encrypted-session-nginx-module
encrypted-session-nginx-module copied to clipboard
openresty
encrypt and decrypt nginx variable values
`EVP_EncryptFinal`/`EVP_DecryptFinal` is not provided in BoringSSL. Perhaps `EVP_EncryptFinal_ex`. Found in https://github.com/openresty/openresty/issues/556
This PR closes two outstanding issues: #2, #22 and #25 . With these two issues resolved it is trivial to implement rotating IVs if necessary.
At the moment the module does not support gcm mode. In order to keep backward compatibility, I suggest we introduce a directive which allows us to switch between cbc and...
If you do not generate a per encryption IV your setup is not semantically secure, see http://en.wikipedia.org/wiki/Initialization_vector
It would be extremely beneficial to support variables while configuring the module. This will give us the possibility to implement rotating IV for each encrypted session. In addition, it allows...
good day, when running demo encrypt/decrypt shown in project home, "set_decrypt_session" could not decrypt session, always got empty string. ``` location /encrypt { set $raw 'text to encrypted'; # from...
objs/addon/src/ngx_http_encrypted_session_module.o:(.data+0x0): multiple definition of 'ngx_http_encrypted_session_module' objs/addon/src/ngx_http_encrypted_session_module.o:(.data+0x0): first defined here objs/addon/src/ngx_http_encrypted_session_cipher.o: In function 'ngx_http_encrypted_session_aes_mac_encrypt': /opt/encrypted-session-nginx-module-0.08/src/ngx_http_encrypted_session_cipher.c:29: multiple definition of `ngx_http_encrypted_session_aes_mac_encrypt' objs/addon/src/ngx_http_encrypted_session_cipher.o:/opt/encrypted-session-nginx-module-0.08/src/ngx_http_encrypted_session_cipher.c:29: first defined here objs/addon/src/ngx_http_encrypted_session_cipher.o: In function 'ngx_http_encrypted_session_aes_mac_decrypt': /opt/encrypted-session-nginx-module-0.08/src/ngx_http_encrypted_session_cipher.c:143: multiple definition of...
Encrypted-session-nginx-module is not compatible with OpenSSL 1.1.0c. Please, fix it.
I need to make two separate session encryptions within the same location and they shouldn't share the same key. I tried in vain to add encryption key as an optional...
> This module can be used to implement simple user login and ACL. Can you provide full code (with php/python/perl) which uses your module with full power? I want to...
