![]() Signature = hmac.new(private_key.encode("utf-8"), signature_data.encode("utf-8"), hashlib.sha256).hexdigest() Signature_data = method + timestamp + url I already successfully signed requests on several other APIs using this minimal example in python import requests $result = openssl_verify($data, $signature, $public_key, OPENSSL_ALGO_SHA256) $public_key = $request->header("api-key") $timestamp = $request->header("timestamp") I verify requests in PHP as follow public function verify_request(Request $request) My API is implemented in PHP and the client in python. However I have some difficulties implementing a working example. I understand that the underlying concept is that the sender sign the payload with its private key using HMAC and that the receiver verify this signature with the public key. I'm currently trying to implement a minimal REST API with digital signature. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |