rfc:secure_serialization
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
rfc:secure_serialization [2015/12/30 03:26] – Add future scope - compat functions for older releases. yohgaki | rfc:secure_serialization [2017/09/22 13:28] – external edit 127.0.0.1 | ||
---|---|---|---|
Line 20: | Line 20: | ||
===== Proposal ===== | ===== Proposal ===== | ||
- | * Add secure_serialize() and secure_unserialize() supports message authentication code generation/ | + | * Add serialize_mhac() and unserialize_mhac() supports message authentication code generation/ |
<code php> | <code php> | ||
- | string | + | string |
- | mixed secure_unserialize(mixed $data_to_be_unserialized | + | mixed unserialize_mhac(mixed $data_to_be_unserialized , mixed $secret_keys) |
</ | </ | ||
- | * Add system wide secret key INI setting. | ||
- | serialize_secret - Secret string key used for authentication code | + | ==== How serialize_mhac() works ==== |
- | serialize_ttl - Serialized data TTL | + | |
- | + | ||
- | ==== How secure_serialize() works ==== | + | |
Pseudo code | Pseudo code | ||
<code php> | <code php> | ||
- | function secure_serialize(string $data_to_be_serialized, | + | function secure_serialize(string $data_to_be_serialized, |
- | $secret_key = $secret_key ?: ini_get(' | + | |
if (strlen($secret_key) < 32) { | if (strlen($secret_key) < 32) { | ||
trigger_error(' | trigger_error(' | ||
return FALSE; | return FALSE; | ||
} | } | ||
- | if (ini_get(' | + | if ($ttl < 0) { |
- | | + | |
- | } else { | + | |
- | | + | |
} | } | ||
+ | $ttl = $ttl ? time() + $ttl : 0; | ||
$session_only = $session_only ? TRUE : FALSE; | $session_only = $session_only ? TRUE : FALSE; | ||
// Use random key to randomize $mac | // Use random key to randomize $mac | ||
Line 52: | Line 47: | ||
| | ||
$serialized_data = serialize($data_to_be_serialized); | $serialized_data = serialize($data_to_be_serialized); | ||
- | | + | |
- | if (!session_id()) { | + | |
- | trigger_error(' | + | if ($session_only && |
- | return FALSE; | + | |
- | } | + | |
// Session ID is hashed by SHA256 to avoid session ID exposure. | // Session ID is hashed by SHA256 to avoid session ID exposure. | ||
- | $mac = sha256($secret_key.$ttl.$key.sha256($secret_key.session_id()).$serialized_data); | + | $mac = hash_hmac( |
- | return | + | ' |
+ | | ||
+ | $secret_key); | ||
+ | // Serialize these data with special/ | ||
+ | return | ||
} else { | } else { | ||
- | $mac = sha256($secret_key.$ttl.$key.$serialized_data); | + | $mac = hash_hmac( |
- | return | + | ' |
+ | | ||
+ | $secret_key); | ||
+ | // Serialize these data with special/ | ||
+ | return | ||
} | } | ||
} | } | ||
Line 68: | Line 69: | ||
- | ==== How secure_unserialize() works ==== | + | ==== How unserialize_mhac() works ==== |
Pseudo code | Pseudo code | ||
<code php> | <code php> | ||
- | function | + | function |
- | $secret_key = $secret_key ?: ini_get(' | + | |
if (strlen($secret_key) < 32) { | if (strlen($secret_key) < 32) { | ||
trigger_error(' | trigger_error(' | ||
Line 79: | Line 79: | ||
} | } | ||
| | ||
- | $tmp = unserialize($data_to_be_unserialized); | + | |
- | if ($tmp[' | + | |
+ | if ($tmp[' | ||
// Serialized data is expired | // Serialized data is expired | ||
return FALSE; | return FALSE; | ||
} | } | ||
| | ||
- | if (isset($tmp[' | + | |
- | // Old session ID may be used if session module | + | foreach ($keys in $k) { |
- | $mac = sha256($secret_key.$tmp[' | + | |
- | } else { | + | // Old session ID may be used if session module |
- | $mac = sha256($secret_key.$tmp[' | + | // https:// |
- | } | + | |
- | + | ' | |
- | | + | |
- | return | + | $k); |
+ | } else { | ||
+ | $mac = hash_hmac( | ||
+ | ' | ||
+ | | ||
+ | $k); | ||
+ | } | ||
+ | if ($mac !== $tmp[' | ||
+ | | ||
+ | | ||
+ | // Unserialize data normally and return | ||
+ | return unserialize($tmp[' | ||
} | } | ||
- | return | + | return |
} | } | ||
</ | </ | ||
Line 132: | Line 144: | ||
* php.ini-production values | * php.ini-production values | ||
- | + | No changes. | |
- | * serialize_secret - Default '' | + | |
- | * serialize_ttl - Default 36000 (10 hours) for all. Authentication code TTL | + | |
===== Open Issues ===== | ===== Open Issues ===== | ||
Line 148: | Line 158: | ||
If session module stores old session ID, automatic fallback to old session ID may be supported. | If session module stores old session ID, automatic fallback to old session ID may be supported. | ||
- | Compatibility functions for older releases may be implemented as PHP script. | + | Encryption is more secure than authentication code. Implement serialize_crypt/ |
===== Proposed Voting Choices ===== | ===== Proposed Voting Choices ===== |
rfc/secure_serialization.txt · Last modified: 2018/03/01 23:18 by carusogabriel