ꦫꦣꦺꦤ꧀ꦄꦤ꧀ꦠꦱꦺꦤ

PATH: home / lab2454c / sothebry.softkinesis.com / backups / core / vendor / razorpay / razorpay / src

<?php

namespace Razorpay\Api;

class Utility
{
    const SHA256 = 'sha256';

public function verifyPaymentSignature($attributes)
    {
        $actualSignature = $attributes['razorpay_signature'];

$paymentId = $attributes['razorpay_payment_id'];

if (isset($attributes['razorpay_order_id']) === true)
        {
            $orderId = $attributes['razorpay_order_id'];

$payload = $orderId . '|' . $paymentId;
        }
        else if (isset($attributes['razorpay_subscription_id']) === true)
        {
            $subscriptionId = $attributes['razorpay_subscription_id'];

$payload = $paymentId . '|' . $subscriptionId;
        }
        else
        {
            throw new Errors\SignatureVerificationError(
                'Either razorpay_order_id or razorpay_subscription_id must be present.');
        }

$secret = Api::getSecret();

self::verifySignature($payload, $actualSignature, $secret);
    }

public function verifyWebhookSignature($payload, $actualSignature, $secret)
    {
        self::verifySignature($payload, $actualSignature, $secret);
    }

public function verifySignature($payload, $actualSignature, $secret)
    {
        $expectedSignature = hash_hmac(self::SHA256, $payload, $secret);

// Use lang's built-in hash_equals if exists to mitigate timing attacks
        if (function_exists('hash_equals'))
        {
            $verified = hash_equals($expectedSignature, $actualSignature);
        }
        else
        {
            $verified = $this->hashEquals($expectedSignature, $actualSignature);
        }

if ($verified === false)
        {
            throw new Errors\SignatureVerificationError(
                'Invalid signature passed');
        }
    }

private function hashEquals($expectedSignature, $actualSignature)
    {
        if (strlen($expectedSignature) === strlen($actualSignature))
        {
            $res = $expectedSignature ^ $actualSignature;
            $return = 0;

for ($i = strlen($res) - 1; $i >= 0; $i--)
            {
                $return |= ord($res[$i]);
            }

return ($return === 0);
        }

return false;
    }
}

[-] VirtualAccount.php [edit]
[-] ArrayableInterface.php [edit]
[+] ..
[-] Settlement.php [edit]
[-] Resource.php [edit]
[-] Request.php [edit]
[-] Api.php [edit]
[-] Plan.php [edit]
[-] Refund.php [edit]
[-] Card.php [edit]
[-] Order.php [edit]
[-] Subscription.php [edit]
[-] Token.php [edit]
[-] Customer.php [edit]
[-] PaymentPage.php [edit]
[-] Utility.php [edit]
[+] Errors
[-] Transfer.php [edit]
[-] Addon.php [edit]
[-] Payment.php [edit]
[-] Invoice.php [edit]
[-] Webhook.php [edit]
[-] Collection.php [edit]
[-] Entity.php [edit]