shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-03-21 14:50:08 +03:00
Code Releases Wiki Activity

B #5954: Do not reuse Cipher instance (#2268)

Browse Source
This commit is contained in:
Pavel Czerný 2022-08-29 17:16:58 +02:00 committed by GitHub
parent cd35ad4eaa
commit 4ea39c0ee0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/cloud/common/CloudAuth/OneGateCloudAuth.rb
View File

@ -25,7 +25,6 @@ module OneGateCloudAuth
#
def initialize_auth
@conf[:use_user_pool_cache] = false
@cipher = OpenSSL::Cipher::Cipher.new(CIPHER)
end
def do_auth(env, params={})
@ -96,21 +95,25 @@ module OneGateCloudAuth
private
def encrypt(data, token_password)
@cipher.encrypt
@cipher.key = token_password
cipher = OpenSSL::Cipher.new(CIPHER)
rc = @cipher.update(data)
rc << @cipher.final
cipher.encrypt
cipher.key = token_password
rc = cipher.update(data)
rc << cipher.final
return rc
end
def decrypt(token_password, data)
@cipher.decrypt
@cipher.key = token_password[0..31]
cipher = OpenSSL::Cipher.new(CIPHER)
rc = @cipher.update(Base64::decode64(data))
rc << @cipher.final
cipher.decrypt
cipher.key = token_password[0..31]
rc = cipher.update(Base64::decode64(data))
rc << cipher.final
return rc
end