Home
Guides
Alchemy Pay

Signature Description

Suggest Edits

Carry timestamp and sign in the request.

All requests must carry appid, timestamp and sign.

  • Please use the appid assigned to you by AlchemyPay.
  • The timestamp uses the current time (UTC+8). The difference between the requested timestamp and the current time cannot exceed 5 minutes, otherwise the request will not be accepted.
  • Sign is a signature, used to verify your identity. The following is an example of generating a timestamp and signature
public class MerSignCheckUtil {

    private static final char[] HEX_DIGITS = { '0', '1', '2', '3', '4', '5',
        '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };

    public static String getMerSign(String appId, String appSecret, String timestamp) {
        return encode("sha1", appId  + appSecret + timestamp);
    }


    private static String encode(String algorithm, String value) {
        if (value == null) {
            return null;
        }
        try {
            MessageDigest messageDigest
                = MessageDigest.getInstance(algorithm);
            messageDigest.update(value.getBytes());
            return getFormattedText(messageDigest.digest());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
    private static String getFormattedText(byte[] bytes) {
        int len = bytes.length;
        StringBuilder buf = new StringBuilder(len * 2);
        for (int j = 0; j < len; j++) {
            buf.append(HEX_DIGITS[(bytes[j] >> 4) & 0x0f]);
            buf.append(HEX_DIGITS[bytes[j] & 0x0f]);
        }
        return buf.toString();
    }
}


// Generate timestamp and sign
public static void main(String[] args) {
        String timestamp = String.valueOf(System.currentTimeMillis());
        System.out.println("timestamp = "+ timestamp);
        System.out.println("\n");
        System.out.println(MerSignCheckUtil.getMerSign("f83Is2**********", "4Yn*************",  timestamp)); 
    }}
                                                       

#Python 3.7.4 
import hashlib
from time import time


def getMerSign(appId, appSecret, timestamp):
    strr = appId + appSecret + str(timestamp)
    encoded_str = strr.encode()
    hash_obj = hashlib.sha1(encoded_str)
    hexa_value = hash_obj.hexdigest()
    return hexa_value


timestamp = int(time() * 1000)
print("timestamp = ", timestamp)
print("\n")
res = getMerSign("f83Is2**********", "4Yn*************", timestamp)
print(res)

//PHP 8.0.7
<?php
function getMerSign($appId, $appSecret, $timestamp){
  $str = $appId.$appSecret.strval($timestamp);
  return sha1($str);
}
$timestamp = floor(microtime(true) * 1000);
printf("timestamp = %d\n", $timestamp);
$res = getMerSign("f83Is2**********", "4Yn*************", $timestamp);
print($res);
 ?>

//node v14.15.1
const sha1 = require('js-sha1');


function getMerSign(appId, appSecret, timestamp) {
  return sha1(appId + appSecret + String(timestamp));
}

//go version go1.18.2
package main

import (
	"crypto/sha1"
	"encoding/hex"
	"strconv"
)

func getMerSign(appId string, appSecret string, timestamp int64) string {
	s := appId + appSecret + strconv.FormatInt(timestamp, 10)
	h := sha1.New()
	h.Write([]byte(s))
	//io.WriteString(h, s)
	return hex.EncodeToString(h.Sum(nil))
}

Updated 8 months ago