# 4. Compute HASH

### Hashing Methods

The parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials, amount and quantity of products, etc.&#x20;

{% tabs %}
{% tab title="C#" %}

```csharp
public string ComputeHash(Request _req)
  {
  string _key= { Secret Key Provided by Casheer}
  string datatocomputeHash = $"{_req.amount}{_req.authKey}{_req.currency}{_req.merchantCode}{_req.pc}{_req.referenceID}{_req.sourceCurrency}{_req.timeStamp}{_req.tunnel}{_req.userReference}";
  return GetHashValue(datatocomputeHash, _key);
  }
  public string  GetHashValue(String datatocomputeHash, String HashKey)
  {
  HMACSHA256 hmac = new HMACSHA256(System.Text.Encoding.UTF8.GetBytes(HashKey));
  string computedHash = convertToHex(hmac.ComputeHash(System.Text.UTF8Encoding.Default.GetBytes(datatocomputeHash)));
  return computedHash;
  }
  private string convertToHex(byte[] data)
  {
  System.Text.StringBuilder sb = new System.Text.StringBuilder(data.Length);
  foreach (byte b in data)
  sb.AppendFormat("{0:X2}", (int)b);
  
  return sb.ToString();
  }
```

{% endtab %}

{% tab title="VB.Net" %}

```aspnet
Private Function ComputeHash(ByVal _req As Request) As String
  Dim _key As Strig={ Secret Key Provided by Casheer}
  Dim datatocomputeHash As String = $"{_req.amount}{_req.authKey}{_req.currency}{_req.merchantCode}{_req.pc}{_req.referenceID}{_req.sourceCurrency}{_req.timeStamp}{_req.tunnel}{_req.userReference}"
  Return GetHashValue(datatoHash, _key)
  End Function
  
  Public Function GetHashValue(ByVal datatocomputeHash As String, ByVal HashKey As String) As String
  Dim hmac As HMACSHA256 = New HMACSHA256(System.Text.Encoding.UTF8.GetBytes(HashKey))
  Dim computedHash As String = convertToHex(hmac.ComputeHash(System.Text.UTF8Encoding.[Default].GetBytes(datatocomputeHash)))
  Return computedHash
  End Function
  
  Private Function convertToHex(ByVal data As Byte()) As String
  Dim sb As System.Text.StringBuilder = New System.Text.StringBuilder(data.Length)
  For Each b As Byte In data
  sb.AppendFormat("{0:X2}", CInt(b))
  Next
  Return sb.ToString()
  End Function
```

{% endtab %}

{% tab title="PHP" %}

```php
private function ComputeHash(Request $req)
{
$_key= {Secret Key Provided by Casheer}
$datatocomputeHash = $_req.amount.$_req.authKey.$_req.currency.$_req.merchantCode.$_req.pc.$_req.referenceID.$_req.sourceCurrency.$_req.timeStamp.$_req.tunnel.$_req.userReference;
return GetHashValue($datatocomputeHash, $_key);
}
public function GetHashValue($datatocomputeHash,$HashKey)
{
$computedHash = strtoupper(hash_hmac("sha256", $datatocomputeHash,$HashKey));
return $computedHash
}
```

{% endtab %}

{% tab title="TypeScript" %}

```
private ComputeHash(_req: Request): string {
  let _key={ Secret Key Provided by Casheer}
  let datatocomputeHash: string = "{_req.amount}{_req.authKey}{_req.currency}{_req.merchantCode}{_req.pc}{_req.referenceID}{_req.sourceCurrency}{_req.timeStamp}{_req.tunnel}{_req.userReference}";
  return GetHashValue(datatocomputeHash, _key);
  }
  
  public GetHashValue(datatocomputeHash: String, HashKey: String): string {
  let hmac: HMACSHA256 = new HMACSHA256(System.Text.Encoding.UTF8.GetBytes(HashKey));
  let computedHash: string = convertToHex(hmac.ComputeHash(System.Text.UTF8Encoding.Default.GetBytes(datatocomputeHash)));
  return computedHash;
  }
  
  pagecode:`	private string convertToHex(byte[] data)
  {
  System.Text.StringBuilder sb = new System.Text.StringBuilder(data.Length);
  foreach (byte b in data)
  sb.AppendFormat("{0:X2}", (int)b);
  
  return sb.ToString();
  }`;
```

{% endtab %}
{% endtabs %}

###