=========================================================== .___ __ __ _________________ __ __ __| _/|__|/ |_ / ___\_` __ \__ \ | | \/ __ | | \\_ __\ / /_/ > | \// __ \| | / /_/ | | || | \___ /|__| (____ /____/\____ | |__||__| /_____/ \/ \/ grep rough audit - static analysis tool v2.8 written by @Wireghoul =================================[justanotherhacker.com]=== php-defuse-php-encryption-2.2.1/docs/InternalDeveloperDocs.md-93-and [box](https://github.com/box-project/box2) on your system. They will need to php-defuse-php-encryption-2.2.1/docs/InternalDeveloperDocs.md:94:be available in your `$PATH` so that running the commands `composer` and `box` php-defuse-php-encryption-2.2.1/docs/InternalDeveloperDocs.md-95-in your terminal run them, respectively. You will also need the private key for ############################################## php-defuse-php-encryption-2.2.1/docs/Tutorial.md-224-**WARNING:** Because of the way `KeyProtectedByPassword` is implemented, knowing php-defuse-php-encryption-2.2.1/docs/Tutorial.md:225:`SHA256($password)` is enough to decrypt a `KeyProtectedByPassword`. To be php-defuse-php-encryption-2.2.1/docs/Tutorial.md:226:secure, your application MUST NOT EVER compute `SHA256($password)` and use or php-defuse-php-encryption-2.2.1/docs/Tutorial.md-227-store it for any reason. You must also make sure that other libraries your ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-25- php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:26:1. `$plaintext` is the string to encrypt. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:27:2. `$key` is an instance of `Key` containing the secret key for encryption. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:28:3. `$raw_binary` determines whether the output will be a byte string (true) or php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-29- hex encoded (false, the default). ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-32- php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:33:Returns a ciphertext string representing `$plaintext` encrypted with the key php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:34:`$key`. Knowledge of `$key` is required in order to decrypt the ciphertext and php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-35-recover the plaintext. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-54-The ciphertext returned by this method is decryptable by anyone with knowledge php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:55:of the key `$key`. It is the caller's responsibility to keep `$key` secret. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:56:Where `$key` should be stored is up to the caller and depends on the threat php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-57-model the caller is designing their application under. If you are unsure where php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:58:to store `$key`, consult with a professional cryptographer to get help designing php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-59-your application. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-78- php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:79:1. `$ciphertext` is the ciphertext to be decrypted. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:80:2. `$key` is an instance of `Key` containing the secret key for decryption. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:81:3. `$raw_binary` must have the same value as the `$raw_binary` given to the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:82: call to `encrypt()` that generated `$ciphertext`. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-83- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-86-If the decryption succeeds, returns a string containing the same value as the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:87:string that was passed to `encrypt()` when `$ciphertext` was produced. Upon php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:88:a successful return, the caller can be assured that `$ciphertext` could not have php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:89:been produced except by someone with knowledge of `$key`. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-90- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-98-- `Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException` is thrown if php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:99: the `$key` is not the correct key for the given ciphertext, or if the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-100- ciphertext has been modified (possibly maliciously). There is no way to ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-126- php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:127:1. `$plaintext` is the string to encrypt. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:128:2. `$password` is a string containing the secret password used for encryption. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:129:3. `$raw_binary` determines whether the output will be a byte string (true) or php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-130- hex encoded (false, the default). ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-133- php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:134:Returns a ciphertext string representing `$plaintext` encrypted with a key php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:135:derived from `$password`. Knowledge of `$password` is required in order to php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-136-decrypt the ciphertext and recover the plaintext. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-162-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:163:value of `$password` may be leaked out to an attacker through the stack trace. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-164-We recommend configuring PHP to never output stack traces (either displaying ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-174- php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:175:1. `$ciphertext` is the ciphertext to be decrypted. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:176:2. `$password` is a string containing the secret password used for decryption. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:177:3. `$raw_binary` must have the same value as the `$raw_binary` given to the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:178: call to `encryptWithPassword()` that generated `$ciphertext`. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-179- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-182-If the decryption succeeds, returns a string containing the same value as the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:183:string that was passed to `encryptWithPassword()` when `$ciphertext` was php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:184:produced. Upon a successful return, the caller can be assured that `$ciphertext` php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:185:could not have been produced except by someone with knowledge of `$password`. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-186- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-194-- `Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException` is thrown if php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:195: the `$password` is not the correct password for the given ciphertext, or if php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-196- the ciphertext has been modified (possibly maliciously). There is no way to ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-215-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:216:value of `$password` may be leaked out to an attacker through the stack trace. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-217-We recommend configuring PHP to never output stack traces (either displaying ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-235- php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:236:1. `$ciphertext` is a ciphertext produced by version 1.x of this library. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:237:2. `$key` is a 16-byte string (*not* a Key object) containing the key that was php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:238: used with version 1.x of this library to produce `$ciphertext`. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-239- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-242-If the decryption succeeds, returns the string that was encrypted to make php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:243:`$ciphertext` by version 1.x of this library. Upon a successful return, the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:244:caller can be assured that `$ciphertext` could not have been produced except by php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:245:someone with knowledge of `$key`. php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-246- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-254-- `Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException` is thrown if php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:255: the `$key` is not the correct key for the given ciphertext, or if the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-256- ciphertext has been modified (possibly maliciously). There is no way to ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-270-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md:271:value of `$key` may be leaked out to an attacker through the stack trace. We php-defuse-php-encryption-2.2.1/docs/classes/Crypto.md-272-recommend configuring PHP to never output stack traces (either displaying them ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-19- php-defuse-php-encryption-2.2.1/docs/classes/File.md:20:1. `$inputFilename` is the path to a file containing the plaintext to encrypt. php-defuse-php-encryption-2.2.1/docs/classes/File.md:21:2. `$outputFilename` is the path to save the ciphertext file. php-defuse-php-encryption-2.2.1/docs/classes/File.md:22:3. `$key` is an instance of `Key` containing the secret key for encryption. php-defuse-php-encryption-2.2.1/docs/classes/File.md-23- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-48-The ciphertext output by this method is decryptable by anyone with knowledge of php-defuse-php-encryption-2.2.1/docs/classes/File.md:49:the key `$key`. It is the caller's responsibility to keep `$key` secret. Where php-defuse-php-encryption-2.2.1/docs/classes/File.md:50:`$key` should be stored is up to the caller and depends on the threat model the php-defuse-php-encryption-2.2.1/docs/classes/File.md-51-caller is designing their application under. If you are unsure where to store php-defuse-php-encryption-2.2.1/docs/classes/File.md:52:`$key`, consult with a professional cryptographer to get help designing your php-defuse-php-encryption-2.2.1/docs/classes/File.md-53-application. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-72- php-defuse-php-encryption-2.2.1/docs/classes/File.md:73:1. `$inputFilename` is the path to a file containing the ciphertext to decrypt. php-defuse-php-encryption-2.2.1/docs/classes/File.md:74:2. `$outputFilename` is the path to save the decrypted plaintext file. php-defuse-php-encryption-2.2.1/docs/classes/File.md:75:3. `$key` is an instance of `Key` containing the secret key for decryption. php-defuse-php-encryption-2.2.1/docs/classes/File.md-76- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-95-- `Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException` is thrown if php-defuse-php-encryption-2.2.1/docs/classes/File.md:96: the `$key` is not the correct key for the given ciphertext, or if the php-defuse-php-encryption-2.2.1/docs/classes/File.md-97- ciphertext has been modified (possibly maliciously). There is no way to ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-129- php-defuse-php-encryption-2.2.1/docs/classes/File.md:130:1. `$inputFilename` is the path to a file containing the plaintext to encrypt. php-defuse-php-encryption-2.2.1/docs/classes/File.md:131:2. `$outputFilename` is the path to save the ciphertext file. php-defuse-php-encryption-2.2.1/docs/classes/File.md:132:3. `$password` is the password used for decryption. php-defuse-php-encryption-2.2.1/docs/classes/File.md-133- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-163-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/File.md:164:value of `$password` may be leaked out to an attacker through the stack trace. php-defuse-php-encryption-2.2.1/docs/classes/File.md-165-We recommend configuring PHP to never output stack traces (either displaying ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-185- php-defuse-php-encryption-2.2.1/docs/classes/File.md:186:1. `$inputFilename` is the path to a file containing the ciphertext to decrypt. php-defuse-php-encryption-2.2.1/docs/classes/File.md:187:2. `$outputFilename` is the path to save the decrypted plaintext file. php-defuse-php-encryption-2.2.1/docs/classes/File.md:188:3. `$password` is the password used for decryption. php-defuse-php-encryption-2.2.1/docs/classes/File.md-189- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-208-- `Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException` is thrown if php-defuse-php-encryption-2.2.1/docs/classes/File.md:209: the `$password` is not the correct key for the given ciphertext, or if the php-defuse-php-encryption-2.2.1/docs/classes/File.md-210- ciphertext has been modified (possibly maliciously). There is no way to ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-229-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/File.md:230:value of `$password` may be leaked out to an attacker through the stack trace. php-defuse-php-encryption-2.2.1/docs/classes/File.md-231-We recommend configuring PHP to never output stack traces (either displaying ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-254- php-defuse-php-encryption-2.2.1/docs/classes/File.md:255:1. `$inputHandle` is a handle to a resource (like a file pointer) containing the php-defuse-php-encryption-2.2.1/docs/classes/File.md-256- plaintext to encrypt. php-defuse-php-encryption-2.2.1/docs/classes/File.md:257:2. `$outputHandle` is a handle to a resource (like a file pointer) that the php-defuse-php-encryption-2.2.1/docs/classes/File.md-258- ciphertext will be written to. php-defuse-php-encryption-2.2.1/docs/classes/File.md:259:3. `$key` is an instance of `Key` containing the secret key for encryption. php-defuse-php-encryption-2.2.1/docs/classes/File.md-260- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-284-The ciphertext output by this method is decryptable by anyone with knowledge of php-defuse-php-encryption-2.2.1/docs/classes/File.md:285:the key `$key`. It is the caller's responsibility to keep `$key` secret. Where php-defuse-php-encryption-2.2.1/docs/classes/File.md:286:`$key` should be stored is up to the caller and depends on the threat model the php-defuse-php-encryption-2.2.1/docs/classes/File.md-287-caller is designing their application under. If you are unsure where to store php-defuse-php-encryption-2.2.1/docs/classes/File.md:288:`$key`, consult with a professional cryptographer to get help designing your php-defuse-php-encryption-2.2.1/docs/classes/File.md-289-application. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-308- php-defuse-php-encryption-2.2.1/docs/classes/File.md:309:1. `$inputHandle` is a handle to a file-backed resource containing the php-defuse-php-encryption-2.2.1/docs/classes/File.md-310- ciphertext to decrypt. It must be a file not a network stream or standard php-defuse-php-encryption-2.2.1/docs/classes/File.md-311- input. php-defuse-php-encryption-2.2.1/docs/classes/File.md:312:2. `$outputHandle` is a handle to a resource (like a file pointer) that the php-defuse-php-encryption-2.2.1/docs/classes/File.md-313- plaintext will be written to. php-defuse-php-encryption-2.2.1/docs/classes/File.md:314:3. `$key` is an instance of `Key` containing the secret key for decryption. php-defuse-php-encryption-2.2.1/docs/classes/File.md-315- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-333-- `Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException` is thrown if php-defuse-php-encryption-2.2.1/docs/classes/File.md:334: the `$key` is not the correct key for the given ciphertext, or if the php-defuse-php-encryption-2.2.1/docs/classes/File.md-335- ciphertext has been modified (possibly maliciously). There is no way to ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-367- php-defuse-php-encryption-2.2.1/docs/classes/File.md:368:1. `$inputHandle` is a handle to a resource (like a file pointer) containing the php-defuse-php-encryption-2.2.1/docs/classes/File.md-369- plaintext to encrypt. php-defuse-php-encryption-2.2.1/docs/classes/File.md:370:2. `$outputHandle` is a handle to a resource (like a file pointer) that the php-defuse-php-encryption-2.2.1/docs/classes/File.md-371- ciphertext will be written to. php-defuse-php-encryption-2.2.1/docs/classes/File.md:372:3. `$password` is the password used for encryption. php-defuse-php-encryption-2.2.1/docs/classes/File.md-373- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-402-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/File.md:403:value of `$password` may be leaked out to an attacker through the stack trace. php-defuse-php-encryption-2.2.1/docs/classes/File.md-404-We recommend configuring PHP to never output stack traces (either displaying ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-424- php-defuse-php-encryption-2.2.1/docs/classes/File.md:425:1. `$inputHandle` is a handle to a file-backed resource containing the php-defuse-php-encryption-2.2.1/docs/classes/File.md-426- ciphertext to decrypt. It must be a file not a network stream or standard php-defuse-php-encryption-2.2.1/docs/classes/File.md-427- input. php-defuse-php-encryption-2.2.1/docs/classes/File.md:428:2. `$outputHandle` is a handle to a resource (like a file pointer) that the php-defuse-php-encryption-2.2.1/docs/classes/File.md-429- plaintext will be written to. php-defuse-php-encryption-2.2.1/docs/classes/File.md:430:3. `$password` is the password used for decryption. php-defuse-php-encryption-2.2.1/docs/classes/File.md-431- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-449-- `Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException` is thrown if php-defuse-php-encryption-2.2.1/docs/classes/File.md:450: the `$password` is not the correct key for the given ciphertext, or if the php-defuse-php-encryption-2.2.1/docs/classes/File.md-451- ciphertext has been modified (possibly maliciously). There is no way to ############################################## php-defuse-php-encryption-2.2.1/docs/classes/File.md-470-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/File.md:471:value of `$password` may be leaked out to an attacker through the stack trace. php-defuse-php-encryption-2.2.1/docs/classes/File.md-472-We recommend configuring PHP to never output stack traces (either displaying ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Key.md-89- php-defuse-php-encryption-2.2.1/docs/classes/Key.md:90:1. `$saved_key_string` is the string returned from `saveToAsciiSafeString()` php-defuse-php-encryption-2.2.1/docs/classes/Key.md-91- when the original `Key` instance was saved. php-defuse-php-encryption-2.2.1/docs/classes/Key.md:92:2. `$do_not_trim` should be set to `TRUE` if you do not wish for the library php-defuse-php-encryption-2.2.1/docs/classes/Key.md-93- to automatically strip trailing whitespace from the string. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Key.md-98-that was represented by the `Key` instance that got saved into php-defuse-php-encryption-2.2.1/docs/classes/Key.md:99:`$saved_key_string` by a call to `saveToAsciiSafeString()`. php-defuse-php-encryption-2.2.1/docs/classes/Key.md-100- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/Key.md-108-- `Defuse\Crypto\Exception\BadFormatException` is thrown whenever php-defuse-php-encryption-2.2.1/docs/classes/Key.md:109: `$saved_key_string` does not represent a valid `Key` instance. php-defuse-php-encryption-2.2.1/docs/classes/Key.md-110- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-66- php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:67:1. `$password` is the password required to unlock this `KeyProtectedByPassword` php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-68- to obtain the `Key`. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-71- php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:72:If `$password` is the correct password, then this method returns an instance of php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-73-the `Key` class. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-82-- `Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException` is thrown if php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:83: either the given `$password` is not the correct password for this php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-84- `KeyProtectedByPassword` or the ciphertext stored internally by this object ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-98-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:99:value of `$password` may be leaked out to an attacker through the stack trace. php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-100-We recommend configuring PHP to never output stack traces (either displaying ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-113-Changes the password, so that calling `unlockKey` on this object in the future php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:114:will require you to pass `$new\_password` instead of the old password. It is php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-115-your responsibility to overwrite all stored copies of this ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-120- php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:121:1. `$current\_password` is the password that this `KeyProtectedByPassword` is php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-122- currently protected with. php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:123:2. `$new\_password` is the new password, which the `KeyProtectedByPassword` will php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-124- be protected with once this operation completes. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-127- php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:128:If `$current\_password` is the correct password, then this method updates itself php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-129-to be protected with the new password, and also returns itself. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-138-- `Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException` is thrown if php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:139: either the given `$current\_password` is not the correct password for this php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-140- `KeyProtectedByPassword` or the ciphertext stored internally by this object ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-154-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:155:value of `$password` may be leaked out to an attacker through the stack trace. php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-156-We recommend configuring PHP to never output stack traces (either displaying ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-165-**WARNING:** Because of the way `KeyProtectedByPassword` is implemented, knowing php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:166:`SHA256($password)` is enough to decrypt a `KeyProtectedByPassword`. To be php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:167:secure, your application MUST NOT EVER compute `SHA256($password)` and use or php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-168-store it for any reason. You must also make sure that other libraries your ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-177- php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:178:Generates a new random key that's protected by the string `$password` and php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-179-returns an instance of `KeyProtectedByPassword`. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-182- php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:183:1. `$password` is the password used to protect the random key. php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-184- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-187-Returns an instance of `KeyProtectedByPassword` containing a randomly-generated php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:188:encryption key that's protected by the password `$password`. php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-189- ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-206-call stack. If an exception is thrown inside this call, and it is uncaught, the php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:207:value of `$password` may be leaked out to an attacker through the stack trace. php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-208-We recommend configuring PHP to never output stack traces (either displaying ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-217-**WARNING:** Because of the way `KeyProtectedByPassword` is implemented, knowing php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:218:`SHA256($password)` is enough to decrypt a `KeyProtectedByPassword`. To be php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:219:secure, your application MUST NOT EVER compute `SHA256($password)` and use or php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-220-store it for any reason. You must also make sure that other libraries your ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-231- php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:232:1. `$saved_key_string` is the string returned from `saveToAsciiSafeString()` php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-233- when the original `KeyProtectedByPassword` instance was saved. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-238-password-protected key as the one that was represented by the php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:239:`KeyProtectedByPassword` instance that got saved into `$saved_key_string` by php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-240-a call to `saveToAsciiSafeString()`. ############################################## php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-249-- `Defuse\Crypto\Exception\BadFormatException` is thrown whenever php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md:250: `$saved_key_string` does not represent a valid `KeyProtectedByPassword` php-defuse-php-encryption-2.2.1/docs/classes/KeyProtectedByPassword.md-251- instance.