Exemplo n.º 1
0
        /// <summary>Each message sent to Realex should have a hash, attached. For a message using the remote
        /// interface this is generated using the This is generated from the TIMESTAMP, MERCHANT_ID,
        /// ORDER_ID, AMOUNT, and CURRENCY fields concatenated together with "." in between each field.
        /// This confirms the message comes
        /// from the client and
        /// Generate a hash, required for all messages sent to IPS to prove it was not tampered with.
        /// <p>
        /// Hashing takes a string as input, and produce a fixed size number (160 bits for SHA-1 which
        /// this implementation uses). This number is a hash of the input, and a small change in the
        /// input results in a substantial change in the output. The functions are thought to be secure
        /// in the sense that it requires an enormous amount of computing power and time to find a string
        /// that hashes to the same value. In others words, there's no way to decrypt a secure hash.
        /// Given the larger key size, this implementation uses SHA-1 which we prefer that you, but Realex
        /// has retained compatibilty with MD5 hashing for compatibility with older systems.
        /// <p>
        /// <p>
        /// To construct the hash for the remote interface follow this procedure:
        ///
        /// To construct the hash for the remote interface follow this procedure:
        /// Form a string by concatenating the above fields with a period ('.') in the following order
        /// <p>
        /// (TIMESTAMP.MERCHANT_ID.ORDER_ID.AMOUNT.CURRENCY)
        /// <p>
        /// Like so (where a field is empty an empty string "" is used):
        /// <p>
        /// (20120926112654.thestore.ORD453-11.29900.EUR)
        /// <p>
        /// Get the hash of this string (SHA-1 shown below).
        /// <p>
        /// (b3d51ca21db725f9c7f13f8aca9e0e2ec2f32502)
        /// <p>
        /// Create a new string by concatenating this string and your shared secret using a period.
        /// <p>
        /// (b3d51ca21db725f9c7f13f8aca9e0e2ec2f32502.mysecret )
        /// <p>
        /// Get the hash of this value. This is the value that you send to Realex Payments.
        /// <p>
        /// (3c3cac74f2b783598b99af6e43246529346d95d1)
        ///
        /// This method takes the pre-built string of concatenated fields and the secret and returns the
        /// SHA-1 hash to be placed in the request sent to Realex.
        ///
        /// @param toHash
        /// @param secret
        /// @return the hash as a hex string
        /// </summary>
        /// <param name="toHash"></param>
        /// <param name="secret"></param>
        ///<returns>string</returns>
        public static string GenerateHash(string toHash, string secret)
        {
            string toHashFirstPass = DigestUtils.Sha1Hex(toHash);

            string toHashSecondPass = new StringBuilder(toHashFirstPass).Append(".").Append(secret).ToString();

            return(DigestUtils.Sha1Hex(toHashSecondPass));
        }
Exemplo n.º 2
0
        /// <summary>Each message sent to Realex should have a hash, attached. For a message using the remote
        /// interface this is generated using the This is generated from the TIMESTAMP, MERCHANT_ID,
        /// ORDER_ID, AMOUNT, and CURRENCY fields concatenated together with "." in between each field.
        /// This confirms the message comes
        /// from the client and
        /// Generate a hash, required for all messages sent to IPS to prove it was not tampered with.
        /// <p>
        /// Hashing takes a string as input, and produce a fixed size number (160 bits for SHA-1 which
        /// this implementation uses). This number is a hash of the input, and a small change in the
        /// input results in a substantial change in the output. The functions are thought to be secure
        /// in the sense that it requires an enormous amount of computing power and time to find a string
        /// that hashes to the same value. In others words, there's no way to decrypt a secure hash.
        /// Given the larger key size, this implementation uses SHA-1 which we prefer that you, but Realex
        /// has retained compatibilty with MD5 hashing for compatibility with older systems.
        /// <p>
        /// <p>
        /// To construct the hash for the remote interface follow this procedure:
        ///
        /// To construct the hash for the remote interface follow this procedure:
        /// Form a string by concatenating the above fields with a period ('.') in the following order
        /// <p>
        /// (TIMESTAMP.MERCHANT_ID.ORDER_ID.AMOUNT.CURRENCY)
        /// <p>
        /// Like so (where a field is empty an empty string "" is used):
        /// <p>
        /// (20120926112654.thestore.ORD453-11.29900.EUR)
        /// <p>
        /// Get the hash of this string (SHA-1 shown below).
        /// <p>
        /// (b3d51ca21db725f9c7f13f8aca9e0e2ec2f32502)
        /// <p>
        /// Create a new string by concatenating this string and your shared secret using a period.
        /// <p>
        /// (b3d51ca21db725f9c7f13f8aca9e0e2ec2f32502.mysecret )
        /// <p>
        /// Get the hash of this value. This is the value that you send to Realex Payments.
        /// <p>
        /// (3c3cac74f2b783598b99af6e43246529346d95d1)
        ///
        /// This method takes the pre-built string of concatenated fields and the secret and returns the
        /// SHA-1 hash to be placed in the request sent to Realex.
        ///
        /// @param toHash
        /// @param secret
        /// @return the hash as a hex string
        /// </summary>
        /// <param name="toHash"></param>
        /// <param name="secret"></param>
        ///<returns>string</returns>
        public static string GenerateHash(string toHash, string secret = null, ShaHashType shaType = ShaHashType.SHA1)
        {
            if (toHash == null)
            {
                return(toHash);
            }

            string toHashFirstPass = shaType == ShaHashType.SHA1 ? DigestUtils.Sha1Hex(toHash, shaType) : DigestUtils.ShaHex(toHash, shaType);

            if (secret != null)
            {
                string toHashSecondPass = new StringBuilder(toHashFirstPass).Append(".").Append(secret).ToString();
                return(shaType == ShaHashType.SHA1 ? DigestUtils.Sha1Hex(toHashSecondPass, shaType): DigestUtils.ShaHex(toHashSecondPass, shaType));
            }
            return(toHashFirstPass);
        }