Hello,
I am using the php-sdk. (can you tell me how to find what version I am running?)
I received the email about the removal of the MD5 hash, but I'm wondering where I'm using it?
From the instructions here>> it appears I need to create a function to compare the value of transHashSHA2 with the output from the HMAC-SHA512.
My question is, is this replacing an MD5 version of a function where I am doing close to the same thing? In the sample code I used there is nothing like this.
The last change I had to make was to update my cert.pem.
Thanks - any clarification you can give me would be appreciated.
- Don
01-10-2019 12:02 PM
I found my version of the php-sdk: 1.8.8.0 - then just upgraded to 1.9.9
01-10-2019 12:46 PM - edited 01-10-2019 12:57 PM
01-10-2019 12:59 PM
The php-sdk still has the md5 hash.. hopefully someone will update it soon.
Tried this but it wasn't working for me.
return hash_hmac('sha512', $loginid . "^" . $sequence . "^" . $tstamp . "^" . $amount . "^" . $currency, $transaction_key);
01-11-2019 02:17 PM
01-11-2019 02:59 PM
I also have a bunch of questions. We are using Python with DPM option. Followed the hash upgrade link instructions from here:
https://developer.authorize.net/support/hash_upgrade/
DPM post fails with "This transaction cannot be accepted."
I am stuck and don't know how to proceed. Need a clear example for the following:
How to generate the SHA512 hash in Python
How to verify the returned hash in Python
Here is what I tried that results in failure:
fingerprint = hmac.new(binascii.unhexlify(security_tokens["SIGNATURE_KEY"]),
"^"+security_tokens["LOGIN_ID"]+"^"+self.seq+"^"+ts+"^"+self.amount+"^", digestmod=hashlib.sha512).hexdigest()
When I do a DPM post with this generated hash in x_fp_hash, I get "This transaction cannot be accepted."
Still don't know the exact python code to verify the returned SHA512 hash.
01-11-2019 03:21 PM
"The php-sdk still has the md5 hash.. hopefully someone will update it soon."
Hi, could you tell me where you are finding this in the SKD code?
Thanks,
Don
01-14-2019 07:05 AM
Hopefully someone can post the php code for this soon. The confusing part for me is "Step 2. Convert the Signature Key into a byte array." since php doesn't seem to have this built in.
01-14-2019 07:26 AM
Currently I don't see transHashSHA2 in the transaction response object, just transHash.
This is using my testing sandbox.
- Don
01-14-2019 11:08 AM
php sdk is on github
https://github.com/AuthorizeNet/sdk-php
Seems to be getting regular updates but not one for the sha512 change yet.
01-15-2019 02:29 PM