Skip to main content
This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

Notes/Domino 8 Forum

Notes/Domino 8 Forum
Previous Next
Subject: HMAC-MD5 in lotusscript or Java
Feedback Type: Question
Product Area: Designer Client
Technical Area: Application development
Platform: ALL
Release: All
Reproducible: Not applicable

I need help! could someone help me out here. I need code to implement HMAC-MD5, encoded in UTF-8. Below is some sample code in C, C# and others. I want a Java or Lotus Script code I can run in an agent. I want to be able to pass a secret key and a predefined string to be hashed together.

I know lotus script, but very little java. Just enough to mess things up. So please not that.

I know there are a lot of wise programmers out there that can help.

Please note: x_fp_hash is the hash between the secret key and the predefined string. predefined_string = x_login^x_fp_sequence^x_fp_timestamp^x_amount^x_currency_code.

Thanks in advance.

-----------------------------------------------------------
To generate x_fp_hash using C please see the code below:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

#include <openssl/hmac.h>
#include <stdio.h>

int main() {
const char key[] = "V0WX5fK~o6eEhr7hbs3ZeyxS";
unsigned char result[EVP_MAX_MD_SIZE], hex_result[EVP_MAX_MD_SIZE*2];
char* p;
unsigned char data[100];
unsigned int datalen, resultlen, i;
HMAC_CTX ctx;

// HMAC MD5
// HMAC_Init(&ctx, key, sizeof(key), EVP_md5());

// HMAC SHA1
HMAC_Init(&ctx, key, sizeof(key), EVP_sha1());

// x_login^x_fp_sequence^x_fp_timestamp^x_amount^x_currency
datalen = sprintf((char *)data, "%s^%s^%s^%s^%s", "WSP-ACTIV-70", "123", "1228774539", "100.00", "");

HMAC_Update(&ctx, data, datalen);
HMAC_Final(&ctx, result, &resultlen);

p = (char *)hex_result;
for(i=0; i < resultlen; i++) {
p += sprintf(p, "%02x", result[i]);
}
p = '\0';
printf("The hmac hash is %s\n", hex_result);

HMAC_cleanup(&ctx);
return 0;
}


To generate x_fp_hash using C# please see the code below:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

using System;
using System.Security;
using System.Security.Cryptography;
using System.Text;

class CalculateHash {

static void Main() {
StringBuilder sb = new StringBuilder();
// x_login^x_fp_sequence^x_fp_timestamp^x_amount^x_currency
String x_login = "WSP-ACTIV-70";
String x_fp_sequence = "123";
String x_fp_timestamp = "1228774539";
String x_amount = "100.00";
String x_currency = ""; // default empty

sb.Append(x_login)
.Append("^")
.Append(x_fp_sequence)
.Append("^")
.Append(x_fp_timestamp)
.Append("^")
.Append(x_amount)
.Append("^")
.Append(x_currency);

// Convert string to array of bytes.
byte[] data = Encoding.UTF8.GetBytes(sb.ToString());

// key
byte[] key = Encoding.UTF8.GetBytes("V0WX5fK~o6eEhr7hbs3ZeyxS");

// Create HMAC-MD5 Algorithm;
// HMACMD5 hmac = new HMACMD5(key);

// Create HMAC-SHA1 Algorithm;
HMACSHA1 hmac = new HMACSHA1(key);

// Compute hash.
byte[] hashBytes = hmac.ComputeHash(data);

// Convert to HEX string.
String x_fp_hash = System.BitConverter.ToString(hashBytes).Replace("-", "");

String msg = String.Format("x_login = {0}, x_fp_sequence = {1}, x_fp_timestamp = {2}, x_amount = {3}, x_currency= {4}.\n x_fp_hash = {5}", x_login, x_fp_sequence, x_fp_timestamp, x_amount, x_currency, x_fp_hash);
System.Console.WriteLine(msg);

}
}


To generate x_fp_hash using Python please see the code below:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

import hmac
import hashlib

# Instantiate hmac with Transaction key (HMAC-MD5)
# digest_maker = hmac.new('V0WX5fK~o6eEhr7hbs3ZeyxS', '', hashlib.md5)

# Instantiate hmac with Transaction key (HMAC-SHA1)
digest_maker = hmac.new('V0WX5fK~o6eEhr7hbs3ZeyxS', '', hashlib.sha1)

format = '%(x_login)s^%(x_fp_sequence)s^%(x_fp_timestamp)s^%(x_amount)s^%(x_currency)s'
data = format % {'x_login' : 'WSP-ACTIV-70',
'x_fp_sequence' : '123',
'x_fp_timestamp' : '1228774539',
'x_amount' : '100.00',
'x_currency' : ''}

digest_maker.update(data)
x_fp_hash = digest_maker.hexdigest()
print x_fp_hash


To generate x_fp_hash using Ocaml please see the code below:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

(* Requres Ocaml Cryptokit http://caml.inria.fr/distrib/bazar-ocaml/cryptokit-1.3.tar.gz *)
(* then invoke as 'ocaml unix.cma nums.cma cryptokit.cma calculate_hash.ml' *)

open Printf;;
open Cryptokit;;

(* HMAC MD5
let calculate_hash hmac_key hmac_data =
(transform_string (Hexa.encode()) (hash_string (MAC.hmac_md5 hmac_key) hmac_data));;
*)

(* HMAC SHA1 *)
let calculate_hash hmac_key hmac_data =
(transform_string (Hexa.encode()) (hash_string (MAC.hmac_sha1 hmac_key) hmac_data));;

(* HMAC Key *)
let key = "V0WX5fK~o6eEhr7hbs3ZeyxS";;
let data = Printf.sprintf "%s^%s^%s^%s^%s" "WSP-ACTIV-70" "123" "1228774539" "100.00" "";;

Printf.printf "The data to hash is: %s\n" data;;

Printf.printf "The hash is: %s\n" (calculate_hash key data);;


To generate x_fp_hash using ColdFusion please see the code below:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
<!---
Coldfusion sample for HMAC-MD5 or HMAC-SHA1 hash generation.
The hash obtained and the payment data are used in the POST form (not shown here - see Payment Pages Integration Manual for details).

This is Verified on ColdFusion 8, Developer Edition, on Ubuntu 8.04 / Hardy Heron
--->

<cfoutput>

<!--- Set the fields required.
Note utc time (x_fp_timestamp) is a time in seconds since Jan 1 1970 based on GMT timezone
--->
<cfset x_fp_timestamp = "1219853058">
<cfset x_transaction_key = "PLEASE REPLACE WITH CURRENT TRANSACTION KEY">
<cfset x_login = "WSP-TEST-01-01">
<cfset x_amount = "30">
<cfset x_currency_code = "USD">
<cfset x_line_items = "">
<cfset x_fp_sequence = "344155">
<cfset x_invoice_num = "123">

<!--- A number of the fields are strung together and then hashed into a new hash field that is submitted in place of the password.
This way the password and merchant account are never both submitted
--->

<cfset hmac_data = x_login>
<cfset hmac_data = hmac_data & "^" & x_fp_sequence>
<cfset hmac_data = hmac_data & "^" & x_fp_timestamp>
<cfset hmac_data = hmac_data & "^" & x_amount>
<cfset hmac_data = hmac_data & "^" & x_currency_code>

<!--- Now hash this data string with the transaction key --->
<cfset x_fp_hash = java_hmac(x_transaction_key, hmac_data)>

<h2>Hash obtained </h2>
<ul>
<b> #x_fp_hash# </b>
</ul>
</cfoutput>

<cffunction name="java_hmac" returntype="string" access="public" output="false">
<cfargument name="signKey" type="string" required="true" />
<cfargument name="signMessage" type="string" required="true" />

<cfset var jMsg = JavaCast("string",arguments.signMessage).getBytes("UTF8") />
<cfset var jKey = JavaCast("string",arguments.signKey).getBytes("UTF8") />

<cfset var key = createObject("java","javax.crypto.spec.SecretKeySpec") />
<cfset var mac = createObject("java","javax.crypto.Mac") />

<!-- HMAC MD5 (uncomment to choose MD5, then comment SHA1)
<cfset key = key.init(jKey,"HmacMD5") />
-->
<cfset key = key.init(jKey,"HmacSHA1") />

<cfset mac = mac.getInstance(key.getAlgorithm()) />
<cfset mac.init(key) />
<cfset mac.update(jMsg) />

<cfreturn LCase(BinaryEncode(mac.doFinal(), 'Hex')) />
</cffunction>


Feedback number WEBB96X82R created by ~Autumn Lopnibergetsi on 04/20/2013

Status: Open
Comments:

HMAC-MD5 in lotusscript or Java (~Autumn Lopnibe... 20.Apr.13)
. . Please don't cross post (~Fritz Ekfoober... 20.Apr.13)




Printer-friendly

Search this forum

Member Tools


RSS Feeds

 RSS feedsRSS
All forum posts RSS
All main topics RSS