The below are steps of digital signature generation :
| No | Steps |
|---|---|
| 1 | Compose the string to sign: StringToSign = client_ID+"|"+X-TIMESTAMP |
| 2 | Create Signature With SHA256withRSA SHA256withRSA(PrivateKey, StringToSign) |
| 3 | The signature string is generated from string to sign above with applying SHA-256 with RSA-2048 encryption using pkcs8 private key and then encode the result to base64. |
| 4 | Put the signature string into HTTP Header “X-SIGNATURE“ when call API for applying B2B access token. |
Example:
- Client ID : 202000215
- X-TIMESTAMP : 2024-05-17T14:12:50+07:00
- Private Key :
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQCyv//t/knkJRMRVgD37Bq2RTHVxC6kZmw8t0L3j23wFajGbh8W
dUy9PvibmLUdWXNWPqvvu0cDnA+QHXfUwnsrVy7ia0kje2h7wj/bM4LSzRziqljF
8th5d1Spqbqxq9HnrOxKjZAHxlzMfGrJFHin6Jhjy3c1bNhhFeEqeqY6RwIDAQAB
AoGBAKVYMRcm15bwLHkmwvKSNgtQak7AkByGmax4ILv6sskYX+xdROhzTK7ppvHX
CgHCEow+oLC63W+bVlIK0CPAWkkpx6zE/W/NaQseJJ/p8OwZHJ0IIFj9qjicWiWn
bbGm6dN0yHAwU8ssLqH9OEJ7Qp+bAFukU0U/pjYiqLUioP0BAkEA6OMzoKv/B9TR
c80VH0CSui4j0OJFZBqJglRZumDYhm8x6gn/ACpEJvM43iTbA7Llm9pyCaq7KBV2
L2zTsOUChwJBAMR9XfIWqlSTxdfWP3Wga6mYBg191BHDvzJ3Zc+y7gNTcml8YDUd
JkLUonVGu8ox5SPj0AE7K3cxhBYIzugiOkECQQCgLNwubv2qUjp47h3P7+a6/M8P
dQEK96GKLR/Fq6Rg2gu3j4Z+g5N6QqDjUO/93EZF6nmyomW1DQXLWotCyE/zAkBF
4LvnW44p0//ZOZWJ9Io1Xx5P7/7abn3xqaqoid7Bigy3XQct/Hbd75bzFDu2tbXi
5KLVvUBA/HgYCfvjbEDBAkEA0PqCZZCUFaxAB5nyDlY9Zk9wRO06ExcBubFqZfKV
Wn7gwb7l5AO4yt8+O1FUvcyDynFHLcHQeARRDGyLIiSzyA==
-----END RSA PRIVATE KEY-----
- StringToSign = 202000215|2024-05-17T14:12:50+07:00
- SHA256withRSA(PrivateKey, StringToSign)
Result :
gSNfcFyM6YA97pnw4SvUhQ7cUJWc1Ab/I4WdeQx53UjiYMbWgPONMUXEDrHT4nfTRpehJ9C1mBhH1oivlF+TCx8xj9k2OlJy6AtCR00DR2kW+PvTE5zzx6zHkXR1BHSF61/0YY5aQDMQP2a09wKFWPUFf4RnGckwtP8rehVqw8A=