The MAC is designed to be used with the Dibs Payment Window and secures the key-value pairs which is considered part of the secured message.
A key-value pair having a key which is either prefixed by "s_" or appears on the list of keys recognised by DIBS, is considered a part of the secured message. All other key-value pairs are ignored. The key-value pairs in the secured message must be sorted by the key. The key and value must be separated by a "=" in a key-value pair.
The secured message string must be constructed by concatenating the sorted key-value pairs separated by a "&". E.g.: amount=12300¤cy=208.
----------------------------------------------------
The Key can be found in DIBS administration. See attached image:
Comments
1 comment
Can you advice more how should be HTTP_COOKIE parameter treated? Should it's value be used for HMAC calculations or omitted?
Please sign in to leave a comment.