open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: Correctly check result of function

Browse Source 
Signed-off-by: Joas Schilling <coding@schilljs.com>
pull/45321/head
Joas Schilling 2 years ago committed by Anna
parent f3e72aff7c
commit b627e6efe4
2 changed files with 3 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      lib/private/Installer.php
  2. 4
      lib/private/Security/IdentityProof/Signer.php

2
lib/private/Installer.php
Unescape View File

@ -280,7 +280,7 @@ class Installer {
// Check if the signature actually matches the downloaded content
$certificate = openssl_get_publickey($app['certificate']);
$verified = (bool)openssl_verify(file_get_contents($tempFile), base64_decode($app['releases'][0]['signature']), $certificate, OPENSSL_ALGO_SHA512);
$verified = openssl_verify(file_get_contents($tempFile), base64_decode($app['releases'][0]['signature']), $certificate, OPENSSL_ALGO_SHA512) === 1;
if ($verified === true) {
// Seems to match, let's proceed

4
lib/private/Security/IdentityProof/Signer.php
Unescape View File

@ -74,12 +74,12 @@ class Signer {
$user = $this->userManager->get($userId);
if ($user !== null) {
$key = $this->keyManager->getKey($user);
return (bool)openssl_verify(
return openssl_verify(
json_encode($data['message']),
base64_decode($data['signature']),
$key->getPublic(),
OPENSSL_ALGO_SHA512
);
) === 1;
}
}

Write Preview
Loading…
Cancel
Save