1
我有一个带有Redsys支付平台的Ruby on Rails应用程序。他们将从旧的SHA1迁移到SHA256,以确保平台的安全。Ruby on Rails中Redsys的新SHA256签名
他们给你写在Java和PHP一些例子,但是当我在写Ruby on Rails的代码,这是行不通的。
商人参数
def get_merchant_parameters
amount = @order.total * 100
hash_params = {
"Ds_Merchant_Amount"=>amount,
"Ds_Merchant_Currency"=>"978",
"Ds_Merchant_Order"=>@order.code,
"Ds_Merchant_ProductDescription"=>" (cod. #{@order.code})",
"Ds_Merchant_Titular"=>@order.bill_to_vat_code,
"Ds_Merchant_MerchantCode"=>tpv_commerce_key,
"Ds_Merchant_MerchantURL"=>payment_verification_url,
"Ds_Merchant_UrlOK"=>payment_ok_url,
"Ds_Merchant_UrlKO"=>payment_ko_url,
"Ds_Merchant_MerchantName"=>"xxxx",
"Ds_Merchant_ConsumerLanguage"=>"001",
"Ds_Merchant_Terminal"=>"001",
"Ds_Merchant_TransactionType"=>"0"
}
Base64.encode64(hash_params.to_json)
end
签名
def set_electronic_firm
# 3DES
des = OpenSSL::Cipher::Cipher.new('DES3')
des.key = Base64.decode64(tpv_key)
# ENCRYPTION
des.encrypt
key = des.update(@order.code) + des.final
# SHA256
Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), key, @merchant_parameters)).strip()
end
后形成价值观
@signature_version = "HMAC_SHA256_V1"
@merchant_parameters = get_merchant_parameters
@signature = set_electronic_firm
可以在Nybody通知我在哪里错了?
谢谢!
完全实施redsys平台红宝石:https://engineering.sequra.es/2015/10/redsys-hmac-sha256-migration-using-ruby/ – ndesorden