NAME

Apache::AppSamurai::Session::Serialize::CryptBase64 - Storable, AES, and MIME::Base64 for session serializer

SYNOPSIS

 use Apache::AppSamurai::Session::Serialize::CryptBase64;
 
 # You must choose a Crypt::CBC compatible cipher. (See the DESCRIPTION
 # section for the supported list.)  This can be done either by
 # setting a specific value (the recommended way):
 $s->{args}->{SerializeCipher} = 'Crypt::OpenSSL::AES';

 # ... or by using the find_cipher() utility method:
 $s->{args}->{SerializeCipher} = Apache::AppSamurai::Session::Serialize::CryptBase64::find_cipher

 # serialize and unserialze take a single hash reference with required
 # subhashes.  {args} must include two 256 bit hex string key/value pairs:
 # key = Session authentication key
 # ServerKey = Server key
 # (Examples keys are examples.  Don't use them!
 $s->{args}->{ServerKey} = "628b49d96dcde97a430dd4f597705899e09a968f793491e4b704cae33a40dc02";
 $s->{args}->{key} = "c44474038d459e40e4714afefa7bf8dae9f9834b22f5e8ec1dd434ecb62b512e";

 # serialize() operates on the ->{data} subhash
 $s->{data}->{test} = "Testy!";
 $zipped = Apache::Session::Serialize::Base64::serialize($s);

 # unserialize works on the ->{serialized} subhash
 $s->{serialized} = $zipped;
 $data = Apache::Session::Serialize::Base64::unserialize($s);

DESCRIPTION

This module fulfils the serialization interface of Apache::Session and Apache::AppSamurai::Session. It serializes the data in the session object by use of Storable's nfreeze() function. Then, using the configured cipher module in {args}->{SerializeCipher}, the passed in {args}->{key}, (session authentication key), and the passed in {args}->{ServerKey}, (server key), it encrypts using the encrypt() method of Crypt::CBC. Finally, MIME::Base64 encode is used on the ciphertext for safe storage.

The unserialize method uses a combination of MIME::Base64's decode_base64, Crypt::CBC's decrypt, and Storable's thaw methods to decode, decrypt, and reconstitute the data.

The serialized data is ASCII text, suitable for storage in backing stores that don't handle binary data gracefully, such as Postgres. The following Crypt modules are currently supported:

 Crypt::Rijndael     - AES implementation
 Crypt::OpenSSL::AES - OpenSSL AES wrapper
 Crypt::Twofish      - Twofish implementation
 Crypt::Blowfish     - Blowfish implementation

The configured module must be installed before use. For efficiency, it is recommended that you staticly set the SerializeCipher argument when calling this module. That said, for convenience, a simple utility method, find_cipher() is provided.

AUTHOR

Paul M. Hirsch, <paul at voltagenoir.org>

BUGS

See Apache::AppSamurai for information on bug submission and tracking.

SUPPORT

See Apache::AppSamurai for support information.

COPYRIGHT & LICENSE

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

To install Apache::AppSamurai, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Apache::AppSamurai

CPAN shell

perl -MCPAN -e shell
install Apache::AppSamurai

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)