php - How can I generate a HmacSHA256 signature of a string

Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Learn more about Collectives

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Learn more about Teams @usama No. By the very nature of a hash function, there will exist a collision. (I.e. two strings that hash to the same value.) I suggest you look into hash collisions. The subject is too long to cover in a comment. – Sebastian Paaske Tørholm Aug 8, 2017 at 13:17 Thanks @SebastianPaaskeTørholm for answer can you please explain in general how we can make it unique Thanks again. – Muhammad Usama Mashkoor Aug 8, 2017 at 13:40 For example, the following portion of code :

$hash = hash_hmac('sha256', 'hello, world!', 'mykey');
var_dump($hash);
Gives the following output :
string '07a932dd17adc59b49561f33980ec5254688a41f133b8a26e76c611073ade89b' (length=64)
And, to get the list of hashing algorithms that can be used, see hash_algos().
Here is an example of datatrans transaction signing (swiss e-payment solution) before call PSP with HMAC-SHA-256.
Hope it could help some developers.
$hmacKey    = 30911337928580013;
$merchantId = 1100004624;
$amount     = $total * 100;
$currency   = 'EUR';
$refno      = $orderId;
// HMAC Hex to byte
$secret     = hex2bin("$hmacKey");
// Concat infos
$string     = $merchantId . $amount. $currency . $refno;
// generate SIGN
$sign       = bin2hex(hash_hmac('sha256', $string, $secret)); 
Note: the merchant ID and HMAC key are both from Datatrans documentation available here : https://admin.sandbox.datatrans.com/showcase/doc/Technical_Implementation_Guide.pdf
                Note that the bin2hex at the end will produce a different result than the example shown in the Datatrans backend UI!
– ZPiDER
                Aug 21, 2018 at 12:45
                Hi, I want to generate datatrans sign in javascript. But i am not able to achieve that. Do you have any working example for that.
– Ninja Turtle
                Sep 6, 2020 at 7:59
                @VinitSingh no I don't. But you can read this, maybe it will help you : jokecamp.com/blog/…
– Meloman
                Sep 9, 2020 at 5:41
I can't answer due to lack of reputation, but @Melomans way in combination with ZPiDER's answer leads to using only
$hash       = hash_hmac('sha256', $string, $secret);
for a correct Datatrans signing
get your secret key
choose a cipher mode or method example sha1,sha256, etc
create a variable that will hold your encrypted data call it whatever you like
Therefore the code will look like this
$signData= hash_hmac("sha256",$dataToBeSigned,$yourSecretKey);
        Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.