/** * Sign this request message * . * @param string $privateKeyFile * @param string $privateKeyPassword */ public function sign($privateKeyFile, $privateKeyPassword) { $values = $this->getSignValues(); $message = implode('', $values); $sign = Pronamic_WP_Pay_Gateways_IDealAdvanced_Security::signMessage($privateKeyFile, $privateKeyPassword, $message); $this->merchant->tokenCode = base64_encode($sign); }
public function field_private_certificate($field) { $certificate = get_post_meta(get_the_ID(), '_pronamic_gateway_ideal_private_certificate', true); if (!empty($certificate)) { $fingerprint = Pronamic_WP_Pay_Gateways_IDealAdvanced_Security::getShaFingerprint($certificate); $fingerprint = str_split($fingerprint, 2); $fingerprint = implode(':', $fingerprint); echo '<dl>'; echo '<dt>', esc_html__('SHA Fingerprint', 'pronamic_ideal'), '</dt>'; echo '<dd>', esc_html($fingerprint), '</dd>'; $info = openssl_x509_parse($certificate); if ($info) { $date_format = __('M j, Y @ G:i', 'pronamic_ideal'); if (isset($info['validFrom_time_t'])) { echo '<dt>', esc_html__('Valid From', 'pronamic_ideal'), '</dt>'; echo '<dd>', esc_html(date_i18n($date_format, $info['validFrom_time_t'])), '</dd>'; } if (isset($info['validTo_time_t'])) { echo '<dt>', esc_html__('Valid To', 'pronamic_ideal'), '</dt>'; echo '<dd>', esc_html(date_i18n($date_format, $info['validTo_time_t'])), '</dd>'; } } echo '</dl>'; } echo '<div>'; submit_button(__('Download Private Certificate', 'pronamic_ideal'), 'secondary', 'download_private_certificate', false); echo ' '; echo '<input type="file" name="_pronamic_gateway_ideal_private_certificate_file" />'; echo '</div>'; }
/** * Sign the specified DOMDocument * * @see https://github.com/Maks3w/xmlseclibs/blob/v1.3.0/tests/xml-sign.phpt * * @param DOMDocument $document * @return DOMDocument */ private function sign_document(DOMDocument $document) { $result = false; try { $dsig = new XMLSecurityDSig(); // For canonicalization purposes the exclusive (9) algorithm must be used. // @see http://pronamic.nl/wp-content/uploads/2012/12/iDEAL-Merchant-Integration-Guide-ENG-v3.3.1.pdf #page 30 $dsig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); // For hashing purposes the SHA-256 (11) algorithm must be used. // @see http://pronamic.nl/wp-content/uploads/2012/12/iDEAL-Merchant-Integration-Guide-ENG-v3.3.1.pdf #page 30 $dsig->addReference($document, XMLSecurityDSig::SHA256, array('http://www.w3.org/2000/09/xmldsig#enveloped-signature'), array('force_uri' => true)); // For signature purposes the RSAWithSHA 256 (12) algorithm must be used. // @see http://pronamic.nl/wp-content/uploads/2012/12/iDEAL-Merchant-Integration-Guide-ENG-v3.3.1.pdf #page 31 $key = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, array('type' => 'private')); $key->passphrase = $this->private_key_password; $key->loadKey($this->private_key); // Test if we can get an private key object, to prefent the following errors: // Warning: openssl_sign() [function.openssl-sign]: supplied key param cannot be coerced into a private key $result = openssl_get_privatekey($this->private_key, $this->private_key_password); if (false !== $result) { // Sign $dsig->sign($key); // The public key must be referenced using a fingerprint of an X.509 // certificate. The fingerprint must be calculated according // to the following formula HEX(SHA-1(DER certificate)) (13) // @see http://pronamic.nl/wp-content/uploads/2012/12/iDEAL-Merchant-Integration-Guide-ENG-v3.3.1.pdf #page 31 $fingerprint = Pronamic_WP_Pay_Gateways_IDealAdvanced_Security::getShaFingerprint($this->private_certificate); $dsig->addKeyInfoAndName($fingerprint); // Add the signature $dsig->appendSignature($document->documentElement); $result = $document; } else { throw new Exception('Can not load private key'); } } catch (Exception $e) { $this->error = new WP_Error('xml_security', $e->getMessage(), $e); } return $result; }
public function get_status($transaction_id) { $message = new Pronamic_WP_Pay_Gateways_IDealAdvanced_XML_StatusRequestMessage(); $merchant = $message->getMerchant(); $merchant->id = $this->merchant_id; $merchant->subId = $this->sub_id; $merchant->authentication = self::AUTHENTICATION_SHA1_RSA; $merchant->returnUrl = home_url('/'); $merchant->token = Pronamic_WP_Pay_Gateways_IDealAdvanced_Security::getShaFingerprint($this->privateCertificate); $message->transaction = new Pronamic_WP_Pay_Gateways_IDealAdvanced_Transaction(); $message->transaction->setId($transaction_id); return $this->send_message($this->status_request_url, $message); }