Data Signature

Last Updated on : 2024-09-11 08:39:29

This topic describes the method of signing message queue data.

Set up signature verification

Before you get the real data, you can set the tamper-proof MD5 signature verification. The signature algorithm is processed in the following steps:

  1. Format the received JSON parameters (except sign and the parameters with an empty value) into key=val.
  2. Assemble them in ascending order of key. Format example of the assembled string: k1=v1||k2=v2.
  3. Add the key. Example: k1=v1||k2=v2...kn=vn||key.
  4. Generate the MD5 signature of the final string.
  5. If the MD5 signature value is the same as the sign value, it means the data has not been tampered. Otherwise, the data has been tampered.

Resolve the password

The data is decrypted after the signature is checked.

  1. Decode the Base64 encoded data.
  2. Decrypt the middle 16-bit code of the accessKey through the AES (ECB mode) to get the real device status data.