Home/ Questions/Q 6824089
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T21:51:39+00:00

I’m trying to replicate a c# method for generating a signature hash to communicate

  • 0

I’m trying to replicate a c# method for generating a signature hash to communicate with an API, having trouble reproducing the same example result in PHP based on the c# method examples I was given.

The word problem version of what I’m trying to do is: (from api documentation)

Calculating Request Signatures

A request signature, an HMAC with an SHA-1 hash code, is calculated by concatenating the values of the Service, Method, and Timestamp parameters, in that order, and then calculating an RFC 2104-compliant HMAC, using the Secret Access Key as the “key”. The computed HMAC value must be base64 encoded

The test data:

service_name = “Zoyto Fulfillment Service”
timestamp: “2010-07-21T04:33:55Z”
api_secret = “2c0774063f4bb1a10ca39ba6c806636a57d78dc3”
method = “getOrderStatus”

Result should be:
signature: “mlePFDcrTAxd+PWA6hOGGtvu2Zc=”

I have the following code example of a c# method for creating a signature hash to make an API call:

public string createSignature(string api_secret, string method, string timestamp, string service_name) { 
  DateTime currentTime = DateTime.UtcNow; string toSign = service_name.ToLower() +   method.ToLower() + timestamp.ToLower(); 
  byte[] toSignBytes = Encoding.UTF8.GetBytes(toSign); byte[] secretBytes = Encoding.UTF8.GetBytes(api_secret); 
  HMAC signer = new HMACSHA1(secretBytes byte[] sigBytes = signer.ComputeHash(toSignBytes); 
  string signature = Convert.ToBase64String(sigBytes); 
  return signature; 
}

Currently, my php method looks like:

$testSecret = '2c0774063f4bb1a10ca39ba6c806636a57d78dc3';
$testSvc    = 'Zoyto Fulfillment Service';
$testStamp  = strtotime('2010-07-21 04:33:55');   
$method = 'getOrderStatus';

$sig    = utf8_encode($testSvc.$method.$testStamp);

$hash   = hash_hmac("sha1", $sig, $testSecret, true);

$sig    = base64_encode($hash);
return $sig;

//returns:
//OUhgiIqxngaFm1Rquxm1lZ/3CzE=

Any help is appreciated

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’m not sure where you got that C# code from but it doesn’t work. This PHP code will give you the desired input for the input given.

    function createSignature($api_secret, $method, $timestamp, $service_name) {
    $toSign = strtolower($service_name) . strtolower($method) . strtolower($timestamp);
    $sig = hash_hmac('sha1', $toSign, $api_secret, true);
    return base64_encode($sig);
}

$api_secret = '2c0774063f4bb1a10ca39ba6c806636a57d78dc3';
$method = 'getOrderStatus';
$timestamp  = '2010-07-21T04:33:55Z'; 
$service_name    = 'Zoyto Fulfillment Service';

echo createSignature($api_secret, $method, $timestamp, $service_name);
// output: mlePFDcrTAxd+PWA6hOGGtvu2Zc=

    Note: Requires PHP 5 >= 5.1.2 or PECL hash >= 1.1

    • 0