Snippets Groups Projects

Commit 88de9311 authored 6 years ago by Romain Derie

[FIX] payment_authorize: use SHA-512 instead of MD5 as not supported

Authorize.Net is phasing out the MD5 based hash use for transaction response
verification in favor of the SHA-512 based hash utilizing a Signature Key.

Instead of hashing with md5 the transaction key, it is now required to hash
the signature key (binary format) with SHA-512.

Support for MD5 will be dropped the 7th March 2019 for sandbox environment and
the 28th March 2019 for production environment, initially planned for the 14th.

Note that as of February 11, 2019 authorize removed the ability to configure or
update MD5 Hash setting in the Merchant Interface.
Merchants who had this setting configured have been emailed/contacted.

opw-1943030

Usefull links:
https://developer.authorize.net/support/hash_upgrade/
https://support.authorize.net/s/article/What-is-a-Signature-Key
https://support.authorize.net/s/article/MD5-Hash-End-of-Life-Signature-Key-Replacement
https://support.authorize.net/s/article/Do-I-need-to-upgrade-my-transaction-fingerprint-from-HMAC-MD5-to-HMAC-SHA512-and-how

closes odoo/odoo#31642

Signed-off-by: Romain Derie (rde) <rde@odoo.com>

parent ca1b201c

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 14 additions and 14 deletions

Please register or to comment