How can I decrypt an encrypted configuration value?

Finally Get Success In Decrypt code...

protected $_encryptor;

public function __construct(
    \Magento\Framework\Encryption\EncryptorInterface $encryptor,
) {
    $this->_encryptor = $encryptor;
    parent::__construct($context);
}
$test = 'dfrk3-45pfnrkhwneirgplbmisniepssnie';
$test = $this->_encryptor->decrypt($test);
echo $test;

Share and help others...


\Magento\Framework\App\Config\ScopeConfigInterface::getValue will return the decrypted value. When ScopeConfigInterface::getValue returns an encrypted value, the configuration option is setup incorrectly. A correct implementation of an encrypted configuration value is:

Vendor/Module/etc/adminhtml/system.xml

Here we add an obscure configuration value in the path payment/webpay/keyid the critical things here is ensuring the field has type="obscure" and uses Magento\Config\Model\Config\Backend\Encrypted for the backend_model. This is how Magento knows to use a masked form field and encrypt any user input on save.

<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Config:etc/system_file.xsd">
    <system>
        <section id="payment">
            <group id="webpay">
                <field id="keyid" translate="label" type="obscure" sortOrder="100" showInDefault="1" showInWebsite="1" showInStore="0">
                    <label>Key Id</label>
                    <backend_model>Magento\Config\Model\Config\Backend\Encrypted</backend_model>
                </field>
            </group>
        </section>
    </system>
</config>

Vendor/Module/etc/config.xml

Adding backend_model="Magento\Config\Model\Config\Backend\Encrypted" here tells Magento the config value should be decrypted when retrieved with ScopeConfigInterface::getValue

<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Store:etc/config.xsd">
    <default>
        <payment>
            <webpay>
                <keyid backend_model="Magento\Config\Model\Config\Backend\Encrypted" />
            </webpay>
        </payment>
    </default>
</config>

Vendor/Module/etc/di.xml

This adds the configuration path to the sensitive array and prevents the path's value from being included when dumping the store configuration.

<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
    <type name="Magento\Config\Model\Config\TypePool">
        <arguments>
            <argument name="sensitive" xsi:type="array">
                <item name="payment/webpay/keyid" xsi:type="string">1</item>
            </argument>
        </arguments>
    </type>
</config>

If you have n98-magerun2.phar installed, you can get a decrypted config value with something like:

php bin/n98-magerun2.phar config:store:get --decrypt payment/webpay/keyid

You can also set encrypted config values from the command line with something like:

php bin/n98-magerun2.phar config:store:set --encrypt payment/webpay/keyid NEW_KEY_ID_VALUE_HERE

You can get n98-magerun2.phar from here: https://github.com/netz98/n98-magerun2