Skip to content
This repository
Browse code

Still workin on Dymitri's suggestions

  • Loading branch information...
commit ba86dff5da8b8866d9dfeda04380fe093797f32d 1 parent d21e5b2
lhft lhft authored

Showing 1 changed file with 16 additions and 12 deletions. Show diff stats Hide diff stats

  1. +16 12 src/mochiweb_session.erl
28 src/mochiweb_session.erl
@@ -7,6 +7,7 @@
7 7 -module(mochiweb_session).
8 8 -export([generate_session_data/4,generate_session_cookie/4,check_session_cookie/4]).
9 9 -export([cookie_encode/1,cookie_decode/1,timestamp_sec/1]).%Useful fuctions for more specific purposes
  10 +-export([cookie_encrypt_data/2,cookie_decrypt_data/2]).
10 11
11 12 %% @spec generate_session_data(ExpirationTime,Data :: string(),FSessionKey : function(A),ServerKey) -> string()
12 13 %% @doc generates a secure encrypted string convining all the parameters.
@@ -16,7 +17,10 @@ generate_session_data(ExpirationTime,Data,FSessionKey,ServerKey) when is_integer
16 17 ExpTime=integer_to_list(ExpirationTime),
17 18 Key=cookie_gen_key(ExpTime,ServerKey),
18 19 Hmac=cookie_gen_hmac(ExpTime,BData,FSessionKey(integer_to_list(ExpirationTime)),Key),
  20 + io:format("1. ~p~n",[Hmac]),
19 21 EData=cookie_encrypt_data(BData,Key),
  22 + EData2=cookie_decrypt_data(EData,Key),
  23 + io:format("2. ~p - ~p ~n",[BData,EData2]),
20 24 iolist_to_binary([ ExpTime,$,, EData, Hmac ]).
21 25
22 26 %% @spec generate_session_data(UserName,ExpirationTime,SessionExtraData,FSessionKey : function(A),ServerKey) -> mochiweb_cookie()
@@ -36,18 +40,17 @@ check_session_cookie(Cookie,ExpirationTime,FSessionKey,ServerKey) when is_binary
36 40 {P1,_}=binary:match(Cookie,<<",">>),
37 41 ExpirationTime1=binary:part(Cookie,0,P1),
38 42 Data=binary:part(Cookie,P1+1,byte_size(Cookie)-20),
39   - io:format("~p ~p ~p",[ExpirationTime1,Data,Cookie]),
40   - Hmac=binary:part(Cookie,byte_size(Cookie)-20,byte_size(Cookie)-2),
41   - check_session_cookie(list_to_integer(binary_to_list(ExpirationTime1)),Data,Hmac,ExpirationTime,FSessionKey,ServerKey);
  43 + Hmac=binary:part(Cookie,byte_size(Cookie)-20,20),
  44 + check_session_cookie(binary_to_list(ExpirationTime1),Data,Hmac,ExpirationTime,FSessionKey,ServerKey);
42 45 check_session_cookie(_,_,_,_) ->
43 46 {false,[]}.
44   -check_session_cookie(ExpirationTime1, EData, Hmac,ExpirationTime,FSessionKey,ServerKey)
45   - when is_integer(ExpirationTime) , is_list(ServerKey)->
  47 +check_session_cookie(ExpirationTime1, EData, BHmac,ExpirationTime,FSessionKey,ServerKey)
  48 + when is_integer(ExpirationTime) , is_list(ServerKey), is_list(ExpirationTime1)->
46 49 ExpTime=list_to_integer(ExpirationTime1),
47 50 Key=cookie_gen_key(ExpirationTime1,ServerKey),
48   - Data=cookie_decrypt_data(EData,Key),
  51 + Data=cookie_decrypt_data(binary_to_list(EData),Key),
49 52 Hmac2=cookie_gen_hmac(ExpirationTime1,Data,FSessionKey(ExpirationTime1),Key),
50   - BHmac=list_to_binary(Hmac),
  53 + io:format("~p ==== ~p",[Hmac2,BHmac]),
51 54 if ExpTime<ExpirationTime -> {false,[ExpirationTime1,binary_to_list(Data)]};
52 55 true ->
53 56 if Hmac2==BHmac -> {true,[ExpirationTime1,binary_to_list(Data)]};
@@ -58,14 +61,15 @@ check_session_cookie(_,_,_,_,_,_) ->
58 61 {false,[]}.
59 62
60 63
  64 +
61 65 %% cookie_encrypt_data(Data,Key)-> binary()
62 66 %% Data = Key = iolist() | binary
63   -cookie_encrypt_data(Data,Key) when is_binary(Data), is_binary(Key)->
  67 +cookie_encrypt_data(Data,Key) ->
64 68 IV = crypto:rand_bytes(16),
65   - [IV] ++ [crypto:aes_cfb_128_encrypt(Key, IV, Data)].
66   -cookie_decrypt_data(EData,Key) when is_list(EData)->
67   - {IV, Crypt} = lists:split(16, EData),
68   - crypto:aes_cfb_128_decrypt(Key, list_to_binary(IV),list_to_binary(Crypt)).
  69 + Crypt=crypto:aes_cfb_128_encrypt(Key, IV, Data),
  70 + <<IV/binary,Crypt/binary>>.
  71 +cookie_decrypt_data(<<IV:16,Crypt/binary>>,Key) ->
  72 + crypto:aes_cfb_128_decrypt(Key, IV,Crypt).
69 73
70 74 cookie_gen_key(ExpirationTime,ServerKey)->
71 75 crypto:md5_mac(ServerKey, [ExpirationTime]).

0 comments on commit ba86dff

Please sign in to comment.
Something went wrong with that request. Please try again.