Paybox integration

Question

I try to integrate Paybox credit card transaction solution.

I've tries at least 100 differents solutions (not kidding) but no one works and every time i got "Problème d'identification du commerce. Accès refusé !" message (in french).

Here is the most "stable" code I have :

<?php

function gen_hmac($site, $rang, $identifiant, $devise, $cmd, $porteur, $hash, $time, $total, $retour, $key) {
    $msg = "PBX_SITE=". $site 
        ."&PBX_RANG=". $rang 
        ."&PBX_IDENTIFIANT=". $identifiant 
        ."&PBC_TOTAL=". $total 
        ."&PBX_DEVISE=". $devise 
        ."&PBC_CMD=". $cmd 
        ."&PBC_PORTEUR=". $porteur 
        ."&PBC_RETOUR=". $retour 
        ."&PBC_HASH=". $hash 
        ."&PBC_TIME=" . $time ; 
        $binkey = pack("H*", $key);
        echo "<!-- " . $msg . " -->";
        $hmac = strtoupper(hash_hmac('sha512', $msg, $binkey));
        echo "<!-- " . $hmac . " -->";
    return $hmac;
}

    // static
    $site = 1999888;
    $rang = 32;
    //$identifiant = 110647233;
    $identifiant = 107904482;
    $devise = 978;
    $hash = "SHA512";
    $key = "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF";
    $cmd = "TEST Paybox";
    $porteur = "test@paybox.com";
    $time = date("c");
    //$time = "2011-02-28T11:01:50+01:00";

    // variable
    $total = 1000;
    //$retour = "ref:R;trans:T;auto:A;tarif:M;abonnement:B;pays:Y;erreur:E";
    $retour = "Mt:M;Ref:R;Auto:A;Erreur:E";
    $hmac = gen_hmac($site, $rang, $identifiant, $devise, $cmd, $porteur, $hash, $time, $total, $retour, $key);

?>

<html>
<head>
<title>Paybox TEST</title>
</head>
<body>
<?php
//print_r(hash_algos());    
?>
<form method="POST" action="https://preprod-tpeweb.paybox.com/cgi/MYchoix_pagepaiement.cgi">
<!--<form method="POST" action="https://preprod-tpeweb.paybox.com/cgi/MYframepagepaiement_ip.cgi">-->
<!--<form method="POST" action="https://preprod-tpeweb.paybox.com/cgi/ChoixPaiementMobile.cgi">-->
    <input type="hidden" name="PBX_SITE" value="<?php echo $site; ?>" />
    <input type="hidden" name="PBX_RANG" value="<?php echo $rang; ?>" />
    <input type="hidden" name="PBX_IDENTIFIANT" value="<?php echo $identifiant; ?>" />
    <input type="hidden" name="PBX_TOTAL" value="<?php echo $total; ?>" />
    <input type="hidden" name="PBX_DEVISE" value="<?php echo $devise; ?>" />
    <input type="hidden" name="PBX_CMD" value="<?php echo $cmd; ?>" />
    <input type="hidden" name="PBX_PORTEUR" value="<?php echo $porteur; ?>" />
    <input type="hidden" name="PBX_RETOUR" value="<?php echo $retour; ?>" />
    <input type="hidden" name="PBX_HASH" value="<?php echo $hash; ?>" />
    <input type="hidden" name="PBX_TIME" value="<?php echo $time; ?>" />
    <input type="hidden" name="PBX_HMAC" value="<?php echo $hmac; ?>" />
    <!--<input type="hidden" name="PBX_REFUSE" value="http://test.fr/" />
    <input type="hidden" name="PBX_ANNULE" value="http://test.fr/" />
    <input type="hidden" name="PBX_EFFECTUE" value="http://test.fr/" />-->
    <input type="submit" value="envoyer" />
</form>
</body>
</html>

Most statics values are from paybox test documentation.

So do you know what's wrong with my code or do you know how to have more details about what is wrong on what is send to paybox server ?

Sincerely

EDIT : More details about my goal. My real need is to code this in java, but I had a few code sample in php which finally helped.

Now I try to find out how to generate a clean hmac/sha512 in java.

<?php 
$key = "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF";
$binkey = pack("H*", $key); 
echo strtoupper(hash_hmac('sha512', "ABC", $binkey)); 
?>

Outputs : 100A6A016A4B21AE120851D51C93B293D95B7D8A44B16ACBEFC2D1C9DF02B6F54FA3C2D6802E52FED5DF8652DDD244788A204682D2D1CE861FDA4E67F2792643

So how can I, in java, recreate the same hmac algorigthm ?

I've try a lot of things but no one achived my goal, but here is what I have currently :

private String generateHMAC( String datas )
    {

        //                final Charset asciiCs = Charset.forName( "utf-8" );
        Mac mac;
        String result = "";
        try
        {
            byte[] bytesKey = PayboxConstants.KEY.getBytes( );
            final SecretKeySpec secretKey = new SecretKeySpec( bytesKey, "HmacSHA512" );
            mac = Mac.getInstance( "HmacSHA512" );
            mac.init( secretKey );
            final byte[] macData = mac.doFinal( datas.getBytes( ) );
            byte[] hex = new Hex( ).encode( macData );
            result = new String( hex, "ISO-8859-1" );
        }
        catch ( final NoSuchAlgorithmException e )
        {
            AppLogService.error( e );
        }
        catch ( final InvalidKeyException e )
        {
            AppLogService.error( e );
        }
        catch ( UnsupportedEncodingException e )
        {
            AppLogService.error( e );
        }

        return result.toUpperCase( );

    }

But its ouput is : AA6492987D7A7AC81109E877315414806F1973CC47B897ECE713171A25A11B279329B1BFF39EA72A5EFB7EDCD71D1F34D5AAC49999A780BD13F019ED99685B80

Which is definitly not equivalent to "cloned" php hmac algorithm.

So what can I add to my java code to make it compliant with its php equalivalent ?

EDIT : Actually I managed to makes everything works together, and I available here : http://dev.lutece.paris.fr/plugins/plugin-paybox/index.html

I always have the same answer (whatever I try) from paybox server : "Problème d'identification du commerce. Accès refusé !" which means "Commerce identification probem. Access denied". — Manuel Leduc, Jul 25 '12 at 14:07
Hi ! I had this problem with another pay box module (ppps) : they had not created my site ID in preprod... Did you check it ? — Benjamin Dubois, Jul 25 '12 at 14:32
I have, i'm using identifications values provided in paybox documentation (www1.paybox.com/telechargement_focus.aspx?cat=3) — Manuel Leduc, Jul 25 '12 at 14:41
Did you managed to solve your problem? Do you have a test with parameters values + secret key and hmac result I could test my algo against? — Pasta, Oct 10 '12 at 16:42
@Pasta I added a few line a the end of my question, hope it will you. — Manuel Leduc, Oct 12 '12 at 07:39
Have you find a solution to your php problem? I'm stucked here too. — GeoffreyB, Oct 30 '12 at 13:47
Actually php code is fine. It was portage to java which was problematic, but now it's fixed too. — Manuel Leduc, Oct 30 '12 at 15:42

score -1 · Answer 1 · answered Nov 10 '17 at 11:56

<section class="rl-box">
    <div class="container padd-xs-0">
        <div class="content-section1">
            <div class="left-cont col-md-12 col-sm-12">



                <div class="container-fluid">

                    <?php
                    $PBX_SITE = "1999888";
                    $PBX_RANG = "32";
                    $PBX_IDENTIFIANT = "your identifiant id";
                    $secretKeyTest = "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF";
                    $PBX_PORTEUR = "your-email";
                    $PAYBOX_DOMAIN_SERVER = "tpeweb.paybox.com";
                    $dateTime = date("c");

                    $PBX_TOTAL = 4000; //$_POST["PBX_TOTAL"];   // Amount
                    $PBX_DEVISE = 978;
                    //$PBX_CMD = $_POST["PBX_CMD"]."|".$_POST["user"]."|".$_POST["typed"]."|".$_POST["period"]."|".$_POST["id"]; // order ID no.                          
                    $PBX_CMD = 1; // order ID no.Eg: userid,order_id


                    $PBX_RETOUR = "Mt:M;Ref:R;Auto:A;Erreur:E";
                    $PBX_HASH = "SHA512";
                    $PBX_TIME = $dateTime;

                    //$PBX_EFFECTUE = "http://www.leader-underwriting.eu/payment/payment.php";

                    $msg = "PBX_SITE=$PBX_SITE" .
                            "&PBX_RANG=$PBX_RANG" .
                            "&PBX_IDENTIFIANT=$PBX_IDENTIFIANT" .
                            "&PBX_TOTAL=$PBX_TOTAL" .
                            "&PBX_DEVISE=$PBX_DEVISE" .
                            "&PBX_CMD=$PBX_CMD" .
                            "&PBX_PORTEUR=$PBX_PORTEUR" .
                            "&PBX_RETOUR=$PBX_RETOUR" .
                            "&PBX_HASH=$PBX_HASH" .
                            "&PBX_TIME=$PBX_TIME";


                    $binKey = pack("H*", $secretKeyTest);
                    $hmac = strtoupper(hash_hmac('sha512', $msg, $binKey));

                    $cuu = str_replace(",", "", $ramount);
                    ?>                             
                    <form method="POST" name="form_payment" action="https://preprod-tpeweb.paybox.com/cgi/MYchoix_pagepaiement.cgi">

                        <input type="hidden" name="PBX_SITE" value="<?php echo $PBX_SITE; ?>">
                        <input type="hidden" name="PBX_RANG" value="<?php echo $PBX_RANG; ?>">
                        <input type="hidden" name="PBX_IDENTIFIANT" value="<?php echo $PBX_IDENTIFIANT; ?>">
                        <input type="hidden" name="PBX_TOTAL" value="<?php echo $PBX_TOTAL; ?>"> <!--dynamic-->
                        <input type="hidden" name="PBX_DEVISE" value="<?php echo $PBX_DEVISE; ?>">
                        <input type="hidden" name="PBX_CMD" value="<?php echo $PBX_CMD; ?>">  <!--dynamic-->
                        <input type="hidden" name="PBX_PORTEUR" value="<?php echo $PBX_PORTEUR ?>">
                        <input type="hidden" name="PBX_RETOUR" value="<?php echo $PBX_RETOUR; ?>">
                        <input type="hidden" name="PBX_HASH" value="<?php echo $PBX_HASH; ?>">
                        <input type="hidden" name="PBX_TIME" value="<?php echo $PBX_TIME; ?>">
                        <input type="hidden" name="PBX_HMAC" value="<?php echo $hmac; ?>">
                        <button type="submit" class="btn btn-primary payment">
                            Payer
                        </button> 
                    </form>





                    <center>

                    </center>

                </div>

            </div>


        </div> <!-- .container-fluid -->

    </div>               

</div>
</div>
</section>

Paybox integration

1 Answers1