01-10-2019 12:02 PM
I am using the php-sdk. (can you tell me how to find what version I am running?)
I received the email about the removal of the MD5 hash, but I'm wondering where I'm using it?
From the instructions here>> it appears I need to create a function to compare the value of transHashSHA2 with the output from the HMAC-SHA512.
My question is, is this replacing an MD5 version of a function where I am doing close to the same thing? In the sample code I used there is nothing like this.
The last change I had to make was to update my cert.pem.
Thanks - any clarification you can give me would be appreciated.
01-10-2019 12:59 PM
01-11-2019 02:17 PM
The php-sdk still has the md5 hash.. hopefully someone will update it soon.
Tried this but it wasn't working for me.
return hash_hmac('sha512', $loginid . "^" . $sequence . "^" . $tstamp . "^" . $amount . "^" . $currency, $transaction_key);
01-11-2019 02:59 PM
01-11-2019 03:21 PM
I also have a bunch of questions. We are using Python with DPM option. Followed the hash upgrade link instructions from here:
DPM post fails with "This transaction cannot be accepted."
I am stuck and don't know how to proceed. Need a clear example for the following:
How to generate the SHA512 hash in Python
How to verify the returned hash in Python
Here is what I tried that results in failure:
fingerprint = hmac.new(binascii.unhexlify(security_tokens["SIGNATURE_KEY"]),
When I do a DPM post with this generated hash in x_fp_hash, I get "This transaction cannot be accepted."
Still don't know the exact python code to verify the returned SHA512 hash.
01-14-2019 07:26 AM
Hopefully someone can post the php code for this soon. The confusing part for me is "Step 2. Convert the Signature Key into a byte array." since php doesn't seem to have this built in.