Sample code for 30+ languages & platforms
Unicode C

Payeezy HMAC Computation

See more HTTP Misc Examples

Demonstrates how to calculate the HMAC for a Payeezy REST request.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkCrypt2W.h>
#include <C_CkPrngW.h>
#include <C_CkDateTimeW.h>
#include <C_CkStringBuilderW.h>
#include <C_CkJsonObjectW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkCrypt2W crypt;
    HCkPrngW prng;
    const wchar_t *apiKey;
    const wchar_t *apiSecret;
    const wchar_t *token;
    const wchar_t *nonce;
    HCkDateTimeW dtNow;
    HCkStringBuilderW sbTimestamp;
    const wchar_t *timestamp;
    HCkJsonObjectW json;
    HCkStringBuilderW sbHmacData;
    const wchar_t *hexHash;
    HCkStringBuilderW sbBase64Hash;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    crypt = CkCrypt2W_Create();
    prng = CkPrngW_Create();

    // An API key such as y6pWAJNyJyjGv66IsVuWnklkKUPFbb0a
    apiKey = L"my_api_key";
    // An API secret such as 86fbae7030253af3cd15faef2a1f4b67353e41fb6799f576b5093ae52901e6f7
    apiSecret = L"my_api_secret";
    // A token such as fdoa-a480ce8951daa73262734cf102641994c1e55e7cdf4c02b6
    token = L"my_merchant_token";

    // The nonce is a random number (bytes), something like "6057786719490086000"
    nonce = CkPrngW_genRandom(prng,8,L"decimal");
    wprintf(L"nonce = %s\n",nonce);

    dtNow = CkDateTimeW_Create();
    CkDateTimeW_SetFromCurrentSystemTime(dtNow);
    sbTimestamp = CkStringBuilderW_Create();
    // Get the epoch timestamp in seconds
    CkStringBuilderW_Append(sbTimestamp,CkDateTimeW_getAsUnixTimeStr(dtNow,FALSE));
    // Change it to milliseconds
    CkStringBuilderW_Append(sbTimestamp,L"000");
    // The timestamp is a number similar to this: 1546011905000 (which is a timestamp taken on 28-Dec-2018).
    timestamp = CkStringBuilderW_getAsString(sbTimestamp);
    wprintf(L"timestamp = %s\n",timestamp);

    // Generate the following JSON request body:
    // 	{
    // 	  "merchant_ref": "Astonishing-Sale",
    // 	  "transaction_type": "authorize",
    // 	  "method": "token",
    // 	  "amount": "200",
    // 	  "currency_code": "USD",
    // 	  "token": {
    // 	    "token_type": "FDToken",
    // 	    "token_data": {
    // 	      "type": "visa",
    // 	      "value": "2537446225198291",
    // 	      "cardholder_name": "JohnSmith",
    // 	      "exp_date": "1030",
    // 	      "special_payment": "B"
    // 	    }
    // 	  }
    // 	}

    json = CkJsonObjectW_Create();
    CkJsonObjectW_UpdateString(json,L"merchant_ref",L"Astonishing-Sale");
    CkJsonObjectW_UpdateString(json,L"transaction_type",L"authorize");
    CkJsonObjectW_UpdateString(json,L"method",L"token");
    CkJsonObjectW_UpdateString(json,L"amount",L"200");
    CkJsonObjectW_UpdateString(json,L"currency_code",L"USD");
    CkJsonObjectW_UpdateString(json,L"token.token_type",L"FDToken");
    CkJsonObjectW_UpdateString(json,L"token.token_data.type",L"visa");
    CkJsonObjectW_UpdateString(json,L"token.token_data.value",L"2537446225198291");
    CkJsonObjectW_UpdateString(json,L"token.token_data.cardholder_name",L"JohnSmith");
    CkJsonObjectW_UpdateString(json,L"token.token_data.exp_date",L"1030");
    CkJsonObjectW_UpdateString(json,L"token.token_data.special_payment",L"B");

    // string hashData = apiKey + nonce + timestamp + token + jsonString;
    sbHmacData = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbHmacData,apiKey);
    CkStringBuilderW_Append(sbHmacData,nonce);
    CkStringBuilderW_Append(sbHmacData,timestamp);
    CkStringBuilderW_Append(sbHmacData,token);
    CkStringBuilderW_Append(sbHmacData,CkJsonObjectW_emit(json));

    // HMAC the data to produce a hex string.
    CkCrypt2W_putEncodingMode(crypt,L"hexlower");
    CkCrypt2W_putMacAlgorithm(crypt,L"hmac");
    CkCrypt2W_SetMacKeyString(crypt,apiSecret);
    CkCrypt2W_putHashAlgorithm(crypt,L"sha256");
    CkCrypt2W_putCharset(crypt,L"utf-8");
    hexHash = CkCrypt2W_macStringENC(crypt,CkStringBuilderW_getAsString(sbHmacData));

    // Now base64 encode the hex string:
    sbBase64Hash = CkStringBuilderW_Create();
    CkStringBuilderW_Append(sbBase64Hash,hexHash);
    CkStringBuilderW_Encode(sbBase64Hash,L"base64",L"utf-8");

    wprintf(L"This is the Authorization header to be sent with the payeezy request:\n");
    wprintf(L"Authorization: %s\n",CkStringBuilderW_getAsString(sbBase64Hash));


    CkCrypt2W_Dispose(crypt);
    CkPrngW_Dispose(prng);
    CkDateTimeW_Dispose(dtNow);
    CkStringBuilderW_Dispose(sbTimestamp);
    CkJsonObjectW_Dispose(json);
    CkStringBuilderW_Dispose(sbHmacData);
    CkStringBuilderW_Dispose(sbBase64Hash);

    }