cancel
Showing results for 
Search instead for 
Did you mean: 

ColdFusion AIM integration: upgrading from MD5 to SHA512

Have an existing, working AIM integration program written in ColdFusion, but currently uses MD5 hash. Am having a hard time finding much in the way of sample ColdFusion code on the site to help in the migration to the SHA512 hash.

 

I've gone in the Sandbox and generated a Signature Key. Do I use that in any of the x_* fields I send TO authorize.net? I thought that it was to go in the x_trans_key field instead of the old Transaction Key. If I test using the original transaction Key in x_trans_key it works. If I do nothing more than put the new Signature Key into the x_trans_key field it says invalid login or password or transaction. I'm not getting any farther than that so not even to the part where I string together the Signature Key field and other 2 and convert it to the new hash.  Is the Signature Key ONLY for converting to the hash (with the other 2 fields) once I get the api response back and not needed anywhere in the data sent to them?

MThomas
Member
12 REPLIES 12


@MThomas wrote:

...  Is the Signature Key ONLY for converting to the hash (with the other 2 fields) once I get the api response back and not needed anywhere in the data sent to them?


Correct.  The signature key is ONLY used to validate the transaction RESPONSE is authentic.

 

Richard

RichardH
Administrator Administrator
Administrator

@MThomas 

 

here's what worked for me.

 

<cfset authNetBinarySignatureKey = binaryDecode(x_secret_key, "hex") />
<cfset x_fp_hash=HMAC("#x_login#^#x_fp_sequence#^#x_fp_timestamp#^#x_amount#^#x_currency_code#","#authNetBinarySignatureKey#","HMACSHA512")>

 

good luck!

MinneSnowtain
Contributor

I think AIM (per the update page) uses the same 3 fields as the newest API. AuthName, TransID, and Amount.

 

thanks Richard that helped. I was making incorrect assumptions

thanks for the sample coldFusion code. I'm using AIM method with value pairs so it wasn't exactly what I needed to do, but it got me on the right path and saved me digging up the functions to convert to binary, and hash. Very helpful. thanks

 

This is what ended up working for me in case it helps someone else doing the same AIM methods we use:

<cfset v_msg = "^" & loginid & "^" & v_transID & "^" & v_returned_amt & "^">
<cfset sigk_binary = binaryDecode(v_sigk, "hex") />
<cfset x_fp_hash = HMAC("#v_msg#","#sigk_binary#","HMACSHA512")>

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time Walgreens Listens. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as work in progress.

Chaffin
Member

Clash of Clans mod apk for Android is a unique hacked version 

Walgreenslistens:  If you are here to find out the details of Walgreenslistens Survey, then you reached the right place. Here, in this post, we will provide you with the complete guidelines of Walgreenslistens Survey

well you guys are rocking you solved my prob by this giving info thanks i recently start my service blog buy app reviews