diff options
| author | Vishal Tak <vtak@gitlab.com> | 2022-04-06 13:47:27 +0300 |
|---|---|---|
| committer | Vishal Tak <vtak@gitlab.com> | 2022-04-06 13:47:27 +0300 |
| commit | ebdd35f66295ac72e023bd28d267a4f13705ebf5 (patch) | |
| tree | 1f83473f7277f78b3fa6df830d46c1587dd19b82 | |
| parent | a8be317a96f2dfb4ab30e338daee2b51833c2322 (diff) | |
Add comment details for nonce size
| -rw-r--r-- | internal/auth/auth_code.go | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/internal/auth/auth_code.go b/internal/auth/auth_code.go index 8974c544..ffbd5734 100644 --- a/internal/auth/auth_code.go +++ b/internal/auth/auth_code.go @@ -30,6 +30,8 @@ func (a *Auth) EncryptAndSignCode(domain, code string) (string, error) { return "", errEmptyDomainOrCode } + // for FIPS mode, the nonce size has to be equal to the gcmStandardNonceSize i.e. 12 + // https://gitlab.com/gitlab-org/gitlab-pages/-/issues/726 nonce := securecookie.GenerateRandomKey(12) if nonce == nil { // https://github.com/gorilla/securecookie/blob/f37875ef1fb538320ab97fc6c9927d94c280ed5b/securecookie.go#L513 |