5.4.4.1 DApp Access Signature Algorithm

Whenever an off-BSN system sends requests to the PCN gateway, the HTTP request message should be signed with the DApp participant’s DApp access private key. When the PCN gateway receives the message with the digital signature, it will verify the authentication and message integrity with the corresponding hosted or uploaded DApp access public key. The gateway will only process the request message further after the verification is passed.9

1. Assemble signature string

Convert the request parameters into a joined string according to the order of the parameter table, of which, the call parameter prioritises joining UserCode and AppCode of the Header and the response parameter prioritises joining code and msg. Then join the parameters in the Body according to the order of the parameter tables in the definition of APIs.

2. Different type conversion formats

Type Rule Example Result
String No conversion abc abc
Int/int64/long Decimal conversion -12 -12
Float Decimal conversion; see notes for values after decimal point 1.23 1.23
Bool Convert to “true” or “false” true true
Array Join according to parameter sequence and type {”abc”,”xyz”} abcxyz
Map[key]value Join key and value according to parameter sequence {“a”:1,”b”:2} a1b2
Object Convert the attributes in the object one by one according to the document in the above-described format {“name”:”abc”,”secret”:”123456”} abc123456

3. Signature rules

a) FISCO BCOS framework DApp using ECDSA (secp256k1) secret key algorithm

  • Getting the Hash value: The converted string to be signed is required to be computed with SHA256 algorithm with UTF-8 encoding.
  • Sign the Hash value: The hash value and private key should be encrypted with ECDSA (secp256k1) algorithm. In the processing of some programming languages (C#, Java), if signed with SHA256WithECDSA, which includes hash value computation, therefore, the first step is not necessary.

  • Encoding the signature result to Base64.

b) FISCO BCOS framework DApp using SM secret key algorithm

  • Getting the Hash value: The converted string to be signed is required to be computed with SM3 algorithm with UTF-8 encoding.
  • Sign the Hash value: The hash value and private key should be encrypted with SM2 algorithm.
  • Encoding the signature result to Base64.

4. Example

Parameters:

{"header":{"userCode":"user01","appCode":"app01"},"mac":"","body":{“userId”:”abc”,”list”:[“abc”,”xyz”]}}

Result: user01app01abcabcxyz

© 2019-2020 Red Date (Hong Kong) Technology Limited. all right reserved,powered by GitbookFile Modify: 2020-11-24 13:36:26

results matching ""

    No results matching ""

    results matching ""

      No results matching ""