Steps to Generate a Secure Signature
This section explains how to generate a signature for a request using asymmetric encryption. Both ArthaCard and the merchant must exchange public keys, which will be used for validating requests.Public Key: Exchanged between both parties for validation.Private Key: Retained securely for yourself.Steps to Create the Signature#
Gather all the request header information and the request body.Exclude the signature field and any fields with empty values.Sort all the fields by parameter name in ascending ASCII order.Form a new string using the sorted parameters with the format <parameter name>=<parameter value>, separating each parameter pair with an & symbol.The combined string will be signed using the private key.3. Invoke Signature FunctionUse the SHA256WithRSA signature function along with the private key to sign the combined string. The RSA key should be 1024 bits in length.Encode the resulting signature in base64 format.Insert the base64-encoded signature value into the signature field in the request header. Modified at 2025-02-18 09:45:24
