3. Create the Digest

As the third step, we must generate a digest.
This digest consists in hashing the content of the request you are about to execute.
This must be always done, even if the body of the request that you're sending is empty.

To generate it, simply follow these steps:

  1. Hash the content of the body with sha256 algorithm.
  2. Take the sha256 hashed content previously generated and encode it in base64.
  3. Prefix the generated string with SHA-256=.

📘

Empty body

If your request has an empty body, generate the digest using an empty string.

🚧

Check for spaces an newlines

Please ensure that the body you intend to encode matches the one being sent.

Different programming languages may handle new lines and spaces in different ways.
Please verify their proper handling to avoid potential issues.

{
  "flow": "MATCH_CODE",
  "amount_unit": 100,
  "currency": "EUR"
}

ZML76UQPYzw5yDTmhySnU1S8nmqGde/jhqOG5rpfVSI=

SHA-256=ZML76UQPYzw5yDTmhySnU1S8nmqGde/jhqOG5rpfVSI=

 

47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=

SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=

Once you've successfully created your digest, store it in a variable.

The digest generated must also be sent as header like this:

Digest: SHA-256=ZML76UQPYzw5yDTmhySnU1S8nmqGde/jhqOG5rpfVSI=

Code sample 1/4

$bodyObject = [
    'flow' => 'MATCH_CODE',
    'amount_unit' => 100,
    'currency' => 'EUR'
];

$body = json_encode($bodyObject);

echo "body:\n";
echo $body . "\n";

$digest = "SHA-256=" . base64_encode(hash("sha256", $body, true));

echo "\ndigest:\n";
echo $digest . "\n";

const crypto = require('crypto');
const fs = require('fs');

const bodyObject = {
    flow: 'MATCH_CODE',
    amount_unit: 100,
    currency: 'EUR'
};

const body = JSON.stringify(bodyObject);

console.log("\nbody:");
console.log(body);

const digest = "SHA-256=" + crypto.createHash('sha256').update(body).digest('base64');

console.log("\ndigest:");
console.log(digest);

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.InvalidKeyException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.text.SimpleDateFormat;
import java.util.Base64;
import java.util.Date;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import org.json.JSONObject;

public class Satispay {
    public static void main(String[] args) {
        JSONObject bodyObject = new JSONObject()
            .put("flow", "MATCH_CODE")
            .put("amount_unit", 100)
            .put("currency", "EUR");

        String body = bodyObject.toString();

        System.out.println("body:");
        System.out.println(body);

        String digest = createDigest(body);

        System.out.println();
        System.out.println("digest:");
        System.out.println(digest);
    }

    private static String createDigest(String body) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            byte[] hashBytes = messageDigest.digest(body.getBytes("UTF-8"));
        
            return "SHA-256=" + Base64.getEncoder().encodeToString(hashBytes);
        } catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
            e.printStackTrace();
            System.exit(1);
        }

        return null;
    }
}

using System;
using System.Collections.Generic;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json;

class Satispay
{
    static void Main(string[] args)
    {
        var bodyObject = new Dictionary<string, object>
        {
            { "flow", "MATCH_CODE" },
            { "amount_unit", 100 },
            { "currency", "EUR" }
        };

        var body = JsonSerializer.Serialize(bodyObject);

        Console.WriteLine("body:");
        Console.WriteLine(body);

        var digest = createDigest(body);

        Console.WriteLine();
        Console.WriteLine("digest:");
        Console.WriteLine(digest);
    }

    static string createDigest(string body)
    {
        var sha256 = SHA256.Create();

        var hashBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(body));

        return "SHA-256=" + Convert.ToBase64String(hashBytes);
    }
}

import json
import hashlib
import base64
import time
import datetime
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives import hashes

body_object = {
    'flow': 'MATCH_CODE',
    'amount_unit': 100,
    'currency': 'EUR'
}

body = json.dumps(body_object)

print("body:")
print(body)

digest = "SHA-256=" + base64.b64encode(hashlib.sha256(body.encode()).digest()).decode()

print()
print("digest:")
print(digest)

#!/bin/bash

body='{
  "flow": "MATCH_CODE",
  "amount_unit": 100,
  "currency": "EUR"
}'

echo "body:"
printf "%s" "$body"

digest="SHA-256=$(printf "%s" "$body" | openssl dgst -sha256 -binary | base64 -w 0)"

echo "\n"
echo "\ndigest:"
echo "$digest"

Digest checker

We've designed this tool for you to validate the digest you've generated.
Please make sure that your output matches the result generated by this tool.

https://satispay-signature-test.glitch.me/digest