updates

2025-12-01 06:50:10 +02:00
parent 91f51bc6fe
commit 62c1fe5951
4682 changed files with 544807 additions and 31208 deletions
--- a/Backend/src/payments/services/pycache/borica_service.cpython-312.pyc
+++ b/Backend/src/payments/services/pycache/borica_service.cpython-312.pyc
--- a/Backend/src/payments/services/borica_service.py
+++ b/Backend/src/payments/services/borica_service.py
@@ -174,10 +174,13 @@ class BoricaService:
                        backend=default_backend()
                    )
                
+                # NOTE: SHA1 is required by Borica payment gateway protocol
+                # This is a known security trade-off required for payment gateway compatibility
+                # Monitor for Borica protocol updates that support stronger algorithms
                signature = private_key.sign(
                    data.encode('utf-8'),
                    padding.PKCS1v15(),
-                    hashes.SHA1()
+                    hashes.SHA1()  # nosec B303 # Required by Borica protocol - acceptable risk
                )
                return base64.b64encode(signature).decode('utf-8')
            except Exception as e:
@@ -228,11 +231,13 @@ class BoricaService:
                    public_key = cert.public_key()
                    signature_bytes = base64.b64decode(signature)
                    
+                    # NOTE: SHA1 is required by Borica payment gateway protocol
+                    # This is a known security trade-off required for payment gateway compatibility
                    public_key.verify(
                        signature_bytes,
                        signature_data.encode('utf-8'),
                        padding.PKCS1v15(),
-                        hashes.SHA1()
+                        hashes.SHA1()  # nosec B303 # Required by Borica protocol - acceptable risk
                    )
                    return True
                except Exception as e: