line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
5
|
|
|
5
|
|
408866
|
use 5.008001; |
|
5
|
|
|
|
|
51
|
|
2
|
5
|
|
|
5
|
|
28
|
use strict; |
|
5
|
|
|
|
|
10
|
|
|
5
|
|
|
|
|
113
|
|
3
|
5
|
|
|
5
|
|
24
|
use warnings; |
|
5
|
|
|
|
|
11
|
|
|
5
|
|
|
|
|
314
|
|
4
|
|
|
|
|
|
|
|
5
|
|
|
|
|
|
|
package Session::Storage::Secure; |
6
|
|
|
|
|
|
|
# ABSTRACT: Encrypted, expiring, compressed, serialized session data with integrity |
7
|
|
|
|
|
|
|
|
8
|
|
|
|
|
|
|
our $VERSION = '0.901'; # TRIAL |
9
|
|
|
|
|
|
|
|
10
|
5
|
|
|
5
|
|
33
|
use Carp (qw/croak/); |
|
5
|
|
|
|
|
10
|
|
|
5
|
|
|
|
|
312
|
|
11
|
5
|
|
|
5
|
|
3604
|
use Crypt::CBC 2.33 (); |
|
5
|
|
|
|
|
40826
|
|
|
5
|
|
|
|
|
130
|
|
12
|
5
|
|
|
5
|
|
2287
|
use Crypt::Rijndael (); |
|
5
|
|
|
|
|
3178
|
|
|
5
|
|
|
|
|
149
|
|
13
|
5
|
|
|
5
|
|
2477
|
use Crypt::URandom (qw/urandom/); |
|
5
|
|
|
|
|
26479
|
|
|
5
|
|
|
|
|
283
|
|
14
|
5
|
|
|
5
|
|
2880
|
use Digest::SHA (qw/hmac_sha256/); |
|
5
|
|
|
|
|
16104
|
|
|
5
|
|
|
|
|
428
|
|
15
|
5
|
|
|
5
|
|
2621
|
use Math::Random::ISAAC::XS (); |
|
5
|
|
|
|
|
2540
|
|
|
5
|
|
|
|
|
161
|
|
16
|
5
|
|
|
5
|
|
949
|
use MIME::Base64 3.12 (); |
|
5
|
|
|
|
|
1297
|
|
|
5
|
|
|
|
|
191
|
|
17
|
5
|
|
|
5
|
|
34
|
use Sereal::Encoder 4.005 (); |
|
5
|
|
|
|
|
95
|
|
|
5
|
|
|
|
|
121
|
|
18
|
5
|
|
|
5
|
|
26
|
use Sereal::Decoder 4.005 (); |
|
5
|
|
|
|
|
75
|
|
|
5
|
|
|
|
|
107
|
|
19
|
5
|
|
|
5
|
|
2533
|
use String::Compare::ConstantTime qw/equals/; |
|
5
|
|
|
|
|
3288
|
|
|
5
|
|
|
|
|
289
|
|
20
|
5
|
|
|
5
|
|
2669
|
use namespace::clean; |
|
5
|
|
|
|
|
76668
|
|
|
5
|
|
|
|
|
30
|
|
21
|
|
|
|
|
|
|
|
22
|
5
|
|
|
5
|
|
4123
|
use Moo; |
|
5
|
|
|
|
|
35688
|
|
|
5
|
|
|
|
|
26
|
|
23
|
5
|
|
|
5
|
|
10654
|
use MooX::Types::MooseLike::Base 0.16 qw(:all); |
|
5
|
|
|
|
|
35114
|
|
|
5
|
|
|
|
|
9456
|
|
24
|
|
|
|
|
|
|
|
25
|
|
|
|
|
|
|
#--------------------------------------------------------------------------# |
26
|
|
|
|
|
|
|
# Attributes |
27
|
|
|
|
|
|
|
#--------------------------------------------------------------------------# |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
#pod =attr secret_key (required) |
30
|
|
|
|
|
|
|
#pod |
31
|
|
|
|
|
|
|
#pod This is used to secure the session data. The encryption and message |
32
|
|
|
|
|
|
|
#pod authentication key is derived from this using a one-way function. Changing it |
33
|
|
|
|
|
|
|
#pod will invalidate all sessions. |
34
|
|
|
|
|
|
|
#pod |
35
|
|
|
|
|
|
|
#pod =cut |
36
|
|
|
|
|
|
|
|
37
|
|
|
|
|
|
|
has secret_key => ( |
38
|
|
|
|
|
|
|
is => 'ro', |
39
|
|
|
|
|
|
|
isa => Str, |
40
|
|
|
|
|
|
|
required => 1, |
41
|
|
|
|
|
|
|
); |
42
|
|
|
|
|
|
|
|
43
|
|
|
|
|
|
|
#pod =attr default_duration |
44
|
|
|
|
|
|
|
#pod |
45
|
|
|
|
|
|
|
#pod Number of seconds for which the session may be considered valid. If an |
46
|
|
|
|
|
|
|
#pod expiration is not provided to C, this is used instead to expire the |
47
|
|
|
|
|
|
|
#pod session after a period of time. It is unset by default, meaning that session |
48
|
|
|
|
|
|
|
#pod expiration is not capped. |
49
|
|
|
|
|
|
|
#pod |
50
|
|
|
|
|
|
|
#pod =cut |
51
|
|
|
|
|
|
|
|
52
|
|
|
|
|
|
|
has default_duration => ( |
53
|
|
|
|
|
|
|
is => 'ro', |
54
|
|
|
|
|
|
|
isa => Int, |
55
|
|
|
|
|
|
|
predicate => 1, |
56
|
|
|
|
|
|
|
); |
57
|
|
|
|
|
|
|
|
58
|
|
|
|
|
|
|
#pod =attr old_secrets |
59
|
|
|
|
|
|
|
#pod |
60
|
|
|
|
|
|
|
#pod An optional array reference of strings containing old secret keys no longer |
61
|
|
|
|
|
|
|
#pod used for encryption but still supported for decrypting session data. |
62
|
|
|
|
|
|
|
#pod |
63
|
|
|
|
|
|
|
#pod =cut |
64
|
|
|
|
|
|
|
|
65
|
|
|
|
|
|
|
has old_secrets => ( |
66
|
|
|
|
|
|
|
is => 'ro', |
67
|
|
|
|
|
|
|
isa => ArrayRef [Str], |
68
|
|
|
|
|
|
|
); |
69
|
|
|
|
|
|
|
|
70
|
|
|
|
|
|
|
#pod =attr separator |
71
|
|
|
|
|
|
|
#pod |
72
|
|
|
|
|
|
|
#pod A character used to separate fields. It defaults to C<~>. |
73
|
|
|
|
|
|
|
#pod |
74
|
|
|
|
|
|
|
#pod =cut |
75
|
|
|
|
|
|
|
|
76
|
|
|
|
|
|
|
has separator => ( |
77
|
|
|
|
|
|
|
is => 'ro', |
78
|
|
|
|
|
|
|
isa => Str, |
79
|
|
|
|
|
|
|
default => '~', |
80
|
|
|
|
|
|
|
); |
81
|
|
|
|
|
|
|
|
82
|
|
|
|
|
|
|
#pod =attr sereal_encoder_options |
83
|
|
|
|
|
|
|
#pod |
84
|
|
|
|
|
|
|
#pod A hash reference with constructor arguments for L. Defaults |
85
|
|
|
|
|
|
|
#pod to C<< { snappy => 1, croak_on_bless => 1 } >>. |
86
|
|
|
|
|
|
|
#pod |
87
|
|
|
|
|
|
|
#pod =cut |
88
|
|
|
|
|
|
|
|
89
|
|
|
|
|
|
|
has sereal_encoder_options => ( |
90
|
|
|
|
|
|
|
is => 'ro', |
91
|
|
|
|
|
|
|
isa => HashRef, |
92
|
|
|
|
|
|
|
default => sub { { snappy => 1, croak_on_bless => 1 } }, |
93
|
|
|
|
|
|
|
); |
94
|
|
|
|
|
|
|
|
95
|
|
|
|
|
|
|
#pod =attr sereal_decoder_options |
96
|
|
|
|
|
|
|
#pod |
97
|
|
|
|
|
|
|
#pod A hash reference with constructor arguments for L. Defaults |
98
|
|
|
|
|
|
|
#pod to C<< { refuse_objects => 1, validate_utf8 => 1 } >>. |
99
|
|
|
|
|
|
|
#pod |
100
|
|
|
|
|
|
|
#pod =cut |
101
|
|
|
|
|
|
|
|
102
|
|
|
|
|
|
|
has sereal_decoder_options => ( |
103
|
|
|
|
|
|
|
is => 'ro', |
104
|
|
|
|
|
|
|
isa => HashRef, |
105
|
|
|
|
|
|
|
default => sub { { refuse_objects => 1, validate_utf8 => 1 } }, |
106
|
|
|
|
|
|
|
); |
107
|
|
|
|
|
|
|
|
108
|
|
|
|
|
|
|
#pod =attr transport_encoder |
109
|
|
|
|
|
|
|
#pod |
110
|
|
|
|
|
|
|
#pod A code reference to convert binary data elements (the encrypted data and the |
111
|
|
|
|
|
|
|
#pod MAC) into a transport-safe form. Defaults to |
112
|
|
|
|
|
|
|
#pod L. The output must not include |
113
|
|
|
|
|
|
|
#pod the C attribute used to delimit fields. |
114
|
|
|
|
|
|
|
#pod |
115
|
|
|
|
|
|
|
#pod =cut |
116
|
|
|
|
|
|
|
|
117
|
|
|
|
|
|
|
has transport_encoder => ( |
118
|
|
|
|
|
|
|
is => 'ro', |
119
|
|
|
|
|
|
|
isa => CodeRef, |
120
|
|
|
|
|
|
|
default => sub { \&MIME::Base64::encode_base64url }, |
121
|
|
|
|
|
|
|
); |
122
|
|
|
|
|
|
|
|
123
|
|
|
|
|
|
|
#pod =attr transport_decoder |
124
|
|
|
|
|
|
|
#pod |
125
|
|
|
|
|
|
|
#pod A code reference to extract binary data (the encrypted data and the |
126
|
|
|
|
|
|
|
#pod MAC) from a transport-safe form. It must be the complement to C. |
127
|
|
|
|
|
|
|
#pod Defaults to L. |
128
|
|
|
|
|
|
|
#pod |
129
|
|
|
|
|
|
|
#pod =cut |
130
|
|
|
|
|
|
|
|
131
|
|
|
|
|
|
|
has transport_decoder => ( |
132
|
|
|
|
|
|
|
is => 'ro', |
133
|
|
|
|
|
|
|
isa => CodeRef, |
134
|
|
|
|
|
|
|
default => sub { \&MIME::Base64::decode_base64url }, |
135
|
|
|
|
|
|
|
); |
136
|
|
|
|
|
|
|
|
137
|
|
|
|
|
|
|
#pod =attr protocol_version |
138
|
|
|
|
|
|
|
#pod |
139
|
|
|
|
|
|
|
#pod An integer representing the protocol used by C. |
140
|
|
|
|
|
|
|
#pod Protocol 1 was the initial version, which used a now-deprecated mode of |
141
|
|
|
|
|
|
|
#pod L. Protocol 2 is the current default. |
142
|
|
|
|
|
|
|
#pod |
143
|
|
|
|
|
|
|
#pod =cut |
144
|
|
|
|
|
|
|
|
145
|
|
|
|
|
|
|
has protocol_version => ( |
146
|
|
|
|
|
|
|
is => 'ro', |
147
|
|
|
|
|
|
|
isa => Num, |
148
|
|
|
|
|
|
|
default => 2, |
149
|
|
|
|
|
|
|
); |
150
|
|
|
|
|
|
|
|
151
|
|
|
|
|
|
|
has _encoder => ( |
152
|
|
|
|
|
|
|
is => 'lazy', |
153
|
|
|
|
|
|
|
isa => InstanceOf ['Sereal::Encoder'], |
154
|
|
|
|
|
|
|
handles => { '_freeze' => 'encode' }, |
155
|
|
|
|
|
|
|
); |
156
|
|
|
|
|
|
|
|
157
|
|
|
|
|
|
|
sub _build__encoder { |
158
|
31
|
|
|
31
|
|
854
|
my ($self) = @_; |
159
|
31
|
|
|
|
|
922
|
return Sereal::Encoder->new( $self->sereal_encoder_options ); |
160
|
|
|
|
|
|
|
} |
161
|
|
|
|
|
|
|
|
162
|
|
|
|
|
|
|
has _decoder => ( |
163
|
|
|
|
|
|
|
is => 'lazy', |
164
|
|
|
|
|
|
|
isa => InstanceOf ['Sereal::Decoder'], |
165
|
|
|
|
|
|
|
handles => { '_thaw' => 'decode' }, |
166
|
|
|
|
|
|
|
); |
167
|
|
|
|
|
|
|
|
168
|
|
|
|
|
|
|
sub _build__decoder { |
169
|
20
|
|
|
20
|
|
14669
|
my ($self) = @_; |
170
|
20
|
|
|
|
|
546
|
return Sereal::Decoder->new( $self->sereal_decoder_options ); |
171
|
|
|
|
|
|
|
} |
172
|
|
|
|
|
|
|
|
173
|
|
|
|
|
|
|
has _rng => ( |
174
|
|
|
|
|
|
|
is => 'lazy', |
175
|
|
|
|
|
|
|
isa => InstanceOf ['Math::Random::ISAAC::XS'], |
176
|
|
|
|
|
|
|
handles => { '_irand' => 'irand' }, |
177
|
|
|
|
|
|
|
); |
178
|
|
|
|
|
|
|
|
179
|
|
|
|
|
|
|
sub _build__rng { |
180
|
31
|
|
|
31
|
|
836
|
my ($self) = @_; |
181
|
31
|
|
|
|
|
105
|
return Math::Random::ISAAC::XS->new( map { unpack( "N", urandom(4) ) } 1 .. 256 ); |
|
7936
|
|
|
|
|
232869
|
|
182
|
|
|
|
|
|
|
} |
183
|
|
|
|
|
|
|
|
184
|
|
|
|
|
|
|
sub BUILD { |
185
|
52
|
|
|
52
|
0
|
1992
|
my ($self) = @_; |
186
|
52
|
|
|
|
|
193
|
$self->_check_version_for( encoding => $self->protocol_version ); |
187
|
|
|
|
|
|
|
} |
188
|
|
|
|
|
|
|
|
189
|
|
|
|
|
|
|
sub _check_version_for { |
190
|
89
|
|
|
89
|
|
215
|
my ( $self, $action, $pv ) = @_; |
191
|
89
|
100
|
100
|
|
|
984
|
if ( $pv < 1 || $pv > 2 ) { |
192
|
3
|
|
|
|
|
314
|
croak "Invalid protocol version for $action: $pv"; |
193
|
|
|
|
|
|
|
} |
194
|
|
|
|
|
|
|
} |
195
|
|
|
|
|
|
|
|
196
|
|
|
|
|
|
|
sub _get_cbc { |
197
|
51
|
|
|
51
|
|
152
|
my ( $self, $pv, $key, $salt ) = @_; |
198
|
|
|
|
|
|
|
|
199
|
51
|
|
|
|
|
187
|
my $cbc_opts = { |
200
|
|
|
|
|
|
|
-key => $key, |
201
|
|
|
|
|
|
|
-cipher => 'Rijndael', |
202
|
|
|
|
|
|
|
}; |
203
|
|
|
|
|
|
|
|
204
|
51
|
100
|
|
|
|
148
|
if ( $pv == 1 ) { |
205
|
23
|
|
|
|
|
52
|
$cbc_opts->{-pbkdf} = 'opensslv1'; |
206
|
23
|
|
|
|
|
41
|
$cbc_opts->{-nodeprecate} = 1; |
207
|
|
|
|
|
|
|
} |
208
|
|
|
|
|
|
|
else { |
209
|
28
|
|
|
|
|
68
|
$cbc_opts->{-pbkdf} = 'none'; |
210
|
28
|
|
|
|
|
55
|
$cbc_opts->{-keysize} = 32; |
211
|
28
|
|
|
|
|
52
|
$cbc_opts->{-literal_key} = 1; |
212
|
28
|
|
|
|
|
51
|
$cbc_opts->{-header} = 'none'; |
213
|
28
|
|
|
|
|
321
|
my $cipher = Crypt::Rijndael->new($key); |
214
|
28
|
|
|
|
|
246
|
$cbc_opts->{-iv} = substr( $cipher->encrypt($salt), 0, 16 ); |
215
|
|
|
|
|
|
|
} |
216
|
|
|
|
|
|
|
|
217
|
51
|
|
|
|
|
345
|
return Crypt::CBC->new(%$cbc_opts); |
218
|
|
|
|
|
|
|
} |
219
|
|
|
|
|
|
|
|
220
|
|
|
|
|
|
|
#pod =method encode |
221
|
|
|
|
|
|
|
#pod |
222
|
|
|
|
|
|
|
#pod my $string = $store->encode( $data, $expires ); |
223
|
|
|
|
|
|
|
#pod |
224
|
|
|
|
|
|
|
#pod The C<$data> argument should be a reference to a data structure. By default, |
225
|
|
|
|
|
|
|
#pod it must not contain objects. (See L for |
226
|
|
|
|
|
|
|
#pod rationale and alternatives.) If it is undefined, an empty hash reference will |
227
|
|
|
|
|
|
|
#pod be encoded instead. |
228
|
|
|
|
|
|
|
#pod |
229
|
|
|
|
|
|
|
#pod The optional C<$expires> argument should be the session expiration time |
230
|
|
|
|
|
|
|
#pod expressed as epoch seconds. If the C<$expires> time is in the past, the |
231
|
|
|
|
|
|
|
#pod C<$data> argument is cleared and an empty hash reference is encoded and returned. |
232
|
|
|
|
|
|
|
#pod If no C<$expires> is given, then if the C attribute is set, it |
233
|
|
|
|
|
|
|
#pod will be used to calculate an expiration time. |
234
|
|
|
|
|
|
|
#pod |
235
|
|
|
|
|
|
|
#pod The method returns a string that securely encodes the session data. All binary |
236
|
|
|
|
|
|
|
#pod components are protected via the L attribute. |
237
|
|
|
|
|
|
|
#pod |
238
|
|
|
|
|
|
|
#pod An exception is thrown on any errors. |
239
|
|
|
|
|
|
|
#pod |
240
|
|
|
|
|
|
|
#pod =cut |
241
|
|
|
|
|
|
|
|
242
|
|
|
|
|
|
|
sub encode { |
243
|
31
|
|
|
31
|
1
|
11799
|
my ( $self, $data, $expires ) = @_; |
244
|
31
|
100
|
|
|
|
106
|
$data = {} unless defined $data; |
245
|
31
|
|
|
|
|
96
|
my $sep = $self->separator; |
246
|
|
|
|
|
|
|
|
247
|
|
|
|
|
|
|
# If expiration is set, we want to check it and possibly clear data; |
248
|
|
|
|
|
|
|
# if not set, we might add an expiration based on default_duration |
249
|
31
|
100
|
|
|
|
85
|
if ( defined $expires ) { |
250
|
4
|
100
|
|
|
|
17
|
$data = {} if $expires < time; |
251
|
|
|
|
|
|
|
} |
252
|
|
|
|
|
|
|
else { |
253
|
27
|
100
|
|
|
|
144
|
$expires = $self->has_default_duration ? time + $self->default_duration : ""; |
254
|
|
|
|
|
|
|
} |
255
|
|
|
|
|
|
|
|
256
|
|
|
|
|
|
|
# Random salt used to derive unique encryption/MAC key for each cookie |
257
|
31
|
|
|
|
|
102
|
my $salt; |
258
|
31
|
100
|
|
|
|
99
|
if ( $self->protocol_version == 1 ) { |
259
|
|
|
|
|
|
|
# numeric salt |
260
|
14
|
|
|
|
|
340
|
$salt = $self->_irand; |
261
|
|
|
|
|
|
|
} |
262
|
|
|
|
|
|
|
else { |
263
|
|
|
|
|
|
|
# binary salt |
264
|
17
|
|
|
|
|
61
|
$salt = pack( "N*", map { $self->_irand } 1 .. 8 ); |
|
136
|
|
|
|
|
6804
|
|
265
|
|
|
|
|
|
|
} |
266
|
|
|
|
|
|
|
|
267
|
31
|
|
|
|
|
2632
|
my $key = hmac_sha256( $salt, $self->secret_key ); |
268
|
|
|
|
|
|
|
|
269
|
31
|
|
|
|
|
135
|
my $cbc = $self->_get_cbc( $self->protocol_version, $key, $salt ); |
270
|
|
|
|
|
|
|
|
271
|
31
|
|
|
|
|
8186
|
my ( $ciphertext, $mac ); |
272
|
31
|
|
|
|
|
70
|
eval { |
273
|
31
|
|
|
|
|
749
|
$ciphertext = $self->transport_encoder->( $cbc->encrypt( $self->_freeze($data) ) ); |
274
|
30
|
|
|
|
|
36345
|
$mac = $self->transport_encoder->( hmac_sha256( "$expires$sep$ciphertext", $key ) ); |
275
|
|
|
|
|
|
|
}; |
276
|
31
|
100
|
|
|
|
703
|
croak "Encoding error: $@" if $@; |
277
|
|
|
|
|
|
|
|
278
|
30
|
|
|
|
|
61
|
my $output; |
279
|
30
|
100
|
|
|
|
106
|
if ( $self->protocol_version == 1 ) { |
280
|
14
|
|
|
|
|
55
|
$output = join( $sep, $salt, $expires, $ciphertext, $mac ); |
281
|
|
|
|
|
|
|
} |
282
|
|
|
|
|
|
|
else { |
283
|
16
|
|
|
|
|
50
|
$salt = $self->transport_encoder->($salt); |
284
|
16
|
|
|
|
|
215
|
$output = join( $sep, $salt, $expires, $ciphertext, $mac, $self->protocol_version ); |
285
|
|
|
|
|
|
|
} |
286
|
30
|
|
|
|
|
379
|
return $output; |
287
|
|
|
|
|
|
|
} |
288
|
|
|
|
|
|
|
|
289
|
|
|
|
|
|
|
#pod =method decode |
290
|
|
|
|
|
|
|
#pod |
291
|
|
|
|
|
|
|
#pod my $data = $store->decode( $string ); |
292
|
|
|
|
|
|
|
#pod |
293
|
|
|
|
|
|
|
#pod The C<$string> argument must be the output of C. |
294
|
|
|
|
|
|
|
#pod |
295
|
|
|
|
|
|
|
#pod If the message integrity check fails or if expiration exists and is in |
296
|
|
|
|
|
|
|
#pod the past, the method returns undef or an empty list (depending on context). |
297
|
|
|
|
|
|
|
#pod |
298
|
|
|
|
|
|
|
#pod An exception is thrown on any errors. |
299
|
|
|
|
|
|
|
#pod |
300
|
|
|
|
|
|
|
#pod =cut |
301
|
|
|
|
|
|
|
|
302
|
|
|
|
|
|
|
sub decode { |
303
|
43
|
|
|
43
|
1
|
235511
|
my ( $self, $string ) = @_; |
304
|
43
|
100
|
|
|
|
155
|
return unless length $string; |
305
|
|
|
|
|
|
|
|
306
|
|
|
|
|
|
|
# Having a string implies at least salt; expires is optional; rest required |
307
|
41
|
|
|
|
|
123
|
my $sep = $self->separator; |
308
|
41
|
|
|
|
|
429
|
my ( $salt, $expires, $ciphertext, $mac, $version ) = split qr/\Q$sep\E/, $string; |
309
|
41
|
100
|
66
|
|
|
281
|
return unless defined($ciphertext) && length($ciphertext); |
310
|
39
|
100
|
66
|
|
|
175
|
return unless defined($mac) && length($mac); |
311
|
37
|
100
|
|
|
|
94
|
$version = 1 unless defined $version; |
312
|
37
|
|
|
|
|
113
|
$self->_check_version_for( decoding => $version ); |
313
|
|
|
|
|
|
|
|
314
|
37
|
100
|
|
|
|
102
|
if ( $version == 1 ) { |
315
|
|
|
|
|
|
|
# $salt is a decimal |
316
|
|
|
|
|
|
|
} |
317
|
|
|
|
|
|
|
else { |
318
|
|
|
|
|
|
|
# Decode salt to binary |
319
|
20
|
|
|
|
|
86
|
$salt = $self->transport_decoder->($salt); |
320
|
|
|
|
|
|
|
} |
321
|
|
|
|
|
|
|
|
322
|
|
|
|
|
|
|
# Try to decode against all known secret keys |
323
|
37
|
100
|
|
|
|
308
|
my @secrets = ( $self->secret_key, @{ $self->old_secrets || [] } ); |
|
37
|
|
|
|
|
186
|
|
324
|
37
|
|
|
|
|
70
|
my $key; |
325
|
37
|
|
|
|
|
82
|
CHECK: foreach my $secret (@secrets) { |
326
|
50
|
|
|
|
|
444
|
$key = hmac_sha256( $salt, $secret ); |
327
|
50
|
|
|
|
|
102
|
my $check_mac = eval { |
328
|
50
|
|
|
|
|
461
|
$self->transport_encoder->( hmac_sha256( "$expires$sep$ciphertext", $key ) ); |
329
|
|
|
|
|
|
|
}; |
330
|
50
|
100
|
33
|
|
|
905
|
last CHECK |
|
|
|
66
|
|
|
|
|
331
|
|
|
|
|
|
|
if ( |
332
|
|
|
|
|
|
|
defined($check_mac) |
333
|
|
|
|
|
|
|
&& length($check_mac) |
334
|
|
|
|
|
|
|
&& equals( $check_mac, $mac ) # constant time comparison |
335
|
|
|
|
|
|
|
); |
336
|
26
|
|
|
|
|
67
|
undef $key; |
337
|
|
|
|
|
|
|
} |
338
|
|
|
|
|
|
|
|
339
|
|
|
|
|
|
|
# Check MAC integrity |
340
|
37
|
100
|
|
|
|
121
|
return unless defined($key); |
341
|
|
|
|
|
|
|
|
342
|
|
|
|
|
|
|
# Check expiration |
343
|
24
|
100
|
100
|
|
|
105
|
return if length($expires) && $expires < time; |
344
|
|
|
|
|
|
|
|
345
|
|
|
|
|
|
|
# Decrypt and deserialize the data |
346
|
20
|
|
|
|
|
60
|
my $cbc = $self->_get_cbc( $version, $key, $salt ); |
347
|
|
|
|
|
|
|
|
348
|
20
|
|
|
|
|
4861
|
my $data; |
349
|
20
|
|
|
|
|
38
|
eval { |
350
|
20
|
|
|
|
|
89
|
$self->_thaw( $cbc->decrypt( $self->transport_decoder->($ciphertext) ), $data ); |
351
|
|
|
|
|
|
|
}; |
352
|
20
|
50
|
|
|
|
1495
|
croak "Decoding error: $@" if $@; |
353
|
|
|
|
|
|
|
|
354
|
20
|
|
|
|
|
178
|
return $data; |
355
|
|
|
|
|
|
|
} |
356
|
|
|
|
|
|
|
|
357
|
|
|
|
|
|
|
1; |
358
|
|
|
|
|
|
|
|
359
|
|
|
|
|
|
|
|
360
|
|
|
|
|
|
|
# vim: ts=4 sts=4 sw=4 et: |
361
|
|
|
|
|
|
|
|
362
|
|
|
|
|
|
|
__END__ |