# Encrypt gateway configs stored in database

To encrypt (and later decrypt) sensitive configuration details (like payment provider credentials) we have to do three things:

* Make sure model implements `CryptedInterface`. The `GatewayConfig` class already does it.
* Create a cypher instance.
* Wrap the storage into `CryptoStorageDecorator` decorator.

First, we have to install an encryption library `defuse/php-encryption`

```bash
$ composer require defuse/php-encryption:^2
```

Once the library is installed we can configure a storage:

```php
<?php
namespace Acme;

use Payum\Core\Storage\CryptoStorageDecorator;
use Payum\Core\PayumBuilder;
use Payum\Core\Payum;

/** @var \Payum\Core\Storage\StorageInterface $realStorage */

// the secret has to be stored somewhere and used for all future usages.
$secret = \Defuse\Crypto\Key::createNewRandomKey()->saveToAsciiSafeString();
$cypher = new \Payum\Core\Bridge\Defuse\Security\DefuseCypher($secret);

$gatewayConfigStorage = new CryptoStorageDecorator($realStorage, $cypher);

/** @var Payum $payum */
$payum = (new PayumBuilder())
    ->setGatewayConfigStorage($gatewayConfigStorage)

    ->getPayum()
;
```

***

### Supporting Payum

Payum is an MIT-licensed open source project with its ongoing development made possible entirely by the support of community and our customers. If you'd like to join them, please consider:

* [Become a sponsor](https://github.com/sponsors/Payum)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://payum.gitbook.io/payum/encrypt-gateway-configs-stored-in-database.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.