From a4f113eef935d8543cb194f8239807112a3b3aaa Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Tue, 18 Feb 2014 21:18:31 +0200
Subject: CI_Encryption::hkdf() to follow RFC5869 more strictly

---
 system/libraries/Encryption.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/libraries/Encryption.php')

diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php
index 3ce9f1b95..bfc1e892a 100644
--- a/system/libraries/Encryption.php
+++ b/system/libraries/Encryption.php
@@ -845,7 +845,7 @@ class CI_Encryption {
 			return FALSE;
 		}
 
-		isset($salt) OR $salt = str_repeat("\0", $this->_digests[$digest]);
+		strlen($salt) OR $salt = str_repeat("\0", $this->_digests[$digest]);
 
 		$prk = hash_hmac($digest, $key, $salt, TRUE);
 		$key = '';
-- 
cgit v1.2.3-24-g4f1b