Interface X7. Validation of signature made with WM Keeper Classic keys

This interface should be used for validation of messages signed with WM Keeper Classic keys. Message is posted in string format (Win-1251 encoded).

Only registered members are permitted to use this interface. If you wish to register and get access to this interface, please send information on your online project, your IP and URL of your website, and purpose for use of this interface to WM-ID 941977853154 (technical support) via WM Keeper messenger. In addition, you have to receive a personal WM passport.

Requests using WM Keeper Classic key authorization should be sent to:	https://w3s.webmoney.ru/asp/XMLClassicAuth.asp
Requests using WM Keeper Light certificate authorization should be sent to:	https://w3s.wmtransfer.com/asp/XMLClassicAuthCert.asp
Method	POST
Request format

Request properties
name	purpose	description
wmid	Signer's WM-ID	Is used for WM Keeper Classic authorization
sign	Request's signature Uses the following parameters: wmid+testsign\wmid+testsign\plan+testsign\sign	Is used for WM Keeper Classic authorization
message	Message attributes
testsign\wmid	WM-ID of the customer that should be identified	12 digits
testsign\sign	Signature of the string passed in the testsign\plan parameter. It should be generated by the customer that must be identified
testsign\plan	This string should be signed by the customer

response format

<w3s.response> <retval></retval> <retdesc></retdesc> <testsign> <res></res> </testsign> </w3s.response>

response properties
name	purpose	description
retval	Execution code	0 means that the request was executed
retdesc	Code interpretation
res	authentication result	yes - authenticated successfully, no - authentication failed (invalid customer's signature)

Sample (IIS, ASP, JScript, MSXML)

<%@ Language=JScript %> <% try { var AuthorizeType = 'light' // 'classic' var url; if ('classic'== AuthorizeType) url = 'https://w3s.webmoney.ru/asp/XMLClassicAuth.asp' else url = 'https://w3s.wmtransfer.com/asp/XMLClassicAuthCert.asp' var clientwmid = '111111111111' var clientplanstr = 'string for verification' var clientsignstr = '43daff1f851ee6899f952bf53313'+ 'd975486157c3e662fa335025db723dac73746d52ae185b4'+ '525e54f4fc3eed63a36dbed47e68a50d2b258fb15acac2d3d2e2f0037' var reqwmid = '222222222222' var signstr // only for 'classic' var reqn = (new Date()).valueOf() if ('classic'== AuthorizeType) { var planstr = '' + reqwmid+clientwmid+clientplanstr+clientsignstr var reqwmpwd = 'password' var reqwmfilename = 'c:\\wmkeeperclassickeyfile.kwm' var Signer = Server.CreateObject("WMSignerX.Signer") Signer.Login = reqwmid Signer.Passwd = reqwmpwd Signer.KeyFName = reqwmfilename signstr = Signer.SignString(planstr) } var s = '<w3s.request>' s += '<reqn>'+reqn+'</reqn>' if ('classic' == AuthorizeType) { s += '<wmid>'+reqwmid+'</wmid>' s += '<sign>'+signstr+'</sign>' } s += '<testsign>' s += ' <wmid>'+clientwmid+'</wmid>' s += ' <plan>'+clientplanstr+'</plan>' s += ' <sign>'+clientsignstr+'</sign>' s += '</testsign>' s += '</w3s.request>' var xmlhttp = Server.CreateObject ("MSXML2.ServerXMLHTTP"); if ('light' == AuthorizeType) { xmlhttp.setOption(3, 'WM id: '+reqwmid) } xmlhttp.open('POST', url, false); xmlhttp.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); xmlhttp.send(s); var texttes = xmlhttp.responseText; // Response.Write(texttes) // var xmlres = Server.CreateObject ('Microsoft.XMLDOM'); xmlres.loadXML(texttes); var retcode = -1 var Node = xmlres.selectSingleNode("w3s.response/retval") if (null!=Node) retcode = parseInt(Node.text, 10) if (0==retcode) { Node = xmlres.selectSingleNode("w3s.response/testsign/res") if (Node.text == 'yes') { // authentication was done } } } catch(e) { Response.Write('error:'+(new Number(e.number)).toString(16)+'<br>\r\n') Response.Write('desc:'+e.description+'\r\n') } %>