I have a web application which is using payment gateway integration. Now i am facing some issues in creating Secure Hash Code using sha-256 HMAC algorithm.
I have all the details regarding connecting to migs gateway, but my problem is when i tried to connect to gateway i am getting some issues with the created Hash Code.
Constructed URL to MIGS gateway
https://migs.mastercard.com.au/vpcpay?vpc_AccessCode=XXXXXX&vpc_Amount=6000&vpc_Command=pay&vpc_Locale=en&vpc_MerchTxnRef=12345678&vpc_Merchant=TESTXXXXXX&vpc_OrderInfo=54444&vpc_ReturnURL=http%3a%2f%2flocalhost%3a2231%2fTransaction%2fSecureTransaction%3fdataKey=33445566&vpc_Version=1&vpc_SecureHash=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&vpc_SecureHashType=SHA256
Once i fire this URL i am getting an error like below:
HTTP Status - 400
E5000: Cannot form a matching secure hash based on the merchant's request using either of the two merchant's secrets
I have verified the SecretHash and its same as provided by the merchant.
Existing implementation C#:
string hashSecret = ConfigurationManager.AppSettings["MigsSecureHashSecret"];
var transactionData = paymentRequest.GetParameters().OrderBy(t => t.Key, new VPCStringComparer()).ToList();
var redirectUrl = VPC_URL + "?" + string.Join("&", transactionData.Select(item => HttpUtility.UrlEncode(item.Key) + "=" + HttpUtility.UrlEncode(item.Value)));
if (!string.IsNullOrEmpty(hashSecret))
{
var hashedData = hashSecret + string.Join("", transactionData.Select(item => item.Value));
redirectUrl += "&vpc_SecureHash=" + Crypto.CreateSHA256Signature(hashedData);
}
return Redirect(redirectUrl);
CreateSHA256Signature function
public static string CreateSHA256Signature (string RawData)
{
var hasher = System.Security.Cryptography.HMACSHA256.Create();
var HashValue = hasher.ComputeHash(Encoding.ASCII.GetBytes(RawData));
return string.Join("", HashValue.Select(b => b.ToString("x2"))).ToUpper();
}
I am not sure whether i have did the right method or not. Please help me in this issue.
Any help will be highly appreciated.
I assume you've done it by now. However, in your supplied code you're trying to create a hash from Secure Hash Secret and all values joined together. That's incorrect. You need to use Secure Hash Secret as a key supplied to HMACSHA256 object and compute a hash from a string of key1=value1&key=value2&... Working code:
var secureSecret = "123456789ABCDEF123456789ABCDEF12";
var args = new SortedDictionary<string, string>()
{
{"vpc_Version", "1"},
{"vpc_Command", "refund"},
{"vpc_MerchTxnRef", "TestRefund"},
{"vpc_AccessCode", "XXXXXXXX"},
{"vpc_Merchant", "XXXXXXXX"},
{"vpc_TransNo", "123"},
{"vpc_Amount", "1"}
};
var getPart = "";
foreach (var arg in args)
{
getPart += arg.Key + "=" + arg.Value + "&";
}
getPart = getPart.TrimEnd('&');
var keyBytes = new byte[secureSecret.Length / 2];
for(int i=0;i<keyBytes.Length;i++)
{
keyBytes[i] = byte.Parse(secureSecret.Substring(i * 2, 2), System.Globalization.NumberStyles.HexNumber);
}
var hmac = new HMACSHA256(keyBytes);
var hash = hmac.ComputeHash(Encoding.ASCII.GetBytes(getPart));
var hashString = BitConverter.ToString(hash).Replace("-", "");
var requestUri = "https://migs.mastercard.com.au/vpcpay?"+getPart+"&vpc_SecureHash="+hashString+"&vpc_SecureHashType=SHA256";
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.