shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-03-22 18:50:08 +03:00
Code Releases Wiki Activity

B #5954: Do not reuse Cipher instance (#2268)

Browse Source 
(cherry picked from commit 4ea39c0ee045b7b24492b0d2905dc7402fe1f1de)
This commit is contained in:
Pavel Czerný 2022-08-29 17:16:58 +02:00 committed by Tino Vázquez
parent 193b789c13
commit c96f43a782
No known key found for this signature in database
GPG Key ID: 14201E424D02047E
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/cloud/common/CloudAuth/OneGateCloudAuth.rb
View File

@ -25,7 +25,6 @@ module OneGateCloudAuth
#
def initialize_auth
@conf[:use_user_pool_cache] = false
@cipher = OpenSSL::Cipher::Cipher.new(CIPHER)
end
def do_auth(env, params={})
@ -96,21 +95,25 @@ module OneGateCloudAuth
private
def encrypt(data, token_password)
@cipher.encrypt
@cipher.key = token_password
cipher = OpenSSL::Cipher.new(CIPHER)
rc = @cipher.update(data)
rc << @cipher.final
cipher.encrypt
cipher.key = token_password
rc = cipher.update(data)
rc << cipher.final
return rc
end
def decrypt(token_password, data)
@cipher.decrypt
@cipher.key = token_password[0..31]
cipher = OpenSSL::Cipher.new(CIPHER)
rc = @cipher.update(Base64::decode64(data))
rc << @cipher.final
cipher.decrypt
cipher.key = token_password[0..31]
rc = cipher.update(Base64::decode64(data))
rc << cipher.final
return rc
end