Signature Algorithms

KEY exchange

Merchant need to get two KEYs for the signature algorithm:

  • Ksher’s RSA Public KEY

  • Merchant RSA Private KEY

All the parameters excluding sign field in the request message need to be signed.

Merchant RSA Private KEY

You need to access your merchant portal for resetting/downloading your private KEY. Please get it from https://merchant.ksher.net

For How to get it Please see How to download Key page.

Signature generation process

SDK process

You can use handy step but it’s make you annoying with algorithm we will use, verified signature, value type, etc. We recommend to use SDK. Check the SDK page.

Handy process

  • Organize all the parameters according to the format shown below:

{
    "appid": "A001",
    "fee_type": "THB",
    "total_fee": 100,
    "nonce_str": "ae0e6jm55qlq1o7",
    "channel": "wechat",
    "mch_order_no":"20170420105719000001"
}
  • Concact all the key:value pairs into a string. Ordering by the ASCII value of each key, join each key-value pair and concat them into a string with the format of below:

appid=A001channel=ae0e6jm55qlq1o7fee_type=THBmch_order_no=201601031138001nonce_str=13572468total_fee=100
  • Make a hash computing on the string got in step above;

  • Sign the result got in step above with own RSA private key;

  • assign the signed result got in step above to the sign field in the post parameters dict.

The final result of post data is like below:

{
    "appid": "A001",
    "fee_type": "THB",
    "total_fee": 100,
    "nonce_str": "ae0e6jm55qlq1o7",
    "channel": "wechat",
    "mch_order_no":"20170420105719000001"
    "sign":  "0d3d3a9ac3d713bcdc7b8b786af87a6ea0c0bba31e26a77b8822f19c38b8289552269a7c6bfa47058a1861f29db8fbad8ec6021f7668a0d8c2c12dc05e988f8c"
}

Signature generation online testing tool

You can generate a signature from this URL. Please get it from https://gateway.ksher.com/demo_sign.html