Decryption Instructions
Return Decryption Instructions
For data security, Geoswift's interface adopts two decryption methods, one signature method, one signature verification method, and one sorting method: CFCA private key certificate decryption, AES decryption, SHA1 signature, CFCA public key signature verification and key name initial alphabet sorting. The demos in five languages offer a variety of methods
1.Response example:
Header:
<![CDATA[
{
"merchantId": "G9******1",
"requestId": "1556592332569",
"ContentType" : "application/vnd.geoswift-v3.0+json",
"partnerId":"G9******1",
"encryptKey":"OsYlS3vP1I+m5csUDTSbi801evXvMDsMejLHtqIqbtA5QTdPTjvCE2q4NLFek53Sqo0HxjcHxxgbX5QMEM7y0VMmeUmaLJ7BK/
R3Zc5xtHkWE/AbO8ErG7oXgORZ6JVakeRlDG8sSVTT2Duvy38RsXUQC4Vj4VHgxsLq398vfYQZgf9O8FPfSc+m7g8MGhbbuqMSbOWBH1lDKnCkpl
93XSiWFYHICt7aO/P9avhqlSVJDQg2KpwMld6Mfag5hgz/LTE7DfwyueH6VxIU7rrUkelWZSbO3ULUg7G5okRAFvXJPqfTnkRnQ+qTsK3QOpb98X
laR+tjuYqzTWs+/mUVg=="
}
]]>
Body:
<![CDATA[
PoE9VSppnI/ixnoi7j2/LE0o28NGVdREh6TfZXXPS0Z0xZTs8Iy9FOoL2lDYOOGfoNNb3YRGtQ1y1ggUykbBaMRh8ipd7njD8XgH0suhx0nyKcSuUBG
S6vkCV3rI+0cJyjENozstB7vhAv31LxOoWyhrBCim/9mnyMomi6jEZS0xdQizUu4TcgJsQL2wXCecHdoD6C6PzLS+oSpizoBC6OtMMuD3aPR/tU5zzZE
dhofU/r1Bof8CuWulV4sCNr8X5EsduZs3uu3dnLsLEJNDjqplN7dGYga492DMg5KHqm8yAOGkiLAyR2jEspHz0ICVdB7RSS6RTDrtqAVzEIw2zrAYyOo
oTMbKOPkh720eFjkRc3iBw5TLfry9ZP4/sBtCzeOvcKw5rxGWiV6RIzxmftUFfsZLAA45DAil6+qryNU7cvS6UupxFiJLykkg88HvZRCGXuY4RxMhTT9
xMT4Vt+emA3RkYHr4U5Z+jUmvx1AjzQs6VBEoqmiFtM5vwHVkkF+e6JYV3d8BVeWyWCcYWYR0h9WYOdvnozsLv5NAQZtFYLbON7krN9abvqUa1Nwn+fo
8f+kQpyQAqhhLbqx/r2V9jvaIWXYyUzo0oLIH8eL2WvWBPDXMeipo0c0erwxqL3cGI1jxsAvrpAHPoGxYaeRCdWWIWDG2l6hHwiER/pZKp16k0JSOsJV
apgWvbPFAd/kfoP6SHuRG/dNjgahiS+tK/QUrV+X8D16Q7uixBJ15/Gwg/b2QSC88Dvs9t14UmYqtqVYFZAo4u5O718r4yA20nk8bZCd9Zwv+Hy6IEg1
MYXCvrQEb6SY5JzCymLPOLq07Mi1a5IZ1c9KGWY2gi6UaXFEHGVCLt8ITlHhG5V8NCo8+uMB3l4vFKNAMRC21tc1Z7dFdD29vnU+2sa2oa86JGMDLbe+
MXgVEpWsmFouGhcq1uU+xDSgTKlhm87TW0waUihBX/VnmCPrpV0YQgIN/RZMnWAHEf78cWx4UMXEqi+eqJer27CuKG8L2k6sCImskWdIBvVXRpHrEsDq
ZnzsBDQuQ5f0kPjljqXjhk/vLzYy+READjUwVpKDhwkvPd2JT+j+UZBg+shYia0UNpPc0GdvFCgz0unqZUIhkEf9dHXQBzu+pyIMOFspxvf9O41Otj+Y
/cDCxeqIP+KlxJrxLrxr6g868VpWKffKEMivuMZMo528QV0/xUyivzUBxep4OCq6x8zB6poGRaap50PAvbMPEZ9FDJdrSpMkZcGJ5c9w+ET/Pu2xBEv1
Pk7ykfyv2FPgM0vfh+xvjhLvAa0YPXvM7xbeB35LQ2iA54T/voza91sNhMowoR7ZcS0xK6+bp+VDCJfAK6kP4dwvCg==
]]>
2.CFCA private key decryption:
The method is to decrypt the encryptKey encrypted by CFCA public key which has been uploaded to the merchant background and obtain the 16-bit AES key.
The return request header encryptKey:
OsYlS3vP1I+m5csUDTSbi801evXvMDsMejLHtqIqbtA5QTdPTjvCE2q4NLFek53Sqo0HxjcHxxgb X5QMEM7y0VMmeUmaLJ7BK/RR3Zc5xtHkWE/AbO8E
rG7oXgORZ6JVakeRlDG8sSVTT2Duv y38RsXUQC4Vj4VHgxsLq398vfYQZgf9O8FPfSc+m7g8MGhbbuqMSbOWBH1lDKnCkpl93XSi WFYHICt7aO/P9a
vhqlSVJDQg2KpwMld6Mfag5hgz/LTE7DfwyueH6VxIU7rrUkelWZSbO3ULUg 7G5okRAFvXJPqfTnkRnQ+qTsK3QOpb98XlaR+tjuYqzTWs+/mUVg==
The decrypted AES key:
w4deov41ogHO7eFi
3.AES decryption:
This method is used for decrypting the data which have been encrypted by random AES key generated by Geoswift, finally getting the original data.
The returned request body data:
IsMowPkfHQd/x4w7uq3PQpCrCSir9e1B4075S03gQ0svH2LtOcPogsODNGPdrf5YL9AMvslQOj3i
GfS8pkfxxsyYienxAWrwNpu0b49LveB8CvJXBaYOETIbRTYtJ2NaEvJp6vySUo+L0vQZuOb6hxL
ALr8nU/zk4cZiS2KvGtP1tTR1If64Xfut1qNITtQv
After decryption:
<![CDATA[
{
“redirectUrl”:”https://payment.geoswift.com/receipt/redirect/index/2c9553496a684fe9016a6c53228d7
cf1/2c9553496a684fe9016a6c5322af7cf3”,
”merchantId”:”G9******1”,
”requestId”:”1556595531274”,
”paymentOrderId”:”2c9553496a684fe9016a6c53228d7cf1”,
”status”:”REDIRECT”,
”hmac”:”PhbbgXjh6641/cQ6qfy5Dq10h/2TEH1XJiRLKAmtCDUy/hR0K+KRUvJ3bskYVATF3aDrHPBUz+RZjkWjBUgEd9E/7jrHVjAt/WHKl
wwlId1svUcY3oUvJPuh28fHTC8mZ6uOBFLQ5N Vy+sT6A6m2g5OWJ//LQMU05WO77mIt62C60qqFRpdXkcfGdkJapyatUFKIJB8S5EKOeGkDusj6
wMWSIR+Uhrgrzx/pv6BtUmRv2F1syxRK5BjdLWp/bVUl4bxKjCo/JKW8cRmz2ou/ZbchL3uQxJhjwzJoITEJ1PZmUN5B1yJurtQXR3C62MLCeXFV
NFaOP6qC9VbQ8Ewcxh==”
}
]]>
4.Sort by key name initial:
It is used for sorting the original data JSON which has removed hmac from a to z by the initials of key name, then joint the key value, the corresponding key values should be separated by #.
Before sorting:
<![CDATA[
{
“redirectUrl”:
“https://payment.geoswift.com/receipt/redirect/index/2c9553496a684fe9016a6c53228d7cf1/2c9553496
a684fe9016a6c5322af7cf3”,
“merchantId”: “G9******1”,
“requestId”: “1556595531274”,
“paymentOrderId”: “2c9553496a684fe9016a6c53228d7cf1”,
“status”: “REDIRECT”
}
]]>
After sorting:
<![CDATA[
G9******1#2c9553496a684fe9016a6c53228d7cf1#https://payment.geoswift.com/receipt/redirect/index
/2c9553496a684fe9016a6c53228d7cf1/2c9553496a684fe9016a6c5322af7cf3#1556595531274#RED
IRECT#
]]>
5.SHA1 Signature:
Used for preliminary summary of the data. Example:
Before signature:
<![CDATA[
G9******1#2c9553496a684fe9016a6c53228d7cf1#https://payment.geoswift.com/receipt/redirect/index
/2c9553496a684fe9016a6c53228d7cf1/2c9553496a684fe9016a6c5322af7cf3#1556595531274#RED
IRECT#
]]>
After signature:
<![CDATA[
UmfW5oHZqRwSY5XKdINdfh57FK4=
]]>
6. CFCA public key verification:
The merchant uses the CFCA public key in the demo provided by Geoswift(not the public key exported) to verify the hmac data returned by Geoswift to ensure that the data has not been tampered with.