Reply
 
Thread Tools Display Modes
  #1  
Old 06-18-2012, 07:00 AM
OtaiWeb Crewx Freelancer's Avatar
OtaiWeb Crewx Freelancer OtaiWeb Crewx Freelancer is offline
Junior Member
 
Join Date: Jun 2012
Posts: 7
Lightbulb HMAC-MD5 not match

Dear sir,

Kindly assist how to get and set HMAC_MD5 value. I'm stuck at this level. I'm already read all the documentation but still not understand and not successfully done it. Please kindly explain it abit detail and if can, provide some example in php. I need to generate HMAC-MD5 value for verification purpose. I'm have try some code but it not same with ecwid HMAC-MD5.

Thanks.
Reply With Quote
  #2  
Old 06-19-2012, 01:18 PM
Matt K's Avatar
Matt K Matt K is online now
Ecwid Team
 
Join Date: Oct 2011
Posts: 4,882
Default

Hello,

Could you detail the issue? Where do you need to generate MD5 value? Are you integrating a custom payment method via Authorize.Net emulation? If so, then, I think, this article could help:
https://support.authorize.net/authkb...
__________________
Matt K
Ecwid Team

Ecwid Guide for Beginners

Ecwid Help Center

Ecwid video tutorials
Reply With Quote
  #3  
Old 06-25-2012, 09:17 AM
OtaiWeb Crewx Freelancer's Avatar
OtaiWeb Crewx Freelancer OtaiWeb Crewx Freelancer is offline
Junior Member
 
Join Date: Jun 2012
Posts: 7
Default

yes i'm using custom payment method via Authorize.Net emulation. I'm alr folow that article but fail to generate HMAC-MD5 at my site.
This is the code example:
hash_hmac ("md5",$_POST['x_login'].$_POST['x_fp_sequence'].$_POST['x_fp_timestamp'].$_POST['x_amount'],"1");

i'm try to generate the same $_POST['x_fp_hash'] for validation check. Is that i miss out something?
Reply With Quote
  #4  
Old 06-25-2012, 02:31 PM
Matt K's Avatar
Matt K Matt K is online now
Ecwid Team
 
Join Date: Oct 2011
Posts: 4,882
Default

Quote:
Originally Posted by OtaiWeb Crewx Freelancer View Post
yes i'm using custom payment method via Authorize.Net emulation. I'm alr folow that article but fail to generate HMAC-MD5 at my site.
This is the code example:
hash_hmac ("md5",$_POST['x_login'].$_POST['x_fp_sequence'].$_POST['x_fp_timestamp'].$_POST['x_amount'],"1");

i'm try to generate the same $_POST['x_fp_hash'] for validation check. Is that i miss out something?
Thank you for the details.

As far as I can see, the hash input string is generated improperly in your code. Please find the instruction in this document:
http://www.authorize.net/support/SIM_guide.pdf

Please look at the page 20 of that doc. Particularly, it says:
Quote:
When generating the fingerprint, input values must be provided to the script in the field order listed above and concatenated by the “^” character. All trailing spaces must be removed from input values. If the fingerprint is generated using any other field order, authentication will fail and the transaction will be rejected.
Example
"authnettest^789^67897654^10.50^"
Please note the required trailing “^” character.

If you specify x_currency_code, then the value (for example, LVL) must be placed after the trailing caret.
Example (Fingerprint input with currency code specified)
"authnettest^789^67897654^10.50^LVL"
__________________
Matt K
Ecwid Team

Ecwid Guide for Beginners

Ecwid Help Center

Ecwid video tutorials
Reply With Quote
  #5  
Old 06-26-2012, 01:36 AM
OtaiWeb Crewx Freelancer's Avatar
OtaiWeb Crewx Freelancer OtaiWeb Crewx Freelancer is offline
Junior Member
 
Join Date: Jun 2012
Posts: 7
Default

i alr add this "^" to my code. so it become like this:
hash_hmac ("md5",$_POST['x_login']."^".$_POST['x_fp_sequence']."^".$_POST['x_fp_timestamp']."^".$_POST['x_amount'],"1");
But it still not match with value from this field (x_fp_hash). Here i put more detail about the parameter:
[x_test_request] => TRUE
[x_description] => Order #16
[x_login] => test588
[x_amount] => 2199.00
[x_currency_code] => MYR
[x_version] => 3.1
[x_line_item] => Specifications of Samsung Galax<|>SA356EL34YYNANMY<|><|>1<|>2199.00<|>N
[x_email] => ezal247@yahoo.com
[x_fp_sequence] => -800377468
[x_fp_timestamp] => 1340673436
[x_fp_hash] => bc76c1636ba56704f656f83de9596db7
[x_invoice_num] => 4415347
[x_first_name] => Hairi
[x_last_name] => Molpay
[x_address] => Street address, P.O. box, company name, c/o Apartment, suite
[x_city] => Shah Alam
[x_state] => MY-10
[x_zip] => 52200
[x_country] => Malaysia
[x_phone] => 0126177876
[x_fax] =>
[x_cust_id] => 4415347
[x_relay_response] => TRUE
[x_relay_url] => http://app.ecwid.com/authorizenet/1232198
[x_show_form] => PAYMENT_FORM
[x_method] => CC

Below is the parameter i get from ecwid checkout. How to generate same value with x_fp_hash? I alr read the arctile so many time, but still stuck. Please help
Reply With Quote
  #6  
Old 06-26-2012, 06:57 AM
Matt K's Avatar
Matt K Matt K is online now
Ecwid Team
 
Join Date: Oct 2011
Posts: 4,882
Default

Quote:
Originally Posted by OtaiWeb Crewx Freelancer View Post
i alr add this "^" to my code. so it become like this:
hash_hmac ("md5",$_POST['x_login']."^".$_POST['x_fp_sequence']."^".$_POST['x_fp_timestamp']."^".$_POST['x_amount'],"1");
But it still not match with value from this field (x_fp_hash). Here i put more detail about the parameter:
[x_test_request] => TRUE
[x_description] => Order #16
[x_login] => test588
[x_amount] => 2199.00
[x_currency_code] => MYR
[x_version] => 3.1
[x_line_item] => Specifications of Samsung Galax<|>SA356EL34YYNANMY<|><|>1<|>2199.00<|>N
[x_email] => ezal247@yahoo.com
[x_fp_sequence] => -800377468
[x_fp_timestamp] => 1340673436
[x_fp_hash] => bc76c1636ba56704f656f83de9596db7
[x_invoice_num] => 4415347
[x_first_name] => Hairi
[x_last_name] => Molpay
[x_address] => Street address, P.O. box, company name, c/o Apartment, suite
[x_city] => Shah Alam
[x_state] => MY-10
[x_zip] => 52200
[x_country] => Malaysia
[x_phone] => 0126177876
[x_fax] =>
[x_cust_id] => 4415347
[x_relay_response] => TRUE
[x_relay_url] => http://app.ecwid.com/authorizenet/1232198
[x_show_form] => PAYMENT_FORM
[x_method] => CC

Below is the parameter i get from ecwid checkout. How to generate same value with x_fp_hash? I alr read the arctile so many time, but still stuck. Please help
It seems like you haven't follow the instruction yet - you missed the the currency code. Please refer to the instruction I suggested and to my previous post:
Quote:
If you specify x_currency_code, then the value (for example, LVL) must be placed after the trailing caret.
Example (Fingerprint input with currency code specified)
"authnettest^789^67897654^10.50^LVL"
__________________
Matt K
Ecwid Team

Ecwid Guide for Beginners

Ecwid Help Center

Ecwid video tutorials
Reply With Quote
  #7  
Old 07-10-2012, 12:10 PM
OtaiWeb Crewx Freelancer's Avatar
OtaiWeb Crewx Freelancer OtaiWeb Crewx Freelancer is offline
Junior Member
 
Join Date: Jun 2012
Posts: 7
Default

Hi, could you please look into my snippet code below. i've go through with all the documentation & references, but still not able to generate correct x_fp_hash value

Array
(
[x_test_request] => 1
[x_description] => Order #19
[x_login] => test588
[x_amount] => 2199.00
[x_currency_code] => MYR
[x_version] => 3.1
[x_line_item] => Specifications of Samsung Galax<|>SA356EL34YYNANMY<|><|>1<|>2199.00<|>N
[x_email] => xxxxxx@hotmail.com
[x_fp_sequence] => -1130657597
[x_fp_timestamp] => 1341920935
[x_fp_hash] => 05bc28046bb57e1dab853f57cbc3cba9
[x_invoice_num] => 4649071
[x_first_name] => xxxxxx
[x_last_name] => xxxxxx
[x_address] => jalan multimedia
[x_city] => Shah Alam
[x_state] => MY-10
[x_zip] => 40000
[x_country] => Malaysia
[x_phone] => xxxxxx
[x_fax] =>
[x_cust_id] => 4649071
[x_relay_response] => TRUE
[x_relay_url] => http://app.ecwid.com/authorizenet/1232198
[x_show_form] => PAYMENT_FORM
[x_method] => CC
)

$our_hash = hash_hmac("md5", "test588^-1130657597^1341920935^2199.00^MYR" , "abc23@wwr");

$our_hash = "a616fe7546ee8969ded6d942cad6bfaf";



Appreciate for your prompt reply
Reply With Quote
  #8  
Old 07-12-2012, 11:44 AM
Matt K's Avatar
Matt K Matt K is online now
Ecwid Team
 
Join Date: Oct 2011
Posts: 4,882
Default

Quote:
Originally Posted by OtaiWeb Crewx Freelancer View Post
Hi, could you please look into my snippet code below. i've go through with all the documentation & references, but still not able to generate correct x_fp_hash value

Array
(
[x_test_request] => 1
[x_description] => Order #19
[x_login] => test588
[x_amount] => 2199.00
[x_currency_code] => MYR
[x_version] => 3.1
[x_line_item] => Specifications of Samsung Galax<|>SA356EL34YYNANMY<|><|>1<|>2199.00<|>N
[x_email] => xxxxxx@hotmail.com
[x_fp_sequence] => -1130657597
[x_fp_timestamp] => 1341920935
[x_fp_hash] => 05bc28046bb57e1dab853f57cbc3cba9
[x_invoice_num] => 4649071
[x_first_name] => xxxxxx
[x_last_name] => xxxxxx
[x_address] => jalan multimedia
[x_city] => Shah Alam
[x_state] => MY-10
[x_zip] => 40000
[x_country] => Malaysia
[x_phone] => xxxxxx
[x_fax] =>
[x_cust_id] => 4649071
[x_relay_response] => TRUE
[x_relay_url] => http://app.ecwid.com/authorizenet/1232198
[x_show_form] => PAYMENT_FORM
[x_method] => CC
)

$our_hash = hash_hmac("md5", "test588^-1130657597^1341920935^2199.00^MYR" , "abc23@wwr");

$our_hash = "a616fe7546ee8969ded6d942cad6bfaf";



Appreciate for your prompt reply
Hi,

As far as I can see, the cryptographic key you used in HMAC calculation ('abc23@wwr') is wrong. Your transaction key should be used there, but it seems that you used the MD5 hash value instead. Please change it and let me know if it solves the problem.

NOTE: you can find your transaction key in the payment account details in your control panel (System settings -> Payment -> Payment methods -> Your payment's account details).
__________________
Matt K
Ecwid Team

Ecwid Guide for Beginners

Ecwid Help Center

Ecwid video tutorials
Reply With Quote
The Following User Says Thank You to Matt K For This Useful Post:
  #9  
Old 07-13-2012, 12:19 PM
OtaiWeb Crewx Freelancer's Avatar
OtaiWeb Crewx Freelancer OtaiWeb Crewx Freelancer is offline
Junior Member
 
Join Date: Jun 2012
Posts: 7
Default

Hi,

Thanks for your advice. it works like a charm. But I still have another problem to ask

Since i'm emulating Authorize.Net to do a testing with my gateway, after payment has been done, when return back to ECWID, it shows "MD5 Signature does not match".

Suspect that it relate with x_MD5_Hash. What should i put for this parameter this parameter in order to solve this problem ? Kindly advice..
Reply With Quote
  #10  
Old 07-13-2012, 12:34 PM
Matt K's Avatar
Matt K Matt K is online now
Ecwid Team
 
Join Date: Oct 2011
Posts: 4,882
Default

Quote:
Originally Posted by OtaiWeb Crewx Freelancer View Post
Hi,

Thanks for your advice. it works like a charm. But I still have another problem to ask

Since i'm emulating Authorize.Net to do a testing with my gateway, after payment has been done, when return back to ECWID, it shows "MD5 Signature does not match".

Suspect that it relate with x_MD5_Hash. What should i put for this parameter this parameter in order to solve this problem ? Kindly advice..
That indeed refers to the x_MD5_Hash response field. Please refer to the Authorize.Net documentation for the instructions on how to set that field properly:
https://support.authorize.net/authkb...
http://developer.authorize.net/guide...
http://www.authorize.net/support/SIM_guide.pdf
__________________
Matt K
Ecwid Team

Ecwid Guide for Beginners

Ecwid Help Center

Ecwid video tutorials
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 07:09 PM.
Powered by vBulletin® Version 3.8.6. Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.