How to encrypt gateway config stored in the database?
=====================================================

**1.** Add defuse/php-encryption to your project
.. code-block::

    composer require defuse/php-encryption

**2.** Generate your Defuse Secret Key by executing the following script:

.. code-block:: php

    <?php

    use Defuse\Crypto\Key;

    require_once 'vendor/autoload.php';

    var_dump(Key::createNewRandomKey()->saveToAsciiSafeString());

**3.** Store your generated key in a environmental variable in ``.env``.

.. code-block:: text

    # .env
    DEFUSE_SECRET: "YOUR_GENERATED_KEY"

**4.** Add the following code to the application configuration in the ``config/packages/payum.yaml``.

.. code-block:: yaml

    # config/packages/payum.yaml

    payum:
        dynamic_gateways:
            encryption:
                defuse_secret_key: "%env(DEFUSE_SECRET)%"

**5.** Existing gateway configs will be automatically encrypted when updated. New gateway configs will be encrypted by default.