From 4ea39c0ee045b7b24492b0d2905dc7402fe1f1de Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20Czern=C3=BD?= <pczerny@opennebula.systems>
Date: Mon, 29 Aug 2022 17:16:58 +0200
Subject: [PATCH] B #5954: Do not reuse Cipher instance (#2268)

---
 .../common/CloudAuth/OneGateCloudAuth.rb      | 21 +++++++++++--------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/src/cloud/common/CloudAuth/OneGateCloudAuth.rb b/src/cloud/common/CloudAuth/OneGateCloudAuth.rb
index 894fa67a34..b1603cfc07 100644
--- a/src/cloud/common/CloudAuth/OneGateCloudAuth.rb
+++ b/src/cloud/common/CloudAuth/OneGateCloudAuth.rb
@@ -25,7 +25,6 @@ module OneGateCloudAuth
     #
     def initialize_auth
         @conf[:use_user_pool_cache] = false
-        @cipher = OpenSSL::Cipher::Cipher.new(CIPHER)
     end
 
     def do_auth(env, params={})
@@ -96,21 +95,25 @@ module OneGateCloudAuth
     private
 
     def encrypt(data, token_password)
-        @cipher.encrypt
-        @cipher.key = token_password
+        cipher = OpenSSL::Cipher.new(CIPHER)
 
-        rc = @cipher.update(data)
-        rc << @cipher.final
+        cipher.encrypt
+        cipher.key = token_password
+
+        rc = cipher.update(data)
+        rc << cipher.final
 
         return rc
     end
 
     def decrypt(token_password, data)
-        @cipher.decrypt
-        @cipher.key = token_password[0..31]
+        cipher = OpenSSL::Cipher.new(CIPHER)
 
-        rc = @cipher.update(Base64::decode64(data))
-        rc << @cipher.final
+        cipher.decrypt
+        cipher.key = token_password[0..31]
+
+        rc = cipher.update(Base64::decode64(data))
+        rc << cipher.final
 
         return rc
     end