Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/old/vendor/aws/aws-sdk-php/src/Crypto/Polyfill/ |
<?php
namespace Aws\Crypto\Polyfill;
/**
* Class Key
*
* Wraps a string to keep it hidden from stack traces.
*
* @package Aws\Crypto\Polyfill
*/
class Key
{
/**
* @var string $internalString
*/
private $internalString;
/**
* Hide contents of
*
* @return array
*/
public function __debugInfo()
{
return [];
}
/**
* Key constructor.
* @param string $str
*/
public function __construct($str)
{
$this->internalString = $str;
}
/**
* Defense in depth:
*
* PHP 7.2 includes the Sodium cryptography library, which (among other things)
* exposes a function called sodium_memzero() that we can use to zero-fill strings
* to minimize the risk of sensitive cryptographic materials persisting in memory.
*
* If this function is not available, we XOR the string in-place with itself as a
* best-effort attempt.
*/
public function __destruct()
{
if (extension_loaded('sodium') && function_exists('sodium_memzero')) {
try {
\sodium_memzero($this->internalString);
} catch (\SodiumException $ex) {
// This is a best effort, but does not provide the same guarantees as sodium_memzero():
$this->internalString ^= $this->internalString;
}
}
}
/**
* @return string
*/
public function get()
{
return $this->internalString;
}
/**
* @return int
*/
public function length()
{
if (\is_callable('\\mb_strlen')) {
return (int) \mb_strlen($this->internalString, '8bit');
}
return (int) \strlen($this->internalString);
}
}