Digital Signature
SHA256 hash is a security feature that enables your script to identify the results of a transaction are actually from the appropriate authorization source and also for E2pay to make sure the integrity of data received on a transaction request.
Using the algorithm, a unique signature or fingerprint of the transaction can be created. This mathematical algorithm used to construct this signature is designed in usch a way that any change to the information used in the calculation of the signature will cause a completely different signature to be created.
Also, the information used in the calculation of the signature cannot be discovered through any analysis of the signature itself.
Every transaction that is processed through the system has a corresponding hash signature of the transaction created during the transaction process.
The signature must be included in the request of every transaction. This hash signature for a request is a hash of the following below :
Date This component represent date of request. Date must be sent in RFC 1123 format. In Java pattern, this date have format: "EEE, d MMM yyyy HH:mm:ss zzz".
Authorization This component can be used for authorization with format:
Secret Key = h04n7eoPm9gAI/xLdLRoS8I4bL5uNWbdwa5e9VFZxHo= Signature = NU1Y4dvdT7jfv5fB12TC/5icC5xmEWxBDURZs8iTDhA= Signature = Base64(HMAC-SHA256(, StringToSign)) StringToSign ==> buffer.append(methodService);//Method buffer.append("\n"); buffer.append(clientId);//bankId buffer.append("\n"); buffer.append(bankRefNo);//bankRefNo buffer.append("\n"); buffer.append(bankChannel);//bankChannel buffer.append("\n"); buffer.append(custId);//custId buffer.append("\n"); buffer.append(dateString);//date string StringToSign ==> inquiry 00000005 201803070001 6017 807400010001 Fri, 13 FEB 2019 10:25:03 ICT
Last updated