public function testEncryptData() { if (!extension_loaded('mcrypt')) { $this->markTestSkipped('mcrypt extension is required to test encrypt feature.'); } $sm = new CSecurityManager(); $sm->encryptionKey = '123456'; $data = 'this is raw data'; $encryptedData = $sm->encrypt($data); $this->assertTrue($data !== $encryptedData); $data2 = $sm->decrypt($encryptedData); $this->assertEquals($data, $data2); }
/** * @return null */ public function init() { parent::init(); $this->_blowFishHashCost = craft()->config->get('blowfishHashCost'); }
public function testGenerateRandomBytesCS() { $sm = new CSecurityManager(); // any char is allowed so only string length is important $mbStrlen = function_exists('mb_strlen'); for ($i = 1; $i < 255; $i += 1) { $ran = $sm->generateRandomBytes($i, true); $this->assertInternalType('string', $ran); $this->assertEquals($i, $mbStrlen ? mb_strlen($ran, '8bit') : strlen($ran)); } }
/** * Returns an encrypted string (base64 encoding) to post to our payment processor (KEM payment). * @return string encrypted order data to display to the end user (NOT used for payment validation) */ public function encryptedFrontendData() { $orderdict = $this->frontendData(); $securityManager = new CSecurityManager(); $securityManager->cryptAlgorithm = array('rijndael-256', '', 'cbc', ''); $securityManager->encryptionKey = $this->id . Yii::app()->params['outbound_api_secret']; return base64_encode($securityManager->encrypt(json_encode($orderdict))); }
/** * Displays the registration form */ public function actionRegister() { if (!Yii::app()->user->isGuest) { $this->redirect('/'); } if ($this->isB2b()) { // Redirect to KEM login page $redirect_domain = Yii::app()->language === "fr" ? "https://kle-en-main.com" : "https://kemsolutions.com"; $this->redirect($redirect_domain . "/CloudServices/index.php/Users/default/b2bGateway"); } $model = new User('register'); // uncomment the following code to enable ajax-based validation if (isset($_POST['User'])) { $model->attributes = $_POST['User']; $original_password = $model->password; $hashed_password = CPasswordHelper::hashPassword($original_password); $model->password = $hashed_password; $randomManager = new CSecurityManager(); $randomString = $randomManager->generateRandomString(16, true); $model->verification_string = $randomString; $firstname = $model->firstname; $lastname = $model->lastname; $model->locale_id = Yii::app()->language; // Check if we received an existing email field with a user with no password $existing_user = User::model()->find("email =:email", array(":email" => $model->email)); if ($existing_user !== null && $existing_user->password === null) { // User exists AND is currently not assigned a password. Log user in and assign the received password $model = $existing_user; $model->firstname = $firstname; $model->lastname = $lastname; $model->password = $hashed_password; $model->verification_string = $randomString; } if ($model->validate() && $model->save()) { $form = new LoginForm(); $form->username = $model->email; $form->password = $original_password; $form->login(); // ping KEMConsole with the user $output = Yii::app()->curl->post("https://kle-en-main.com/CloudServices/index.php/BoukemAPI/user/updateUserData", array('customer_id' => $model->id, 'store_id' => Yii::app()->params['outbound_api_user'], 'store_key' => Yii::app()->params['outbound_api_secret'])); Yii::app()->user->setFlash('success', Yii::t("app", 'Félicitations, votre compte a été créé!')); $this->redirect(Yii::app()->user->returnUrl); } } $this->render('register', array('model' => $model)); }