Merge pull request #530 from FatchipRobert/MAG2-304-sha384-hash

MAG2-304 - Changed Client API hash parameters to sha2-384 encoding
PAYONE-GmbH · Feb 6, 2024 · 5d6b224 · 5d6b224
2 parents c485c4a + 89959f3
commit 5d6b224
Show file tree

Hide file tree

Showing 16 changed files with 84 additions and 52 deletions.
diff --git a/Helper/Request.php b/Helper/Request.php
@@ -47,25 +47,35 @@ class Request extends \Payone\Core\Helper\Base
      */
     protected $shopHelper;
 
+    /**
+     * PAYONE toolkit helper
+     *
+     * @var \Payone\Core\Helper\Toolkit
+     */
+    protected $toolkitHelper;
+
     /**
      * Constructor
      *
      * @param \Magento\Framework\App\Helper\Context      $context
      * @param \Magento\Store\Model\StoreManagerInterface $storeManager
      * @param \Payone\Core\Helper\Shop                   $shopHelper
+     * @param \Payone\Core\Helper\Toolkit                $toolkitHelper
      * @param \Magento\Framework\App\State               $state
      * @param \Payone\Core\Helper\Environment            $environmentHelper
      */
     public function __construct(
         \Magento\Framework\App\Helper\Context $context,
         \Magento\Store\Model\StoreManagerInterface $storeManager,
         \Payone\Core\Helper\Shop $shopHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Magento\Framework\App\State $state,
         \Payone\Core\Helper\Environment $environmentHelper
     ) {
         parent::__construct($context, $storeManager, $shopHelper, $state);
         $this->environmentHelper = $environmentHelper;
         $this->shopHelper = $shopHelper;
+        $this->toolkitHelper = $toolkitHelper;
     }
 
     /**
@@ -104,18 +114,15 @@ public function getBankaccountCheckRequest()
      */
     public function getHostedIframeRequestCCHash()
     {
-        $sHash = md5(
-            $this->getConfigParam('aid').
+        $sStringToHash = $this->getConfigParam('aid').
             $this->environmentHelper->getEncoding().
             $this->getConfigParam('mid').
             $this->getConfigParam('mode', PayoneConfig::METHOD_CREDITCARD, 'payone_payment').
             $this->getConfigParam('portalid').
             'creditcardcheck'.
             'JSON'.
-            'yes'.
-            $this->getConfigParam('key')
-        );
-        return $sHash;
+            'yes';
+        return $this->toolkitHelper->hashString($sStringToHash, 'sha384', $this->getConfigParam('key'));
     }
 
     /**
@@ -125,18 +132,15 @@ public function getHostedIframeRequestCCHash()
      */
     public function getBankaccountCheckRequestHash()
     {
-        $sHash = md5(
-            $this->getConfigParam('aid').
+        $sStringToHash = $this->getConfigParam('aid').
             $this->getConfigParam('bankaccountcheck_type', PayoneConfig::METHOD_DEBIT, 'payone_payment').
             $this->environmentHelper->getEncoding().
             $this->getConfigParam('mid').
             $this->getConfigParam('mode', PayoneConfig::METHOD_CREDITCARD, 'payone_payment').
             $this->getConfigParam('portalid').
             'bankaccountcheck'.
-            'JSON'.
-            $this->getConfigParam('key')
-        );
-        return $sHash;
+            'JSON';
+        return $this->toolkitHelper->hashString($sStringToHash, 'sha384', $this->getConfigParam('key'));
     }
 
     /**

diff --git a/Helper/Toolkit.php b/Helper/Toolkit.php
@@ -108,7 +108,7 @@ public function isKeyValid($sKey)
     {
         $aKeyValues = $this->getAllPayoneSecurityKeys();
         foreach ($aKeyValues as $sConfigKey) {
-            if (md5($sConfigKey ?? '') == $sKey) {
+            if ($this->hashString($sConfigKey ?? '') == $sKey) {
                 return true;
             }
         }
@@ -258,4 +258,19 @@ public function generateUUIDv4()
         // Output the 36 character UUID.
         return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
     }
+
+    /**
+     * In the Payone universe different hash mechanisms are needed
+     * Returns a hashed string and defines a default through the sAlgorithm parameter
+     *
+     * @param  string $sString
+     * @return string
+     */
+    public function hashString($sString, $sAlgorithm = 'md5', $sKey = false)
+    {
+        if ($sAlgorithm == "sha384" && $sKey !== false) {
+            return hash_hmac($sAlgorithm, $sString, $sKey);
+        }
+        return hash($sAlgorithm, $sString);
+    }
 }
diff --git a/Model/Api/Request/AddressRequest.php b/Model/Api/Request/AddressRequest.php
@@ -50,17 +50,19 @@ abstract class AddressRequest extends Base
      * @param \Payone\Core\Helper\Shop                $shopHelper
      * @param \Payone\Core\Helper\Environment         $environmentHelper
      * @param \Payone\Core\Helper\Api                 $apiHelper
+     * @param \Payone\Core\Helper\Toolkit             $toolkitHelper
      * @param \Payone\Core\Model\ResourceModel\ApiLog $apiLog
      * @param \Payone\Core\Helper\Customer            $customerHelper
      */
     public function __construct(
         \Payone\Core\Helper\Shop $shopHelper,
         \Payone\Core\Helper\Environment $environmentHelper,
         \Payone\Core\Helper\Api $apiHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Payone\Core\Model\ResourceModel\ApiLog $apiLog,
         \Payone\Core\Helper\Customer $customerHelper
     ) {
-        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $apiLog);
+        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $toolkitHelper, $apiLog);
         $this->customerHelper = $customerHelper;
     }
 

diff --git a/Model/Api/Request/Addresscheck.php b/Model/Api/Request/Addresscheck.php
@@ -79,6 +79,7 @@ class Addresscheck extends AddressRequest
      * @param \Payone\Core\Helper\Shop                          $shopHelper
      * @param \Payone\Core\Helper\Environment                   $environmentHelper
      * @param \Payone\Core\Helper\Api                           $apiHelper
+     * @param \Payone\Core\Helper\Toolkit                       $toolkitHelper
      * @param \Payone\Core\Model\ResourceModel\ApiLog           $apiLog
      * @param \Payone\Core\Helper\Customer                      $customerHelper
      * @param \Payone\Core\Model\ResourceModel\CheckedAddresses $addressesChecked
@@ -88,12 +89,13 @@ public function __construct(
         \Payone\Core\Helper\Shop $shopHelper,
         \Payone\Core\Helper\Environment $environmentHelper,
         \Payone\Core\Helper\Api $apiHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Payone\Core\Model\ResourceModel\ApiLog $apiLog,
         \Payone\Core\Helper\Customer $customerHelper,
         \Payone\Core\Model\ResourceModel\CheckedAddresses $addressesChecked,
         \Payone\Core\Helper\Addresscheck $addresscheckHelper
     ) {
-        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $apiLog, $customerHelper);
+        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $toolkitHelper, $apiLog, $customerHelper);
         $this->addressesChecked = $addressesChecked;
         $this->addresscheckHelper = $addresscheckHelper;
     }

diff --git a/Model/Api/Request/Authorization.php b/Model/Api/Request/Authorization.php
@@ -58,39 +58,31 @@ class Authorization extends AddressRequest
      */
     protected $checkoutSession;
 
-    /**
-     * PAYONE toolkit helper
-     *
-     * @var \Payone\Core\Helper\Toolkit
-     */
-     protected $toolkitHelper;
-
     /**
      * Constructor
      *
      * @param \Payone\Core\Helper\Shop                $shopHelper
      * @param \Payone\Core\Helper\Environment         $environmentHelper
      * @param \Payone\Core\Helper\Api                 $apiHelper
+     * @param \Payone\Core\Helper\Toolkit             $toolkitHelper
      * @param \Payone\Core\Model\ResourceModel\ApiLog $apiLog
      * @param \Payone\Core\Helper\Customer            $customerHelper
      * @param \Payone\Core\Model\Api\Invoice          $invoiceGenerator
      * @param \Magento\Checkout\Model\Session         $checkoutSession
-     * @param \Payone\Core\Helper\Toolkit             $toolkitHelper
      */
     public function __construct(
         \Payone\Core\Helper\Shop $shopHelper,
         \Payone\Core\Helper\Environment $environmentHelper,
         \Payone\Core\Helper\Api $apiHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Payone\Core\Model\ResourceModel\ApiLog $apiLog,
         \Payone\Core\Helper\Customer $customerHelper,
         \Payone\Core\Model\Api\Invoice $invoiceGenerator,
-        \Magento\Checkout\Model\Session $checkoutSession,
-        \Payone\Core\Helper\Toolkit $toolkitHelper
+        \Magento\Checkout\Model\Session $checkoutSession
     ) {
-        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $apiLog, $customerHelper);
+        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $toolkitHelper, $apiLog, $customerHelper);
         $this->invoiceGenerator = $invoiceGenerator;
         $this->checkoutSession = $checkoutSession;
-        $this->toolkitHelper = $toolkitHelper;
     }
 
     /**

diff --git a/Model/Api/Request/Base.php b/Model/Api/Request/Base.php
@@ -104,6 +104,13 @@ abstract class Base
      */
     protected $apiHelper;
 
+    /**
+     * PAYONE toolkit helper
+     *
+     * @var \Payone\Core\Helper\Toolkit
+     */
+    protected $toolkitHelper;
+
     /**
      * API-log resource model
      *
@@ -124,17 +131,20 @@ abstract class Base
      * @param \Payone\Core\Helper\Shop                $shopHelper
      * @param \Payone\Core\Helper\Environment         $environmentHelper
      * @param \Payone\Core\Helper\Api                 $apiHelper
+     * @param \Payone\Core\Helper\Toolkit             $toolkitHelper
      * @param \Payone\Core\Model\ResourceModel\ApiLog $apiLog
      */
     public function __construct(
         \Payone\Core\Helper\Shop $shopHelper,
         \Payone\Core\Helper\Environment $environmentHelper,
         \Payone\Core\Helper\Api $apiHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Payone\Core\Model\ResourceModel\ApiLog $apiLog
     ) {
         $this->shopHelper = $shopHelper;
         $this->environmentHelper = $environmentHelper;
         $this->apiHelper = $apiHelper;
+        $this->toolkitHelper = $toolkitHelper;
         $this->apiLog = $apiLog;
         $this->initRequest();
     }
@@ -150,7 +160,7 @@ protected function initRequest()
         $this->aParameters = [];
         $this->addParameter('mid', $this->shopHelper->getConfigParam('mid', 'global', 'payone_general', $this->storeCode)); // PayOne Merchant ID
         $this->addParameter('portalid', $this->shopHelper->getConfigParam('portalid', 'global', 'payone_general', $this->storeCode)); // PayOne Portal ID
-        $this->addParameter('key', md5($this->shopHelper->getConfigParam('key', 'global', 'payone_general', $this->storeCode) ?? '')); // PayOne Portal Key
+        $this->addParameter('key', $this->toolkitHelper->hashString($this->shopHelper->getConfigParam('key', 'global', 'payone_general', $this->storeCode) ?? '')); // PayOne Portal Key
         $this->addParameter('encoding', $this->environmentHelper->getEncoding()); // Encoding
         $this->addParameter('integrator_name', 'Magento2'); // Shop-system
         $this->addParameter('integrator_version', $this->shopHelper->getMagentoVersion()); // Shop version
@@ -258,10 +268,9 @@ protected function addCustomParameters(PayoneMethod $oPayment)
             $sCustomConfig = $oPayment->getCustomConfigParam($sConfigName); // get custom config param
             if (!empty($sCustomConfig)) { // only add if the param is configured
                 if ($sConfigName == 'key') {
-                    $this->addParameter($sParamName, md5($sCustomConfig)); // key isn't hashed in db
-                } else {
-                    $this->addParameter($sParamName, $sCustomConfig); // add custom param to request
+                    $sCustomConfig = $this->toolkitHelper->hashString($sCustomConfig); // key isn't hashed in db
                 }
+                $this->addParameter($sParamName, $sCustomConfig); // add custom param to request
             }
         }
     }

diff --git a/Model/Api/Request/Capture.php b/Model/Api/Request/Capture.php
@@ -54,6 +54,7 @@ class Capture extends Base
      * @param \Payone\Core\Helper\Shop                $shopHelper
      * @param \Payone\Core\Helper\Environment         $environmentHelper
      * @param \Payone\Core\Helper\Api                 $apiHelper
+     * @param \Payone\Core\Helper\Toolkit             $toolkitHelper
      * @param \Payone\Core\Model\ResourceModel\ApiLog $apiLog
      * @param \Payone\Core\Model\Api\Invoice          $invoiceGenerator
      * @param \Payone\Core\Helper\Database            $databaseHelper
@@ -62,11 +63,12 @@ public function __construct(
         \Payone\Core\Helper\Shop $shopHelper,
         \Payone\Core\Helper\Environment $environmentHelper,
         \Payone\Core\Helper\Api $apiHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Payone\Core\Model\ResourceModel\ApiLog $apiLog,
         \Payone\Core\Model\Api\Invoice $invoiceGenerator,
         \Payone\Core\Helper\Database $databaseHelper
     ) {
-        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $apiLog);
+        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $toolkitHelper, $apiLog);
         $this->invoiceGenerator = $invoiceGenerator;
         $this->databaseHelper = $databaseHelper;
     }

diff --git a/Model/Api/Request/Consumerscore.php b/Model/Api/Request/Consumerscore.php
@@ -49,6 +49,7 @@ class Consumerscore extends AddressRequest
      * @param \Payone\Core\Helper\Shop                          $shopHelper
      * @param \Payone\Core\Helper\Environment                   $environmentHelper
      * @param \Payone\Core\Helper\Api                           $apiHelper
+     * @param \Payone\Core\Helper\Toolkit                       $toolkitHelper
      * @param \Payone\Core\Model\ResourceModel\ApiLog           $apiLog
      * @param \Payone\Core\Helper\Customer                      $customerHelper
      * @param \Payone\Core\Model\ResourceModel\CheckedAddresses $addressesChecked
@@ -57,11 +58,12 @@ public function __construct(
         \Payone\Core\Helper\Shop $shopHelper,
         \Payone\Core\Helper\Environment $environmentHelper,
         \Payone\Core\Helper\Api $apiHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Payone\Core\Model\ResourceModel\ApiLog $apiLog,
         \Payone\Core\Helper\Customer $customerHelper,
         \Payone\Core\Model\ResourceModel\CheckedAddresses $addressesChecked
     ) {
-        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $apiLog, $customerHelper);
+        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $toolkitHelper, $apiLog, $customerHelper);
         $this->addressesChecked = $addressesChecked;
     }
 

diff --git a/Model/Api/Request/Debit.php b/Model/Api/Request/Debit.php
@@ -50,37 +50,29 @@ class Debit extends Base
      */
     protected $databaseHelper;
 
-    /**
-     * PAYONE toolkit helper
-     *
-     * @var \Payone\Core\Helper\Toolkit
-     */
-    protected $toolkitHelper;
-
     /**
      * Constructor
      *
      * @param \Payone\Core\Helper\Shop                $shopHelper
      * @param \Payone\Core\Helper\Environment         $environmentHelper
      * @param \Payone\Core\Helper\Api                 $apiHelper
+     * @param \Payone\Core\Helper\Toolkit             $toolkitHelper
      * @param \Payone\Core\Model\ResourceModel\ApiLog $apiLog
      * @param \Payone\Core\Model\Api\Invoice          $invoiceGenerator
      * @param \Payone\Core\Helper\Database            $databaseHelper
-     * @param \Payone\Core\Helper\Toolkit             $toolkitHelper
      */
     public function __construct(
         \Payone\Core\Helper\Shop $shopHelper,
         \Payone\Core\Helper\Environment $environmentHelper,
         \Payone\Core\Helper\Api $apiHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Payone\Core\Model\ResourceModel\ApiLog $apiLog,
         \Payone\Core\Model\Api\Invoice $invoiceGenerator,
-        \Payone\Core\Helper\Database $databaseHelper,
-        \Payone\Core\Helper\Toolkit $toolkitHelper
+        \Payone\Core\Helper\Database $databaseHelper
     ) {
-        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $apiLog);
+        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $toolkitHelper, $apiLog);
         $this->invoiceGenerator = $invoiceGenerator;
         $this->databaseHelper = $databaseHelper;
-        $this->toolkitHelper = $toolkitHelper;
     }
 
     /**

diff --git a/Model/Api/Request/Genericpayment/CancelOrderReference.php b/Model/Api/Request/Genericpayment/CancelOrderReference.php
@@ -54,6 +54,7 @@ class CancelOrderReference extends Base
      * @param \Payone\Core\Helper\Shop                $shopHelper
      * @param \Payone\Core\Helper\Environment         $environmentHelper
      * @param \Payone\Core\Helper\Api                 $apiHelper
+     * @param \Payone\Core\Helper\Toolkit             $toolkitHelper
      * @param \Payone\Core\Model\ResourceModel\ApiLog $apiLog
      * @param \Payone\Core\Helper\Customer            $customerHelper
      * @param \Psr\Log\LoggerInterface                $logger
@@ -63,12 +64,13 @@ public function __construct(
         \Payone\Core\Helper\Shop $shopHelper,
         \Payone\Core\Helper\Environment $environmentHelper,
         \Payone\Core\Helper\Api $apiHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Payone\Core\Model\ResourceModel\ApiLog $apiLog,
         \Payone\Core\Helper\Customer $customerHelper,
         \Psr\Log\LoggerInterface $logger,
         \Magento\Framework\Url $url
     ) {
-        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $apiLog, $customerHelper);
+        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $toolkitHelper, $apiLog, $customerHelper);
         $this->logger = $logger;
         $this->url = $url;
     }

diff --git a/Model/Api/Request/Genericpayment/ConfirmOrderReference.php b/Model/Api/Request/Genericpayment/ConfirmOrderReference.php
@@ -54,6 +54,7 @@ class ConfirmOrderReference extends Base
      * @param \Payone\Core\Helper\Shop                $shopHelper
      * @param \Payone\Core\Helper\Environment         $environmentHelper
      * @param \Payone\Core\Helper\Api                 $apiHelper
+     * @param \Payone\Core\Helper\Toolkit             $toolkitHelper
      * @param \Payone\Core\Model\ResourceModel\ApiLog $apiLog
      * @param \Payone\Core\Helper\Customer            $customerHelper
      * @param \Psr\Log\LoggerInterface                $logger
@@ -63,12 +64,13 @@ public function __construct(
         \Payone\Core\Helper\Shop $shopHelper,
         \Payone\Core\Helper\Environment $environmentHelper,
         \Payone\Core\Helper\Api $apiHelper,
+        \Payone\Core\Helper\Toolkit $toolkitHelper,
         \Payone\Core\Model\ResourceModel\ApiLog $apiLog,
         \Payone\Core\Helper\Customer $customerHelper,
         \Psr\Log\LoggerInterface $logger,
         \Magento\Framework\Url $url
     ) {
-        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $apiLog, $customerHelper);
+        parent::__construct($shopHelper, $environmentHelper, $apiHelper, $toolkitHelper, $apiLog, $customerHelper);
         $this->logger = $logger;
         $this->url = $url;
     }