diff options
Diffstat (limited to 'vendor/aws/aws-sdk-php/src/Crypto/Polyfill/Key.php')
-rw-r--r-- | vendor/aws/aws-sdk-php/src/Crypto/Polyfill/Key.php | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/vendor/aws/aws-sdk-php/src/Crypto/Polyfill/Key.php b/vendor/aws/aws-sdk-php/src/Crypto/Polyfill/Key.php new file mode 100644 index 0000000..49d0c69 --- /dev/null +++ b/vendor/aws/aws-sdk-php/src/Crypto/Polyfill/Key.php @@ -0,0 +1,77 @@ +<?php +namespace Aws\Crypto\Polyfill; + +/** + * Class Key + * + * Wraps a string to keep it hidden from stack traces. + * + * @package Aws\Crypto\Polyfill + */ +class Key +{ + /** + * @var string $internalString + */ + private $internalString; + + /** + * Hide contents of + * + * @return array + */ + public function __debugInfo() + { + return []; + } + + /** + * Key constructor. + * @param string $str + */ + public function __construct($str) + { + $this->internalString = $str; + } + + /** + * Defense in depth: + * + * PHP 7.2 includes the Sodium cryptography library, which (among other things) + * exposes a function called sodium_memzero() that we can use to zero-fill strings + * to minimize the risk of sensitive cryptographic materials persisting in memory. + * + * If this function is not available, we XOR the string in-place with itself as a + * best-effort attempt. + */ + public function __destruct() + { + if (extension_loaded('sodium') && function_exists('sodium_memzero')) { + try { + \sodium_memzero($this->internalString); + } catch (\SodiumException $ex) { + // This is a best effort, but does not provide the same guarantees as sodium_memzero(): + $this->internalString ^= $this->internalString; + } + } + } + + /** + * @return string + */ + public function get() + { + return $this->internalString; + } + + /** + * @return int + */ + public function length() + { + if (\is_callable('\\mb_strlen')) { + return (int) \mb_strlen($this->internalString, '8bit'); + } + return (int) \strlen($this->internalString); + } +} |