coossions
, (*1)
Coossions (stands for cookie-sessions) is a php plugin to store sessions in encrypted cookie, (*2)
Installation via composer
composer require arthurkushman/coossions
Usage
$coossions = new CoossionsHandler('your_digest_secrete'); // any secret word
$coossions->startSession();
And then, as usual, in any code-space - set session global variables:, (*3)
$_SESSION['foo'] = 123;
$_SESSION['bar'] = 'baz';
Get session global variables:, (*4)
echo $_SESSION['foo'] . ' ' . $_SESSION['bar'];
Details
Session will be written in cookie on client-side with openssl cipher code (in aes-256-ctr cipher algorithm by default)
and digested with your_digest_secrete (in sha256 by default).
Also, whole message will be merged with hash_hmac, based on salt consisting of dynamic SID + message,
which will then checked by hash_equals to additionally identify non-fraudulent data stored in cookie., (*5)
To create reliable/secure cryptographic signature, it would be better if your_digest_secrete will be in both upper/lower case letters and mashed with digits + long enough., (*6)
Setting custom hash and cryptographic algorithms through DI
Although, there are already set the best known, at the moment, hash and crypto algos - You can set Your preferable ones:, (*7)
$coossions = new CoossionsHandler('your_digest_secrete');
$encryptor = new Encryptor('your_digest_secrete');
$encryptor->setDigestAlgo('sha512'); // defaults to sha256
$encryptor->setCipherAlgo('aes-128-ctr'); // defaults to aes-256-ctr
$coossions->setEncryption($encryptor);
$coossions->startSession();
Tested performance of write/read 2 $_SESSION vars (3 symbols long int/string):, (*8)
- write avg time 6-8 microseconds
- read avg time 5-7 microseconds
Wallogit.com
