Showing results for 
Search instead for 
Did you mean: 

Coldfusion SIM HMAC-SHA512 Update

Hi all... I currently have a working SIM MD5 solution and am updating to SHA512.  I believe that I have walked through the necessary steps as outlined here ( ), however continue to receive an Error Code 99.


Essentially, the only changes are, as I read them
 -- to request a Signature Key, change to binary, use this as the HMAC key
 -- change the algorithm from HMACMD5 to HMACSHA512


MD5 Solution:
<cfset digest=HMAC("#authNetLogin#^#sequence#^#fp_timestamp#^#x_amount#^","#authNetTrnxKey#","HMACMD5") />

<cfset authNetHexSignatureKey = "REMOVED_FROM_CODE" />
<cfset authNetBinarySignatureKey = toBinary(authNetHexSignatureKey) />
<cfset digest=HMAC("#authNetLogin#^#sequence#^#fp_timestamp#^#x_amount#^","#authNetBinarySignatureKey#","HMACSHA512")>


The existing Error 99 tool ( ) appears to be for use in the old MD5 method.  Is there another tool for this?


I have looked at the data being posted using the dump tool here ( ) and everything LOOKS ok.


Any assistance would be appreciated.



FYI. Also you can use compound concat in CF.



<cfset delim = "^">
<cfset stringToHash = delim & form.x_trans_id>
<cfset stringToHash &= delim & form.x_test_request>
<cfset stringToHash &= delim & form.x_auth_code>

<cfset stringToHash &= delim & form.x_invoice_num & delim>


Just a quick note on a follow-up to anyone else using CF to check the hmacSHA2 hash, the following works for me.  Just plug in your own values using CFSCRIPT below.


Be advised that the amount must not include $ or , which could be a factor in not matching, so there is a REReplace() added.


Like the AuthNet docs say, if you do not have a Signature Key created, it will be a null response.


data = deserializeJSON(AuthNetResponse) // this value assigned from CFHTTP response
amount = REReplace(TOTAL, "\$|,", "", "ALL")
transResp = data.transactionResponse;
hmacVal = "^#authNetAPI.LoginId#^#transResp.transId#^#amount#^"
hmacKey = binaryDecode(authNetAPI.SigKey, "hex");
transHash512 = hmac(hmacVal, hmacKey, "HMACSHA512", "iso-8859-1")
signatureMatch = false
if (transResp.transHashSha2 eq transHash512) {
signatureMatch = true

I continue to struggle with this update.  Every attempt generates an Error Code 99. This is what I've done:


<cfset data="#loginID#^#x_fp_sequence#^#x_fp_timestamp#^#x_amount#^">


For the final step, I understand that I need to use the SignatureKey, which I've obtained, and not the older TransactionKey.

The Sim manual says to hash this input with an HMAC-SHA512 algorithm using the binary-encoded Signature Key. My next step is:


<cfset x_fp_hash=HMAC(data, SignatureKey, 'HMACSHA512')>


I've tried two suggested methods of obtaining a binary-encoded SignatureKey for use in the above


key=binaryDecode(authSignature, "hex" );
hashResult = hmac(message, key, 'HMACSHA512');


<cfset Key = toBinary(SignatureKey) />

Then <cfset x_fp_hash = HMAC(data, key, 'HMACSHA512')>

 I've also tried enclosing data in # marks.


I'm still getting Error Code 99. I did verify that the timestamp I generate falls within the correct parameters. Who can help?