cancel
Showing results for 
Search instead for 
Did you mean: 

ASP.net DPM Validate Issue

So, I followed the instructions on 15 Minute Quick Start Guide and was able to successfully post to my Authorize.net  sandbox account. However, whenever I try to handle Authorize.net's response using:

SIMResponse authNetResponse = new SIMResponse(form);

bool valid = authNetResponse.Validate(authNetMd5, apiLoginId);

 

valid always returns false. 

 

At first I was passing an empty string for authNetMd5 since it was not set in the Merchant profile. But then I created a new MD5, and set it in the merchant profile and passed it into the Validate function using the authNetMd5 variable. Still no luck.

 

Despite the fact that it always returns false, the rest of the values in the SIMResponse look okay.

The only thing is that the authNetResponse.MD5Hash property does not match the x_fp_hash value that is generated by the DPMFormGenerator.OpenForm helper, or the MD5 value I set in the merchant profile.

wingra2005
Member
1 ACCEPTED SOLUTION

Accepted Solutions

s there a maximum length to the MD5 hash in the admin profile?

Since it said md5, I assumed it wanted an actual md5.

 

I remember reading somewhere on the forum that it max out on somthing like 32 chars might be less.

View solution in original post

6 REPLIES 6

Another tidbit...

I just went through the code on GitHub and found the Crypto.IsMatch function and tested it with known values. The hash value never matches what Authorize.net returns with the transaction.

 

https://raw.githubusercontent.com/AuthorizeNet/sdk-dotnet/master/Authorize.NET/Utility/Crypto.cs

 

I don't know if the number being generated on the Authorize.net side is wrong, or the Crypto.IsMatch function is not building the unencrypted string correctly???

wingra2005
Member

The only thing is that the authNetResponse.MD5Hash property does not match the x_fp_hash value that is generated by the DPMFormGenerator.OpenForm helper, or the MD5 value I set in the merchant profile.

they are the the same, the x_fp_hash is for authorize.net to know if it is truly from you.

authNetResponse.MD5Hash is for you to test if it is truly from authorize.net

 

 

Here the doc

http://developer.authorize.net/guides/SIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=SIM_Trans_response....

did you have space? the amount should be 2 decimal.

As mentioned in the second post, IsMatch keeps returning false. It concatenates the MD5 hash from the merchant profile, the user id, transaction id (not to be confused with the transaction key), and order value (with two decimal places) and computes a MD5 hash that is supposed to match the MD5Hash returned in the SIMResponse. The problem is that it never does.

Is there a maximum length to the MD5 hash in the admin profile? Since it said md5, I assumed it wanted an actual md5. But I see the value in the link you provided is much shorter and is just a plain string.

s there a maximum length to the MD5 hash in the admin profile?

Since it said md5, I assumed it wanted an actual md5.

 

I remember reading somewhere on the forum that it max out on somthing like 32 chars might be less.

I took it from an actual MD5 down to a random 10 character string and it started working properly. That was a slight waste of time. Seriously, why would you call something MD5-Hash and then not utilize a string long enough to hold an actual MD5 hash?

I think that part of the input, the output is the MD5 hash.