refactor: add the SensitiveParameter attribute to methods dealing with sensitive info

Author: paulbalandan

system/Encryption/EncrypterInterface.php

@@ -14,6 +14,7 @@
 namespace CodeIgniter\Encryption;
 
 use CodeIgniter\Encryption\Exceptions\EncryptionException;
+use SensitiveParameter;
 
 /**
  * CodeIgniter Encryption Handler
@@ -32,7 +33,7 @@ interface EncrypterInterface
      *
      * @throws EncryptionException
      */
-    public function encrypt($data, $params = null);
+    public function encrypt(#[SensitiveParameter] $data, #[SensitiveParameter] $params = null);
 
     /**
      * Decrypt - convert ciphertext into plaintext
@@ -44,5 +45,5 @@ public function encrypt($data, $params = null);
      *
      * @throws EncryptionException
      */
-    public function decrypt($data, $params = null);
+    public function decrypt($data, #[SensitiveParameter] $params = null);
 }

system/Encryption/Handlers/OpenSSLHandler.php

@@ -14,6 +14,7 @@
 namespace CodeIgniter\Encryption\Handlers;
 
 use CodeIgniter\Encryption\Exceptions\EncryptionException;
+use SensitiveParameter;
 
 /**
  * Encryption handling for OpenSSL library
@@ -79,7 +80,7 @@ class OpenSSLHandler extends BaseHandler
     /**
      * {@inheritDoc}
      */
-    public function encrypt($data, $params = null)
+    public function encrypt(#[SensitiveParameter] $data, #[SensitiveParameter] $params = null)
     {
         // Allow key override
         if ($params !== null) {
@@ -115,7 +116,7 @@ public function encrypt($data, $params = null)
     /**
      * {@inheritDoc}
      */
-    public function decrypt($data, $params = null)
+    public function decrypt($data, #[SensitiveParameter] $params = null)
     {
         // Allow key override
         if ($params !== null) {

system/Encryption/Handlers/SodiumHandler.php

@@ -14,6 +14,7 @@
 namespace CodeIgniter\Encryption\Handlers;
 
 use CodeIgniter\Encryption\Exceptions\EncryptionException;
+use SensitiveParameter;
 
 /**
  * SodiumHandler uses libsodium in encryption.
@@ -40,7 +41,7 @@ class SodiumHandler extends BaseHandler
     /**
      * {@inheritDoc}
      */
-    public function encrypt($data, $params = null)
+    public function encrypt(#[SensitiveParameter] $data, #[SensitiveParameter] $params = null)
     {
         $this->parseParams($params);
 
@@ -71,7 +72,7 @@ public function encrypt($data, $params = null)
     /**
      * {@inheritDoc}
      */
-    public function decrypt($data, $params = null)
+    public function decrypt($data, #[SensitiveParameter] $params = null)
     {
         $this->parseParams($params);
 

system/HTTP/CURLRequest.php

@@ -18,6 +18,7 @@
 use Config\App;
 use Config\CURLRequest as ConfigCURLRequest;
 use CurlShareHandle;
+use SensitiveParameter;
 
 /**
  * A lightweight HTTP client for sending synchronous HTTP requests via cURL.
@@ -260,13 +261,9 @@ public function put(string $url, array $options = []): ResponseInterface
      *
      * @return $this
      */
-    public function setAuth(string $username, string $password, string $type = 'basic')
+    public function setAuth(string $username, #[SensitiveParameter] string $password, string $type = 'basic')
     {
-        $this->config['auth'] = [
-            $username,
-            $password,
-            $type,
-        ];
+        $this->config['auth'] = [$username, $password, $type];
 
         return $this;
     }

system/HTTP/URI.php

@@ -17,6 +17,7 @@
 use CodeIgniter\Exceptions\InvalidArgumentException;
 use CodeIgniter\HTTP\Exceptions\HTTPException;
 use Config\App;
+use SensitiveParameter;
 use Stringable;
 
 /**
@@ -768,7 +769,7 @@ public function withScheme(string $scheme)
      *
      * @TODO PSR-7: Should be `withUserInfo($user, $password = null)`.
      */
-    public function setUserInfo(string $user, string $pass)
+    public function setUserInfo(string $user, #[SensitiveParameter] string $pass)
     {
         $this->user     = trim($user);
         $this->password = trim($pass);

system/Security/Security.php

@@ -26,6 +26,7 @@
 use Config\Cookie as CookieConfig;
 use Config\Security as SecurityConfig;
 use ErrorException;
+use SensitiveParameter;
 
 /**
  * Class Security
@@ -371,13 +372,13 @@ protected function randomize(string $hash): string
      *
      * @throws InvalidArgumentException "hex2bin(): Hexadecimal input string must have an even length"
      */
-    protected function derandomize(string $token): string
+    protected function derandomize(#[SensitiveParameter] string $token): string
     {
         $key   = substr($token, -static::CSRF_HASH_BYTES * 2);
         $value = substr($token, 0, static::CSRF_HASH_BYTES * 2);
 
         try {
-            return bin2hex(hex2bin($value) ^ hex2bin($key));
+            return bin2hex((string) hex2bin($value) ^ (string) hex2bin($key));
         } catch (ErrorException $e) {
             // "hex2bin(): Hexadecimal input string must have an even length"
             throw new InvalidArgumentException($e->getMessage(), $e->getCode(), $e);

user_guide_src/source/changelogs/v4.7.0.rst

@@ -48,6 +48,14 @@ Interface Changes
 Method Signature Changes
 ========================
 
+- Added the ``SensitiveParameter`` attribute to various methods to conceal sensitive information from stack traces. Affected methods are:
+    - ``CodeIgniter\Encryption\EncrypterInterface::encrypt()``
+    - ``CodeIgniter\Encryption\Handlers\OpenSSLHandler::encrypt()``
+    - ``CodeIgniter\Encryption\Handlers\SodiumHandler::encrypt()``
+    - ``CodeIgniter\HTTP\CURLRequest::setAuth()``
+    - ``CodeIgniter\HTTP\URI::setUserInfo()``
+    - ``CodeIgniter\Security\Security::derandomize()``
+
 Removed Deprecated Items
 ========================