Skip to content

Crypto Request

Description

Some features of the Conio SDK are protected by a mechanism called Crypto Request, which adds an additional layer of security to the transmission of certain parameters through a cryptographic signature.

Requests utilizing this mechanism can be identified by the presence of the cryptoRequest property, of type [Service]CryptoRequest, in the constructor or factory method of the object passed as a parameter to the operation.

Generation

Each [Service]CryptoRequest type requires a cryptoProof parameter, which is a byte array. This is generated by applying an RSA signature to the SHA256 hash of an ordered concatenation (using the "|" separator) of the service specific parameters, as detailed in the following section:

DATA_TO_SIGN := <pipe-separated concatenation of the service specific parameters>
NFC := <string-to-byte array conversion algorithm implementation>
SHA256 := <SHA256 hashing algorithm implementation>
RSA_SIGN := <RSA signing algorithm implementation>

CRYPTO_PROOF = RSA_SIGN(SHA256(NFC(DATA_TO_SIGN)))

Error

The execution of a service with an invalid cryptoProof generates the error InvalidCryptoProof. The possible causes of this error are:

  • The cryptoProof was signed with an incorrect private key.
  • The plain message does not match the service-specific format.
  • The algorithm for generating the crypto proof was not followed correctly (check the generation algorithm above).