From 177144ff7d7c8afcfd4469efabf4733879a2e570 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 4 Feb 2014 18:07:34 +0200 Subject: Fix a logical error in CI_Encryption --- system/libraries/Encryption.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index 4258aee53..3c1347523 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -322,7 +322,7 @@ class CI_Encryption { ); } - return hash_hmac($params['hmac']['digest'], $data, $params['hmac']['key'], $params['base64']).$data; + return hash_hmac($params['hmac']['digest'], $data, $params['hmac']['key'], ! $params['base64']).$data; } return $data; @@ -432,14 +432,14 @@ class CI_Encryption { } // This might look illogical, but it is done during encryption as well ... - // The 'base64' value is effectively a "raw data" parameter + // The 'base64' value is effectively an inverted "raw data" parameter $digest_size = ($params['base64']) ? $this->_digests[$params['hmac']['digest']] * 2 : $this->_digests[$params['hmac']['digest']]; $hmac = substr($data, 0, $digest_size); $data = substr($data, $digest_size); - if ($hmac !== hash_hmac($params['hmac']['digest'], $data, $params['hmac']['key'], $params['base64'])) + if ($hmac !== hash_hmac($params['hmac']['digest'], $data, $params['hmac']['key'], ! $params['base64'])) { return FALSE; } -- cgit v1.2.3-24-g4f1b