Computing the signature

To be able to compute the signature, you must have:
  • all the fields that start with vads_
  • the signature algorithm chosen in the shop configuration
  • the key

The value of the key is available in your Expert Back Office via Settings > Shop > Keys tab.

The signature algorithm is defined in your Expert Back Office via Settings > Shop > Configuration tab.

For maximum security, it is recommended to use HMAC-SHA-256 algorithm and an alphanumeric key.

The use of SHA-1 algorithm is deprecated but maintained for compliance reasons.

To compute the signature:

  1. Sort the fields that start with vads_ alphabetically.
  2. Make sure that all the fields are encoded in UTF-8.
  3. Concatenate the values of these fields separating them with the "+" character.
  4. Concatenate the result with the test or production key separating them with a "+".
  5. According to the signature algorithm defined in your shop configuration:
    1. if your shop is configured to use "SHA-1", apply the SHA-1 hash function to the chain obtained during the previous step. Deprecated.
    2. if your shop is configured to use "HMAC-SHA-256", compute and encode in Base64 format the message signature using the HMAC-SHA-256 algorithm with the following parameters:
      • the SHA-256 hash function,
      • the test or production key (depending on the value of the vads_ctx_mode field) as a shared key,
      • the result of the previous step as the message to authenticate.
  6. Save the result of the previous step in the signature field.
Example of parameters sent to the payment gateway:
<form method="POST" action="https://secure.lyra.com/vads-payment/">
<input type="hidden" name="vads_action_mode" value="INTERACTIVE" />
<input type="hidden" name="vads_amount" value="5124" />
<input type="hidden" name="vads_ctx_mode" value="TEST" />
<input type="hidden" name="vads_currency" value="978" />					
<input type="hidden" name="vads_page_action" value="PAYMENT" />
<input type="hidden" name="vads_payment_config" value="SINGLE" />
<input type="hidden" name="vads_site_id" value="12345678" />
<input type="hidden" name="vads_trans_date" value="20170129130025" />
<input type="hidden" name="vads_trans_id" value="123456" />
<input type="hidden" name="vads_version" value="V2" />
<input type="hidden" name="signature" value="ycA5Do5tNvsnKdc/eP1bj2xa19z9q3iWPy9/rpesfS0=	" />					
<input type="submit" name="pay" value="Pay"/>
</form>

This sample form is analyzed as follows:

  1. The fields whose names start with vads_ are sorted alphabetically:
    • vads_action_mode
    • vads_amount
    • vads_ctx_mode
    • vads_currency
    • vads_page_action
    • vads_payment_config
    • vads_site_id
    • vads_trans_date
    • vads_trans_id
    • vads_version
  2. The values of these fields are concatenated using the "+" character:
    INTERACTIVE+5124+TEST+978+PAYMENT+SINGLE+12345678+20170129130025+123456+V2
  3. The value of the test key is added at the end of the chain and separated with the "+" character. In this example, the test key is 1122334455667788
    INTERACTIVE+5124+TEST+978+PAYMENT+SINGLE+12345678+20170129130025+123456+V2+1122334455667788
  4. If you use the SHA-1 algorithm, apply it to the obtained chain.

    The result that must be transmitted in the signature field is: 59c96b34c74b9375c332b0b6a32e6deeec87de2b

  5. If your shop is configured to use "HMAC-SHA-256", compute and encode in Base64 format the message signature using the HMAC-SHA-256 algorithm with the following parameters:
    • the SHA-256 hash function,
    • the test or production key (depending on the value of the vads_ctx_mode field) as a shared key,
    • the result of the previous step as the message to authenticate.

    The result that must be transmitted in the signature field is:

    ycA5Do5tNvsnKdc/eP1bj2xa19z9q3iWPy9/rpesfS0=