NAME
Apache::AppSamurai::Session::Serialize::CryptBase64 - Storable, AES, and MIME::Base64 for session serializer
SYNOPSIS
use Apache::AppSamurai::Session::Serialize::CryptBase64;
# You must choose a Crypt::CBC compatible cipher. (See the DESCRIPTION
# section for the supported list.) This can be done either by
# setting a specific value (the recommended way):
$s->{args}->{SerializeCipher} = 'Crypt::OpenSSL::AES';
# ... or by using the find_cipher() utility method:
$s->{args}->{SerializeCipher} = Apache::AppSamurai::Session::Serialize::CryptBase64::find_cipher
# serialize and unserialze take a single hash reference with required
# subhashes. {args} must include two 256 bit hex string key/value pairs:
# key = Session authentication key
# ServerKey = Server key
# (Examples keys are examples. Don't use them!
$s->{args}->{ServerKey} = "628b49d96dcde97a430dd4f597705899e09a968f793491e4b704cae33a40dc02";
$s->{args}->{key} = "c44474038d459e40e4714afefa7bf8dae9f9834b22f5e8ec1dd434ecb62b512e";
# serialize() operates on the ->{data} subhash
$s->{data}->{test} = "Testy!";
$zipped = Apache::Session::Serialize::Base64::serialize($s);
# unserialize works on the ->{serialized} subhash
$s->{serialized} = $zipped;
$data = Apache::Session::Serialize::Base64::unserialize($s);
DESCRIPTION
This module fulfils the serialization interface of Apache::Session and Apache::AppSamurai::Session. It serializes the data in the session object by use of Storable's nfreeze()
function. Then, using the configured cipher module in {args}->{SerializeCipher}, the passed in {args}->{key}, (session authentication key), and the passed in {args}->{ServerKey}, (server key), it encrypts using the encrypt()
method of Crypt::CBC. Finally, MIME::Base64 encode is used on the ciphertext for safe storage.
The unserialize method uses a combination of MIME::Base64's decode_base64
, Crypt::CBC's decrypt, and Storable's thaw methods to decode, decrypt, and reconstitute the data.
The serialized data is ASCII text, suitable for storage in backing stores that don't handle binary data gracefully, such as Postgres. The following Crypt modules are currently supported:
Crypt::Rijndael - AES implementation
Crypt::OpenSSL::AES - OpenSSL AES wrapper
Crypt::Twofish - Twofish implementation
Crypt::Blowfish - Blowfish implementation
The configured module must be installed before use. For efficiency, it is recommended that you staticly set the SerializeCipher argument when calling this module. That said, for convenience, a simple utility method, find_cipher() is provided.
SEE ALSO
Apache::AppSamurai::Session, Storable, MIME::Base64, Apache::Session, Crypt::CBC, Crypt::Rijndael, Crypt::OpenSSL::AES, Crypt::Twofish, Crypt::Blowfish
AUTHOR
Paul M. Hirsch, <paul at voltagenoir.org>
BUGS
See Apache::AppSamurai for information on bug submission and tracking.
SUPPORT
See Apache::AppSamurai for support information.
COPYRIGHT & LICENSE
Copyright 2008 Paul M. Hirsch, all rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.