diff --git a/src/aws-cpp-sdk-core/include/aws/core/auth/AWSCredentials.h b/src/aws-cpp-sdk-core/include/aws/core/auth/AWSCredentials.h index 600a60bd56a9..57d43e765018 100644 --- a/src/aws-cpp-sdk-core/include/aws/core/auth/AWSCredentials.h +++ b/src/aws-cpp-sdk-core/include/aws/core/auth/AWSCredentials.h @@ -9,6 +9,7 @@ #include #include #include +#include namespace Aws { namespace Auth @@ -98,6 +99,42 @@ namespace Aws m_expiration(expiration), m_accountId(accountId) {} + /** + * Copy constructor. + */ + AWSCredentials(const AWSCredentials& other) = default; + + /** + * Move constructor. + */ + AWSCredentials(AWSCredentials&& other) noexcept = default; + + /** + * Destructor that securely clears sensitive credential data from memory. + */ + ~AWSCredentials() + { + // Securely clear sensitive credential data + if (!m_secretKey.empty()) + { + Aws::Security::SecureMemClear(reinterpret_cast(&m_secretKey[0]), m_secretKey.size()); + } + if (!m_sessionToken.empty()) + { + Aws::Security::SecureMemClear(reinterpret_cast(&m_sessionToken[0]), m_sessionToken.size()); + } + } + + /** + * Copy assignment operator. + */ + AWSCredentials& operator=(const AWSCredentials& other) = default; + + /** + * Move assignment operator. + */ + AWSCredentials& operator=(AWSCredentials&& other) noexcept = default; + bool operator == (const AWSCredentials& other) const { return m_accessKeyId == other.m_accessKeyId