From 9293bcb1550bcf5926b5cc59ed8e7c5b118fce94 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Wed, 15 May 2024 10:28:18 +0200
Subject: [PATCH] fix: Correctly check result of function

Signed-off-by: Joas Schilling <coding@schilljs.com>

[skip ci]
---
 index.php       | 4 ++--
 lib/Updater.php | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/index.php b/index.php
index 69c1d161..62d7606c 100644
--- a/index.php
+++ b/index.php
@@ -708,12 +708,12 @@ public function verifyIntegrity(): void {
 -----END CERTIFICATE-----
 EOF;
 
-		$validSignature = (bool)openssl_verify(
+		$validSignature = openssl_verify(
 			file_get_contents($this->getDownloadedFilePath()),
 			base64_decode($response['signature']),
 			$certificate,
 			OPENSSL_ALGO_SHA512
-		);
+		) === 1;
 
 		if ($validSignature === false) {
 			throw new \Exception('Signature of update is not valid');
diff --git a/lib/Updater.php b/lib/Updater.php
index 37d112d1..f1725aa1 100644
--- a/lib/Updater.php
+++ b/lib/Updater.php
@@ -670,12 +670,12 @@ public function verifyIntegrity(): void {
 -----END CERTIFICATE-----
 EOF;
 
-		$validSignature = (bool)openssl_verify(
+		$validSignature = openssl_verify(
 			file_get_contents($this->getDownloadedFilePath()),
 			base64_decode($response['signature']),
 			$certificate,
 			OPENSSL_ALGO_SHA512
-		);
+		) === 1;
 
 		if ($validSignature === false) {
 			throw new \Exception('Signature of update is not valid');