Skip to content

Commit

Permalink
Merge pull request #45462 from nextcloud/backport/45321/stable25
Browse files Browse the repository at this point in the history
[stable25] fix: Correctly check result of function
  • Loading branch information
blizzz authored May 23, 2024
2 parents baae7cf + a685881 commit f778a64
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion lib/private/Installer.php
Original file line number Diff line number Diff line change
Expand Up @@ -296,7 +296,7 @@ public function downloadApp($appId, $allowUnstable = false) {

// Check if the signature actually matches the downloaded content
$certificate = openssl_get_publickey($app['certificate']);
$verified = (bool)openssl_verify(file_get_contents($tempFile), base64_decode($app['releases'][0]['signature']), $certificate, OPENSSL_ALGO_SHA512);
$verified = openssl_verify(file_get_contents($tempFile), base64_decode($app['releases'][0]['signature']), $certificate, OPENSSL_ALGO_SHA512) === 1;
// PHP 8+ deprecates openssl_free_key and automatically destroys the key instance when it goes out of scope
if ((PHP_VERSION_ID < 80000)) {
openssl_free_key($certificate);
Expand Down
4 changes: 2 additions & 2 deletions lib/private/Security/IdentityProof/Signer.php
Original file line number Diff line number Diff line change
Expand Up @@ -93,12 +93,12 @@ public function verify(array $data): bool {
$user = $this->userManager->get($userId);
if ($user !== null) {
$key = $this->keyManager->getKey($user);
return (bool)openssl_verify(
return openssl_verify(
json_encode($data['message']),
base64_decode($data['signature']),
$key->getPublic(),
OPENSSL_ALGO_SHA512
);
) === 1;
}
}

Expand Down

0 comments on commit f778a64

Please sign in to comment.