2. Home
  4. Docs
  6. 線上支付 OnlinePay
  8. 串接說明 (General)
  10. 加簽加密說明 (Signature Generation Rule)

加簽加密說明 (Signature Generation Rule)

規則說明 (Description)

簽章產生規則:

  1. 將字串的 request payload 以 UTF-8 編碼,成為”input byte”。
  2. 將街口提供串接使用的 Secret key 以 UTF-8 編碼,成為”secret key byte”。
  3. 將”input byte”加上”secret key byte”透過 HMAC-SHA256 雜湊演算法並轉換為16進位字串作為 “digest”。

Signature Generation Rule :

  1. Encode the request payload into bytes using UTF-8 as “input byte”. For example, if the request payload is {“a”:1, “b”:“13”}, the result is bytes whose hex representation is 7b2261223a312c202262223a223133227d
  2. Also, Encode your Secret key into bytes using UTF-8 as “secret key byte”.
  3. Using the bytes of “input byte” and “secret key byte” by HMAC-SHA256 as the hash function and transfer hexadecimal as “digest”.

範例 (Example) – Entry API (Method=Post)

步驟一:

將字串的 request payload以 UTF-8 編碼,request body範例如下:

{"platform_order_id":"demo-order-001","store_id":"35f12dff-1581-11e9-a054-00505684fd45","currency": "TWD","total_price":10,"final_price":10,"unredeem":10,"result_display_url":"https://display.com","result_url":"https://result-callback.xxx/xxx"}

步驟二:

須與街口支付申請平台Secret Key,金鑰範例為 Secret key = r0odDC1e9LHXDmxuvmOv9bgaWLf2CXB2c4gMheoFucVKNMi1K0Id9zwRHJF1r-kdtAKriKgb11VDlo7Kb8R-FQ,並將 Secret key 以UTF-8 編碼

步驟三:

將步驟一產生的字節透過 HMAC-SHA256演算法,以步驟二的字節作為秘密鑰匙進行加簽,即產生 hexdigest 作為 digest。

{"platform_order_id":"demo-order-001","store_id":"35f12dff-1581-11e9-a054-00505684fd45","currency": "TWD","total_price":10,"final_price":10,"unredeem":10,"result_display_url":"https://display.com","result_url":"https://result-callback.xxx/xxx"}
/*
Secret key='r0odDC1e9LHXDmxuvmOv9bgaWLf2CXB2c4gMheoFucVKNMi1K0Id9zwRHJF1r-kdtAKriKgb11VDlo7Kb8R-FQ'
*/
DIGEST: 3577609b058ab85c2d0a00a5421a991979ed6b9f549476e9a82476dc1b70d876

範例 (Example) – Inquiry API (Method=Get)

步驟一:

將字串的 request payload以 UTF-8 編碼,request parameter範例如下:

platform_order_ids=test123,demo-order-001

步驟二:

須與街口支付申請平台Secret Key,金鑰範例為 Secret key = r0odDC1e9LHXDmxuvmOv9bgaWLf2CXB2c4gMheoFucVKNMi1K0Id9zwRHJF1r-kdtAKriKgb11VDlo7Kb8R-FQ,並將 Secret key 以UTF-8 編碼

步驟三:

將步驟一產生的字節透過 HMAC-SHA256演算法,以步驟二的字節作為秘密鑰匙進行加簽,即產生 hexdigest 作為 digest。

DIGEST: 7778b95890af17c5b41e8cef957f4769e7bfecc79e9f9ee555923293ebd8e880

sample code

PHP

參考工具:https://www.tehplayground.com/uEl6FSUO5YaJHHVH

$sig = hash_hmac('sha256', $string, $secret)

secretkey:
r0odDC1e9LHXDmxuvmOv9bgaWLf2CXB2c4gMheoFucVKNMi1K0Id9zwRHJF1r-kdtAKriKgb11VDlo7Kb8R-FQ

input:
platform_order_ids=test123,demo-order-001

result:
7778b95890af17c5b41e8cef957f4769e7bfecc79e9f9ee555923293ebd8e880

JAVA

參考工具:https://reurl.cc/M0YKXk