I'm integrating with Protx's VSPServer e-commerce gateway and I'm having problems with an MD5 security key.

The Protx system returns an uppercase MD5 hash and my system generates a lowercase MD5 hash to compare with. The content of the hashes match, except one is uppercase and the other is lowercase.

The problem arises when I try to either convert my hash to uppercase with strtoupper() [php.net] or the Protx hash to lowercase with strtolower() [php.net]. After conversion the hashes do not match, and it appears that the Protx hash is incorrect (my hash is correct based on the input, and this matches other online hash generators' hashes).

With this code the hashes match (albeit in a different case):

$strVPSSignature = $_REQUEST["VPSSignature"]; // The Protx hash
$strMessage = $strVPSTxId . $strVendorTxCode . $strStatus .....; // Truncated for clarity
$strMySignature = md5($strMessage); // Should be uppercase to match Protx has properly
if ($strMySignature !== $strVPSSignature)
{
 // Hashes do not match
}

Protx's and my hash are 699A56E1B540982DB74FB7A48D7CAEAC and 699a56e1b540982db74fb7a48d7caeac, respectively. That hash is correct for the input given.

However, if I convert the case of one variable as follows:

$strVPSSignature = $_REQUEST["VPSSignature"]; // The Protx hash
$strMessage = $strVPSTxId . $strVendorTxCode . $strStatus .....; // Truncated for clarity
$strMySignature = strtoupper(md5($strMessage)); // Should be uppercase to match Protx has properly
if ($strMySignature !== $strVPSSignature)
{
 // Hashes do not match
}

Protx's hash is DDFAC2091B5ADC2E6636B18C5C0ACE9A and my hash is 7123087DD49A38607A249CC733EA7BC3. My hash is correct for the input given.

This isn't a one-off occurrence. When I don't convert the case the hashes always match (although in different cases). But when I change the case the hashes are always different, with the Protx has being incorrect.

Any ideas what's going on or what I'm doing wrong?

P.S. I have asked for support through Protx and await their response.