rfc:secure_serialization
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
rfc:secure_serialization [2015/12/30 19:27] – yohgaki | rfc:secure_serialization [2018/03/01 23:18] (current) – RFC is Under Discussion carusogabriel | ||
---|---|---|---|
Line 3: | Line 3: | ||
* Date: 2015-12-30 | * Date: 2015-12-30 | ||
* Author: Yasuo Ohgaki < | * Author: Yasuo Ohgaki < | ||
- | * Status: | + | * Status: |
* First Published at: http:// | * First Published at: http:// | ||
Line 20: | Line 20: | ||
===== Proposal ===== | ===== Proposal ===== | ||
- | * Add secure_serialize() and secure_unserialize() supports message authentication code generation/ | + | * Add serialize_mhac() and unserialize_mhac() supports message authentication code generation/ |
<code php> | <code php> | ||
- | string | + | string |
- | mixed secure_unserialize(mixed $data_to_be_unserialized , string | + | mixed unserialize_mhac(mixed $data_to_be_unserialized , mixed $secret_keys) |
</ | </ | ||
- | ==== How secure_serialize() works ==== | + | ==== How serialize_mhac() works ==== |
Pseudo code | Pseudo code | ||
<code php> | <code php> | ||
- | function secure_serialize(string $data_to_be_serialized, | + | function secure_serialize(string $data_to_be_serialized, |
if (strlen($secret_key) < 32) { | if (strlen($secret_key) < 32) { | ||
trigger_error(' | trigger_error(' | ||
return FALSE; | return FALSE; | ||
} | } | ||
- | if ($ttl <= 0) { | + | if ($ttl < 0) { |
trigger_error(' | trigger_error(' | ||
return FALSE; | return FALSE; | ||
} | } | ||
- | $ttl = time() + $ttl; | + | $ttl = $ttl ? time() + $ttl : 0; |
$session_only = $session_only ? TRUE : FALSE; | $session_only = $session_only ? TRUE : FALSE; | ||
// Use random key to randomize $mac | // Use random key to randomize $mac | ||
Line 47: | Line 47: | ||
| | ||
$serialized_data = serialize($data_to_be_serialized); | $serialized_data = serialize($data_to_be_serialized); | ||
+ | $keys = is_array($secret_key) ?: array(secret_key); | ||
+ | | ||
if ($session_only && session_id()) { | if ($session_only && session_id()) { | ||
// Session ID is hashed by SHA256 to avoid session ID exposure. | // Session ID is hashed by SHA256 to avoid session ID exposure. | ||
- | $mac = sha256($secret_key.$ttl.$key.sha256($secret_key.session_id()).$serialized_data); | + | $mac = hash_hmac( |
- | return | + | ' |
+ | | ||
+ | $secret_key); | ||
+ | // Serialize these data with special/ | ||
+ | return | ||
} else { | } else { | ||
- | $mac = sha256($secret_key.$ttl.$key.$serialized_data); | + | $mac = hash_hmac( |
- | return | + | ' |
+ | | ||
+ | $secret_key); | ||
+ | // Serialize these data with special/ | ||
+ | return | ||
} | } | ||
} | } | ||
Line 59: | Line 69: | ||
- | ==== How secure_unserialize() works ==== | + | ==== How unserialize_mhac() works ==== |
Pseudo code | Pseudo code | ||
<code php> | <code php> | ||
- | function | + | function |
if (strlen($secret_key) < 32) { | if (strlen($secret_key) < 32) { | ||
trigger_error(' | trigger_error(' | ||
Line 69: | Line 79: | ||
} | } | ||
| | ||
- | // Unserialize | + | // Unserialize |
- | $tmp = unserialize_header($data_to_be_unserialized); | + | $tmp = __unserialize__($data_to_be_unserialized); |
- | if ($tmp[' | + | if ($tmp[' |
// Serialized data is expired | // Serialized data is expired | ||
return FALSE; | return FALSE; | ||
} | } | ||
| | ||
- | if (isset($tmp[' | + | |
- | // Old session ID may be used if session module stores old IDs in internal data. | + | foreach ($keys in $k) { |
- | // https:// | + | |
- | $mac = sha256($secret_key.$tmp[' | + | // Old session ID may be used if session module stores old IDs in internal data. |
- | } else { | + | // https:// |
- | $mac = sha256($secret_key.$tmp[' | + | $mac = hash_hmac( |
- | } | + | ' |
- | + | | |
- | | + | $k); |
- | return | + | } else { |
+ | $mac = hash_hmac( | ||
+ | ' | ||
+ | | ||
+ | $k); | ||
+ | } | ||
+ | if ($mac !== $tmp[' | ||
+ | | ||
+ | | ||
+ | // Unserialize data normally and return | ||
+ | return unserialize($tmp[' | ||
} | } | ||
- | | + | return |
- | return unserialize_data($tmp[' | + | |
} | } | ||
</ | </ | ||
Line 139: | Line 158: | ||
If session module stores old session ID, automatic fallback to old session ID may be supported. | If session module stores old session ID, automatic fallback to old session ID may be supported. | ||
- | Compatibility functions for older releases may be implemented as PHP script. | + | Encryption is more secure than authentication code. Implement serialize_crypt/ |
===== Proposed Voting Choices ===== | ===== Proposed Voting Choices ===== |
rfc/secure_serialization.1451503675.txt.gz · Last modified: 2017/09/22 13:28 (external edit)