# Signature

Signature is a string in hexadecimal format, formed by one-way encoding. This string cannot be decoded or generated independently without knowing all the necessary components. The signature is based on the potential importance of each request parameter.

The SHA-1 hash algorithm is used to generate the signature.

{% hint style="info" %}
Secure Hash Algorithm 1 – cryptographic hashing algorithm. For an input message of arbitrary length (maximum 2^64 bits, which is approximately 2 exabytes), the algorithm generates a 160-bit hash value, also called a message digest. Used in many cryptographic applications and protocols.
{% endhint %}

### Signature generation algorithm <a href="#f4a968d6d6" id="f4a968d6d6"></a>

1. A signature line is generated:
   * all query parameters are sorted alphabetically by parameter names;
   * sorted non-empty parameters are sequentially concatenated into one string (concatenation) using a separator character between them;
   * The “salt” of the site (salt) is added to the end of the created line through a separator character.
2. The SHA-1 hash is taken from the received string.

### Example code for generating signature

```python
import hashlib

salt = 'test_salt'
input_params = {
    'site_id': '1',
    'site_login': 'test_login',
    "merchant_id": "merch_id",
    'customer_ip': '1.2.3.4',
    'currency': 'USD',
    'additional_fields': {
        "bank_name": "Citibank",
        "card_holder": "John Wick",
        "card_number": "0000000000000"
    }

}
params = {}
for k, v in input_params.items():
    if isinstance(v, list):
        new_v = ';'.join(sorted(map(str, v)))
        params[str(k)] = str(new_v)
    elif isinstance(v, dict):
        sorted_dict = sorted(v)
        new_v = ';'.join(f'{key}:{v[key]}' for key in sorted_dict)
        params[str(k)] = str(new_v)
    else:
        params[str(k)] = str(v)

sign_str =  ';'.join(['%s:%s' % (k.lower(), params[k])  # noqa UP031
                 for k in sorted(params.keys()) if params[k].strip() != '']
                ) + ';'

signature =  hashlib.sha1(sign_str.encode('utf-8') + salt.encode('utf-8')).hexdigest()
```

### Rules for forming a signature <a href="#id-02b09362b6" id="id-02b09362b6"></a>

* The encoding of the signed string is UTF-8;
* Query parameter names are presented in lowercase. The string may include Latin letters from a to z, numbers from 0 to 9, and the underscore “\_”;
* The semicolon “;” is used as a separator character between parameters.
* Each parameter is appended as a substring ”param\_name:param\_value”, where param name is the name of the parameter, param\_value is the value of the parameter, colon is the internal separator;
* If the parameter value is an array, then its elements are also sorted in ascending order of their keys and sequentially connected by a delimiter character. In this case, array elements (nested arrays) are skipped and the delimiter character is not added;
* To avoid double signing, the “signature” parameter is always excluded from the signature.