- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i am changing to code to integrate HMAC_SHA512 using java API
But i get Error code 99 Transaction cannot be accepted after the new change
I am using the TEST https://secure.authorize.net/gateway/transact.dll
As mentioned i am sending the inputstring '^' delimeter
^API LOGIN ID^TransactionID^AMT^
Please let me know what is dong wrong and any more inforemation you want from me
Solved! Go to Solution.
01-25-2019 08:50 AM
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I got it working with new HASH the issue was conversion of the long key to byte array.
Method to convert the SecurityKey
public static byte[] hex2bin(String hex) throws NumberFormatException {
if (hex.length() % 2 > 0) {
throw new NumberFormatException("Hexadecimal input string must have an even length.");
}
byte[] r = new byte[hex.length() / 2];
for (int i = hex.length(); i > 0;) {
r[i / 2 - 1] = (byte) (digit(hex.charAt(--i)) | (digit(hex.charAt(--i)) << 4));
}
return r;
}
public String encode(byte[] key, String data) {
try {
//String hexaString = Hex.encodeHexString(key.getBytes()) ;
Mac sha512_HMAC = Mac.getInstance("HmacSHA512");
SecretKeySpec secret_key = new SecretKeySpec(key,"HmacSHA512");
sha512_HMAC.init(secret_key);
return Hex.encodeHexString(sha512_HMAC.doFinal(data.getBytes("UTF-8")));
// return new String(Hex.encodeHex(sha512_HMAC.doFinal(data.getBytes("UTF-8"))));
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return null;
}
Thanks for the help
01-29-2019 12:56 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @ashlesha4gsmls
Are you attempting to change how you submit transactions using the HMAC_SHA512 hash?
The changes for the MD5 hash apply to transaction response validation, not submitting transactions.
Richard
01-25-2019 09:32 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Oh ! so there is no change when i submit the authorization request that JAVA API stays unchanged which uses MD5 hashing.
We get a response url (php program) where authorize.net sends the response code.
there we colllect the x_MD5_HASH using $x_MD5_Hash = $_POST['x_MD5_Hash'];
so now this value will no more match with ours, or we need to change the HMACSHA512 to match it?
Please correct me if i get it wrong
01-25-2019 09:53 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The x_fp_hash value send should be using HmacSHA512?
01-25-2019 10:37 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We neeed your help . The moment we change the hash to HmacSHA512 we get error code 99
Do we need to make any setp on the merchantile setup to mention the Hash?
01-25-2019 11:45 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The values you use are different and are in your SIM/DPM guide. Md5 is going to be gone forever at some point, so you definitely need to replace md5 with sha512. For your integration, you will have one value you submit as a fingerprint, and another one should you choose to verify the response.
I have php code that is tested and works for modern API, and sample php code that I am pretty sure will work for SIM/DPM for the fingerprint piece on the thread I will paste. the delimited string for the validation piece will have 31 carets and several values if my memory serves me correct. The fingerprint will have 4 values or 5 per my memory, delimited by carets as well but without a leading caret and potentially without a terminating caret.
On my php thread there are some java folks who end up getting theirs working. It is a good place to start your homework. Again, the first post I made only works with modern API. I ended up trying to bel SIM/DPM guys down the list.
The delimited string I put in my second code example was taken from the guide, and I believe that if you can make a java version of that it will work. This forum is a hobby for me when I’m waiting on breakfast, and I am not familiar with all of the past integration methods. You sound like DPM/SIM, but if that’s not the case or if you don’t know, don’t go down this or any other rabbit trail until you find out what you are using. That’s step number 1. How you do this is dependent on what integration method you use, and you’ll be pulling your hair out indefinitely if you try to do this without knowing.
https://community.developer.authorize.net/t5/Integration-and-Testing/Working-php-hash-verification/m...
01-27-2019 08:50 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am using the new Security Key
hashing it using below code.
public String encode(String key, String data) {
try {
Mac sha256_HMAC = Mac.getInstance("HmacSHA512");
SecretKeySpec secret_key = new SecretKeySpec(key.getBytes("UTF-8"), "HmacSHA512");
sha256_HMAC.init(secret_key);
return new String(Hex.encodeHex(sha256_HMAC.doFinal(data.getBytes("UTF-8"))));
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return null;
}
The
I was sending this value in x_fp_hash and submitting to the dll url
The fingerprint will have 4 value hashed using new security key . But i get the error code 99 in return code
01-29-2019 06:56 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
so now i am sending the new hashvalue in x_SHA2_Hash submitting to
https://secure.authorize.net/gateway/transact.dll
along with the x_fp_hash that has the old finger print
01-29-2019 07:05 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am not good with Java syntax. Does this function convert the signature key to binary before it is used in the hash function? You need to convert signature key to binary; it is hex out of the box. Then you hash the delimited string using the binary key version. You want your hash function to output a hex value, not raw binary.
01-29-2019 08:32 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
My concern is x_fp_hash is not accepting the new hashvalue it still validates using MD5 hash.
01-29-2019 08:41 AM