Cybersource Developer Community Cybersource Developer Community

mikenolan · ‎01-25-2019

I'm working on converting to the SHA2 hash using the DPM method. (Migrating to accept.js is in the planning stage.)

In my sandbox account, I'm generating a SHA2 hash for the x_fp_hash field and it must be working correctly, because I'm getting a 'This transaction has been approved' response.

However, when I go to check the hash values in the return array, the MD5 hash matches but not the SHA2 hash.

I appear to be generating the message string correctly, it just isn't matching. Any suggestions?

mikenolan · ‎01-25-2019

Problem solved.

For those trying to get this working under DPM, the trick is that you don't create the message using the login ID, transaction ID and amount, as suggested in the conversion docs, but you use that ugly 30 field string.

Here's a PHP segment that worked for me:

$key1 = '^' . $_POST[x_trans_id]
. '^' . $_POST[x_test_request]
. '^' . $_POST[x_response_code]
. '^' . $_POST[x_auth_code]
. '^' . $_POST[x_cvv2_resp_code]
. '^' . $_POST[x_cavv_response]
. '^' . $_POST[x_avs_code]
. '^' . $_POST[x_method]
. '^' . $_POST[x_account_number]
. '^' . $_POST[x_amount]
. '^' . $_POST[x_company]
. '^' . $_POST[x_first_name]
. '^' . $_POST[x_last_name]
. '^' . $_POST[x_address]
. '^' . $_POST[x_city]
. '^' . $_POST[x_state]
. '^' . $_POST[x_zip]
. '^' . $_POST[x_country]
. '^' . $_POST[x_phone]
. '^' . $_POST[x_fax]
. '^' . $_POST[x_email]
. '^' . $_POST[x_ship_to_company]
. '^' . $_POST[x_ship_to_first_name]
. '^' . $_POST[x_ship_to_last_name]
. '^' . $_POST[x_ship_to_address]
. '^' . $_POST[x_ship_to_city]
. '^' . $_POST[x_ship_to_state]
. '^' . $_POST[x_ship_to_zip]
. '^' . $_POST[x_ship_to_country]
. '^' . $_POST[x_invoice_num]
. '^;

View solution in original post

mikenolan · ‎01-25-2019

Problem solved.

For those trying to get this working under DPM, the trick is that you don't create the message using the login ID, transaction ID and amount, as suggested in the conversion docs, but you use that ugly 30 field string.

Here's a PHP segment that worked for me:

$key1 = '^' . $_POST[x_trans_id]
. '^' . $_POST[x_test_request]
. '^' . $_POST[x_response_code]
. '^' . $_POST[x_auth_code]
. '^' . $_POST[x_cvv2_resp_code]
. '^' . $_POST[x_cavv_response]
. '^' . $_POST[x_avs_code]
. '^' . $_POST[x_method]
. '^' . $_POST[x_account_number]
. '^' . $_POST[x_amount]
. '^' . $_POST[x_company]
. '^' . $_POST[x_first_name]
. '^' . $_POST[x_last_name]
. '^' . $_POST[x_address]
. '^' . $_POST[x_city]
. '^' . $_POST[x_state]
. '^' . $_POST[x_zip]
. '^' . $_POST[x_country]
. '^' . $_POST[x_phone]
. '^' . $_POST[x_fax]
. '^' . $_POST[x_email]
. '^' . $_POST[x_ship_to_company]
. '^' . $_POST[x_ship_to_first_name]
. '^' . $_POST[x_ship_to_last_name]
. '^' . $_POST[x_ship_to_address]
. '^' . $_POST[x_ship_to_city]
. '^' . $_POST[x_ship_to_state]
. '^' . $_POST[x_ship_to_zip]
. '^' . $_POST[x_ship_to_country]
. '^' . $_POST[x_invoice_num]
. '^;

mahima1990 · ‎03-05-2019

This

x_method
x_account_number fields are for the Bank account payment. Right? So, can we remove those fields if we are choosing a credit card payment? Or is it the one that we get from the transaction response? Please give me a reply. I am still facing the hash mismatch issue.

Renaissance · ‎03-05-2019

@mahima1990

Every single value in that string comes from the transaction response. That is the response verification piece posted above. I have been helping some SIM/DPM people on this forum and now have clients using that method needing help. I have posted working php code for every integration method on offer. It has been tested on everything except AIM. See my thread working php hash verification. The tested DPM/SIM code is on page 6. My method for SIM/DPM is not very elegant but works and may give you an idea of how to implement in your language.

Cybersource Developer Community Cybersource Developer Community

SHA2 testing almost complete but sha2 hash not matching