| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
KeyGenerator is used in other contexts, and we cannot change its
output... even if it does accidentally default to generating excess key
material for our primary internal usage.
|
|
|
|
|
|
|
|
|
|
| |
accept key lengths of 128, 192 or 256-bit, whereas currently we were providing twice the acceptable value.
ruby < 2.4 allowed accepting these values, as extra key bits were ignored. Since https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1 this now has a strict checking on key length.
Default to key length 32 bytes, to match the compatible length for aes-256-cbc
Fixes #25185
|
| |
|
|
This will be used to derive keys from the secret and a salt, in order to allow us to
do things like encrypted cookie stores without using the secret for multiple
purposes directly.
|