Hide plain password from stack trace with SensitiveParameter annotation

GromNaN · GromNaN · commit 36389dcc3cbb · 2022-04-27T08:31:35.000+02:00
diff --git a/src/Symfony/Component/PasswordHasher/CHANGELOG.md b/src/Symfony/Component/PasswordHasher/CHANGELOG.md
@@ -1,3 +1,11 @@
+CHANGELOG
+=========
+
+6.2
+---
+
+ * Hide sensitive information from stack traces with `SensitiveParameter` attribute
+
 5.3
 ---
 
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/CheckPasswordLengthTrait.php b/src/Symfony/Component/PasswordHasher/Hasher/CheckPasswordLengthTrait.php
@@ -18,7 +18,7 @@
  */
 trait CheckPasswordLengthTrait
 {
-    private function isPasswordTooLong(string $password): bool
+    private function isPasswordTooLong(#[\SensitiveParameter] string $password): bool
     {
         return PasswordHasherInterface::MAX_PASSWORD_LENGTH < \strlen($password);
     }
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/MessageDigestPasswordHasher.php b/src/Symfony/Component/PasswordHasher/Hasher/MessageDigestPasswordHasher.php
@@ -48,7 +48,7 @@ public function __construct(string $algorithm = 'sha512', bool $encodeHashAsBase
         $this->iterations = $iterations;
     }
 
-    public function hash(string $plainPassword, string $salt = null): string
+    public function hash(#[\SensitiveParameter] string $plainPassword, string $salt = null): string
     {
         if ($this->isPasswordTooLong($plainPassword)) {
             throw new InvalidPasswordException();
@@ -69,7 +69,7 @@ public function hash(string $plainPassword, string $salt = null): string
         return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);
     }
 
-    public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool
+    public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword, string $salt = null): bool
     {
         if (\strlen($hashedPassword) !== $this->hashLength || str_contains($hashedPassword, '$')) {
             return false;
@@ -83,7 +83,7 @@ public function needsRehash(string $hashedPassword): bool
         return false;
     }
 
-    private function mergePasswordAndSalt(string $password, ?string $salt): string
+    private function mergePasswordAndSalt(#[\SensitiveParameter] string $password, ?string $salt): string
     {
         if (!$salt) {
             return $password;
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/MigratingPasswordHasher.php b/src/Symfony/Component/PasswordHasher/Hasher/MigratingPasswordHasher.php
@@ -33,12 +33,12 @@ public function __construct(PasswordHasherInterface $bestHasher, PasswordHasherI
         $this->extraHashers = $extraHashers;
     }
 
-    public function hash(string $plainPassword, string $salt = null): string
+    public function hash(#[\SensitiveParameter] string $plainPassword, string $salt = null): string
     {
         return $this->bestHasher->hash($plainPassword, $salt);
     }
 
-    public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool
+    public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword, string $salt = null): bool
     {
         if ($this->bestHasher->verify($hashedPassword, $plainPassword, $salt)) {
             return true;
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/NativePasswordHasher.php b/src/Symfony/Component/PasswordHasher/Hasher/NativePasswordHasher.php
@@ -71,7 +71,7 @@ public function __construct(int $opsLimit = null, int $memLimit = null, int $cos
         ];
     }
 
-    public function hash(string $plainPassword): string
+    public function hash(#[\SensitiveParameter] string $plainPassword): string
     {
         if ($this->isPasswordTooLong($plainPassword)) {
             throw new InvalidPasswordException();
@@ -84,7 +84,7 @@ public function hash(string $plainPassword): string
         return password_hash($plainPassword, $this->algorithm, $this->options);
     }
 
-    public function verify(string $hashedPassword, string $plainPassword): bool
+    public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword): bool
     {
         if ('' === $plainPassword || $this->isPasswordTooLong($plainPassword)) {
             return false;
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/Pbkdf2PasswordHasher.php b/src/Symfony/Component/PasswordHasher/Hasher/Pbkdf2PasswordHasher.php
@@ -59,7 +59,7 @@ public function __construct(string $algorithm = 'sha512', bool $encodeHashAsBase
         $this->iterations = $iterations;
     }
 
-    public function hash(string $plainPassword, string $salt = null): string
+    public function hash(#[\SensitiveParameter] string $plainPassword, string $salt = null): string
     {
         if ($this->isPasswordTooLong($plainPassword)) {
             throw new InvalidPasswordException();
@@ -74,7 +74,7 @@ public function hash(string $plainPassword, string $salt = null): string
         return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);
     }
 
-    public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool
+    public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword, string $salt = null): bool
     {
         if (\strlen($hashedPassword) !== $this->encodedLength || str_contains($hashedPassword, '$')) {
             return false;
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/PlaintextPasswordHasher.php b/src/Symfony/Component/PasswordHasher/Hasher/PlaintextPasswordHasher.php
@@ -38,7 +38,7 @@ public function __construct(bool $ignorePasswordCase = false)
     /**
      * {@inheritdoc}
      */
-    public function hash(string $plainPassword, string $salt = null): string
+    public function hash(#[\SensitiveParameter] string $plainPassword, string $salt = null): string
     {
         if ($this->isPasswordTooLong($plainPassword)) {
             throw new InvalidPasswordException();
@@ -47,7 +47,7 @@ public function hash(string $plainPassword, string $salt = null): string
         return $this->mergePasswordAndSalt($plainPassword, $salt);
     }
 
-    public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool
+    public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword, string $salt = null): bool
     {
         if ($this->isPasswordTooLong($plainPassword)) {
             return false;
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/SodiumPasswordHasher.php b/src/Symfony/Component/PasswordHasher/Hasher/SodiumPasswordHasher.php
@@ -52,7 +52,7 @@ public static function isSupported(): bool
         return version_compare(\extension_loaded('sodium') ? \SODIUM_LIBRARY_VERSION : phpversion('libsodium'), '1.0.14', '>=');
     }
 
-    public function hash(string $plainPassword): string
+    public function hash(#[\SensitiveParameter] string $plainPassword): string
     {
         if ($this->isPasswordTooLong($plainPassword)) {
             throw new InvalidPasswordException();
@@ -69,7 +69,7 @@ public function hash(string $plainPassword): string
         throw new LogicException('Libsodium is not available. You should either install the sodium extension or use a different password hasher.');
     }
 
-    public function verify(string $hashedPassword, string $plainPassword): bool
+    public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword): bool
     {
         if ('' === $plainPassword) {
             return false;
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php b/src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasher.php
@@ -30,7 +30,7 @@ public function __construct(PasswordHasherFactoryInterface $hasherFactory)
         $this->hasherFactory = $hasherFactory;
     }
 
-    public function hashPassword(PasswordAuthenticatedUserInterface $user, string $plainPassword): string
+    public function hashPassword(PasswordAuthenticatedUserInterface $user, #[\SensitiveParameter] string $plainPassword): string
     {
         $salt = null;
         if ($user instanceof LegacyPasswordAuthenticatedUserInterface) {
@@ -42,7 +42,7 @@ public function hashPassword(PasswordAuthenticatedUserInterface $user, string $p
         return $hasher->hash($plainPassword, $salt);
     }
 
-    public function isPasswordValid(PasswordAuthenticatedUserInterface $user, string $plainPassword): bool
+    public function isPasswordValid(PasswordAuthenticatedUserInterface $user, #[\SensitiveParameter] string $plainPassword): bool
     {
         $salt = null;
         if ($user instanceof LegacyPasswordAuthenticatedUserInterface) {
diff --git a/src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasherInterface.php b/src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasherInterface.php
@@ -23,12 +23,12 @@ interface UserPasswordHasherInterface
     /**
      * Hashes the plain password for the given user.
      */
-    public function hashPassword(PasswordAuthenticatedUserInterface $user, string $plainPassword): string;
+    public function hashPassword(PasswordAuthenticatedUserInterface $user, #[\SensitiveParameter] string $plainPassword): string;
 
     /**
      * Checks if the plaintext password matches the user's password.
      */
-    public function isPasswordValid(PasswordAuthenticatedUserInterface $user, string $plainPassword): bool;
+    public function isPasswordValid(PasswordAuthenticatedUserInterface $user, #[\SensitiveParameter] string $plainPassword): bool;
 
     /**
      * Checks if an encoded password would benefit from rehashing.
diff --git a/src/Symfony/Component/PasswordHasher/LegacyPasswordHasherInterface.php b/src/Symfony/Component/PasswordHasher/LegacyPasswordHasherInterface.php
@@ -27,10 +27,10 @@ interface LegacyPasswordHasherInterface extends PasswordHasherInterface
      *
      * @throws InvalidPasswordException If the plain password is invalid, e.g. excessively long
      */
-    public function hash(string $plainPassword, string $salt = null): string;
+    public function hash(#[\SensitiveParameter] string $plainPassword, string $salt = null): string;
 
     /**
      * Checks that a plain password and a salt match a password hash.
      */
-    public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool;
+    public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword, string $salt = null): bool;
 }
diff --git a/src/Symfony/Component/PasswordHasher/PasswordHasherInterface.php b/src/Symfony/Component/PasswordHasher/PasswordHasherInterface.php
@@ -29,12 +29,12 @@ interface PasswordHasherInterface
      *
      * @throws InvalidPasswordException When the plain password is invalid, e.g. excessively long
      */
-    public function hash(string $plainPassword): string;
+    public function hash(#[\SensitiveParameter] string $plainPassword): string;
 
     /**
      * Verifies a plain password against a hash.
      */
-    public function verify(string $hashedPassword, string $plainPassword): bool;
+    public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword): bool;
 
     /**
      * Checks if a password hash would benefit from rehashing.

Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@`
`18`	`18`	`*/`
`19`	`19`	`trait CheckPasswordLengthTrait`
`20`	`20`	`{`
`21`		`- private function isPasswordTooLong(string $password): bool`
	`21`	`+ private function isPasswordTooLong(#[\SensitiveParameter] string $password): bool`
`22`	`22`	`{`
`23`	`23`	`return PasswordHasherInterface::MAX_PASSWORD_LENGTH < \strlen($password);`
`24`	`24`	`}`
Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,7 @@ public function __construct(string $algorithm = 'sha512', bool $encodeHashAsBase`
`48`	`48`	`$this->iterations = $iterations;`
`49`	`49`	`}`
`50`	`50`
`51`		`- public function hash(string $plainPassword, string $salt = null): string`
	`51`	`+ public function hash(#[\SensitiveParameter] string $plainPassword, string $salt = null): string`
`52`	`52`	`{`
`53`	`53`	`if ($this->isPasswordTooLong($plainPassword)) {`
`54`	`54`	`throw new InvalidPasswordException();`
`@@ -69,7 +69,7 @@ public function hash(string $plainPassword, string $salt = null): string`
`69`	`69`	`return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);`
`70`	`70`	`}`
`71`	`71`
`72`		`- public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool`
	`72`	`+ public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword, string $salt = null): bool`
`73`	`73`	`{`
`74`	`74`	`if (\strlen($hashedPassword) !== $this->hashLength \|\| str_contains($hashedPassword, '$')) {`
`75`	`75`	`return false;`
`@@ -83,7 +83,7 @@ public function needsRehash(string $hashedPassword): bool`
`83`	`83`	`return false;`
`84`	`84`	`}`
`85`	`85`
`86`		`- private function mergePasswordAndSalt(string $password, ?string $salt): string`
	`86`	`+ private function mergePasswordAndSalt(#[\SensitiveParameter] string $password, ?string $salt): string`
`87`	`87`	`{`
`88`	`88`	`if (!$salt) {`
`89`	`89`	`return $password;`
Original file line number	Diff line number	Diff line change
`@@ -33,12 +33,12 @@ public function __construct(PasswordHasherInterface $bestHasher, PasswordHasherI`
`33`	`33`	`$this->extraHashers = $extraHashers;`
`34`	`34`	`}`
`35`	`35`
`36`		`- public function hash(string $plainPassword, string $salt = null): string`
	`36`	`+ public function hash(#[\SensitiveParameter] string $plainPassword, string $salt = null): string`
`37`	`37`	`{`
`38`	`38`	`return $this->bestHasher->hash($plainPassword, $salt);`
`39`	`39`	`}`
`40`	`40`
`41`		`- public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool`
	`41`	`+ public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword, string $salt = null): bool`
`42`	`42`	`{`
`43`	`43`	`if ($this->bestHasher->verify($hashedPassword, $plainPassword, $salt)) {`
`44`	`44`	`return true;`
Original file line number	Diff line number	Diff line change
`@@ -71,7 +71,7 @@ public function __construct(int $opsLimit = null, int $memLimit = null, int $cos`
`71`	`71`	`];`
`72`	`72`	`}`
`73`	`73`
`74`		`- public function hash(string $plainPassword): string`
	`74`	`+ public function hash(#[\SensitiveParameter] string $plainPassword): string`
`75`	`75`	`{`
`76`	`76`	`if ($this->isPasswordTooLong($plainPassword)) {`
`77`	`77`	`throw new InvalidPasswordException();`
`@@ -84,7 +84,7 @@ public function hash(string $plainPassword): string`
`84`	`84`	`return password_hash($plainPassword, $this->algorithm, $this->options);`
`85`	`85`	`}`
`86`	`86`
`87`		`- public function verify(string $hashedPassword, string $plainPassword): bool`
	`87`	`+ public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword): bool`
`88`	`88`	`{`
`89`	`89`	`if ('' === $plainPassword \|\| $this->isPasswordTooLong($plainPassword)) {`
`90`	`90`	`return false;`
Original file line number	Diff line number	Diff line change
`@@ -59,7 +59,7 @@ public function __construct(string $algorithm = 'sha512', bool $encodeHashAsBase`
`59`	`59`	`$this->iterations = $iterations;`
`60`	`60`	`}`
`61`	`61`
`62`		`- public function hash(string $plainPassword, string $salt = null): string`
	`62`	`+ public function hash(#[\SensitiveParameter] string $plainPassword, string $salt = null): string`
`63`	`63`	`{`
`64`	`64`	`if ($this->isPasswordTooLong($plainPassword)) {`
`65`	`65`	`throw new InvalidPasswordException();`
`@@ -74,7 +74,7 @@ public function hash(string $plainPassword, string $salt = null): string`
`74`	`74`	`return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);`
`75`	`75`	`}`
`76`	`76`
`77`		`- public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool`
	`77`	`+ public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword, string $salt = null): bool`
`78`	`78`	`{`
`79`	`79`	`if (\strlen($hashedPassword) !== $this->encodedLength \|\| str_contains($hashedPassword, '$')) {`
`80`	`80`	`return false;`
Original file line number	Diff line number	Diff line change
`@@ -38,7 +38,7 @@ public function __construct(bool $ignorePasswordCase = false)`
`38`	`38`	`/**`
`39`	`39`	`* {@inheritdoc}`
`40`	`40`	`*/`
`41`		`- public function hash(string $plainPassword, string $salt = null): string`
	`41`	`+ public function hash(#[\SensitiveParameter] string $plainPassword, string $salt = null): string`
`42`	`42`	`{`
`43`	`43`	`if ($this->isPasswordTooLong($plainPassword)) {`
`44`	`44`	`throw new InvalidPasswordException();`
`@@ -47,7 +47,7 @@ public function hash(string $plainPassword, string $salt = null): string`
`47`	`47`	`return $this->mergePasswordAndSalt($plainPassword, $salt);`
`48`	`48`	`}`
`49`	`49`
`50`		`- public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool`
	`50`	`+ public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword, string $salt = null): bool`
`51`	`51`	`{`
`52`	`52`	`if ($this->isPasswordTooLong($plainPassword)) {`
`53`	`53`	`return false;`
Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,7 @@ public static function isSupported(): bool`
`52`	`52`	`return version_compare(\extension_loaded('sodium') ? \SODIUM_LIBRARY_VERSION : phpversion('libsodium'), '1.0.14', '>=');`
`53`	`53`	`}`
`54`	`54`
`55`		`- public function hash(string $plainPassword): string`
	`55`	`+ public function hash(#[\SensitiveParameter] string $plainPassword): string`
`56`	`56`	`{`
`57`	`57`	`if ($this->isPasswordTooLong($plainPassword)) {`
`58`	`58`	`throw new InvalidPasswordException();`
`@@ -69,7 +69,7 @@ public function hash(string $plainPassword): string`
`69`	`69`	`throw new LogicException('Libsodium is not available. You should either install the sodium extension or use a different password hasher.');`
`70`	`70`	`}`
`71`	`71`
`72`		`- public function verify(string $hashedPassword, string $plainPassword): bool`
	`72`	`+ public function verify(string $hashedPassword, #[\SensitiveParameter] string $plainPassword): bool`
`73`	`73`	`{`
`74`	`74`	`if ('' === $plainPassword) {`
`75`	`75`	`return false;`
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ public function __construct(PasswordHasherFactoryInterface $hasherFactory)`
`30`	`30`	`$this->hasherFactory = $hasherFactory;`
`31`	`31`	`}`
`32`	`32`
`33`		`- public function hashPassword(PasswordAuthenticatedUserInterface $user, string $plainPassword): string`
	`33`	`+ public function hashPassword(PasswordAuthenticatedUserInterface $user, #[\SensitiveParameter] string $plainPassword): string`
`34`	`34`	`{`
`35`	`35`	`$salt = null;`
`36`	`36`	`if ($user instanceof LegacyPasswordAuthenticatedUserInterface) {`
`@@ -42,7 +42,7 @@ public function hashPassword(PasswordAuthenticatedUserInterface $user, string $p`
`42`	`42`	`return $hasher->hash($plainPassword, $salt);`
`43`	`43`	`}`
`44`	`44`
`45`		`- public function isPasswordValid(PasswordAuthenticatedUserInterface $user, string $plainPassword): bool`
	`45`	`+ public function isPasswordValid(PasswordAuthenticatedUserInterface $user, #[\SensitiveParameter] string $plainPassword): bool`
`46`	`46`	`{`
`47`	`47`	`$salt = null;`
`48`	`48`	`if ($user instanceof LegacyPasswordAuthenticatedUserInterface) {`