paiementcic/lib/paiement_cic.rb

require 'digest/sha1'
require 'openssl'

class String

  def ^(other)
    raise ArgumentError, "Can't bitwise-XOR a String with a non-String" \
      unless other.kind_of? String
    raise ArgumentError, "Can't bitwise-XOR strings of different length" \
      unless self.length == other.length
    result = (0..self.length-1).collect { |i| self[i].ord ^ other[i].ord }
    result.pack("C*")
  end
end

class PaiementCic
  autoload :FormHelper, "paiement_cic/form_helper"

  @@version = "3.0" # clé extraite grâce à extract2HmacSha1.html fourni par le Crédit Mutuel
  cattr_accessor :version

  @@hmac_key = "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ" # clé extraite grâce à extract2HmacSha1.html fourni par le Crédit Mutuel
  cattr_accessor :hmac_key

  @@target_url = "https://paiement.creditmutuel.fr/test/paiement.cgi" # "https://ssl.paiement.cic-banques.fr/paiement.cgi"
  cattr_accessor :target_url

  @@tpe = "123456"
  cattr_accessor :tpe

  @@societe = "masociete"
  cattr_accessor :societe

  @@url_ok = ""
  cattr_accessor :url_ok

  def self.date_format
    "%d/%m/%Y:%H:%M:%S"
  end

  def self.config(amount_in_cents, reference)
    oa = ActiveSupport::OrderedHash.new
    oa["version"]     = "3.0"
    oa["TPE"]         = tpe
    oa["date"]        = Time.now.strftime(date_format)
    oa["montant"]     =  ("%.2f" % amount_in_cents) + "EUR"
    oa["reference"]   = reference
    oa["texte-libre"] = ""
    oa["lgue"]      = "FR"
    oa["societe"]     = societe
    oa["mail"]        = ""
    oa
  end

  def self.mac_string params
    hmac_key = PaiementCic.new
    mac_string = [hmac_key.tpe, params["date"], params['montant'], params['reference'], params['texte-libre'], hmac_key.version, params['code-retour'], params['cvx'], params['vld'], params['brand'], params['status3ds'], params['numauto'], params['motifrefus'], params['originecb'], params['bincb'], params['hpancb'], params['ipclient'], params['originetr'], params['veres'], params['pares']].join('*') + "*"
  end

  def self.verify_hmac params
    hmac_key = PaiementCic.new
    mac_string = [hmac_key.tpe, params["date"], params['montant'], params['reference'], params['texte-libre'], hmac_key.version, params['code-retour'], params['cvx'], params['vld'], params['brand'], params['status3ds'], params['numauto'], params['motifrefus'], params['originecb'], params['bincb'], params['hpancb'], params['ipclient'], params['originetr'], params['veres'], params['pares']].join('*') + "*"

    hmac_key.valid_hmac?(mac_string, params['MAC'])
  end

  # Check if the HMAC matches the HMAC of the data string
  def valid_hmac?(mac_string, sent_mac)
    computeHMACSHA1(mac_string) == sent_mac.downcase
  end

  # Return the HMAC for a data string
  def computeHMACSHA1(data)
    hmac_sha1(usable_key(self), data).downcase
  end

  def hmac_sha1(key, data)
    length = 64

    if (key.length > length)
      key = [Digest::SHA1.hexdigest(key)].pack("H*")
    end

    key  = key.ljust(length, 0.chr)
    ipad = ''.ljust(length, 54.chr)
    opad = ''.ljust(length, 92.chr)

    k_ipad = key ^ ipad
    k_opad = key ^ opad

    #Digest::SHA1.hexdigest(k_opad + [Digest::SHA1.hexdigest(k_ipad + sData)].pack("H*"))
    OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new("sha1"), key, data)
  end

  private
  # Return the key to be used in the hmac function
  def usable_key(payement)

    hex_string_key  = payement.hmac_key[0..37]
    hex_final   = payement.hmac_key[38..40] + "00";

    cca0 = hex_final[0].ord

    if cca0 > 70 && cca0 < 97
      hex_string_key += (cca0 - 23).chr + hex_final[1..2]
    elsif hex_final[1..2] == "M"
      hex_string_key += hex_final[0..1] + "0"
    else
      hex_string_key += hex_final[0..2]
    end

    [hex_string_key].pack("H*")
  end
end