Generate Secure Hash

How to generate the secure hash

1. The secure hash is generated by using HMAC hashing algorithm with SHA256 or md5 on a string consisting of (according to sequence):

• Secret Key

• Detail

• Amount

• Order ID

2. For example if the values for the parameters are as below:

3. The string to be hashed is $str = 53-784Shopping_cart_id_3024.5056 which will generate the hash value of :

• md5($str) => 0bde51ff340f110ab7331a902aa969e7

• hash_hmac(‘SHA256′, $str, ’53-784’) => 74422328b44d30bf150fffbae89bbb42b885f9ac0960e2a3ddccc0cf9aa48e39

How to verify if the secure hash is correct

1. Merchants will need to generate the secure hash and compare the secure hash that was received from senangPay.

2. For example if the parameters received from senangPay are as below:

3. The string to be hashed is $str = 53-78415614363538840Payment_was_successful which will generate the hash value of :

• md5($str) => 69686562c29ad3f7955b1843a5c275ca

• hash_hmac(‘SHA256′, $str, ’53-784’) => 4ca7837c6c4ddb5f6ba573ea701235b2d04bc6400d32787539e07aaf319eb70f

4. Now you need to compare the hash value that you have generated with the hash value sent from senangPay. If the value does not match then the data may have been tampered.