I am trying to decrypt paymentData property of PKPaymentToken object upon a successful Apple Pay authorization.
I am trying to follow the instruction here, but I am stuck on step 2 of the decryption steps, which says:
Use the value of the publicKeyHash key to determine which merchant public key was used by Apple, and then retrieve the corresponding merchant public key certificate and private key.
How do I do that?
Please advise.
Thanks!
鉴于从 Apple Developer Center 下载的 Apple Pay 证书文件,以下是在 Ruby 中计算 publicKeyHash 的方法。
require "base64"
require "digest"
require "openssl"
# set cert_file = path to the downloaded Apple Pay .cer file
cert = OpenSSL::X509::Certificate.new(File.read(cert_file))
# strip off the "-----BEGIN PUBLIC KEY-----" line at the start of the string
pem = cert.public_key.to_pem.split("\n").drop(1)
# strip off the "-----END PUBLIC KEY-----" line at the end of the string
pem = pem.take(pem.length - 1)
decoded = Base64.decode64(pem.join)
public_key_hash = Digest::SHA256.base64digest(decoded)
该publicKeyHash字段的值是...您的公钥的哈希值。根据文档,它是商家证书的 X.509 编码公钥字节的 SHA-256 哈希。您可以使用它来确定使用哪个商家标识符来签署支付数据(您可能只有一个商家标识符,在这种情况下,您已经知道正在使用哪个商家标识符)。