open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #37724 from nextcloud/fix/encryption-signature-check-logic

Browse Source 
Cleanup signature checking logic in encryption
pull/34416/head
Christoph Wurst 3 years ago committed by GitHub
parent 54b5703233 2f653c8be8
commit b952066140
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 4 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      apps/encryption/lib/Crypto/Crypt.php

10
apps/encryption/lib/Crypto/Crypt.php
Unescape View File

@ -523,10 +523,12 @@ class Crypt {
$signature = $this->createSignature($data, $passPhrase);
$isCorrectHash = hash_equals($expectedSignature, $signature);
if (!$isCorrectHash && $enforceSignature) {
throw new GenericEncryptionException('Bad Signature', $this->l->t('Bad Signature'));
} elseif (!$isCorrectHash && !$enforceSignature) {
$this->logger->info("Signature check skipped", ['app' => 'encryption']);
if (!$isCorrectHash) {
if ($enforceSignature) {
throw new GenericEncryptionException('Bad Signature', $this->l->t('Bad Signature'));
} else {
$this->logger->info("Signature check skipped", ['app' => 'encryption']);
}
}
}

Write Preview
Loading…
Cancel
Save