Differential D20980 Diff 49996 src/error/PhutilOpaqueEnvelope.php

Changeset View

Standalone View

				<?php

				/**
				* Opaque reference to a string (like a password) that won't put any sensitive
				* data in stack traces, var_dump(), print_r(), error logs, etc. Usage:
				*
				* $envelope = new PhutilOpaqueEnvelope($password);
				* do_stuff($envelope);
				* // ...
				* $password = $envelope->openEnvelope();
				*
				* Any time you're passing sensitive data into a stack, you should obscure it
				* with an envelope to prevent it leaking if something goes wrong.
				*
				* The key for the envelope is stored elsewhere, in
				* @{class:PhutilOpaqueEnvelopeKey}. This prevents it from appearing in
				* any sort of logs related to the envelope, even if the logger is very
				* aggressive.
				*
				* @task envelope Using Opaque Envelopes
				* @task internal Internals
				*/
				final class PhutilOpaqueEnvelope extends Phobject {

				private $value;


				/* -( Using Opaque Envelopes )--------------------------------------------- */


				/**
				* @task envelope
				*/
				public function __construct($string) {
				$this->value = $this->mask($string, PhutilOpaqueEnvelopeKey::getKey());
				}


				/**
				* @task envelope
				*/
				public function openEnvelope() {
				return $this->mask($this->value, PhutilOpaqueEnvelopeKey::getKey());
				}


				/**
				* @task envelope
				*/
				public function __toString() {
				return pht('<opaque envelope>');
				}


				/* -( Internals )---------------------------------------------------------- */


				/**
				* @task internal
				*/
				private function mask($string, $noise) {
				$result = '';
				for ($ii = 0; $ii < strlen($string); $ii++) {
				$s = $string[$ii];
				$n = $noise[$ii % strlen($noise)];

				$result .= chr(ord($s) ^ ord($n));
				}
				return $result;
				}

				}