Signature and Environment
Update Date: 2020-09-28
Foreword
1) HTTP Request Type
POST
2) Encryption Mode
- Signature encrypted by MD5.
- Message body encrypted by DES
3) Key
Test SecrectKey: 12345678
Production SecrectKey: To be Assigned Until Officially Launched Online
4) Character Format
UTF-8
5)Message Format
Json Message Format:
The Content-Type value in Http header is:
Json:application/json
Json:
{
}
1. API Format Provide by Supplier
1.1 URL List:
Query Product Interface: {Domain}/JNT/productquery/2.0/{timeStamp}/{sign}
Create Order Interface: {Domain}/JNT/ordercreate/2.0/{timeStamp}/{sign}
Update Passenger Info Interface: {Domain}/JNT/updatepassengerinfo/2.0/{timeStamp}/{sign}
Query Driver Location Interface: {Domain}/JNT/querydriverlocation/2.0/{timeStamp}/{sign}
Cancel Order Interface: {Domain}/JNT/ordercancel/2.0/{timeStamp}/{sign}
City Info Push Interface: {Domain}/JNT/cityinfo/2.0/{timeStamp}/{sign}
Vehicle Info Push Interface: {Domain}/JNT/vehicleinfo/2.0/{timeStamp}/{sign}
1.2 URI Parameters Introduction
The input parameters of the API include system level parameters and application level parameters.
System Level Parameters:
For each API, it is used to encrypt, identify the user identity, the version of the API contract and so on.
System Level Parameters:| Name | Required | Meaning | Type | Description | Note |
|---|---|---|---|---|---|
| domain | Y | Vendor’s URL | String | Defined in URL | |
| channel | Y | Channel | String | Defined in URL | |
| version | Y | API version | String | 2.0 | Defined in URL |
| timestamp | Y | time stamp | String | yyyyMMddHHmmss | Defined in URL |
| sign | Y | API input parameter signature result | String | XXXXXXX | Defined in URL |
Application Level Parameters:
The application level parameters are different for different purpose, supplier can find each interface requests and responses for more detail.
1.3 Message Body Encryption
Using DES encryption, the key is the SecrectKey provided by Ctrip. The encrypted body is {the application level parameter and the parameter value}, and encrypts.
Ciphertext = DES Encrypt ({the application level parameter and the parameter value}, SecrectKey)
All the formatted symbols such as /r/n spaces are cleared in the message body.
DES Mode:
CipherMode.ECB;
PaddingMode;
Byte encoding scheme: hex by capital letter
Example
Plaintext::
{"ctripPurchaseOrderId":881824257631123456,"vendorOrderId":"20201022205600","cancelReason":"系统取消"}
Ciphertext: (secret key: 12345678)
0DFE985414998D36084BFF624CBAFC39D2B67742D881F7A40F9F9E9DC859C20BB19688B198C96439B2DE94C064F1FF14F187736F95529336FF71457A5BDFA882F8915340F3253FCB75283643F74C415ACD7E77E0A8505853A0764C44996A5919A6448FBF5B28F9B20C2F7CAFAB0AB326
1.4 Signature method
The MD5 signature encrypts the vendor's ID, version number, channel, timestamp, encryption key, and message body length string after the MD5 is spliced.
Auth=MD5(VendorID+ Version + Channel +TimeStamp+SecrectKey+{Message Body encrypted}.Lenth)Convert to lowercase characters
- +Representative string splicing
- {Message Body encrypted}.Lenth. Represents the length of the encrypted message body, and notice that all the formatted symbols such as /r/n spaces are cleared in the message body.
Example
VendorID:1000009
Version:2.0
Channel:JNT
TimeStamp:20201022202528
SecrectKey: 12345678
Message body encrypted length: 224 (example in message body encryption)
Plaintext:
10000092.0JNT2020102220252812345678224
Ciphertext:
0cd45ac608448cb94b6bd886c7bb125c
2. API Format Provide by Ctrip
2.1 Communication Method
Ctrip uses API to communicate with supplier.
API Address:
- Product Environment:https://openapi-car.ctrip.com/chvendormessagebus
- Sandbox Environment:https://testapi-car.ctrip.com/chvendormessagebus/sandbox
2.2 Message Body Encryption
Using DES encryption, the key is the SecrectKey provided by Ctrip. The encrypted body is {body content}, and encrypts.
Ciphertext = DES Encrypt ({body content}, SecrectKey)
DES Mode::
CipherMode.ECB;
PaddingMode;
Byte encoding scheme: hex by capital letter
2.3 Signature method
The MD5 signature encrypts the vendor's ID, version number, channel, timestamp, encryption key, and message body length string after the MD5 is spliced.
Auth =MD5(VendorID+TimeStamp+SecrectKey+{Envelope encrypted}.Lenth) Convert to lowercase characters
- +Representative string splicing
- {Envelope encrypted}.Lenth. Represents the length of the encrypted Envelope, and notice that all the formatted symbols such as /r/n spaces are cleared in the Envelope.