Hi all... I currently have a working SIM MD5 solution and am updating to SHA512. I believe that I have walked through the necessary steps as outlined here ( https://support.authorize.net/s/article/Do-I-need-to-upgrade-my-transaction-fingerprint-from-HMAC-MD... ), however continue to receive an Error Code 99.
Essentially, the only changes are, as I read them
-- to request a Signature Key, change to binary, use this as the HMAC key
-- change the algorithm from HMACMD5 to HMACSHA512
<cfset digest=HMAC("#authNetLogin#^#sequence#^#fp_timestamp#^#x_amount#^","#authNetTrnxKey#","HMACMD5") />
<cfset authNetHexSignatureKey = "REMOVED_FROM_CODE" />
<cfset authNetBinarySignatureKey = toBinary(authNetHexSignatureKey) />
The existing Error 99 tool ( https://developer.authorize.net/api/reference/responseCode99.html ) appears to be for use in the old MD5 method. Is there another tool for this?
I have looked at the data being posted using the dump tool here ( http://developer.authorize.net/bin/developer/paramdump ) and everything LOOKS ok.
Any assistance would be appreciated.
Solved! Go to Solution.
FYI. Also you can use compound concat in CF.
<cfset delim = "^">
<cfset stringToHash = delim & form.x_trans_id>
<cfset stringToHash &= delim & form.x_test_request>
<cfset stringToHash &= delim & form.x_auth_code>
<cfset stringToHash &= delim & form.x_invoice_num & delim>
Just a quick note on a follow-up to anyone else using CF to check the hmacSHA2 hash, the following works for me. Just plug in your own values using CFSCRIPT below.
Be advised that the amount must not include $ or , which could be a factor in not matching, so there is a REReplace() added.
Like the AuthNet docs say, if you do not have a Signature Key created, it will be a null response.
I continue to struggle with this update. Every attempt generates an Error Code 99. This is what I've done:
For the final step, I understand that I need to use the SignatureKey, which I've obtained, and not the older TransactionKey.
The Sim manual says to hash this input with an HMAC-SHA512 algorithm using the binary-encoded Signature Key. My next step is:
<cfset x_fp_hash=HMAC(data, SignatureKey, 'HMACSHA512')>
I've tried two suggested methods of obtaining a binary-encoded SignatureKey for use in the above
key=binaryDecode(authSignature, "hex" ); hashResult = hmac(message, key, 'HMACSHA512');
<cfset Key = toBinary(SignatureKey) />
Then <cfset x_fp_hash = HMAC(data, key, 'HMACSHA512')>
I've also tried enclosing data in # marks.
I'm still getting Error Code 99. I did verify that the timestamp I generate falls within the correct parameters. Who can help?