How is a digital signature?

Need to create a digital signature, but the hashes don't match
as I understand the logic (string $sign)
1. merges an array into a string (without separator?)
2. the method is encrypted with sha1 with a key
3. encoded base64
4. encrypted with md5 method
5. encoded base64

or is something wrong?
there is no possibility to add php code, only javascript or nodejs

all the code
$clientID = 123;
$secret = 'qwertyuiop123456';

$data = [
 'CLIENT_ID' => $clientID,
 'INVOICE_ID' => '1',
 'AMOUNT' => '100',
 'PAYMENT_CURRENCY' => 'qiwi',
 'DESCRIPTION' => 'Test payment',
 'SUCCESS_URL' => '',
 'FAIL_URL' => '',
 'STATUS_URL' => ''
$sign = base64_encode(md5($secret . base64_encode(sha1(implode(", $data), true)) . $secret, true));

$data['SIGN_ORDER'] = implode(';', array_keys($data));
$data['SIGN'] = $sign;
April 4th 20 at 00:45
2 answers
April 4th 20 at 00:47
1. the array is combined into a string without separator
2. the result is encrypted with sha1 method without any "keys" in binary output
3. the result is encoded in base64
4. the result is added to the secret key, front and rear
5. the result is encrypted with md5 method with binary output
6. the result is encoded in base64

In General, this algorithm looks as if it were a fifth grader, somewhere vaguely slachevsky about hashing. I would not trust the payment system, which signs the transaction in this way.
Thanks for the point "4" , there was error
I agree about the curve forming the signature - korbin_Carter commented on April 4th 20 at 00:50
April 4th 20 at 00:49
Totally agree with @Herbert. And your question: most likely, you ignored some requirement of the type of location parameters in $data strictly in alphabetical order.
Thanks for the reply
The order is reported separately in the form
A mistake is noticed after the explanation of @Herbert - korbin_Carter commented on April 4th 20 at 00:52
@korbin_Carter, Then check his answer with the solution - Kristy commented on April 4th 20 at 00:55

Find more questions by tags PHP