/** * Encrypts and returns the data. * * @param NostoAccount $account the account to export the data for. * @param NostoExportCollectionInterface $collection the data collection to export. * @return string the encrypted data. */ public static function export(NostoAccount $account, NostoExportCollectionInterface $collection) { $data = ''; // Use the first 16 chars of the SSO token as secret for encryption. $token = $account->getApiToken(NostoApiToken::API_SSO); if (!empty($token)) { $tokenValue = $token->getValue(); $secret = substr($tokenValue, 0, 16); if (!empty($secret)) { $iv = phpseclib_Crypt_Random::string(16); $cipher = new NostoCipher(); $cipher->setSecret($secret); $cipher->setIV($iv); $cipherText = $cipher->encrypt($collection->getJson()); // Prepend the IV to the cipher string so that nosto can parse and use it. // There is no security concern with sending the IV as plain text. $data = $iv . $cipherText; } } return $data; }
/** * Generates a random BigInteger * * Byte length is equal to $length. Uses phpseclib_Crypt_Random if it's loaded and mt_rand if it's not. * * @param Integer $length * @return phpseclib_Math_BigInteger * @access private */ function _random_number_helper($size) { if (class_exists('phpseclib_Crypt_Random')) { $random = phpseclib_Crypt_Random::string($size); } else { $random = ''; if ($size & 1) { $random .= chr(mt_rand(0, 255)); } $blocks = $size >> 1; for ($i = 0; $i < $blocks; ++$i) { // mt_rand(-2147483648, 0x7FFFFFFF) always produces -2147483648 on some systems $random .= pack('n', mt_rand(0, 0xffff)); } } return new static($random, 256); }
/** * Returns a unique ID that identifies this Magento installation. * This ID is sent to the Nosto account config iframe and used to link all * Nosto accounts used on this installation. * * @return string the ID. */ public function getInstallationId() { $installationId = $this->scopeConfig->getValue(self::XML_PATH_INSTALLATION_ID); if (empty($installationId)) { // Running bin2hex() will make the ID string length 64 characters. $installationId = bin2hex(\phpseclib_Crypt_Random::string(32)); $this->_configWriter->save(self::XML_PATH_INSTALLATION_ID, $installationId); // todo: clear cache. } return $installationId; }