preface

Payment is a high level of security scenario, the leakage of every piece of data between systems may cause great losses. Therefore, every piece of data exchanged between systems during payment is encrypted.

Here comb the encryption rules used when alipay pays, please refer to.

What is a signature?

Before we look at signatures, let’s review the payment interaction. As shown in the figure above, the payment process can be roughly divided into six steps.

  1. Users select their own goods to submit orders.

  2. The merchant server will send the commodity information and the amount needed to Alipay, to generate alipay order.

  3. Alipay will generate a payment page after the order is returned successfully, which is convenient for mobile payment or web payment.

  4. The mobile phone calls alipay app for payment.

  5. Input the payment password and send it to alipay server.

  6. Alipay server transfer success, inform the merchant server of a certain order amount transfer success.

Of these six steps, the most important are steps 2 and 6. The disassembly is as follows.

The information transmitted during the interaction between the merchant server and alipay server is extremely sensitive, so it is necessary to prevent middlemen from tampering with the information during the interaction. For example, if the amount of the product is changed to 0 in Step 2, Alipay mistakenly thinks it is 0 yuan.

Digital signatures solve this security problem in interaction. It can verify the authenticity of a message or document. In the alipay interface, there is a sign parameter to fill in the signature. This signature is used to prevent information from being forged. In this way, messages can be effectively prevented from being tampered during transmission.

2. Implementation principle of signature

2.1 Signature Principles

Digital signature is a guarantee of information security, and its implementation depends on the key of both systems.

The signature process is as follows:

  1. Evaluates the hash of the document you want to sign. Regardless of the length of the input document, the output length is always fixed. For example, using SHA256 is 256 bits.

  2. Encode the result hash and some additional metadata. For example, the recipient needs to know the hash algorithm you’re using, otherwise the signature can’t be processed.

  3. Using the private key to encrypt encoded data, the result is a signature that can be appended to the document as a basis for authentication.

Signature verification (Signature verification) :

The recipient receives the document and evaluates the document hash independently using the same hash algorithm.

She then decrypts the message using the public key, decodes the hash, and verifies that the hash algorithm used is correct and that the decrypted hash is the same as the one computed locally.

2.2 Asymmetric encryption

Alipay uses RSA asymmetric encryption to sign messages.

Asymmetric encryption consists of a public key and a private key, which are named public key and private key in common codes. Asymmetric encryption has the following characteristics: The information encrypted by the private key can be decrypted only by the public key, and the information encrypted by the public key can be decrypted only by the private key.

Generally, the private key is reserved and stored in the configuration file during development. The security level is the same as the database account password. The public key is handed over to other systems, so that the middleman cannot decrypt the information exchanged between systems without knowing the key. As long as the sender ensures that the private key is not leaked, the information sent to the receiver cannot be matched successfully during signature verification.

Alipay’s signature is roughly the same way. Alipay’s public key and application public key are two very important terms in information interaction, and these two secret keys always confuse people. This is because Alipay provides two sets of RSA encryption. One set is used to ensure information security when the single interface is placed in Step 2, and the other set is used to ensure information security when the callback is performed in Step 6.

As shown in the figure below, Step 2 Merchant server calculates signature through red application private key (Priv Key 2), and Alipay conducts signature check through red application public key (Pub Key 2). Step 6 The Alipay server calculates the signature using the blue Alipay private key (Priv Key 6), and the merchant verifies the signature using the blue Alipay public key (Pub Key 6).

After understanding the principle of signature calculation, it is easy to manage the platform to set app information. I take the sandbox environment as an example.

As shown in the preceding figure, the RSA2 encryption mode is used and the HASH algorithm is SHA256. After entering the Settings to set the application public key and save alipay public key.

  • You need to generate a pair of the public key and private key to ensure the security of Step 2. Generation jump alipay open platform development assistant

  • Alipay public key and Alipay private key are provided by Alipay. The private key is reserved by Alipay itself, which is the same as the application private key of its own server, and will not be provided by others. The public key is copied and used to authenticate the signature during the callback.

Three, symmetric encryption

Although the signature can prevent the information of the middleman from being tampered, it cannot prevent the information of the middleman from being viewed. For example, in Step 2, if the amount of goods is sent to Alipay, the middleman can obtain the transaction amount of the merchant every day. The transmission of information over the Internet feels like an ethereal process, where information can be intercepted by criminals.

Therefore, during payment, HTTPS is recommended for interaction to ensure that the information exchanged is encrypted and transmitted. In addition, many of Alipay’s interfaces also support transmission after using AES encryption, making information more secure.

AES encryption is a symmetric encryption algorithm, which is simpler than asymmetric encryption. There is only one key between systems, which can be used for encryption or decryption.

The information exchanged with Alipay can be encrypted through AES. To prevent information leakage, the official description of interfaces is as follows:

If The OpenAPI has no bizContent parameter, AES key encryption cannot be used. Otherwise, an error message is displayed indicating that the CURRENT API does not support encryption requests. For example: Alipay.user.info.share(Alipay member authorization information query interface) does not use bizContent parameter transmission, AES key encryption cannot be used.

4. Relationship between AES and RSA

  • The AES key encrypts the request and response content of an interface. The ciphertext cannot be identified by a third party, preventing data leakage during interface transmission.

  • The RSA key is used to sign the interface request and response content. The developer and alipay open platform add the signature check respectively to confirm that the content transmitted by the interface is not tampered. No matter whether the interface is in plain text or ciphertext, RSA can sign the interface properly.

  • Developers can perform AES encryption for request parameters and RSA signature for ciphertext.

At this point, leave a like if it helps you.