diff options
author | Matthew Draper <matthew@trebex.net> | 2016-07-01 01:01:45 +0930 |
---|---|---|
committer | Matthew Draper <matthew@trebex.net> | 2016-07-01 01:01:45 +0930 |
commit | ea7fee03f78dfeac44b3a80f6fd61bf314b5a369 (patch) | |
tree | cdd1ee75794354e4e422d58bc3e4d486df73ecd4 /activesupport/lib/active_support | |
parent | 21f72a4d3411578e58908ba67a9f20cdb9a103e3 (diff) | |
download | rails-ea7fee03f78dfeac44b3a80f6fd61bf314b5a369.tar.gz rails-ea7fee03f78dfeac44b3a80f6fd61bf314b5a369.tar.bz2 rails-ea7fee03f78dfeac44b3a80f6fd61bf314b5a369.zip |
Partially revert #25192
KeyGenerator is used in other contexts, and we cannot change its
output... even if it does accidentally default to generating excess key
material for our primary internal usage.
Diffstat (limited to 'activesupport/lib/active_support')
-rw-r--r-- | activesupport/lib/active_support/key_generator.rb | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/activesupport/lib/active_support/key_generator.rb b/activesupport/lib/active_support/key_generator.rb index 7eafbb571f..0f0e931c06 100644 --- a/activesupport/lib/active_support/key_generator.rb +++ b/activesupport/lib/active_support/key_generator.rb @@ -15,8 +15,9 @@ module ActiveSupport end # Returns a derived key suitable for use. The default key_size is chosen - # to be compatible with the acceptable key length of aes-256-cbc, the default cipher. - def generate_key(salt, key_size=32) + # to be compatible with the default settings of ActiveSupport::MessageVerifier. + # i.e. OpenSSL::Digest::SHA1#block_length + def generate_key(salt, key_size=64) OpenSSL::PKCS5.pbkdf2_hmac_sha1(@secret, salt, @iterations, key_size) end end @@ -30,10 +31,9 @@ module ActiveSupport @cache_keys = Concurrent::Map.new end - # Returns a derived key suitable for use. The default key_size is chosen - # to be compatible with the acceptable key length of aes-256-cbc, the default cipher. - def generate_key(salt, key_size=32) - @cache_keys["#{salt}#{key_size}"] ||= @key_generator.generate_key(salt, key_size) + # Returns a derived key suitable for use. + def generate_key(*args) + @cache_keys[args.join] ||= @key_generator.generate_key(*args) end end |