rails--rails/activesupport/lib/active_support/key_generator.rb

# frozen_string_literal: true

require "concurrent/map"
require "openssl"

module ActiveSupport
  # KeyGenerator is a simple wrapper around OpenSSL's implementation of PBKDF2.
  # It can be used to derive a number of keys for various purposes from a given secret.
  # This lets Rails applications have a single secure secret, but avoid reusing that
  # key in multiple incompatible contexts.
  class KeyGenerator
    def initialize(secret, options = {})
      @secret = secret
      # The default iterations are higher than required for our key derivation uses
      # on the off chance someone uses this for password storage
      @iterations = options[:iterations] || 2**16
    end

    # Returns a derived key suitable for use.  The default key_size is chosen
    # to be compatible with the default settings of ActiveSupport::MessageVerifier.
    # i.e. OpenSSL::Digest::SHA1#block_length
    def generate_key(salt, key_size = 64)
      OpenSSL::PKCS5.pbkdf2_hmac_sha1(@secret, salt, @iterations, key_size)
    end
  end

  # CachingKeyGenerator is a wrapper around KeyGenerator which allows users to avoid
  # re-executing the key generation process when it's called using the same salt and
  # key_size.
  class CachingKeyGenerator
    def initialize(key_generator)
      @key_generator = key_generator
      @cache_keys = Concurrent::Map.new
    end

    # Returns a derived key suitable for use.
    def generate_key(*args)
      @cache_keys[args.join] ||= @key_generator.generate_key(*args)
    end
  end

  class LegacyKeyGenerator # :nodoc:
    SECRET_MIN_LENGTH = 30 # Characters

    def initialize(secret)
      ensure_secret_secure(secret)
      @secret = secret
    end

    def generate_key(salt)
      @secret
    end

    private

      # To prevent users from using something insecure like "Password" we make sure that the
      # secret they've provided is at least 30 characters in length.
      def ensure_secret_secure(secret)
        if secret.blank?
          raise ArgumentError, "A secret is required to generate an integrity hash " \
            "for cookie session data. Set a secret_key_base of at least " \
            "#{SECRET_MIN_LENGTH} characters by running `rails credentials:edit`."
        end

        if secret.length < SECRET_MIN_LENGTH
          raise ArgumentError, "Secret should be something secure, " \
            "like \"#{SecureRandom.hex(16)}\". The value you " \
            "provided, \"#{secret}\", is shorter than the minimum length " \
            "of #{SECRET_MIN_LENGTH} characters."
        end
      end
  end
end
Use frozen-string-literal in ActiveSupport 2017-07-09 08:06:36 -04:00			`# frozen_string_literal: true`
[Active Support] `rubocop -a --only Layout/EmptyLineAfterMagicComment` 2017-07-10 09:39:13 -04:00
applies new string literal convention in activesupport/lib The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default. 2016-08-06 11:58:50 -04:00			`require "concurrent/map"`
			`require "openssl"`
Add ActiveSupport::KeyGenerator as a simple wrapper around PBKDF2 This will be used to derive keys from the secret and a salt, in order to allow us to do things like encrypted cookie stores without using the secret for multiple purposes directly. 2012-07-03 20:37:31 -04:00
			`module ActiveSupport`
Add missing punctuation mark in `ActiveSupport` docs [ci skip] It improves readability of docs 2015-10-11 03:33:57 -04:00			`# KeyGenerator is a simple wrapper around OpenSSL's implementation of PBKDF2.`
Add ActiveSupport::KeyGenerator as a simple wrapper around PBKDF2 This will be used to derive keys from the secret and a salt, in order to allow us to do things like encrypted cookie stores without using the secret for multiple purposes directly. 2012-07-03 20:37:31 -04:00			`# It can be used to derive a number of keys for various purposes from a given secret.`
rails -> Rails [ci skip] 2013-05-09 07:57:08 -04:00			`# This lets Rails applications have a single secure secret, but avoid reusing that`
Add ActiveSupport::KeyGenerator as a simple wrapper around PBKDF2 This will be used to derive keys from the secret and a salt, in order to allow us to do things like encrypted cookie stores without using the secret for multiple purposes directly. 2012-07-03 20:37:31 -04:00			`# key in multiple incompatible contexts.`
			`class KeyGenerator`
			`def initialize(secret, options = {})`
			`@secret = secret`
			`# The default iterations are higher than required for our key derivation uses`
			`# on the off chance someone uses this for password storage`
			`@iterations = options[:iterations] \|\| 2**16`
			`end`

			`# Returns a derived key suitable for use. The default key_size is chosen`
Partially revert #25192 KeyGenerator is used in other contexts, and we cannot change its output... even if it does accidentally default to generating excess key material for our primary internal usage. 2016-06-30 11:31:45 -04:00			`# to be compatible with the default settings of ActiveSupport::MessageVerifier.`
			`# i.e. OpenSSL::Digest::SHA1#block_length`
Add more rubocop rules about whitespaces 2016-10-28 23:05:58 -04:00			`def generate_key(salt, key_size = 64)`
Add ActiveSupport::KeyGenerator as a simple wrapper around PBKDF2 This will be used to derive keys from the secret and a salt, in order to allow us to do things like encrypted cookie stores without using the secret for multiple purposes directly. 2012-07-03 20:37:31 -04:00			`OpenSSL::PKCS5.pbkdf2_hmac_sha1(@secret, salt, @iterations, key_size)`
			`end`
			`end`
Sign cookies using key deriver 2012-10-30 23:06:46 -04:00
Add docs for CachingKeyGenerator 2012-11-15 20:06:44 -05:00			`# CachingKeyGenerator is a wrapper around KeyGenerator which allows users to avoid`
			`# re-executing the key generation process when it's called using the same salt and`
Add missing punctuation mark in `ActiveSupport` docs [ci skip] It improves readability of docs 2015-10-11 03:33:57 -04:00			`# key_size.`
Cache generated keys per KeyGenerator instance using salt + key_size 2012-11-01 18:23:21 -04:00			`class CachingKeyGenerator`
			`def initialize(key_generator)`
			`@key_generator = key_generator`
Replaced `ThreadSafe::Map` with successor `Concurrent::Map`. The thread_safe gem is being deprecated and all its code has been merged into the concurrent-ruby gem. The new class, Concurrent::Map, is exactly the same as its predecessor except for fixes to two bugs discovered during the merge. 2015-09-19 09:56:26 -04:00			`@cache_keys = Concurrent::Map.new`
Cache generated keys per KeyGenerator instance using salt + key_size 2012-11-01 18:23:21 -04:00			`end`

Partially revert #25192 KeyGenerator is used in other contexts, and we cannot change its output... even if it does accidentally default to generating excess key material for our primary internal usage. 2016-06-30 11:31:45 -04:00			`# Returns a derived key suitable for use.`
			`def generate_key(*args)`
			`@cache_keys[args.join] \|\|= @key_generator.generate_key(*args)`
Cache generated keys per KeyGenerator instance using salt + key_size 2012-11-01 18:23:21 -04:00			`end`
			`end`

Rename DummyKeyGenerator -> LegacyKeyGenerator 2013-04-02 19:41:57 -04:00			`class LegacyKeyGenerator # :nodoc:`
Move ensure_secret_secure to DummyKeyGenerator 2012-11-02 09:03:18 -04:00			`SECRET_MIN_LENGTH = 30 # Characters`

Sign cookies using key deriver 2012-10-30 23:06:46 -04:00			`def initialize(secret)`
Move ensure_secret_secure to DummyKeyGenerator 2012-11-02 09:03:18 -04:00			`ensure_secret_secure(secret)`
Sign cookies using key deriver 2012-10-30 23:06:46 -04:00			`@secret = secret`
			`end`

			`def generate_key(salt)`
			`@secret`
			`end`
Move ensure_secret_secure to DummyKeyGenerator 2012-11-02 09:03:18 -04:00
			`private`

Fix broken comments indentation caused by rubocop auto-correct [ci skip] All indentation was normalized by rubocop auto-correct at 80e66cc4d90bf8c15d1a5f6e3152e90147f00772. But comments was still kept absolute position. This commit aligns comments with method definitions for consistency. 2016-09-14 04:57:52 -04:00			`# To prevent users from using something insecure like "Password" we make sure that the`
			`# secret they've provided is at least 30 characters in length.`
normalizes indentation and whitespace across the project 2016-08-06 13:55:02 -04:00			`def ensure_secret_secure(secret)`
			`if secret.blank?`
			`raise ArgumentError, "A secret is required to generate an integrity hash " \`
			`"for cookie session data. Set a secret_key_base of at least " \`
Fix typo 'in via' Substitutes 'in via' for 'by running' 2018-06-27 12:23:33 -04:00			"#{SECRET_MIN_LENGTH} characters by running `rails credentials:edit`."
normalizes indentation and whitespace across the project 2016-08-06 13:55:02 -04:00			`end`
Move ensure_secret_secure to DummyKeyGenerator 2012-11-02 09:03:18 -04:00
normalizes indentation and whitespace across the project 2016-08-06 13:55:02 -04:00			`if secret.length < SECRET_MIN_LENGTH`
			`raise ArgumentError, "Secret should be something secure, " \`
			`"like \"#{SecureRandom.hex(16)}\". The value you " \`
			`"provided, \"#{secret}\", is shorter than the minimum length " \`
			`"of #{SECRET_MIN_LENGTH} characters."`
			`end`
Move ensure_secret_secure to DummyKeyGenerator 2012-11-02 09:03:18 -04:00			`end`
Sign cookies using key deriver 2012-10-30 23:06:46 -04:00			`end`
Add ActiveSupport::KeyGenerator as a simple wrapper around PBKDF2 This will be used to derive keys from the secret and a salt, in order to allow us to do things like encrypted cookie stores without using the secret for multiple purposes directly. 2012-07-03 20:37:31 -04:00			`end`