From 50a2f86dda569e13c23520770ae4c73365fd8151 Mon Sep 17 00:00:00 2001
From: westi <westi@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Sat, 12 Sep 2009 22:03:14 +0000
Subject: [PATCH] Correct key padding and add support for raw_output in
 hash_hmac. Fixes #10284 props mdawaffe.

git-svn-id: http://svn.automattic.com/wordpress/trunk@11921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/compat.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/wp-includes/compat.php b/wp-includes/compat.php
index 188200c01..ce7e954cb 100644
--- a/wp-includes/compat.php
+++ b/wp-includes/compat.php
@@ -72,13 +72,17 @@ function _hash_hmac($algo, $data, $key, $raw_output = false) {
 
 	if (strlen($key) > 64)
 		$key = pack($pack, $algo($key));
-	else if (strlen($key) < 64)
-		$key = str_pad($key, 64, chr(0));
+
+	$key = str_pad($key, 64, chr(0));
 
 	$ipad = (substr($key, 0, 64) ^ str_repeat(chr(0x36), 64));
 	$opad = (substr($key, 0, 64) ^ str_repeat(chr(0x5C), 64));
 
-	return $algo($opad . pack($pack, $algo($ipad . $data)));
+	$hmac = $algo($opad . pack($pack, $algo($ipad . $data)));
+
+	if ( $raw_output )
+		return pack( $pack, $hmac );
+	return $hmac;
 }
 
 if ( !function_exists('mb_substr') ):