Appendix 1
Signature Generation
- Java
- Node.js
- Python
- .Net
- PHP
httpsRequest.setMsgVer("1.0");
httpsRequest.setPmtType("01");
httpsRequest.setCallerDeviceType("");
httpsRequest.setEmail("");
httpsRequest.setDeviceSN("PPXXX722XXX05XXX");
httpsRequest.setCallerDeviceVer("");
httpsRequest.setTxnID("20230615155030POS");
httpsRequest.setLocalTxnDTTime("");
httpsRequest.setAmtTxn("000000000100");
httpsRequest.setCrcyTxn("458");
httpsRequest.setDescription("Description");
httpsRequest.setOptInPrintReceipt("OptInPrintReceipt");
httpsRequest.setOptInSendReceipt("OptInSendEReceipt");
httpsRequest.setSourceSystem("mxx");
httpsRequest.setSequenceNo("1");
String jsonStr = gson.toJson(httpsRequest);
String message = httpsRequest.getSourceSystem() + "\n" + jsonStr;
String path = KEYPAIR_DIR + "privatekey.pem";
FileReader fileReader = new FileReader(path);
PEMParser pemParser = new PEMParser(fileReader);
PEMKeyPair pemKeyPair = (PEMKeyPair) pemParser.readObject();
byte[] encodedPrivateKey = pemKeyPair.getPrivateKeyInfo().getEncoded();
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedPrivateKey);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
Signature privateSignature = Signature.getInstance("SHA256withRSA");
privateSignature.initSign(privateKey);
privateSignature.update(message.getBytes(StandardCharsets.UTF_8));
byte[] signature = privateSignature.sign();
String signatureStr = URLEncoder.encode(Base64.getEncoder().encodeToString(signature));
const privateKeyPath = "key/private.key";
const fetchPrivateKey = async (path) => {
try {
const response = await fetch(path);
const privateKey = await response.text();
return privateKey;
catch (error) {}
}
};
const privateKey = await fetchPrivateKey(privateKeyPath);
const rsaPrivateKey = forge.pki.privateKeyFromPem(privateKey);
const sourceSystem = 'mxs';
const request = {
MsgVer: '1.0',
PmtType: formData.pmtType,
CallerDeviceType: "",
Email: '',
DeviceSN: formData.deviceSN,
CallerDeviceVer: '',
TxnID: '06a8735d-aa4d-4d89-a453-508be0122119',
LocalTxnDTTime: '',
AmtTxn: formData.amtTxn,
CrcyTxn: formData.crcyTxn,
TxnTyp: '',
Description: formData.description,
OptInPrintReceipt: 'Y',
OptInSendEReceipt: 'N',
sourceSystem: sourceSystem,
sequenceNo: '1',
};
const jsonString = JSON.stringify(request);
const data = `{sourceSystem}\n${jsonString}`;
//encryption step
const privateKey = await fetchPrivateKey(privateKeyPath);
const rsaPrivateKey = forge.pki.privateKeyFromPem(privateKey);
const md = forge.md.sha256.create();
md.update(data, 'utf8');
const signature = rsaPrivateKey.sign(md);
const signedMessage = encodedURIComponent(forge.util.encode64(signature));
private_key_path = r"...\"
with open(private_key_path, "rb") as f:
private_key_data = f.read()
private_key = serialization.load_pem_private_key(private_key_data, password=None, backend=default_backend())
sourceSystem = "mxs"
request_data = OrderedDict()
request_data["MsgVer"] = "1.0"
request_data["PmtType"] = pmt_type
request_data["CallerDeviceType"] = ""
request_data["TxnID"] = "06a8735d-aa4d-4d89-a453-508be0122119"
request_data["LocalTxnDTTime"] = ""
request_data["AmtTxn"] = amt_txn
request_data["CrcyTxn"] = crcy_txn
request_data["TxnTyp"] = ""
request_data["Description"] = description
request_data["OptInPrintReceipt"] = "Y"
request_data["OptInSendEReceipt"] = "N"
request_data["sourceSystem"] = sourceSystem
request_data["sequenceNo"] = "1"
json_output = json.dumps(request_data, separators=(",", ":"))
data = f"{sourceSystem}\n{json_output}"
signature = private_key.sign(
data.encode('utf-8'),
padding.PKCSv15(),
hashes.SHA256()
)
encoded_signature = base64.b64encode(signature).decode('utf-8')
url_encoded_signature = urllib.parse.quote(encoded_signature, safe='')
request_data["signedMessage"] = url_encoded_signature
string sourceSystem = "mxs";
request.MsgVer = "1.0";
request.sequenceNo = "1";
request.sourceSystem = sourceSystem;
request.CallerDeviceType = "";
request.Email = "";
request.PmtType = "01";
request.DeviceSN = "PP35272222000167";
request.TxnID = "";
request.OptInPrintReceipt = "Y";
request.OptInSendEReceipt = "N";
request.LocalTxnDTTime = "";
request.TxnTyp = "";
request.CallerDeviceVer = "";
using (RSA rsa = RSA.Create())
{
//private key used to sign message
var reader = System.IO.File.ReadAllText(@"E:\xaas_development\Business_Idea_MyXaas\EPFDemo\WebApplication3\wwwroot\key\mxs\mxs_keypair\private.key");
string jsonString = JsonConvert.SerializeObject(request);
var json = JObject.Parse(jsonString);
json.Remove("signedMessage");
var updateJson = json.ToString();
var minifiedJson = JsonConvert.SerializeObject(JsonConvert.DeserializeObject(updateJson));
String data = sourceSystem +"\n"+ minifiedJson;
rsa.ImportFromPem(reader.ToCharArray());
byte[] signature = rsa.SignData(Encoding.UTF8.GetBytes(data), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
bool verify = rsa.VerifyData(Encoding.UTF8.GetBytes(data), signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
signedMessage = Uri.EscapeDataString(Convert.ToBase64String(signature));
}
$sourceSystem = "mxs";
$paymentRequest->MsgVer = '1.0.;
$paymentRequest->PmtType = $requestData['pmtType];
$paymentRequest->CallerDeviceType = '';
$paymentRequest->Email = '';
$paymentRequest->DeviceSN = $requestData['deviceSN'];
$paymentRequest->CallerDeviceVer = '';
$paymentRequest->TxnID = '06a8735d-aa4d-4d89-a453-508be0122119';
$paymentRequest->LocalTxnDTTime = '';
$paymentRequest->AmtTxn = $requestData['amtTxn'];
$paymentRequest->CrcyTxn = $requestData['crcyTxn];
$paymentRequest->TxnTyp = '';
$paymentRequest->Description = $requestData['description'];
$paymentRequest->OptInPrintReceipt = 'Y';
$paymentRequest->OptInSendEReceipt = 'N';
$paymentRequest->sourceSystem = $sourceSystem;
$paymentRequest->sequenceNo = '1';
$jsonString = json_encode($paymentRequest);
$json = json_decode($jsonString);
unset($json->signedMessage);
$updateJson = json_encode($json);
$minifiedJson = json_encode(json_decode($updateJson));
$data = $sourceSystem . "\n" . $minifiedJson;
$privateKey = file_get_contents('key/mxs/mxs_keypair/private.key');
//Sign the data
$rsa = openssl_get_privatekey($privateKey);
openssl_sign($data, $signature, $rsa, OPENSSL_ALGO_SHA256);
$signedMessage = urlencode(base64_encode($signature));