HMAC (Hash-Based Message Authentication Codes) Definition
Hash-based message authentication code (or HMAC) is a cryptographic authentication technique that uses a hash function and a secret key.
Unlike systems that rely on asymmetric encryption and signatures, you can use shared secrets to accomplish authentication and confirm the authenticity of data using HMAC.
HMAC Calculation
You can use hmac to authenticate the responses you get from Aman.
the response will contain hmac, you should calculate hmac like in the code below and compare it to the received one and they must be equal.
A sample php code for hmac calculation.
private function generateHMAC($data, $key)
{
$txt = sprintf("{Amount:\"%s\",Currency:\"%s\",TransactionReference:\"%s\"
,TransactionFees:\"%s\",TransactionType:\"%s\",OrderReference:\"%s\"
,PaymentMethod:\"%s\",Status:\"%s\",CreatedAt:\"%s\",UpdatedAt:\"%s\"
,MerchantReference:\"%s\",customerName:\"%s\",customerPhoneNumber:\"%s\"
,customerEmail:\"%s\",customerAddress:\"%s\"}",
$data['amount'], $data['currency'], $data['transactionReference'],
$data['transactionFees'], $data['transactionType'], $data['orderReference'],
$data['paymentMethod'], $data['status'], $data['createdAt'], $data['updatedAt'],
$data['merchantReference'], $data['customerName'], $data['customerPhoneNumber'],
$data['customerEmail'], $data['customerAddress']
);
return hash_hmac('sha3-512', ($txt), $key);
}Make sure you have an active Aman account, or create account.
| field | description |
|---|---|
| $Key | Your Aman account Secret key (encrypted code) you should have received it after creating an account. |
| $data | the transaction data. |
| sha3-512 | this is the algorithm used to encrypt the data. |