Merge pull request #370 from michaelhogg/fix-bug-hmac-encoding

Fix bug: hash_hmac() should output raw binary data, not hexits
This commit is contained in:
Alex Bilbie 2015-09-04 08:36:33 +01:00
commit c3457107ee
2 changed files with 9 additions and 2 deletions

View File

@ -118,7 +118,14 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
$calculatedSignatureParts[] = $params->get('ext'); $calculatedSignatureParts[] = $params->get('ext');
} }
$calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), $macKey)); $calculatedSignature = base64_encode(
hash_hmac(
'sha256',
implode("\n", $calculatedSignatureParts),
$macKey,
true // raw_output: outputs raw binary data
)
);
// Return the access token if the signature matches // Return the access token if the signature matches
return ($this->hash_equals($calculatedSignature, $signature)) ? $accessToken : null; return ($this->hash_equals($calculatedSignature, $signature)) ? $accessToken : null;

View File

@ -57,7 +57,7 @@ class MacTest extends \PHPUnit_Framework_TestCase
$request->getPort(), $request->getPort(),
'ext' 'ext'
]; ];
$calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), 'abcdef')); $calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), 'abcdef', true));
$request->headers->set('Authorization', sprintf('MAC id="foo", nonce="foo", ts="%s", mac="%s", ext="ext"', $ts, $calculatedSignature)); $request->headers->set('Authorization', sprintf('MAC id="foo", nonce="foo", ts="%s", mac="%s", ext="ext"', $ts, $calculatedSignature));