCommand::class,
   ];
   

3. Environment Fallback: If keys/secrets fail to load, check:
   • .env encoding matches the loader’s expectations.
   • Storage permissions for encrypted files (if using file-based storage).

Extension Points

• Custom Encoders: Extend CryptoLoader to support new encryption formats (e.g., AWS KMS, HashiCorp Vault).
• Key Rotation: Use the KeyGeneratorCommand service to automate key rotation in a cron job:

  $schedule->command(KeyGeneratorCommand::class)->daily();
  

• Testing: Mock CryptoLoader in tests to avoid hardcoding secrets:

  $this->app->instance(CryptoLoader::class, new MockCryptoLoader());