Payfort sdk_token生成上的签名不匹配错误

时间:2018-12-26 14:48:19

标签: android digital-signature sha256 payfort

String ACCESS_CODE = "My_PAYFORTAcces_Code"
String MERCHANT_ID = "My_Payfory_Merchet_ID"

我发现了我认为该问题与签名生成有关, 我尝试使用字符串生成签名 “ TESTSHAINaccess_code=ACCESS_CODEdevice_id=ffffffff-d6ab-d802-b274-478d7792a1b7language=enmerchant_identifier=MERCHANT_IDservice_command=SDK_TOKENTESTSHAIN”的签名为“ 9c804f2c08e36749c75389afc12c50e68307c31052e6434c072cd5b36cc8c607”,当我尝试使用“ PASSaccess_code=ACCESS_CODElanguage=enmerchant_identifier=MERCHANT_IDmerchant_reference=53469903-eaac-459c-91b9-78cb026b0712service_command=TOKENIZATIONPASS”的签名为“ 4568f58e22f46b75fb6157cbc131ab194e1f9a066bdc501171a018d2c1d22e14”。

一旦我尝试使用两个签名生成sdk_token,我就会得到“ {"response_code":"00008","response_message":"Signature mismatch","service_command":"SDK_TOKEN","device_id":"ffffffff-d6ab-d802-b274-478d7792a1b7","signature":"30eb8f03adc12dd714aac83249ad0b3e763cfadcd6c996bdf49d86125c23335","merchant_identifier":"My_Payfory_Merchet_ID","access_code":"My_PAYFORTAcces_Code","language":"en","status":"00"}” 这是我用于生成签名的代码,请检查并让我知道其正确与否,

@TargetApi(Build.VERSION_CODES.KITKAT) 
    public static String generateSHA256(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException { 
        MessageDigest md = MessageDigest.getInstance("SHA-256"); 
        byte[] textBytes = text.getBytes(StandardCharsets.UTF_8); 
        md.update(textBytes, 0, textBytes.length); 
        byte[] sha1hash = md.digest(); 
        return convertToHex(sha1hash); 
    } 

    private static String convertToHex(byte[] data) { 
        StringBuilder buf = new StringBuilder(); 
        for (byte b : data) { 
            int halfbyte = (b >>> 4) & 0x0F; 
            int two_halfs = 0; 
            do { 
                buf.append((0 <= halfbyte) && (halfbyte <= 9) ? (char) ('0' + halfbyte) : (char) ('a' + (halfbyte - 10))); 
                halfbyte = b & 0x0F; 
            } while (two_halfs++ < 1); 
        } 
        return buf.toString(); 
    } 

2 个答案:

答案 0 :(得分:0)

这解决了我的问题,

我更改了字符串以生成签名,

Constants.PayfortRequestPhrase + "access_code=" + Constants.PayfortAccessCode 
+ "device_id=" + deviceId + "language=enmerchant_identifier=" +
Constants.PayfortMerchantIdentifier + "service_command=SDK_TOKEN" + Constants.PayfortRequestPhrase 

RequestPhraseAccessCodeMerchantIdentifier是我从Pay-fort帐户获得的。并且签名生成代码保持不变。

答案 1 :(得分:0)

这对 Apple Pay 的制作没有问题。

public function createSignature($deviceId){
    $requestPhrase = PaymentHelper::paymentInfo('ap_request_phrase');
    $access_code = PaymentHelper::paymentInfo('ap_access_code');
    $merchant_identifier = PaymentHelper::paymentInfo('merchant_identifier');
    if (YII_ENV_DEV) {
        $seckey = '86qCkwevMaIwR3wFnilov.&(';
    } else {
        $seckey = $requestPhrase;
    }

    $sdkCredentials = [
        'service_command' => 'SDK_TOKEN',
        'merchant_identifier' => $merchant_identifier,
        'language' => $this->language,
        'device_id' => $deviceId,
        'access_code' => $access_code,
    ];

    $arrData = $sdkCredentials;
    $shaString  = '';

    ksort($arrData);
    foreach ($arrData as $key => $value) {
        $shaString .= "$key=$value";
    }

    $shaString = $seckey . $shaString . $seckey;
    $signature = hash("sha256", $shaString);

    $sdkCredentials['signature']  = $signature;
    
    return $sdkCredentials;
}