Home/ Questions/Q 8206567
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T08:43:09+00:00

I’m stuck finilizing a banklink, I get response, that my signature is wrong. This

  • 0

I’m stuck finilizing a banklink, I get response, that my signature is wrong.

This is the signature part manual that the bank sent

Digital signature MAC is XML data hash value, encrypted with senders private key.
For hash value calculations SHA-1 algorithm is used, but for signature calculation RSA algorithm is used. Digital signature transforms to textual format using BASE64 encoding and is placed to MAC field.

And what I have build up:

// the key is loaded succesfull
private function setPrivateKey ( $key_name ) {
  $fp = fopen( $this -> getKeyLocation() . '/' . $key_name, "r" );
  $priv_key = fread( $fp, 8192 );
  fclose( $fp );
  $this -> private_key = openssl_get_privatekey( $priv_key );
}

// signature is created, but not the way bank expects it
private function setSignature () {
  // also tried sha1( $data, true );
  // signature contains no special chars ( meaning no UTF8 specific coding )
  $pre_mac = sha1( $this -> getXMLData() );
  openssl_sign( $pre_mac, $signature, $this -> getPrivateKey() );
  $this -> signature = $signature;
}

// can't be a problem here
private function setMac () {
  $this -> mac = base64_encode( $this -> getSignature() );
}

// this is set correctly
private function setXMLData () {
    $bank_xml = '<?xml version="1.0" ?>
    <bl>
    <snd>PHP_COMPANY</snd>
    <query>NEW</query>
    <type>PHP_TYPE</type>
    <data>
        <client_id>A71045</client_id>
        <amount>PHP_AMOUNT</amount>
        <ccy_name>PHP_CURR</ccy_name>
        <ccy_code>1</ccy_code>
        <bnf_name>PHP_COMPANY</bnf_name>
        <bnf_account>PHP_ACCOUNT</bnf_account>
        <bnf_id>PHP_CID</bnf_id>
        <residence_id>LV</residence_id>
        <residence_name>LV-LATVIA</residence_name>
        <details>PHP_DETAILS</details>
    </data>
    <date>PHP_DATE</date>
    <time>PHP_TIME</time>
    <reply>
        <session_id>PHP_SESSION</session_id>
    </reply>
    <reply_url>PHP_REPLY</reply_url>
    </bl>';

    $this -> bank_xml = $bank_xml;
}

It seems to me that I’m not encrypting it right. Any suggestions what might be wrong?
I believe I have made every step what the bank requires.

I already sent this to the bank, but they respond w/in a week or so.

PS: get functions are all set that return the set variable, I just didn’t think it’s necessary to post them.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Ok, fixed the problem. It seems that the bank manual is not correct ( still waiting for the answer from bank though ).

    Replaced sha1 with md5 and all became valid.

    $pre_mac = md5( $this -> getXMLData() );

    Thanx raina77ow, you pointed me to the right direction with your coment:

    did you try omitting that intermediate hashing altogether?

    • 0