rfc:secure_serialization
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
rfc:secure_serialization [2015/12/30 19:52] – yohgaki | rfc:secure_serialization [2018/03/01 23:18] (current) – RFC is Under Discussion carusogabriel | ||
---|---|---|---|
Line 3: | Line 3: | ||
* Date: 2015-12-30 | * Date: 2015-12-30 | ||
* Author: Yasuo Ohgaki < | * Author: Yasuo Ohgaki < | ||
- | * Status: | + | * Status: |
* First Published at: http:// | * First Published at: http:// | ||
Line 20: | Line 20: | ||
===== Proposal ===== | ===== Proposal ===== | ||
- | * Add secure_serialize() and secure_unserialize() supports message authentication code generation/ | + | * Add serialize_mhac() and unserialize_mhac() supports message authentication code generation/ |
<code php> | <code php> | ||
- | string | + | string |
- | mixed secure_unserialize(mixed $data_to_be_unserialized , string | + | mixed unserialize_mhac(mixed $data_to_be_unserialized , mixed $secret_keys) |
</ | </ | ||
- | ==== How secure_serialize() works ==== | + | ==== How serialize_mhac() works ==== |
Pseudo code | Pseudo code | ||
<code php> | <code php> | ||
- | function secure_serialize(string $data_to_be_serialized, | + | function secure_serialize(string $data_to_be_serialized, |
if (strlen($secret_key) < 32) { | if (strlen($secret_key) < 32) { | ||
trigger_error(' | trigger_error(' | ||
return FALSE; | return FALSE; | ||
} | } | ||
- | if ($ttl <= 0) { | + | if ($ttl < 0) { |
trigger_error(' | trigger_error(' | ||
return FALSE; | return FALSE; | ||
} | } | ||
- | $ttl = time() + $ttl; | + | $ttl = $ttl ? time() + $ttl : 0; |
$session_only = $session_only ? TRUE : FALSE; | $session_only = $session_only ? TRUE : FALSE; | ||
// Use random key to randomize $mac | // Use random key to randomize $mac | ||
Line 47: | Line 47: | ||
| | ||
$serialized_data = serialize($data_to_be_serialized); | $serialized_data = serialize($data_to_be_serialized); | ||
+ | $keys = is_array($secret_key) ?: array(secret_key); | ||
+ | | ||
if ($session_only && session_id()) { | if ($session_only && session_id()) { | ||
// Session ID is hashed by SHA256 to avoid session ID exposure. | // Session ID is hashed by SHA256 to avoid session ID exposure. | ||
Line 67: | Line 69: | ||
- | ==== How secure_unserialize() works ==== | + | ==== How unserialize_mhac() works ==== |
Pseudo code | Pseudo code | ||
<code php> | <code php> | ||
- | function | + | function |
if (strlen($secret_key) < 32) { | if (strlen($secret_key) < 32) { | ||
trigger_error(' | trigger_error(' | ||
Line 79: | Line 81: | ||
// Unserialize special format | // Unserialize special format | ||
$tmp = __unserialize__($data_to_be_unserialized); | $tmp = __unserialize__($data_to_be_unserialized); | ||
- | if ($tmp[' | + | if ($tmp[' |
// Serialized data is expired | // Serialized data is expired | ||
return FALSE; | return FALSE; | ||
} | } | ||
| | ||
- | if (isset($tmp[' | + | |
- | // Old session ID may be used if session module stores old IDs in internal data. | + | foreach ($keys in $k) { |
- | // https:// | + | |
- | $mac = hash_hmac( | + | // Old session ID may be used if session module stores old IDs in internal data. |
- | ' | + | // https:// |
- | $tmp[' | + | $mac = hash_hmac( |
- | $secret_key); | + | ' |
- | } else { | + | $tmp[' |
- | $mac = hash_hmac( | + | $k); |
- | ' | + | } else { |
- | $tmp[' | + | $mac = hash_hmac( |
- | $secret_key); | + | ' |
- | } | + | $tmp[' |
- | + | $k); | |
- | | + | } |
- | return | + | if ($mac !== $tmp[' |
+ | | ||
+ | | ||
+ | // Unserialize data normally and return | ||
+ | return unserialize($tmp[' | ||
} | } | ||
- | | + | return |
- | return unserialize($tmp[' | + | |
} | } | ||
</ | </ | ||
Line 153: | Line 158: | ||
If session module stores old session ID, automatic fallback to old session ID may be supported. | If session module stores old session ID, automatic fallback to old session ID may be supported. | ||
- | Compatibility functions for older releases may be implemented as PHP script. | + | Encryption is more secure than authentication code. Implement serialize_crypt/ |
===== Proposed Voting Choices ===== | ===== Proposed Voting Choices ===== |
rfc/secure_serialization.1451505123.txt.gz · Last modified: 2017/09/22 13:28 (external edit)