Remote Procedure Call (RPC) requests use a signature mechanism to prevent tampering and forgery. The RPC module automatically adds these signatures.
The basic signature and verification process is as follows:
The content of
requestBodyis converted to a string.The converted string is signed using the Security Guard security module. The module uses an encryption key that is stored in an encrypted image, known as a Security Guard image.
The encrypted signature is included in the request and sent to the gateway.
The gateway generates a signature using the same method and verifies that the two signatures match.