diff --git a/app/controller/bank.php b/app/controller/bank.php
index d20b0cd5e06cacce1a6aa5c78efad91fef174fb6..06fa05118f5adb5588bcb9523f08f00912be6c2c 100644
--- a/app/controller/bank.php
+++ b/app/controller/bank.php
@@ -81,9 +81,11 @@ class Bank extends Controller
$sig .= $value . "+";
}
$sig .= CERTIFICATE;
- $cb_log->write("sig: " . $signature . " == " . sha1($sig));
- if (sha1($sig)!=$signature) {
- $error = "Error in signature: " . $signature . " != " . sha1($sig);
+ ### Attempt to do it in hmac-sha256
+ $sig_hash = base64_encode(hash_hmac('sha256', $sig, CERTIFICATE, true));
+ $cb_log->write("sig: " . $signature . " == " . $sig_hash);
+ if ($sig_hash!=$signature) {
+ $error = "Error in signature: " . $signature . " != " . $sig_hash;
}
// Résultats des vérifications globales
if ($error!="") {
diff --git a/app/controller/campaign.php b/app/controller/campaign.php
index 551bfa8220aacd048b8328c7a6ac87bf459cef1f..f8a71a439f9f04ebf6bda7526b8f9d5cd59b6037 100644
--- a/app/controller/campaign.php
+++ b/app/controller/campaign.php
@@ -196,7 +196,7 @@ class Campaign extends Controller
$signature .= $value."+";
}
$signature .= CERTIFICATE;
- $signature = sha1($signature);
+ $signature = base64_encode(hash_hmac('sha256', $signature, CERTIFICATE, true));
$params["signature"] = $signature;
$f3->set('target', $target);
diff --git a/app/controller/perso.php b/app/controller/perso.php
index cdf509043f9dcbc3a6c70a598fedd1d4ff762346..230685c3cf3eb2d4abf334550f88594822548f51 100644
--- a/app/controller/perso.php
+++ b/app/controller/perso.php
@@ -531,7 +531,8 @@ class Perso extends Controller
$signature .= $value."+";
}
$signature .= CERTIFICATE;
- $signature = sha1($signature);
+ $signature = base64_encode(hash_hmac('sha256', $signature, CERTIFICATE, true));
+ #$signature = sha1($signature);
$parameters["wsSignature"] = $signature;
$client = new \SoapClient("https://paiement.systempay.fr/vads-ws/ident-v2.1?wsdl");
$result = $client->customerCancel($parameters);