Hash Calculation for SDKs

Hash must be calculated at merchant’s webserver using the SALT key given by us. Below are the high level steps for calculating the same:

Hash Calculation

Click here to check the full image

  1. Receive all payment parameters from the SDK via API in the webserver.

Sample Payment Params:

$parameter = [
            "api_key"=> "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
            "return_url"=> "https://test.com/testcallbackurl",
            "mode"=> "LIVE",
            "address_line_1"=> "ABCD",
            "address_line_2"=> "ABCD",
            "order_id"=> "TEST_ORDER_ID_1",
            "amount"=> "1000",
            "currency"=> "INR",
            "description"=> "description",
            "name"=> "TestName",
            "email"=> "test@test.com",
            "phone"=> "9876543210",
            "city"=> "Mumbai",
            "state"=> "Maharastra",
            "zip_code"=> "421301",
            "country"=> "IND",
        ];
$salt = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
  1. Do the following checks or operations: A) Trim all payment request parameter values. B) Empty parameters should NOT be considered for Hash Calculation C) Check for Mandatory Keys.

  2. Sort the trimmed parameter values by arranging parameter keys in ascending order.

  3. Now, concatenate SALT key along with all the parameter values obtained from Step 2 using pipeline character “|”.

Note: SALT key should be in the start of concatenated string.

Resulting concatenated string should look something like this:

<SALT>|<address_line_1>|<address_line_2>|....|<udf1>|<udf2>|<udf3>|<udf4>|<udf5>|<zip_code>

Sample Hash String for the Sample Payment Params from Step 1:

Assuming:

Sample API Key: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

Sample SALT Key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX|ABCD|ABCD|1000|XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX|Mumbai|IND|INR|description|test@test.com|LIVE|TestName|TEST_ORDER_ID_1|9876543210|https://test.com/testcallbackurl|Maharastra|421301

  1. Now, perform SHA-512 algortihm on concatenated string to get the HASH string.

  2. Finally, convert the HASH string obtained from Setp 4 to uppercase to obtain the actual hash that should be passed as the value of “hash” in payment requests.

Sample Hash Key for the Sample Hash String from Step 4:

71F621AAC1F68AFF0C6912DBAF4062316E55DB9702E1EE089949240E2D939146EDA275A3E3A977A5BE96A0EEBFC8AF1E82249657B021302622EAD450BDBBCD3A
Sample PHP Code to calculate HASH
/**
	 * @param $input
	 * @param $salt
	 * @return string
	 */
	private function apiHashCreate($input, $salt)
	{
		/*Sort the array before hashing*/
		ksort($input);

		/*Create a | (pipe) separated string of all the $input values which are available in $hash_columns*/
		$hash_data = $salt;
		foreach ($input as $inputParam) {
			if (isset($inputParam)) {
				if (strlen($inputParam) > 0) {
					$hash_data .= '|' . trim($inputParam) ;
				}
			}
		}
		/* Convert the $hash_data to Upper Case and then use SHA512 to generate hash key */
		$hash = null;
		if (strlen($hash_data) > 0) {
			$hash = strtoupper(hash("sha512", $hash_data));
		}

		return $hash;
	}