Startseite Erkunden Hilfe
Anmelden
urbanu619
/
yunbaolive
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: 0cc2a772d6
Branches Tags
yunbaolive
/
web
/
sdk
/
aws
/
Aws
/
Crypto
/
Polyfill
/
Key.php

Key.php 1.7 KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 
  1. <?php
    2. 

  2. namespace Aws\Crypto\Polyfill;
    3. 

  3. 

  4. /**
    5. 

  5.  * Class Key
    6. 

  6.  *
    7. 

  7.  * Wraps a string to keep it hidden from stack traces.
    8. 

  8.  */
    9. 

  9. class Key
    10. 

  10. {
    11. 

  11.     /**
    12. 

  12.      * @var string $internalString
    13. 

  13.      */
    14. 

  14.     private $internalString;
    15. 

  15. 

  16.     /**
    17. 

  17.      * Hide contents of 
    18. 

  18.      *
    19. 

  19.      * @return array
    20. 

  20.      */
    21. 

  21.     public function __debugInfo()
    22. 

  22.     {
    23. 

  23.         return [];
    24. 

  24.     }
    25. 

  25. 

  26.     /**
    27. 

  27.      * Key constructor.
    28. 

  28.      * @param string $str
    29. 

  29.      */
    30. 

  30.     public function __construct($str)
    31. 

  31.     {
    32. 

  32.         $this->internalString = $str;
    33. 

  33.     }
    34. 

  34. 

  35.     /**
    36. 

  36.      * Defense in depth:
    37. 

  37.      *
    38. 

  38.      * PHP 7.2 includes the Sodium cryptography library, which (among other things)
    39. 

  39.      * exposes a function called sodium_memzero() that we can use to zero-fill strings
    40. 

  40.      * to minimize the risk of sensitive cryptographic materials persisting in memory.
    41. 

  41.      *
    42. 

  42.      * If this function is not available, we XOR the string in-place with itself as a
    43. 

  43.      * best-effort attempt.
    44. 

  44.      */
    45. 

  45.     public function __destruct()
    46. 

  46.     {
    47. 

  47.         if (extension_loaded('sodium') && function_exists('sodium_memzero')) {
    48. 

  48.             try {
    49. 

  49.                 \sodium_memzero($this->internalString);
    50. 

  50.             } catch (\SodiumException $ex) {
    51. 

  51.                 // This is a best effort, but does not provide the same guarantees as sodium_memzero():
    52. 

  52.                 $this->internalString ^= $this->internalString;
    53. 

  53.             }
    54. 

  54.         }
    55. 

  55.     }
    56. 

  56. 

  57.     /**
    58. 

  58.      * @return string
    59. 

  59.      */
    60. 

  60.     public function get()
    61. 

  61.     {
    62. 

  62.         return $this->internalString;
    63. 

  63.     }
    64. 

  64. 

  65.     /**
    66. 

  66.      * @return int
    67. 

  67.      */
    68. 

  68.     public function length()
    69. 

  69.     {
    70. 

  70.         if (\is_callable('\\mb_strlen')) {
    71. 

  71.             return (int) \mb_strlen($this->internalString, '8bit');
    72. 

  72.         }
    73. 

  73.         return (int) \strlen($this->internalString);
    74. 

  74.     }
    75. 

  75. }
    76.