From 851e8fe897633f095a0f39a91f8bc75eee7a76aa Mon Sep 17 00:00:00 2001
From: Santiago Pastorino <santiago@wyeworks.com>
Date: Thu, 1 Nov 2012 20:23:21 -0200
Subject: Cache generated keys per KeyGenerator instance using salt + key_size

---
 activesupport/lib/active_support/key_generator.rb | 14 ++++++++++++++
 railties/lib/rails/application.rb                 | 13 ++++++++-----
 2 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/activesupport/lib/active_support/key_generator.rb b/activesupport/lib/active_support/key_generator.rb
index 8b49ad8414..a8a4c17fd6 100644
--- a/activesupport/lib/active_support/key_generator.rb
+++ b/activesupport/lib/active_support/key_generator.rb
@@ -1,3 +1,4 @@
+require 'mutex_m'
 require 'openssl'
 
 module ActiveSupport
@@ -21,6 +22,19 @@ module ActiveSupport
     end
   end
 
+  class CachingKeyGenerator
+    def initialize(key_generator)
+      @key_generator = key_generator
+      @cache_keys = {}.extend(Mutex_m)
+    end
+
+    def generate_key(salt, key_size=64)
+      @cache_keys.synchronize do
+        @cache_keys["#{salt}#{key_size}"] ||= @key_generator.generate_key(salt, key_size)
+      end
+    end
+  end
+
   class DummyKeyGenerator
     def initialize(secret)
       @secret = secret
diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 3ec29e1dd6..f484e1737c 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -108,11 +108,14 @@ module Rails
     def key_generator
       # number of iterations selected based on consultation with the google security
       # team. Details at https://github.com/rails/rails/pull/6952#issuecomment-7661220
-      @key_generator ||= if config.secret_token_key
-                           ActiveSupport::KeyGenerator.new(config.secret_token_key, iterations: 1000)
-                         else
-                           ActiveSupport::DummyKeyGenerator.new(config.secret_token)
-                         end
+      @caching_key_generator ||= begin
+        if config.secret_token_key
+          key_generator = ActiveSupport::KeyGenerator.new(config.secret_token_key, iterations: 1000)
+          ActiveSupport::CachingKeyGenerator.new(key_generator)
+        else
+          ActiveSupport::DummyKeyGenerator.new(config.secret_token)
+        end
+      end
     end
 
     # Stores some of the Rails initial environment parameters which
-- 
cgit v1.2.3