Merge branch 'new-hash' into 'preprod'

Use HMAC-SHA256 instead of SHA1

Closes #29

See merge request !5

app/controller/bank.php

@@ -81,9 +81,11 @@ class Bank extends Controller
             $sig .= $value . "+";
         }
         $sig .= CERTIFICATE;
-        $cb_log->write("sig: " . $signature . " == " . sha1($sig));
-        if (sha1($sig)!=$signature) {
-            $error = "Error in signature: " . $signature . " != " . sha1($sig);
+        ### Attempt to do it in hmac-sha256
+        $sig_hash = base64_encode(hash_hmac('sha256', $sig, CERTIFICATE, true));
+        $cb_log->write("sig: " . $signature . " == " . $sig_hash);
+        if ($sig_hash!=$signature) {
+            $error = "Error in signature: " . $signature . " != " . $sig_hash;
         }
         // Résultats des vérifications globales
         if ($error!="") {

app/controller/campaign.php

@@ -196,7 +196,7 @@ class Campaign extends Controller
             $signature .= $value."+";
         }
         $signature .= CERTIFICATE;
-        $signature = sha1($signature);
+        $signature = base64_encode(hash_hmac('sha256', $signature, CERTIFICATE, true));
         $params["signature"] = $signature;
 
         $f3->set('target', $target);

app/controller/perso.php

@@ -538,7 +538,8 @@ class Perso extends Controller
             $signature .= $value."+";
         }
         $signature .= CERTIFICATE;
-        $signature = sha1($signature);
+        $signature = base64_encode(hash_hmac('sha256', $signature, CERTIFICATE, true));
+        #$signature = sha1($signature);
         $parameters["wsSignature"] = $signature;
         $client = new \SoapClient("https://paiement.systempay.fr/vads-ws/ident-v2.1?wsdl");
         $result = $client->customerCancel($parameters);