Alipay, China's leading third-party online payment solutionAlipay, China's leading third-party online payment solution

Verifying the signature

RSA sign type

After receiving a response or notification, perform the following steps to verify the signature:

  1. Generate the pre-sign string as described in Generating Pre-sign String.
  2. Use the RSA algorithm to calculate a message digest.
  3. Use the RSA public key to de-sign the signature (the value of the sign field) to a message digest.
  4. Compare the two message digests obtained in step 2 and step 3. If the digests are the same, then it indicates that the signed data has not been changed.