From 9e6abc551214db5410821f2da8c64e52bd5d8358 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 15 May 2024 10:28:18 +0200 Subject: [PATCH] fix: Correctly check result of function Signed-off-by: Joas Schilling [skip ci] --- index.php | 4 ++-- lib/Updater.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/index.php b/index.php index 31142c90..24aad88c 100644 --- a/index.php +++ b/index.php @@ -688,12 +688,12 @@ public function verifyIntegrity() { -----END CERTIFICATE----- EOF; - $validSignature = (bool)openssl_verify( + $validSignature = openssl_verify( file_get_contents($this->getDownloadedFilePath()), base64_decode($response['signature']), $certificate, OPENSSL_ALGO_SHA512 - ); + ) === 1; if ($validSignature === false) { throw new \Exception('Signature of update is not valid'); diff --git a/lib/Updater.php b/lib/Updater.php index 8e5825a8..06f65e8b 100644 --- a/lib/Updater.php +++ b/lib/Updater.php @@ -652,12 +652,12 @@ public function verifyIntegrity() { -----END CERTIFICATE----- EOF; - $validSignature = (bool)openssl_verify( + $validSignature = openssl_verify( file_get_contents($this->getDownloadedFilePath()), base64_decode($response['signature']), $certificate, OPENSSL_ALGO_SHA512 - ); + ) === 1; if ($validSignature === false) { throw new \Exception('Signature of update is not valid');