@@ -48,8 +48,8 @@ |
||
48 | 48 | // We hash the 2 inputs at this point because hash_equals is still |
49 | 49 | // vulnerable to timing attacks when the inputs have different sizes. |
50 | 50 | // Inputs are also cast to string like in symfony stringutils. |
51 | - $known = \hash_hmac('sha256', (string)$known, $nonce, true); |
|
52 | - $given = \hash_hmac('sha256', (string)$given, $nonce, true); |
|
51 | + $known = \hash_hmac('sha256', (string) $known, $nonce, true); |
|
52 | + $given = \hash_hmac('sha256', (string) $given, $nonce, true); |
|
53 | 53 | |
54 | 54 | return \hash_equals($known, $given); |
55 | 55 | } |