MIGS VPC Integration E5000: Cannot form a matching secure hash based on the merchant's request using either of the two merchant's secrets

asp.net api payment-gateway mastercard
Sunny Pathai picture Sunny Pathai · Jul 11, 2014 · Viewed 9.3k times · Source

I am using Migs Virtual Payment Client Integration and Using 2-Party (API method).

Error : E5000: Cannot form a matching secure hash based on the merchant's request using either of the two merchant's secrets

In the Reference Guide it is Stated to use HMac Sha256 for Generating a SecureHash Parameter that is sent in the Request and MIGS will Decode that request accordingly.

Questions :

a) I want to know that the Request i am creating is proper or not (i.e All the Parameters which are passed are in correct order).

b) Also let me know that if i am missing Some Parameters to send in the Request to create SecureHash and in Final Request.

c) Also check the functions that are used for generating the SecureHash are proper or not.

Please let me know if i am doing some Mistake .

Below are the Related Details.

1) Request to generate SecureHash :"vpc_AccessCode=XXXXXXXX&vpc_Amount=100&vpc_CardExp=1810&vpc_CardNum=5313581000123430&vpc_Command=pay&vpc_MerchTxnRef=TC_2014712466141&vpc_Merchant=TESTMXXXXXXXX&vpc_OrderInfo=TC_2014712466141&vpc_Version=1"

2) Demo SecureHashSecret = "CD14026NOT5E91GG5D1MOM4972440CDE"

3) SECURE Hash generated from Above Request and SecureHashSecret

"CCD0D0113315403E375791E99AFA3F8906EE47C0ED6818464368420048DC541E"

4) Test URL : "https://migs.mastercard.com.au/vpcdps"

5) Final Request to Send on above URL

"vpc_AccessCode=XXXXXXXX&vpc_Amount=100&vpc_CardExp=1310&vpc_CardNum=5313581000123430&vpc_Command=pay&vpc_MerchTxnRef=TC_2014712466141&vpc_Merchant=TESTMXXXXXXXX&vpc_OrderInfo=TC_2014712466141&vpc_Version=1&vpc_SecureHash=CCD0D0113315403E375791E99AFA3F8906EE47C0ED6818464368420048DC541E&vpc_SecureHashType=SHA256"

6) I am using the Below Code For Sending the Request and Getting the Response.

System.Net.WebClient webClient = new System.Net.WebClient();

        webClient.Headers.Add("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");

        byte[] response = webClient.UploadData(hfVirtualPaymentClientURL.Value.Trim(), "POST", Encoding.ASCII.GetBytes(strRequest));



        string responseData = System.Text.Encoding.ASCII.GetString(response, 0, response.Length);

7) Functions used to Generate SecureHash

public static string ToHMACSHA256(string input, string key)

{

    ASCIIEncoding encoding = new ASCIIEncoding();

    byte[] keyByte = encoding.GetBytes(key);

    byte[] inputBytes = encoding.GetBytes(input);

    HMACSHA256 hmacsha256 = new HMACSHA256(keyByte);

    byte[] hashmessage;

    hashmessage = hmacsha256.ComputeHash(inputBytes); 

    return ByteToString(hashmessage);

}

private static string ByteToString(byte[] buff)

{

    string sbinary = "";

    for (int i = 0; i < buff.Length; i++)
      { 
          sbinary += buff[i].ToString("X2"); // hex format
      }

    return (sbinary);

}

Please get me the Solutions for the Above Error Asap. Thanks in Advance

Thanks & Regards

Sunny Pathai

Answer

Emilien Baudet picture Emilien Baudet · Nov 24, 2016

I'm getting the same issue in PHP, but I successfully correct it.

The error seems to occurred because of an error while hashing my datas.
=> see capturing error messages from migs payment

To correct the issue, I use these class https://github.com/Tmeister/banamexgateway/blob/master/VPCPaymentConnection.php
(and you have to import this one too to in your lib https://github.com/Tmeister/banamexgateway/blob/master/PaymentCodesHelper.php)

$conn = new VPCPaymentConnection();
$secureSecret = '';
// Set the Secure Hash Secret used by the VPC connection object
$conn->setSecureSecret($secureSecret);
// Instanciate your VPC post data
$paymentdata = array(
    "vpc_AccessCode" => '',
    "vpc_Amount" => '',
    "vpc_Command" => '',
    "vpc_Locale" => '',
    "vpc_MerchTxnRef" => '',
    "vpc_Merchant" => '',
    "vpc_OrderInfo" =>'',
    "vpc_ReturnURL" => '',
    "vpc_Version" => ''
);
// Add VPC post data to the Digital Order
foreach ($paymentdata as $key => $value) {
    $conn->addDigitalOrderField($key, $value);
}
// Obtain a one-way hash of the Digital Order data and add this to the Digital Order
$secureHash = $conn->hashAllFields();
$conn->addDigitalOrderField("vpc_SecureHash", $secureHash);
$conn->addDigitalOrderField("vpc_SecureHashType", "SHA256");
// Obtain the redirection URL and redirect the web browser
$link_to_mastercard = $conn->getDigitalOrder('https://migs.mastercard.com.au/vpcpay');

Related questions

How do you set the Content-Type header for an HttpClient request?

I'm trying to set the Content-Type header of an HttpClient object as required by an API I am calling. I tried setting the Content-Type like below: using (var httpClient = new HttpClient()) { httpClient.BaseAddress = new Uri("http://example.com/"); httpClient.DefaultRequestHeaders.…

Read More
DefaultInlineConstraintResolver Error in WebAPI 2

I'm using Web API 2 and I'm getting the following error when I send a POST to my API method using IIS 7.5 on my local box. The inline constraint resolver of type 'DefaultInlineConstraintResolver' was unable to resolve the following inline constraint: …

Read More
Implementation of Skype API

Possible Duplicate: Skype Addon in C# How can I implement the Skype API to access user information in C#?

Read More