Skip to content
This repository has been archived by the owner on Mar 25, 2020. It is now read-only.

Commit

Permalink
bugfix: Make sure to properly check the output of openssl_verify().
Browse files Browse the repository at this point in the history
  • Loading branch information
jaimeperez committed Dec 12, 2016
1 parent b8699d5 commit 63b84cc
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/RP/Zend_InfoCard_Xml_Security.php
Original file line number Diff line number Diff line change
Expand Up @@ -219,7 +219,7 @@ static public function validateXMLSignature($strXMLInput, $sts_crt=NULL){
$signedInfoXML = self::addNamespace($signedInfo, "http://www.w3.org/2000/09/xmldsig#");
SimpleSAML_Logger::debug("canonicalizo ".$signedInfoXML);
$canonical_signedinfo = $transformer->applyTransforms($signedInfoXML);
if (openssl_verify($canonical_signedinfo,$signatureValue,$check_key)) {
if (openssl_verify($canonical_signedinfo,$signatureValue,$check_key) === 1) {
list($reference) = $sxe->xpath("//ds:Signature/ds:SignedInfo/ds:Reference");
openssl_free_key($check_key);
return (string)$reference['URI'];
Expand Down

0 comments on commit 63b84cc

Please sign in to comment.