Computing the IPN signature
The signature is computed by following the same logic as for creating the payment request.
- Take all the fields whose name starts with vads_.
- Sort these fields alphabetically.
- Concatenate the values of these fields separating them with the “+” character.
- Concatenate the result with the test or production key separating them with a “+”.
-
According to the signature algorithm defined in your shop configuration:
- If your shop is configured to use “SHA-1”, apply the SHA-1 hash function to the chain obtained during the previous step. Deprecated.
-
If your shop is configured to use “HMAC-SHA-256”, compute and encode in Base64 format the message signature using the HMAC-SHA-256 algorithm with the following parameters:
- the SHA-256 hash function,
- the test or production key (depending on the value of the vads_ctx_mode field) as a shared key,
- the result of the previous step as the message to authenticate.
Examples in PHP:
function getSignature ($params,$key) { /** *Function that computes the signature. * $params: table containing the fields received in the IPN. * $key : TEST or PRODUCTION key */ //Initialization of the variable that will contain the string to encrypt $signature_contents = ""; //Sorting fields alphabetically ksort($params); foreach($params as $name=>$value){ //Recovery of vads_ fields if (substr($name,0,5)=='vads_'){ //Concatenation with "+" $signature_contents .= $value."+"; } } //Adding the key at the end $signature_contents .= $key; //Encoding base64 encoded chain with HMAC-SHA-256 algorithm $sign = base64_encode(hash_hmac('sha256',$signature_contents, $key, true)); return $sign; }