RDP Hosted and Direct Tokenization API

Signature

Here are the step by step procedures to generate the generic signature:

1. Prepare the map of request parameters (for authenticating response, prepare the map of payment_response parameters).Sample code for request query-redirection (in PHP):

   $rp = array(
     'mid' => '1000089029',
     'transaction_id' => $_GET['transaction_id']
   );

   Sample code for authentication response (in PHP):

   $response_array = json_decode($json_response, true);
   if (isset($response_array['payment_response']) {
       unset($response_array['payment_response']['signature'])
       $rp = $response_array['payment_response'];
   }

2. Recursively spin through the array to be sign.
   Sample code in PHP:

   $data_to_sign = "";
   // at the end of the function call $data_to_sign contains the String
   // required for step 3
   recursive_generic_array_sign($rp, $data_to_sign);
   
   /* RECURSIVE FUNCTION DEFINITION */
   // use reference-passing to update the variable directly
   function recursive_generic_array_sign(&$params, &$data_to_sign) {
       // sort the parameters based on its key
       ksort($params);
   
       // Traverse through each component
       // And generate the concatenated string to sign
       foreach ($params as $v) {
          if (is_array($v)) {
              // In case of array traverse inside
              // And build further the string to sign
              recursive_generic_array_sign($v, $data_to_sign);
          } else {
              // Not an array means this is a key=>value map,
              // Concatenate the value to data to sign
              $data_to_sign .= $v;
          }
        }
   }

3. Concatenate the string from step 2 with secret_key (in case for response-parameters the secret-key to be used is the secret-key’s of request_mid, as the mid in response can be different from request_mid for Merchant with multiple payment-mode)
   Sample code in PHP:

   $data_to_sign .= $secret_key;

4. Finally get the signature by applying SHA-512 algorithm on the result string from step 3.
   Sample code in PHP:

   $signature = hash('sha512', $data_to_sign);

5. Sample of a generic signature function definition in PHP language.

   function sign_generic($secret_key, $params)
   {
       // a copy-passing, so it's not altering the original $params
       unset($params['signature']);
   
       $data_to_sign = "";
       recursive_generic_array_sign($params, $data_to_sign);
   
       $data_to_sign .= $secret_key;
   
       return hash('sha512', $data_to_sign);
   }
   
   function recursive_generic_array_sign(&$params, &$data_to_sign)
   {
       // sort the parameters based on its key
       ksort($params);
   
       // Traverse through each component
       // And generate the concatenated string to sign
       foreach ($params as $v) {
          if (is_array($v)) {
             // in case of array traverse inside
             // and build further the string to sign
             recursive_sign_payment_response($v, $data_to_sign);
          } else {
             // Not an array means this is a key=>value map,
             // Concatenate the value to data to sign
             $data_to_sign .= $v;
          }
       }
   }
   

   Note:
   Please take note that the ‘signature’ field or parameter inside RDP response message will not
   always be available or exist; and might only be available or exist for these following response
   codes: