PHP already hashes the message itself

To stay compatible with the Golang implementation here we return raw bytes and also don't hash twice. Signed-off-by: Joas Schilling <coding@schilljs.com>
author: Joas Schilling <coding@schilljs.com> 2017-02-10 13:06:01 +0300
committer: Joas Schilling <coding@schilljs.com> 2017-03-29 11:59:17 +0300
commit: 4a0943dd8d6805a5f567e129feae356ba78b50b7 (patch)
tree: b6381c41d445e73568511385cc77946c352dd2f2 /lib/Controller/PushController.php
parent: 0557efa226093214c329101d712f49d5e3433ff8 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/Controller/PushController.php b/lib/Controller/PushController.php
index b9b1054..199c298 100644
--- a/lib/Controller/PushController.php
+++ b/lib/Controller/PushController.php
@@ -110,12 +110,12 @@ class PushController extends OCSController {
 			return new JSONResponse(['message' => 'INVALID_DEVICE_KEY'], Http::STATUS_BAD_REQUEST);
 		}
 
-		$deviceIdentifier = hash('sha512', json_encode([$user->getCloudId(), $token->getId()]));
+		$deviceIdentifier = json_encode([$user->getCloudId(), $token->getId()]);
 		openssl_sign($deviceIdentifier, $signature, $key->getPrivate(), OPENSSL_ALGO_SHA512);
 
 		return new JSONResponse([
 			'publicKey' => $key->getPublic(),
-			'deviceIdentifier' => $deviceIdentifier,
+			'deviceIdentifier' => base64_encode(hash('sha512', $deviceIdentifier, true)),
 			'signature' => base64_encode($signature),
 		], $created ? Http::STATUS_CREATED : Http::STATUS_OK);
 	}
author	Joas Schilling <coding@schilljs.com>	2017-02-10 13:06:01 +0300
committer	Joas Schilling <coding@schilljs.com>	2017-03-29 11:59:17 +0300
commit	4a0943dd8d6805a5f567e129feae356ba78b50b7 (patch)
tree	b6381c41d445e73568511385cc77946c352dd2f2 /lib/Controller/PushController.php
parent	0557efa226093214c329101d712f49d5e3433ff8 (diff)