CODEWITHSUNDEEP
hashcoldfusionfingerprint
user125264
user125264

Reputation: 1827

Coldfusion Hash SHA-1 Doesnt look the same as the sample

Im working on a script to hash a "fingerprint" for communicating with the secure Pay Direct Post API.

The issue I have is im trying to create a SHA-1 String that matches the sample code provided so that i can ensure things get posted accurately.

the example Sha-1 string appears encoded like

01a1edbb159aa01b99740508d79620251c2f871d

However my string when converted appears as 

7871D5C9A366339DA848FC64CB32F6A9AD8FCADD

completely different...

my code for this is as follows..

<cfset variables.finger_print = "ABC0010|txnpassword|0|Test Reference|1.00|20110616221931">
<cfset variables.finger_print = hash(variables.finger_print,'SHA-1')>
<cfoutput>
#variables.finger_print#
</cfoutput>

Im using Coldfusion 8 to do this

it generates a 40 character hash, but i can see its generating completely different strings.

Hopefully someone out there has done this before and can point me in the right direction...

thanks in advance

** EDIT

The article for creating the Hash only contains the following information.

Example: Setting the fingerprint Fields joined with a | separator:

ABC0010|txnpassword|0|Test Reference|1.00|20110616221931

SHA1 the above string: 01a1edbb159aa01b99740508d79620251c2f871d

When generating the above example string using coldfusion hash it turns it into this

7871D5C9A366339DA848FC64CB32F6A9AD8FCADD

Upvotes: 1

Views: 883

Answers (1)

Leigh
Leigh

Reputation: 28873

01a1edbb159aa01b99740508d79620251c2f871d

Sorry, but I do not see how the sample string could possibly produce that result given that php, CF and java all say otherwise. I suspect an error in the documentation. The one thing that stands out is the use of "txnpassword" instead of a sample value, like with the other fields. Perhaps they used a different value to produce the string and forgot to plug it into the actual example?

Update:

Example 5.2.1.12, on page 27, makes more sense. Ignoring case, the results from ColdFusion match exactly. I noticed the description also mentions something about a summarycode value, which is absent from the example in section 3.3.6. So that tends to support the theory of documentation error with the earlier example.

Code:

 <cfset input = "ABC0010|mytxnpasswd|MyReference|1000|201105231545|1">
 <cfoutput>#hash(input, "sha-1")#</cfoutput>

Result:

 3F97240C9607E86F87C405AF340608828D331E10

Upvotes: 2

Related Questions