Validating the MD5 hash from an Authorize.net relay response.

so i’m working on implementing credit card processing with Authorize.net in a website project.  when it comes to authenticating the relay response you need to validate the hash generated by Authorize.net.  The docs are quite forth-coming on how to generate the transaction fingerprint with the HMAC_MD5 algorithm for the request, but very few details given on how the validate the response.  Here is the function necessary to generate the appropriate hash value that can be compared with the value provided in the response:

        using System.Security.Cryptography;

        public static string MD5(string value)
        {
            byte[] data = (new System.Text.ASCIIEncoding()).GetBytes(value);
            using (var md5 = new MD5CryptoServiceProvider())
            {
                byte[] result = md5.ComputeHash(data);

                string hash = "";
                for (int i = 0; i < result.Length; i++)
                {
                    hash += result[i].ToString("x").PadLeft(2, '0');
                }

                return hash.ToUpper();
            }

        }
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s