diff options
| author | Leon Klingele <git@leonklingele.de> | 2016-10-31 18:22:42 +0100 |
|---|---|---|
| committer | Leon Klingele <git@leonklingele.de> | 2016-11-02 10:38:05 +0100 |
| commit | e5d78a35231d1412aa7427f061aacdf73d92a796 (patch) | |
| tree | c47ba59f46e3332426d3262150ac4290fc5fd920 /lib/private/Security | |
| parent | 42b0a0d2afe95b974545436e112a1d97edaeeb1a (diff) | |
| download | nextcloud-server-e5d78a35231d1412aa7427f061aacdf73d92a796.tar.gz nextcloud-server-e5d78a35231d1412aa7427f061aacdf73d92a796.zip | |
Fix CSRF token generation / validation
Operate on raw bytes instead of base64-encoded strings.
Issue was introduced in a977465
Signed-off-by: Leon Klingele <git@leonklingele.de>
Diffstat (limited to 'lib/private/Security')
| -rw-r--r-- | lib/private/Security/CSRF/CsrfToken.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/private/Security/CSRF/CsrfToken.php b/lib/private/Security/CSRF/CsrfToken.php index dce9a83b727..e9bdf5b5204 100644 --- a/lib/private/Security/CSRF/CsrfToken.php +++ b/lib/private/Security/CSRF/CsrfToken.php @@ -51,8 +51,8 @@ class CsrfToken { */ public function getEncryptedValue() { if($this->encryptedValue === '') { - $sharedSecret = base64_encode(random_bytes(strlen($this->value))); - $this->encryptedValue = base64_encode($this->value ^ $sharedSecret) . ':' . $sharedSecret; + $sharedSecret = random_bytes(strlen($this->value)); + $this->encryptedValue = base64_encode($this->value ^ $sharedSecret) . ':' . base64_encode($sharedSecret); } return $this->encryptedValue; @@ -71,6 +71,6 @@ class CsrfToken { } $obfuscatedToken = $token[0]; $secret = $token[1]; - return base64_decode($obfuscatedToken) ^ $secret; + return base64_decode($obfuscatedToken) ^ base64_decode($secret); } } |