Version Notes
Client provisioning improvements
Download this release
Release Info
Developer | beubi |
Extension | SweOptipricer |
Version | 0.1.6 |
Comparing to | |
See all releases |
Code changes from version 0.1.5 to 0.1.6
app/code/community/SWE/Optipricer/Helper/Securedata.php
CHANGED
@@ -89,7 +89,7 @@ class SWE_Optipricer_Helper_Securedata extends Mage_Core_Helper_Abstract
|
|
89 |
*/
|
90 |
public static function getContent($content, $key = false, $publicKey = false)
|
91 |
{
|
92 |
-
if (is_array($content)) {
|
93 |
return false;
|
94 |
}
|
95 |
|
@@ -100,10 +100,18 @@ class SWE_Optipricer_Helper_Securedata extends Mage_Core_Helper_Abstract
|
|
100 |
}
|
101 |
|
102 |
$data = json_decode($data);
|
|
|
|
|
|
|
|
|
103 |
$mode = isset($data->smode) ? $data->smode : self::SECURE_CIPHER;
|
104 |
if ($mode == self::SECURE_CIPHER && !isset($data->iv)) {
|
105 |
return false;
|
106 |
}
|
|
|
|
|
|
|
|
|
107 |
$obj = isset($data->content) ? $data->content : $data->cipher;
|
108 |
|
109 |
switch($mode)
|
@@ -112,10 +120,12 @@ class SWE_Optipricer_Helper_Securedata extends Mage_Core_Helper_Abstract
|
|
112 |
return self::decryptContent($key, $data);
|
113 |
break;
|
114 |
case self::SECURE_SIGN:
|
115 |
-
if(self::verifySignature($publicKey, $data))
|
116 |
return $obj;
|
117 |
-
|
|
|
118 |
return false;
|
|
|
119 |
break;
|
120 |
case self::SECURE_CIPHER_SIGN:
|
121 |
return self::decryptVerifyContent($key, $publicKey, $data);
|
@@ -136,27 +146,30 @@ class SWE_Optipricer_Helper_Securedata extends Mage_Core_Helper_Abstract
|
|
136 |
private static function encryptContent($key, $content)
|
137 |
{
|
138 |
$ivSize = mcrypt_get_iv_size(self::CIPHER_ALG, self::CIPHER_MODE);
|
139 |
-
$iv = '';
|
140 |
-
if($ivSize > 0)
|
141 |
-
$iv = mcrypt_create_iv($ivSize, MCRYPT_DEV_URANDOM);
|
142 |
|
143 |
// creates a cipher text compatible with AES (Rijndael block size = 128) to keep the text confidential
|
144 |
// only suitable for encoded input that never ends with value 00h (because of default zero padding)
|
145 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
146 |
|
147 |
// prepend the IV for it to be available for decryption
|
148 |
$cipherTextArray = array(
|
149 |
'content' => base64_encode($cipherText),
|
150 |
'iv' => base64_encode($iv),
|
|
|
151 |
'alg' => self::CIPHER_ALG_MODE,
|
152 |
'smode' => self::SECURE_CIPHER
|
153 |
);
|
154 |
|
155 |
-
$cipherTextArray = json_encode($cipherTextArray);
|
156 |
-
|
157 |
-
// encode the resulting cipher text so it can be represented by a string
|
158 |
-
// could be commented...
|
159 |
-
$cipherTextArray = base64_encode($cipherTextArray);
|
160 |
|
161 |
return $cipherTextArray;
|
162 |
}
|
@@ -171,44 +184,41 @@ class SWE_Optipricer_Helper_Securedata extends Mage_Core_Helper_Abstract
|
|
171 |
*/
|
172 |
private static function decryptContent($key, $data)
|
173 |
{
|
|
|
|
|
|
|
174 |
$cipherAlg = self::CIPHER_ALG;
|
175 |
$cipherMode = self::CIPHER_MODE;
|
176 |
|
177 |
-
if(isset($data->alg))
|
178 |
-
|
|
|
|
|
179 |
$cipherAlg = self::$cipherArray[$data->alg]['alg'];
|
180 |
$cipherMode = self::$cipherArray[$data->alg]['mode'];
|
181 |
}
|
182 |
$cipher = isset($data->content) ? $data->content : $data->cipher;
|
|
|
183 |
|
184 |
-
$
|
185 |
|
186 |
-
|
187 |
-
|
188 |
|
|
|
189 |
|
190 |
-
|
191 |
-
* Method to sign content
|
192 |
-
*
|
193 |
-
* @param string $privateKey Private Key
|
194 |
-
* @param string $content Content
|
195 |
-
*
|
196 |
-
* @return array|string
|
197 |
-
*/
|
198 |
-
private static function signContent($privateKey, $content)
|
199 |
-
{
|
200 |
-
openssl_sign($content, $signature, $privateKey, self::SIGN_ALG);
|
201 |
-
$obj = array(
|
202 |
-
'content' => $content,
|
203 |
-
'alg' => self::SIGN_ALG,
|
204 |
-
'smode' => self::SECURE_SIGN,
|
205 |
-
'sign' => base64_encode($signature)
|
206 |
-
);
|
207 |
|
208 |
-
$
|
209 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
210 |
|
211 |
-
return $
|
212 |
}
|
213 |
|
214 |
/**
|
@@ -221,58 +231,25 @@ class SWE_Optipricer_Helper_Securedata extends Mage_Core_Helper_Abstract
|
|
221 |
*/
|
222 |
private static function verifySignature($publicKey, $content)
|
223 |
{
|
|
|
|
|
|
|
224 |
$signAlg = isset($content->alg) ? $content->alg : self::SIGN_ALG;
|
225 |
|
226 |
if (isset($content->content) && isset($content->sign)) {
|
227 |
//int 1 if the signature is correct, 0 if it is incorrect, and -1 on error.
|
228 |
-
$
|
229 |
-
|
230 |
-
|
231 |
-
|
|
|
|
|
|
|
232 |
} else {
|
233 |
return false;
|
234 |
}
|
235 |
}
|
236 |
|
237 |
-
/**
|
238 |
-
* Method to encrypt and sign content
|
239 |
-
*
|
240 |
-
* @param string $key Shared Key
|
241 |
-
* @param string $privKey Private Key
|
242 |
-
* @param string $content Content
|
243 |
-
*
|
244 |
-
* @return array|string
|
245 |
-
*/
|
246 |
-
private static function encryptSignContent($key, $privKey, $content)
|
247 |
-
{
|
248 |
-
openssl_sign($content, $signature, $privKey, self::SIGN_ALG);
|
249 |
-
|
250 |
-
$ivSize = mcrypt_get_iv_size(self::CIPHER_ALG, self::CIPHER_MODE);
|
251 |
-
|
252 |
-
$iv = '';
|
253 |
-
if($ivSize > 0)
|
254 |
-
$iv = mcrypt_create_iv($ivSize, MCRYPT_DEV_URANDOM);
|
255 |
-
|
256 |
-
// creates a cipher text compatible with AES (Rijndael block size = 128) to keep the text confidential
|
257 |
-
// only suitable for encoded input that never ends with value 00h (because of default zero padding)
|
258 |
-
$ciphertext = mcrypt_encrypt(self::CIPHER_ALG, $key, $content, self::CIPHER_MODE, $iv);
|
259 |
-
|
260 |
-
$obj = array(
|
261 |
-
'content' => base64_encode($ciphertext),
|
262 |
-
'iv' => base64_encode($iv),
|
263 |
-
'alg' => self::CIPHER_ALG_MODE . '|' . self::SIGN_ALG,
|
264 |
-
'smode' => self::SECURE_CIPHER_SIGN,
|
265 |
-
'sign' => base64_encode($signature)
|
266 |
-
);
|
267 |
-
|
268 |
-
$obj = json_encode($obj);
|
269 |
-
|
270 |
-
//is it really necessary?
|
271 |
-
//$obj = base64_encode($obj);
|
272 |
-
|
273 |
-
return $obj;
|
274 |
-
}
|
275 |
-
|
276 |
/**
|
277 |
* Method to decrypt and verify content signature
|
278 |
*
|
@@ -284,32 +261,44 @@ class SWE_Optipricer_Helper_Securedata extends Mage_Core_Helper_Abstract
|
|
284 |
*/
|
285 |
private static function decryptVerifyContent($key, $pubKey, $content)
|
286 |
{
|
|
|
|
|
|
|
|
|
|
|
|
|
287 |
$cipherAlg = self::CIPHER_ALG;
|
288 |
$cipherMode = self::CIPHER_MODE;
|
289 |
$signAlg = self::SIGN_ALG;
|
290 |
|
291 |
-
if(isset($content->alg))
|
292 |
-
|
293 |
-
$algs
|
|
|
|
|
294 |
$cipherAlg = self::$cipherArray[$algs[0]]['alg'];
|
295 |
$cipherMode = self::$cipherArray[$algs[0]]['mode'];
|
296 |
-
$signAlg = $algs[1];
|
297 |
}
|
298 |
|
299 |
$cipher = isset($content->content) ? $content->content : $content->cipher;
|
300 |
-
|
301 |
-
$
|
302 |
-
|
303 |
-
|
304 |
-
|
305 |
-
|
306 |
-
|
|
|
|
|
|
|
|
|
307 |
|
308 |
-
|
309 |
-
$data,
|
310 |
-
|
311 |
-
|
312 |
-
|
313 |
}
|
314 |
|
315 |
/**
|
89 |
*/
|
90 |
public static function getContent($content, $key = false, $publicKey = false)
|
91 |
{
|
92 |
+
if (is_array($content) || is_object($content)) {
|
93 |
return false;
|
94 |
}
|
95 |
|
100 |
}
|
101 |
|
102 |
$data = json_decode($data);
|
103 |
+
if (!$data) {
|
104 |
+
return false;
|
105 |
+
}
|
106 |
+
|
107 |
$mode = isset($data->smode) ? $data->smode : self::SECURE_CIPHER;
|
108 |
if ($mode == self::SECURE_CIPHER && !isset($data->iv)) {
|
109 |
return false;
|
110 |
}
|
111 |
+
|
112 |
+
if (!isset($data->content) && !isset($data->cipher)) {
|
113 |
+
return false;
|
114 |
+
}
|
115 |
$obj = isset($data->content) ? $data->content : $data->cipher;
|
116 |
|
117 |
switch($mode)
|
120 |
return self::decryptContent($key, $data);
|
121 |
break;
|
122 |
case self::SECURE_SIGN:
|
123 |
+
if(self::verifySignature($publicKey, $data)) {
|
124 |
return $obj;
|
125 |
+
}
|
126 |
+
else {
|
127 |
return false;
|
128 |
+
}
|
129 |
break;
|
130 |
case self::SECURE_CIPHER_SIGN:
|
131 |
return self::decryptVerifyContent($key, $publicKey, $data);
|
146 |
private static function encryptContent($key, $content)
|
147 |
{
|
148 |
$ivSize = mcrypt_get_iv_size(self::CIPHER_ALG, self::CIPHER_MODE);
|
149 |
+
$iv = $ivSize > 0 ? mcrypt_create_iv($ivSize, MCRYPT_DEV_URANDOM) : '';
|
|
|
|
|
150 |
|
151 |
// creates a cipher text compatible with AES (Rijndael block size = 128) to keep the text confidential
|
152 |
// only suitable for encoded input that never ends with value 00h (because of default zero padding)
|
153 |
+
try {
|
154 |
+
$cipherText = mcrypt_encrypt(self::CIPHER_ALG, $key, $content, self::CIPHER_MODE, $iv);
|
155 |
+
} catch(\Exception $e) {
|
156 |
+
return false;
|
157 |
+
}
|
158 |
+
|
159 |
+
$hashedKey = hash('sha256', $key);
|
160 |
+
|
161 |
+
$hmac = hash_hmac('sha256', base64_encode($cipherText) . base64_encode($iv), $hashedKey);
|
162 |
|
163 |
// prepend the IV for it to be available for decryption
|
164 |
$cipherTextArray = array(
|
165 |
'content' => base64_encode($cipherText),
|
166 |
'iv' => base64_encode($iv),
|
167 |
+
'hmac' => $hmac,
|
168 |
'alg' => self::CIPHER_ALG_MODE,
|
169 |
'smode' => self::SECURE_CIPHER
|
170 |
);
|
171 |
|
172 |
+
$cipherTextArray = base64_encode(json_encode($cipherTextArray));
|
|
|
|
|
|
|
|
|
173 |
|
174 |
return $cipherTextArray;
|
175 |
}
|
184 |
*/
|
185 |
private static function decryptContent($key, $data)
|
186 |
{
|
187 |
+
if (!is_object($data)) {
|
188 |
+
return false;
|
189 |
+
}
|
190 |
$cipherAlg = self::CIPHER_ALG;
|
191 |
$cipherMode = self::CIPHER_MODE;
|
192 |
|
193 |
+
if (isset($data->alg)) {
|
194 |
+
if (!array_key_exists($data->alg, self::$cipherArray)) {
|
195 |
+
return false;
|
196 |
+
}
|
197 |
$cipherAlg = self::$cipherArray[$data->alg]['alg'];
|
198 |
$cipherMode = self::$cipherArray[$data->alg]['mode'];
|
199 |
}
|
200 |
$cipher = isset($data->content) ? $data->content : $data->cipher;
|
201 |
+
$cipher = str_replace(' ', '+',$cipher);
|
202 |
|
203 |
+
$iv = str_replace(' ', '+',$data->iv);
|
204 |
|
205 |
+
if(!isset($data->hmac))
|
206 |
+
return false;
|
207 |
|
208 |
+
$hashedKey = hash('sha256', $key);
|
209 |
|
210 |
+
$newHmac = hash_hmac('sha256', $cipher . $iv, $hashedKey);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
211 |
|
212 |
+
if($newHmac !== $data->hmac)
|
213 |
+
return false;
|
214 |
+
|
215 |
+
try {
|
216 |
+
$content = mcrypt_decrypt($cipherAlg, $key, base64_decode($cipher), $cipherMode, base64_decode($iv));
|
217 |
+
} catch (\Exception $e) {
|
218 |
+
return false;
|
219 |
+
}
|
220 |
|
221 |
+
return $content;
|
222 |
}
|
223 |
|
224 |
/**
|
231 |
*/
|
232 |
private static function verifySignature($publicKey, $content)
|
233 |
{
|
234 |
+
if (!is_object($content)) {
|
235 |
+
return false;
|
236 |
+
}
|
237 |
$signAlg = isset($content->alg) ? $content->alg : self::SIGN_ALG;
|
238 |
|
239 |
if (isset($content->content) && isset($content->sign)) {
|
240 |
//int 1 if the signature is correct, 0 if it is incorrect, and -1 on error.
|
241 |
+
$obj = is_object($content->content) ? json_encode($content->content) : $content->content;
|
242 |
+
try {
|
243 |
+
$result = openssl_verify($obj, base64_decode($content->sign), $publicKey, $signAlg);
|
244 |
+
return $result == 1;
|
245 |
+
} catch (\Exception $e) {
|
246 |
+
return false;
|
247 |
+
}
|
248 |
} else {
|
249 |
return false;
|
250 |
}
|
251 |
}
|
252 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
253 |
/**
|
254 |
* Method to decrypt and verify content signature
|
255 |
*
|
261 |
*/
|
262 |
private static function decryptVerifyContent($key, $pubKey, $content)
|
263 |
{
|
264 |
+
if (!is_object($content) || !isset($content->sign) || !isset($content->iv)) {
|
265 |
+
return false;
|
266 |
+
}
|
267 |
+
if (!isset($content->content) && !isset($content->cipher)) {
|
268 |
+
return false;
|
269 |
+
}
|
270 |
$cipherAlg = self::CIPHER_ALG;
|
271 |
$cipherMode = self::CIPHER_MODE;
|
272 |
$signAlg = self::SIGN_ALG;
|
273 |
|
274 |
+
if (isset($content->alg)) {
|
275 |
+
$algs = explode("|", $content->alg);
|
276 |
+
if (count($algs) != 2 || !array_key_exists($algs[0], self::$cipherArray)) {
|
277 |
+
return false;
|
278 |
+
}
|
279 |
$cipherAlg = self::$cipherArray[$algs[0]]['alg'];
|
280 |
$cipherMode = self::$cipherArray[$algs[0]]['mode'];
|
281 |
+
$signAlg = (int) $algs[1];
|
282 |
}
|
283 |
|
284 |
$cipher = isset($content->content) ? $content->content : $content->cipher;
|
285 |
+
try {
|
286 |
+
$data = trim(mcrypt_decrypt(
|
287 |
+
$cipherAlg,
|
288 |
+
$key,
|
289 |
+
base64_decode($cipher, true),
|
290 |
+
$cipherMode,
|
291 |
+
base64_decode($content->iv, true)
|
292 |
+
));
|
293 |
+
} catch (\Exception $e) {
|
294 |
+
return false;
|
295 |
+
}
|
296 |
|
297 |
+
try {
|
298 |
+
return openssl_verify($data, base64_decode($content->sign, true), $pubKey, $signAlg) ? $data : false;
|
299 |
+
} catch (\Exception $e) {
|
300 |
+
return false;
|
301 |
+
}
|
302 |
}
|
303 |
|
304 |
/**
|
app/code/community/SWE/Optipricer/etc/config.xml
CHANGED
@@ -76,11 +76,11 @@
|
|
76 |
<default>
|
77 |
<swe>
|
78 |
<swe_group_activation>
|
79 |
-
<swe_name
|
80 |
-
<swe_email
|
81 |
<swe_message></swe_message>
|
82 |
-
<swe_token
|
83 |
-
<swe_key
|
84 |
<swe_enable>1</swe_enable>
|
85 |
<swe_endpoint>http://www.optipricer.com/api/</swe_endpoint>
|
86 |
</swe_group_activation>
|
76 |
<default>
|
77 |
<swe>
|
78 |
<swe_group_activation>
|
79 |
+
<swe_name>John</swe_name>
|
80 |
+
<swe_email>John@beubi.com</swe_email>
|
81 |
<swe_message></swe_message>
|
82 |
+
<swe_token>nest54e1c061823aa</swe_token>
|
83 |
+
<swe_key>c4fdfe7fd8430329ca83c214bc6a93d5</swe_key>
|
84 |
<swe_enable>1</swe_enable>
|
85 |
<swe_endpoint>http://www.optipricer.com/api/</swe_endpoint>
|
86 |
</swe_group_activation>
|
package.xml
CHANGED
@@ -1,7 +1,7 @@
|
|
1 |
<?xml version="1.0"?>
|
2 |
<package>
|
3 |
<name>SweOptipricer</name>
|
4 |
-
<version>0.1.
|
5 |
<stability>stable</stability>
|
6 |
<license uri="http://opensource.org/licenses/LGPL-3.0">GNU Lesser General Public License (LGPL)</license>
|
7 |
<channel>community</channel>
|
@@ -10,11 +10,11 @@
|
|
10 |
<description>The extension provides a widget that uses the Optipricer API to create promotions for your products.
|
11 |
Customers will receive a discount after a successful product share on Facebook.
|
12 |
For more information www.optipricer.com</description>
|
13 |
-
<notes>
|
14 |
-
<authors><author><name>
|
15 |
-
<date>2015-
|
16 |
-
<time>
|
17 |
-
<contents><target name="magecommunity"><dir name="SWE"><dir name="Optipricer"><dir name="Block"><file name="Button.php" hash="2649751a4b02bc385560c43fda74a4c9"/><file name="Discount.php" hash="8d92df6ac6c967d4dd7abfe08bd95e17"/></dir><dir name="Helper"><file name="Data.php" hash="e7902afbd2304409bba65f8b62c790ba"/><file name="Securedata.php" hash="
|
18 |
<compatible/>
|
19 |
-
<dependencies><required><php><min>5.3.10</min><max>6.
|
20 |
</package>
|
1 |
<?xml version="1.0"?>
|
2 |
<package>
|
3 |
<name>SweOptipricer</name>
|
4 |
+
<version>0.1.6</version>
|
5 |
<stability>stable</stability>
|
6 |
<license uri="http://opensource.org/licenses/LGPL-3.0">GNU Lesser General Public License (LGPL)</license>
|
7 |
<channel>community</channel>
|
10 |
<description>The extension provides a widget that uses the Optipricer API to create promotions for your products.
|
11 |
Customers will receive a discount after a successful product share on Facebook.
|
12 |
For more information www.optipricer.com</description>
|
13 |
+
<notes>Client provisioning improvements</notes>
|
14 |
+
<authors><author><name>beubi</name><user>beubi</user><email>swe@beubi.com</email></author></authors>
|
15 |
+
<date>2015-06-09</date>
|
16 |
+
<time>13:24:04</time>
|
17 |
+
<contents><target name="magecommunity"><dir name="SWE"><dir name="Optipricer"><dir name="Block"><file name="Button.php" hash="2649751a4b02bc385560c43fda74a4c9"/><file name="Discount.php" hash="8d92df6ac6c967d4dd7abfe08bd95e17"/></dir><dir name="Helper"><file name="Data.php" hash="e7902afbd2304409bba65f8b62c790ba"/><file name="Securedata.php" hash="57601f5a8cbf1b279eb4182e443b905b"/><file name="swe_public_key.pem" hash="b5753918fdbd93ca45f1daa0a7deef93"/></dir><dir name="Model"><file name="Config.php" hash="0a2d0119793670f963e585ce9ed3dbd6"/><file name="Observer.php" hash="27b63db80c30adc0299f0d78bb7c2f34"/></dir><dir name="controllers"><dir name="Adminhtml"><file name="SweoptipricerController.php" hash="6751a86d6e4e098ef86bc71551395187"/></dir></dir><dir name="etc"><file name="config.xml" hash="6f488c897f11c910f6f6dd817e09c6a8"/><file name="system.xml" hash="97070a10606ce146ceb367538a8f558f"/><file name="widget.xml" hash="ed2339511b5f926dca59a9dc27a3d623"/></dir></dir></dir></target><target name="magedesign"><dir name="frontend"><dir name="base"><dir name="default"><dir name="template"><dir name="swe"><dir name="optipricer"><file name="widget.phtml" hash="2cb14a351ce2ec686afe228c326caf9e"/></dir></dir></dir></dir></dir></dir><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="template"><dir name="swe"><dir name="optipricer"><dir name="system"><dir name="config"><file name="button.phtml" hash="24a7d6503d556b5a068b03fd21b2aba5"/></dir></dir></dir></dir></dir></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="SWE_Optipricer.xml" hash="fef9106f9ed27d9e69a1abcc22f2063e"/></dir></target><target name="magelocale"><dir name="en_US"><file name="SWE_Optipricer.csv" hash="2c27e6a50f20ae1318274d6fa8b17bfd"/></dir><dir name="pt_PT"><file name="SWE_Optipricer.csv" hash="7ac9dd9cf8e434d982a003789a0cd826"/></dir></target><target name="mage"><dir name="js"><dir name="swe"><file name="optialert.min.js" hash="d819c38f0c3c8ef8a084154da96667eb"/><file name="optipricer.min.js" hash="f0afbbfee631596ac7d6e4b243354113"/><file name="optispin.min.js" hash="f2b0a61b3a739d03e88401e2a1163588"/></dir></dir></target></contents>
|
18 |
<compatible/>
|
19 |
+
<dependencies><required><php><min>5.3.10</min><max>6.1.0</max></php></required></dependencies>
|
20 |
</package>
|