06-18-2012, 07:00 AM
|
 |
Junior Member
|
|
Join Date: Jun 2012
Posts: 7
|
|
HMAC-MD5 not match
Dear sir,
Kindly assist how to get and set HMAC_MD5 value. I'm stuck at this level. I'm already read all the documentation but still not understand and not successfully done it. Please kindly explain it abit detail and if can, provide some example in php. I need to generate HMAC-MD5 value for verification purpose. I'm have try some code but it not same with ecwid HMAC-MD5.
Thanks.
|
06-19-2012, 01:18 PM
|
 |
Ecwid Team
|
|
Join Date: Oct 2011
Posts: 3,115
|
|
Hello,
Could you detail the issue? Where do you need to generate MD5 value? Are you integrating a custom payment method via Authorize.Net emulation? If so, then, I think, this article could help:
https://support.authorize.net/authkb...
|
06-25-2012, 09:17 AM
|
|
Junior Member
|
|
Join Date: Jun 2012
Posts: 7
|
|
yes i'm using custom payment method via Authorize.Net emulation. I'm alr folow that article but fail to generate HMAC-MD5 at my site.
This is the code example:
hash_hmac ("md5",$_POST['x_login'].$_POST['x_fp_sequence'].$_POST['x_fp_timestamp'].$_POST['x_amount'],"1");
i'm try to generate the same $_POST['x_fp_hash'] for validation check. Is that i miss out something?
|
06-25-2012, 02:31 PM
|
|
Ecwid Team
|
|
Join Date: Oct 2011
Posts: 3,115
|
|
Quote:
Originally Posted by OtaiWeb Crewx Freelancer
yes i'm using custom payment method via Authorize.Net emulation. I'm alr folow that article but fail to generate HMAC-MD5 at my site.
This is the code example:
hash_hmac ("md5",$_POST['x_login'].$_POST['x_fp_sequence'].$_POST['x_fp_timestamp'].$_POST['x_amount'],"1");
i'm try to generate the same $_POST['x_fp_hash'] for validation check. Is that i miss out something?
|
Thank you for the details.
As far as I can see, the hash input string is generated improperly in your code. Please find the instruction in this document:
http://www.authorize.net/support/SIM_guide.pdf
Please look at the page 20 of that doc. Particularly, it says:
Quote:
When generating the fingerprint, input values must be provided to the script in the field order listed above and concatenated by the “^” character. All trailing spaces must be removed from input values. If the fingerprint is generated using any other field order, authentication will fail and the transaction will be rejected.
Example
"authnettest^789^67897654^10.50^"
Please note the required trailing “^” character.
If you specify x_currency_code, then the value (for example, LVL) must be placed after the trailing caret.
Example (Fingerprint input with currency code specified)
"authnettest^789^67897654^10.50^LVL"
|
|
06-26-2012, 01:36 AM
|
|
Junior Member
|
|
Join Date: Jun 2012
Posts: 7
|
|
i alr add this "^" to my code. so it become like this:
hash_hmac ("md5",$_POST['x_login']."^".$_POST['x_fp_sequence']."^".$_POST['x_fp_timestamp']."^".$_POST['x_amount'],"1");
But it still not match with value from this field (x_fp_hash). Here i put more detail about the parameter:
[x_test_request] => TRUE
[x_description] => Order #16
[x_login] => test588
[x_amount] => 2199.00
[x_currency_code] => MYR
[x_version] => 3.1
[x_line_item] => Specifications of Samsung Galax<|>SA356EL34YYNANMY<|><|>1<|>2199.00<|>N
[x_email] => ezal247@yahoo.com
[x_fp_sequence] => -800377468
[x_fp_timestamp] => 1340673436
[x_fp_hash] => bc76c1636ba56704f656f83de9596db7
[x_invoice_num] => 4415347
[x_first_name] => Hairi
[x_last_name] => Molpay
[x_address] => Street address, P.O. box, company name, c/o Apartment, suite
[x_city] => Shah Alam
[x_state] => MY-10
[x_zip] => 52200
[x_country] => Malaysia
[x_phone] => 0126177876
[x_fax] =>
[x_cust_id] => 4415347
[x_relay_response] => TRUE
[x_relay_url] => http://app.ecwid.com/authorizenet/1232198
[x_show_form] => PAYMENT_FORM
[x_method] => CC
Below is the parameter i get from ecwid checkout. How to generate same value with x_fp_hash? I alr read the arctile so many time, but still stuck. Please help 
|
06-26-2012, 06:57 AM
|
|
Ecwid Team
|
|
Join Date: Oct 2011
Posts: 3,115
|
|
Quote:
Originally Posted by OtaiWeb Crewx Freelancer
i alr add this "^" to my code. so it become like this:
hash_hmac ("md5",$_POST['x_login']."^".$_POST['x_fp_sequence']."^".$_POST['x_fp_timestamp']."^".$_POST['x_amount'],"1");
But it still not match with value from this field (x_fp_hash). Here i put more detail about the parameter:
[x_test_request] => TRUE
[x_description] => Order #16
[x_login] => test588
[x_amount] => 2199.00
[x_currency_code] => MYR
[x_version] => 3.1
[x_line_item] => Specifications of Samsung Galax<|>SA356EL34YYNANMY<|><|>1<|>2199.00<|>N
[x_email] => ezal247@yahoo.com
[x_fp_sequence] => -800377468
[x_fp_timestamp] => 1340673436
[x_fp_hash] => bc76c1636ba56704f656f83de9596db7
[x_invoice_num] => 4415347
[x_first_name] => Hairi
[x_last_name] => Molpay
[x_address] => Street address, P.O. box, company name, c/o Apartment, suite
[x_city] => Shah Alam
[x_state] => MY-10
[x_zip] => 52200
[x_country] => Malaysia
[x_phone] => 0126177876
[x_fax] =>
[x_cust_id] => 4415347
[x_relay_response] => TRUE
[x_relay_url] => http://app.ecwid.com/authorizenet/1232198
[x_show_form] => PAYMENT_FORM
[x_method] => CC
Below is the parameter i get from ecwid checkout. How to generate same value with x_fp_hash? I alr read the arctile so many time, but still stuck. Please help |
It seems like you haven't follow the instruction yet - you missed the the currency code. Please refer to the instruction I suggested and to my previous post:
Quote:
If you specify x_currency_code, then the value (for example, LVL) must be placed after the trailing caret.
Example (Fingerprint input with currency code specified)
"authnettest^789^67897654^10.50^LVL"
|
|
07-10-2012, 12:10 PM
|
|
Junior Member
|
|
Join Date: Jun 2012
Posts: 7
|
|
Hi, could you please look into my snippet code below. i've go through with all the documentation & references, but still not able to generate correct x_fp_hash value
Array
(
[x_test_request] => 1
[x_description] => Order #19
[x_login] => test588
[x_amount] => 2199.00
[x_currency_code] => MYR
[x_version] => 3.1
[x_line_item] => Specifications of Samsung Galax<|>SA356EL34YYNANMY<|><|>1<|>2199.00<|>N
[x_email] => xxxxxx@hotmail.com
[x_fp_sequence] => -1130657597
[x_fp_timestamp] => 1341920935
[x_fp_hash] => 05bc28046bb57e1dab853f57cbc3cba9
[x_invoice_num] => 4649071
[x_first_name] => xxxxxx
[x_last_name] => xxxxxx
[x_address] => jalan multimedia
[x_city] => Shah Alam
[x_state] => MY-10
[x_zip] => 40000
[x_country] => Malaysia
[x_phone] => xxxxxx
[x_fax] =>
[x_cust_id] => 4649071
[x_relay_response] => TRUE
[x_relay_url] => http://app.ecwid.com/authorizenet/1232198
[x_show_form] => PAYMENT_FORM
[x_method] => CC
)
$our_hash = hash_hmac("md5", "test588^-1130657597^1341920935^2199.00^MYR" , "abc23@wwr");
$our_hash = " a616fe7546ee8969ded6d942cad6bfaf";
Appreciate for your prompt reply
|
07-12-2012, 11:44 AM
|
|
Ecwid Team
|
|
Join Date: Oct 2011
Posts: 3,115
|
|
Quote:
Originally Posted by OtaiWeb Crewx Freelancer
Hi, could you please look into my snippet code below. i've go through with all the documentation & references, but still not able to generate correct x_fp_hash value
Array
(
[x_test_request] => 1
[x_description] => Order #19
[x_login] => test588
[x_amount] => 2199.00
[x_currency_code] => MYR
[x_version] => 3.1
[x_line_item] => Specifications of Samsung Galax<|>SA356EL34YYNANMY<|><|>1<|>2199.00<|>N
[x_email] => xxxxxx@hotmail.com
[x_fp_sequence] => -1130657597
[x_fp_timestamp] => 1341920935
[x_fp_hash] => 05bc28046bb57e1dab853f57cbc3cba9
[x_invoice_num] => 4649071
[x_first_name] => xxxxxx
[x_last_name] => xxxxxx
[x_address] => jalan multimedia
[x_city] => Shah Alam
[x_state] => MY-10
[x_zip] => 40000
[x_country] => Malaysia
[x_phone] => xxxxxx
[x_fax] =>
[x_cust_id] => 4649071
[x_relay_response] => TRUE
[x_relay_url] => http://app.ecwid.com/authorizenet/1232198
[x_show_form] => PAYMENT_FORM
[x_method] => CC
)
$our_hash = hash_hmac("md5", "test588^-1130657597^1341920935^2199.00^MYR" , "abc23@wwr");
$our_hash = " a616fe7546ee8969ded6d942cad6bfaf";
Appreciate for your prompt reply |
Hi,
As far as I can see, the cryptographic key you used in HMAC calculation ('abc23@wwr') is wrong. Your transaction key should be used there, but it seems that you used the MD5 hash value instead. Please change it and let me know if it solves the problem.
NOTE: you can find your transaction key in the payment account details in your control panel (System settings -> Payment -> Payment methods -> Your payment's account details).
|
|
The Following User Says Thank You to Makfruit For This Useful Post:
|
|
07-13-2012, 12:19 PM
|
|
Junior Member
|
|
Join Date: Jun 2012
Posts: 7
|
|
Hi,
Thanks for your advice. it works like a charm. But I still have another problem to ask
Since i'm emulating Authorize.Net to do a testing with my gateway, after payment has been done, when return back to ECWID, it shows " MD5 Signature does not match".
Suspect that it relate with x_MD5_Hash. What should i put for this parameter this parameter in order to solve this problem ? Kindly advice..
|
07-13-2012, 12:34 PM
|
|
Ecwid Team
|
|
Join Date: Oct 2011
Posts: 3,115
|
|
Quote:
Originally Posted by OtaiWeb Crewx Freelancer
Hi,
Thanks for your advice. it works like a charm. But I still have another problem to ask
Since i'm emulating Authorize.Net to do a testing with my gateway, after payment has been done, when return back to ECWID, it shows " MD5 Signature does not match".
Suspect that it relate with x_MD5_Hash. What should i put for this parameter this parameter in order to solve this problem ? Kindly advice.. |
That indeed refers to the x_MD5_Hash response field. Please refer to the Authorize.Net documentation for the instructions on how to set that field properly:
https://support.authorize.net/authkb...
http://developer.authorize.net/guide...
http://www.authorize.net/support/SIM_guide.pdf
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 01:01 PM.
Powered by vBulletin® Version 3.8.6. Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
|
