androiddigital-signaturesha256payfort

Signature mismatch error on payfort sdk_token generation

String ACCESS_CODE = "My_PAYFORTAcces_Code"
String MERCHANT_ID = "My_Payfory_Merchet_ID"

I found the issue I think the issue is with Signature generation, I tried signature generation using with the string “TESTSHAINaccess_code=ACCESS_CODEdevice_id=ffffffff-d6ab-d802-b274-478d7792a1b7language=enmerchant_identifier=MERCHANT_IDservice_command=SDK_TOKENTESTSHAIN” I got my signature as “9c804f2c08e36749c75389afc12c50e68307c31052e6434c072cd5b36cc8c607” and when I tried with “PASSaccess_code=ACCESS_CODElanguage=enmerchant_identifier=MERCHANT_IDmerchant_reference=53469903-eaac-459c-91b9-78cb026b0712service_command=TOKENIZATIONPASS” I got “4568f58e22f46b75fb6157cbc131ab194e1f9a066bdc501171a018d2c1d22e14” as my signature.

Once I tried to generate the sdk_token using the both signature I got “{"response_code":"00008","response_message":"Signature mismatch","service_command":"SDK_TOKEN","device_id":"ffffffff-d6ab-d802-b274-478d7792a1b7","signature":"30eb8f03adc12dd714aac83249ad0b3e763cfadcd6c996bdf49d86125c23335","merchant_identifier":"My_Payfory_Merchet_ID","access_code":"My_PAYFORTAcces_Code","language":"en","status":"00"}” Here is my code to generate signature, Please check and let me know its correct or not,

@TargetApi(Build.VERSION_CODES.KITKAT) 
    public static String generateSHA256(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException { 
        MessageDigest md = MessageDigest.getInstance("SHA-256"); 
        byte[] textBytes = text.getBytes(StandardCharsets.UTF_8); 
        md.update(textBytes, 0, textBytes.length); 
        byte[] sha1hash = md.digest(); 
        return convertToHex(sha1hash); 
    } 

    private static String convertToHex(byte[] data) { 
        StringBuilder buf = new StringBuilder(); 
        for (byte b : data) { 
            int halfbyte = (b >>> 4) & 0x0F; 
            int two_halfs = 0; 
            do { 
                buf.append((0 <= halfbyte) && (halfbyte <= 9) ? (char) ('0' + halfbyte) : (char) ('a' + (halfbyte - 10))); 
                halfbyte = b & 0x0F; 
            } while (two_halfs++ < 1); 
        } 
        return buf.toString(); 
    }
Solution

  • This solved My problem,

    I changes my string to generate the signature to,

    Constants.PayfortRequestPhrase + "access_code=" + Constants.PayfortAccessCode 
+ "device_id=" + deviceId + "language=enmerchant_identifier=" +
Constants.PayfortMerchantIdentifier + "service_command=SDK_TOKEN" + Constants.PayfortRequestPhrase

    RequestPhrase , AccessCode and MerchantIdentifier I got from pay-fort Account. and the signature generation code remains the same.