Encryption Drivers

Ayrton Fidelis edited this page Oct 16, 2018 · 6 revisions

Responsibility

An Encryption Driver is responsible to provide the cryptographic functions used by the Session Handler:

Generate the Session Identifier

Caution: The Session Identifier is not the same as the Session ID! The Session ID is the string used by PHP to identify a session, which goes to the user's browser as a cookie. The Session Identifier is a hash generated based on the Session ID and the App Key, which is used by the Storage Driver to securely identify the right session data.

Encrypt/decrypt the session data

The Encryption Driver is responsible for encrypting and decrypting the session data. It has to compute the encryption key based on the App Key and the Session ID.

Available drivers

OpenSSL | Repo | Packagist

Uses the OpenSSL extension which is built in since PHP 5.3, which makes it the easiest choice if you're using a PHP version lower than 7.2.

To use this driver, require it with composer:

composer require phpsess/openssl-encryption

Then create an instance of it, passing the App Key:

<?php

use PHPSess\Encryption\OpenSSLEncryption;

$sessionEncryption = new OpenSSLEncryption('your-app-key');

And pass the driver instance to the Session Handler.

Sodium | Repo | Packagist

Sodium is the new encryption library built in since PHP 7.2 (though you can install it separately in lower versions). It provides greater performance and security, so if your PHP environment support it, it's the recommended driver.

To use this driver, require it with composer:

composer require phpsess/sodium-encryption

Then create an instance of it, passing the App Key:

<?php

use PHPSess\Encryption\SodiumEncryption;

$sessionEncryption = new SodiumEncryption('your-app-key');

And pass the driver instance to the Session Handler.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.