Appendix 1
Signature Verification
Pre-Authorization Payment
- Java
- Node.js
- Python
- .Net
- PHP
String jsonStr = "{"
+ "\"sequenceNo\":\"1\","
+ "\"sourceSystem\":\"mxx\","
+ "\"MsgVer\":\"1.0\","
+ "\"TxnID\":\"20XX0825023XXXXX\","
+ "\"ResultCode\":\"0\","
+ "\"RespCd\":\"00\","
+ "\"OrgRespCd\":\"00\","
+ "\"RRN\":\"32376300XXXX\","
+ "\"STAN\":\"006XXX\","
+ "\"AuthIdResp\":\"945XXX\","
+ "\"MRN\":\"23237V6XXX\","
+ "\"TxnDTTime\":\"20230825143413\","
+ "\"PaymentScheme\":\"MC\""
+ "}";
byte[] messageBytes = jsonStr.getBytes();
signature.update(messageBytes);
boolean verified = signature.verify(signedMessageBytes);
const request = {
sequenceNo = '1',
sourceSystem = 'mxx',
MsgVer = '1.0',
TxnID = '20230825023XXXXXX',
ResultCode = '0',
RespCd = '00',
OrgRespCd = '00',
RRN = '323763006XXX',
STAN = '006XXX',
AuthIdResp = '945XXX',
MRN = '23237V6XXX',
TxnDTTime = '20230825143413',
PaymentScheme = 'MC'
};
const json = JSON.stringify(request);
const sourceSystem = "mxx";
const jsonString = `${sourceSystem}\n${json}`;
const signature = "68acc11449277468cb5e619f16bcff62f5448fa3911a462fd52abadaf4bc8f3effb";
const decodedUrl = decodeURIComponent(signature);
const decodedBytes = atob(decodedUrl);
const byteBuffer = new Uint8Array(decodedBytes.length);
for (let i = 0; i < decodedBytes.length; i++) {
byteBuffer[i] = decodedBytes.charCodeAt(i);
}
const md = forge.md.sha256.create();
md.update(jsonString, "utf8");
const verified = rsaPubicKey.verify(md.digest().bytes(), byteBuffer);
request_data = OrderedDict()
request_data["sequenceNo"] = "1"
request_data["sourceSystem"] = "mxx"
request_data["MsgVer"] = "1.0"
request_data["TxnID"] = "20230825023XXXXXX"
request_data["ResultCode"] = "0"
request_data["RespCd"] = "00"
request_data["OrgRespCd"] = "00"
request_data["RRN"] = "323763006XXX"
request_data["STAN"] = "006XXX"
request_data["AuthIdResp"] = "945XXX"
request_data["MRN"] = "23237V6XXX"
request_data["TxnDTTime"] = "20230825143413"
request_data["PaymentScheme"] = "MC"
json_string = json.dumps(request_data, separators=(",", ":"))
source_system="mxx"
message = f"{source_system}\n{json_string}"
signature = "68acc11449277468cb5e619f16bcff62f5448fa3911a462fd52abadaf4bc8f3effb"
verified = public_key.verify(
signature,
hasher.update(message).digest(),
padding=padding,
)
string json = "{"
+ "\"sequenceNo\":\"1\","
+ "\"sourceSystem\":\"mxx\","
+ "\"MsgVer\":\"1.0\","
+ "\"TxnID\":\"20230825023XXXXXX\","
+ "\"ResultCode\":\"0\","
+ "\"RespCd\":\"00\","
+ "\"OrgRespCd\":\"00\","
+ "\"RRN\":\"323763006XXX\","
+ "\"STAN\":\"006XXX\","
+ "\"AuthIdResp\":\"945XXX\","
+ "\"MRN\":\"23237V6XXX\","
+ "\"TxnDTTime\":\"20230825143413\","
+ "\"PaymentScheme\":\"MC\""
+ "}";
string sourceSystem = "mxx";
string jsonString = sourceSystem + "\n" + json;
string signature = "68acc11449277468cb5e619f16bcff62f5448fa3911a462fd52abadaf4bc8f3effb";
bool verify = rsa.VerifyData(Encoding.UTF8.GetBytes(jsonString), Encoding.UTF8.GetBytes(signature), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
$jsonStringResponse = '{'
. '"sequenceNo":"1",'
. '"sourceSystem":"mxx",'
. '"MsgVer":"1.0",'
. '"TxnID":"20230825023XXXXXX",'
. '"ResultCode":"0",'
. '"RespCd":"00",'
. '"OrgRespCd":"00",'
. '"RRN":"323763006XXX",'
. '"STAN":"006XXX",'
. '"AuthIdResp":"945XXX",'
. '"MRN":"23237V6XXX",'
. '"TxnDTTime":"20230825143413",'
. '"PaymentScheme":"MC"'
. '}';
$sourceSystem='mxx';
$dataResponse = $sourceSystem . "\n" . $jsonStringResponse;
$minifiedJson = json_encode(json_decode($updateJson));
$decodedSignedMessage = '68acc11449277468cb5e619f16bcff62f5448fa3911a462fd52abadaf4bc8f3effb';
$decodedUrl = urldecode($decodedSignedMessage);
$decodedSignature = base64_decode($decodedUrl);
$verifyResponse = openssl_verify($dataResponse, $decodedSignature, $publicKeyPEM, OPENSSL_ALGO_SHA256);