/**
* @task internal
*/
public static function getKey()
{
if (self::$key === null) {
try {
self::$key = Filesystem::readRandomBytes(128);
} catch (Exception $ex) {
// NOTE: We can't throw here! Otherwise we might get a stack trace
// including the string that was passed to PhutilOpaqueEnvelope's
// constructor. Just die() instead.
die("Unable to read random bytes in PhutilOpaqueEnvelope. (This " . "causes an immediate process exit to avoid leaking the envelope " . "contents in a stack trace.)");
}
}
return self::$key;
}
/**
* @task internal
*/
public static function getKey()
{
if (self::$key === null) {
// NOTE: We're using a weak random source because cryptographic levels
// of security aren't terribly important here and it allows us to use
// envelopes on systems which don't have a strong random source. Notably,
// this lets us make it to the readbility check for `/dev/urandom` in
// Phabricator on systems where we can't read it.
self::$key = '';
for ($ii = 0; $ii < 8; $ii++) {
self::$key .= md5(mt_rand(), $raw_output = true);
}
}
return self::$key;
}
/**
* @task envelope
*/
public function openEnvelope()
{
return $this->mask($this->value, PhutilOpaqueEnvelopeKey::getKey());
}
