Page MenuHomePhabricator
Diviner Arcanist Tech Docs PhutilOpaqueEnvelope

final class PhutilOpaqueEnvelope
Arcanist Technical Documentation ()

Opaque reference to a string (like a password) that won't put any sensitive data in stack traces, var_dump(), print_r(), error logs, etc. Usage:

$envelope = new PhutilOpaqueEnvelope($password);
do_stuff($envelope);
// ...
$password = $envelope->openEnvelope();

Any time you're passing sensitive data into a stack, you should obscure it with an envelope to prevent it leaking if something goes wrong.

The key for the envelope is stored elsewhere, in PhutilOpaqueEnvelopeKey. This prevents it from appearing in any sort of logs related to the envelope, even if the logger is very aggressive.

Tasks

Using Opaque Envelopes

Internals

  • private function mask($string, $noise)

Methods

public function __construct($string)

This method is not documented.
Parameters
$string
Return
this//Implicit.//

public function openEnvelope()

This method is not documented.
Return
wild

public function __toString()

This method is not documented.
Return
wild

private function mask($string, $noise)

This method is not documented.
Parameters
$string
$noise
Return
wild