Cache generated keys per KeyGenerator instance using salt + key_size

author: Santiago Pastorino <santiago@wyeworks.com> 2012-11-01 20:23:21 -0200
committer: Santiago Pastorino <santiago@wyeworks.com> 2012-11-03 14:57:54 -0200
commit: 851e8fe897633f095a0f39a91f8bc75eee7a76aa (patch)
tree: 22d5d2d4e4d35c2528790d756537b4e9fa590a4a
parent: 47da5744741f0af668d2f915e09003be35dcce66 (diff)
download: rails-851e8fe897633f095a0f39a91f8bc75eee7a76aa.tar.gz
rails-851e8fe897633f095a0f39a91f8bc75eee7a76aa.tar.bz2
rails-851e8fe897633f095a0f39a91f8bc75eee7a76aa.zip
2 files changed, 22 insertions, 5 deletions
diff --git a/activesupport/lib/active_support/key_generator.rb b/activesupport/lib/active_support/key_generator.rb
index 8b49ad8414..a8a4c17fd6 100644
--- a/activesupport/lib/active_support/key_generator.rb
+++ b/activesupport/lib/active_support/key_generator.rb
@@ -1,3 +1,4 @@
+require 'mutex_m'
 require 'openssl'
 
 module ActiveSupport
@@ -21,6 +22,19 @@ module ActiveSupport
     end
   end
 
+  class CachingKeyGenerator
+    def initialize(key_generator)
+      @key_generator = key_generator
+      @cache_keys = {}.extend(Mutex_m)
+    end
+
+    def generate_key(salt, key_size=64)
+      @cache_keys.synchronize do
+        @cache_keys["#{salt}#{key_size}"] ||= @key_generator.generate_key(salt, key_size)
+      end
+    end
+  end
+
   class DummyKeyGenerator
     def initialize(secret)
       @secret = secret
diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 3ec29e1dd6..f484e1737c 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -108,11 +108,14 @@ module Rails
     def key_generator
       # number of iterations selected based on consultation with the google security
       # team. Details at https://github.com/rails/rails/pull/6952#issuecomment-7661220
-      @key_generator ||= if config.secret_token_key
-                           ActiveSupport::KeyGenerator.new(config.secret_token_key, iterations: 1000)
-                         else
-                           ActiveSupport::DummyKeyGenerator.new(config.secret_token)
-                         end
+      @caching_key_generator ||= begin
+        if config.secret_token_key
+          key_generator = ActiveSupport::KeyGenerator.new(config.secret_token_key, iterations: 1000)
+          ActiveSupport::CachingKeyGenerator.new(key_generator)
+        else
+          ActiveSupport::DummyKeyGenerator.new(config.secret_token)
+        end
+      end
     end
 
     # Stores some of the Rails initial environment parameters which
author	Santiago Pastorino <santiago@wyeworks.com>	2012-11-01 20:23:21 -0200
committer	Santiago Pastorino <santiago@wyeworks.com>	2012-11-03 14:57:54 -0200
commit	851e8fe897633f095a0f39a91f8bc75eee7a76aa (patch)
tree	22d5d2d4e4d35c2528790d756537b4e9fa590a4a
parent	47da5744741f0af668d2f915e09003be35dcce66 (diff)
download	rails-851e8fe897633f095a0f39a91f8bc75eee7a76aa.tar.gz rails-851e8fe897633f095a0f39a91f8bc75eee7a76aa.tar.bz2 rails-851e8fe897633f095a0f39a91f8bc75eee7a76aa.zip