sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Cleanup signature checking logic in encryption 

Signed-off-by: jld3103 <jld3103yt@gmail.com>
pull/37724/head
jld3103 2023-04-14 08:47:39 +07:00
parent 0951398af8
commit 2f653c8be8
No known key found for this signature in database
GPG Key ID: 9062417B9E8EB7B3
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
apps/encryption/lib/Crypto/Crypt.php
Unescape Escape View File

@ -523,10 +523,12 @@ class Crypt {
$signature = $this->createSignature($data, $passPhrase);
$isCorrectHash = hash_equals($expectedSignature, $signature);
if (!$isCorrectHash && $enforceSignature) {
throw new GenericEncryptionException('Bad Signature', $this->l->t('Bad Signature'));
} elseif (!$isCorrectHash && !$enforceSignature) {
$this->logger->info("Signature check skipped", ['app' => 'encryption']);
if (!$isCorrectHash) {
if ($enforceSignature) {
throw new GenericEncryptionException('Bad Signature', $this->l->t('Bad Signature'));
} else {
$this->logger->info("Signature check skipped", ['app' => 'encryption']);
}
}
}