Apache::AppSamurai::Session::Serialize::CryptBase64 - Storable, AES, and MIME::Base64 for session serializer
use Apache::AppSamurai::Session::Serialize::CryptBase64; # serialize and unserialze take a single hash reference with required # subhashes. {args} must include two 256 bit hex string key/value pairs: # key = Session authentication key # ServerKey = Server key # (Examples keys are examples. Don't use them! $s->{args}-> {ServerKey} = "628b49d96dcde97a430dd4f597705899e09a968f793491e4b704cae33a40dc02"; $s->{args}->{key} = "c44474038d459e40e4714afefa7bf8dae9f9834b22f5e8ec1dd434ecb62b512e"; # serialize() operates on the ->{data} subhash $s->{data}->{test} = "Testy!"; $zipped = Apache::Session::Serialize::Base64::serialize($s); # unserialize works on the ->{serialized} subhash $s->{serialized} = $zipped; $data = Apache::Session::Serialize::Base64::unserialize($s);
This module fulfills the serialization interface of Apache::Session and Apache::AppSamurai::Session. It serializes the data in the session object by use of Storable's nfreeze() function. The data is then encoded using MIME::Base64's encode_bas64 method. It then uses the passed {args}->{key}, (session authentication key), and passed {args}->{ServerKey}, (server key), to setup and encrypt using Crypt::Rijndael's c<encrypt> method. Finally, MIME::Base64 encode is used on the ciphertext for safe storage.
nfreeze()
encode_bas64
The unserialize method uses a combination of MIME::Base64's decode_base64, Crypt::Rijndael's decrypt, and Storable's thaw methods to decode, decrypt, and reconstitute the data.
decode_base64
The serialized data is ASCII text, suitable for storage in backing stores that don't handle binary data gracefully, such as Postgres. The pre-encryption Base64 encoding is used for easy padding of data into chunks that can be directly handled by AES (Rijndael).
Apache::Session::Serialize::Storable, Apache::Session
Apache::AppSamurai::Session, Storable, MIME::Base64, Crypt::Rijndael, Apache::Session
Paul M. Hirsch, <paul at voltagenoir.org>
<paul at voltagenoir.org>
See Apache::AppSamurai for information on bug submission and tracking.
See Apache::AppSamurai for support information.
Copyright 2007 Paul M. Hirsch, all rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
To install Apache::AppSamurai, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Apache::AppSamurai
CPAN shell
perl -MCPAN -e shell install Apache::AppSamurai
For more information on module installation, please visit the detailed CPAN module installation guide.