We hit the same problems with the HSBC Cpi interface.
HSBC don't supply a .Net wrapper, and the COM wrapper
can not be called from a 64bit app.
This makes deploying it from on a 64 server (which probably
covers 25% of new production servers) practically imposible.
We looked at some of the approaches listed, but they seemed like
a lot of work. In the end after a bit of messing around we
came up with our own implementation, which looks something like
this.
Use the following Java code to get the intermediate hash
import java.io.Console;
import java.lang.*;
import java.util.*;
import com.clearcommerce.CpiTools.security.HashGenerator;
import com.clearcommerce.CpiTools.security.SecCrypto;
import javax.xml.bind.annotation.adapters.HexBinaryAdapter;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Vector;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
public class Extract {
/**
* @param args
*/
public static void main(String[] args) {
// TODO Auto-generated method stub
try
{
String encryptedKey = "<YOUR SECRET KEY HERE>";
if (args.length == 1)
encryptedKey = args[0];
HexBinaryAdapter hb = new HexBinaryAdapter();
SecCrypto sc = new SecCrypto();
byte abyte0[] = sc.decryptToBinary(encryptedKey);
System.out.println("New Secret Base64 Encoded : " + new String(Base64Coder.encode(abyte0)));
System.out.println("New Secret Hex Encoded : " + hb.marshal(abyte0));
return;
}
catch(Exception ex)
{
System.out.println("Error:" + ex.getMessage());
}
}
}
Then use the following .net code to calcualte the hash
using System;
using System.Collections.Generic;
using System.Text;
namespace HsbcIntergration
{
internal static class CpiHashing
{
<USE THE VALUE RETURNED FROM THE JAVA CODE HERE>
private static readonly byte[] _secret = new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
public static string ComputeHash(List<string> inputList)
{
return ComputeHash(inputList, _secret);
}
public static string ComputeHash(List<string> inputList, byte[] secretData)
{
List<string> orderedDataToHash = new List<string>(inputList);
orderedDataToHash.Sort(StringComparer.Ordinal);
StringBuilder sb = new StringBuilder();
foreach (string s in orderedDataToHash)
sb.Append(s);
List<byte> dataToHash = new List<byte>();
dataToHash.AddRange(Encoding.ASCII.GetBytes(sb.ToString()));
dataToHash.AddRange(secretData);
System.Security.Cryptography.HMAC sha = System.Security.Cryptography.HMACSHA1.Create();
sha.Key = secretData;
return Convert.ToBase64String(sha.ComputeHash(dataToHash.ToArray(), 0, dataToHash.Count));
}
}
}