PC(Desktop) API integration


API integration

In API integration section, API type integration guide is provided.

Call Payment Window – Authentication Data Receive – Payment Request – Payment Result Process
Please check the PC Standard Web Payment Integration Guide through 4 STEP

API Download

Refer to Download menu for library and integration sample codes.


Payment Window Call JS

Introducing neccessary script to call NHN KCP payment page

<!-- Payment Window Call JS-->

1https://pay.kcp.co.kr/plugin/payplus_web.jsp

Test : https://testpay.kcp.co.kr/plugin/payplus_web.jsp


Payment Window Execution Function

Introducing neccessary function to call NHN KCP payment page

<!-- Calling function(Execute) -->

1<script type="text/javascript">
2function jsf_pay(form)
3{
4   try
5   {
6     KCP_Pay_Execute( form );
7   }
8     catch (e)
9   {
10     /* Script finished with a throw in IE when the payment is normally closed */
11   }
12}
13</script>
Type : text/javascript

Authentication Data

The corresponding function is for handling authorization request upon completing the payment window authentication. (The function name cannot be changed.)

FormOrJson not to be used by merchants
FormOrJson value is set to frm value. You should use it as frm value.

The position of the function must be set before js_url javascript sourcing

Return Value is “form”

<!-- Example of m_Completepayment function -->

1<script type="text/javascript">
2function m_Completepayment( FormOrJson, closeEvent )
3   {
4     var frm = document.order_info; //submit
5     GetField( frm, FormOrJson );
6       if( frm.res_cd.value == "0000"
7       {
8         /* Response processing by merchant part */
9         frm.submit();
10       }
11      else
12      {
13        alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );
14        closeEvent();
15      }
16  }
17</script>
Type : text/javascript

Order Request Parameter Gulde

Required Parameter

string5

site_cd

Merchant ID


string40

ordr_idxx

Merchant order number


string12

pay_method

Payment Method Code
Composed of 12 digits (Use: 1, Not used: 0)
- Credit Card : 100000000000
- Bank Transfer : 010000000000
- Virtual Account : 001000000000
- Mobile Billing : 000010000000


string100

good_name

Product Name


string12

good_mny

Payment Amount


string3

currency

WON : 410 / USD : 840


string20

shop_user_id

Shop user ID

Optional Parameter

string20

site_name

Merchant Name(Recommend to input in English)


string30

buyr_name

Buyer name


string50

buyr_mail

Buyer mail


string20

buyr_tel2

Buyer Mobile Number

Conditional Parameter

Credit card conditional parameter


number2

quotaopt

Install payment option for transaction amount over 50,000 KRW.


string1

kcp_noint

No - interest installment.“” : As stated in Merchant Portal configuration

“Y” : no interest option configured in the ‘no interest’ setup (kcp_noint_quota) in Merchant Portal
“N” : Ignores Merchant Portal configuration, general install payment is set in place.


string256

kcp_noint_quota

In case that kcp_noint is set as ‘Y,’ no interest installment option will be shown on the payment window (as an icon).
Configurable by each card issuer


string1

used_card_YN

Set the parameter value as “Y”, and enter the code corresponding to the desired credit card company in the used_card.


string256

used_card

In case that user_card_YN is set as ‘Y’, enter the code corresponding to the desired credit card company.


View Card Code▼

Card CodeCard Name Card CodeCard Name
CCLGShinhanCCKJKwangju
CCDIHyundaiCCSUSuhyup
CCLOLotteCCJBJeonbuk
CCKEKEBCCCJJeju
CCSSSamsungCCKDKDB
CCKMKB KookminCCSBSavings
CCBCBCCCCUShinhyup
CCNHNHCCPBKorea Post
CCHNHanaCCSMSMG
CCCTCitiCCKAKakaobank
CCPHWooriCCXBMaster
BC81HanaBCCCXCJCB
CCKKK bank
CCUFUnionPay
CCXAVISA

string2

fix_inst

Fix Install payment option to one of the values from 0~12 for transaction amount over 50,000 KRW


Virtual Account Parameter


string50

wish_vbank_list

You can select the desired bank(s) among the available banks on NHN KCP payment module.


string2

vcnt_expire_term

Expiration time of the virtual account


string6

vcnt_expire_term_time

Expiration time of the virtual account
Additional parameter to be set with vcnt_expire_term.


<!-- Setting Virtual Account option example -->
<input type=”hidden” name=”wish_vbank_list” value=”05:03:04:07:11:23”> //Select Virtual Account
<input type=”hidden” name=”vcnt_expire_term” value=”3”> //Expiration term of the virtual account
<input type=”hidden” name=”vcnt_expire_term_time” value=“120000”> //Expiration time of the virtual account 

Add Optional Parameter


string256

site_logo

A parameter that makes the site logo to appear on the upper left corner of the payment screen.
The URL of the site logo must be accurately entered, and omission of this parameter will result in the appearance of the site_name value without the logo.
Logo files in GIF / JPG formats only
max. size: 150 X 50 supported.
size above the standard, site_name will be displayed.
※ Using this may slow down the process.


string1

eng_flag

English-Korean Switch


number1

skin_indx

Payment Window skin preference (1~11 avail.)


string30

kcp_pay_title

Payment Window Header Message
Ex) NHN KCP

Payment(Request/Authorization Return) code sample

<html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">

        function m_Completepayment( FormOrJson, closeEvent )
        {
            var frm = document.order_info;

            GetField( frm, FormOrJson );


            if( frm.res_cd.value == "0000" )
            {
                /*
                    retrun data
                */

                frm.submit();
            }
            else
            {
                alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );

                closeEvent();
            }
        }
</script>
<!--
         dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
         prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
    <script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
    <script type="text/javascript">

        function jsf__pay( form )
        {
          try
          {
            KCP_Pay_Execute( form );
          }
          catch (e)
          {
            /* IE  */
          }
        }
    </script>
</head>
<body>

<form name="order_info" method="post" action="..action URL">

<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />

<input type="text" name="pay_method" value="100000000000" />

<a href="#none" onclick="jsf__pay(document.order_info);">action</a>

<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />

<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html>
<html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">

        function m_Completepayment( FormOrJson, closeEvent )
        {
            var frm = document.order_info;

            GetField( frm, FormOrJson );


            if( frm.res_cd.value == "0000" )
            {
                /*
                    retrun data
                */

                frm.submit();
            }
            else
            {
                alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );

                closeEvent();
            }
        }
</script>
<!--

         dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
         prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
    <script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
    <script type="text/javascript">

        function jsf__pay( form )
        {
          try
          {
            KCP_Pay_Execute( form );
          }
          catch (e)
          {
            /* IE  */
          }
        }
    </script>
</head>
<body>

<form name="order_info" method="post" action="..action URL">

<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />

<input type="text" name="pay_method" value="100000000000" />

<a href="#none" onclick="jsf__pay(document.order_info);">action</a>

<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />

<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html>
<html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">

        function m_Completepayment( FormOrJson, closeEvent )
        {
            var frm = document.order_info;

            GetField( frm, FormOrJson );


            if( frm.res_cd.value == "0000" )
            {
                /*
                    retrun data
                */

                frm.submit();
            }
            else
            {
                alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );

                closeEvent();
            }
        }
</script>
<!--

         dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
         prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
    <script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
    <script type="text/javascript">

        function jsf__pay( form )
        {
          try
          {
            KCP_Pay_Execute( form );
          }
          catch (e)
          {
            /* IE  */
          }
        }
    </script>
</head>
<body>

<form name="order_info" method="post" action="..action URL">

<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />

<input type="text" name="pay_method" value="100000000000" />

<a href="#none" onclick="jsf__pay(document.order_info);">action</a>

<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />

<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html>
<html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">

        function m_Completepayment( FormOrJson, closeEvent )
        {
            var frm = document.order_info;

            GetField( frm, FormOrJson );


            if( frm.res_cd.value == "0000" )
            {
                /*
                    retrun data
                */

                frm.submit();
            }
            else
            {
                alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );

                closeEvent();
            }
        }
</script>
<!--

         dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
         prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
    <script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
    <script type="text/javascript">

        function jsf__pay( form )
        {
          try
          {
            KCP_Pay_Execute( form );
          }
          catch (e)
          {
            /* IE  */
          }
        }
    </script>
</head>
<body>

<form name="order_info" method="post" action="..action URL">

<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />

<input type="text" name="pay_method" value="100000000000" />

<a href="#none" onclick="jsf__pay(document.order_info);">action</a>

<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />

<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html>
<html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">

        function m_Completepayment( FormOrJson, closeEvent )
        {
            var frm = document.order_info;

            GetField( frm, FormOrJson );


            if( frm.res_cd.value == "0000" )
            {
                /*
                    retrun data
                */

                frm.submit();
            }
            else
            {
                alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );

                closeEvent();
            }
        }
</script>
<!--

         dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
         prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
    <script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
    <script type="text/javascript">

        function jsf__pay( form )
        {
          try
          {
            KCP_Pay_Execute( form );
          }
          catch (e)
          {
            /* IE  */
          }
        }
    </script>
</head>
<body>

<form name="order_info" method="post" action="..action URL">

<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />

<input type="text" name="pay_method" value="100000000000" />

<a href="#none" onclick="jsf__pay(document.order_info);">action</a>

<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />

<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html>
<html>
<head>
<script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
<script type="text/javascript">

        function m_Completepayment( FormOrJson, closeEvent )
        {
            var frm = document.order_info;

            GetField( frm, FormOrJson );


            if( frm.res_cd.value == "0000" )
            {
                /*
                    retrun data
                */

                frm.submit();
            }
            else
            {
                alert( "[" + frm.res_cd.value + "] " + frm.res_msg.value );

                closeEvent();
            }
        }
</script>
<!--

         dev : https://testpay.kcp.co.kr/plugin/payplus_web.jsp
         prod : https://pay.kcp.co.kr/plugin/payplus_web.jsp
-->
    <script type="text/javascript" src="https://testpay.kcp.co.kr/plugin/payplus_web.jsp"></script>
    <script type="text/javascript">

        function jsf__pay( form )
        {
          try
          {
            KCP_Pay_Execute( form );
          }
          catch (e)
          {
            /* IE  */
          }
        }
    </script>
</head>
<body>

<form name="order_info" method="post" action="..action URL">

<input type="text" name="ordr_idxx" value="TEST12345" maxlength="40" />
<input type="text" name="good_name" value="phone" />
<input type="text" name="good_mny" value="1004" maxlength="9" />
<input type="text" name="buyr_name" value="jhon doe" />
<input type="text" name="buyr_tel1" value="02-0000-0000" />
<input type="text" name="buyr_tel2" value="010-0000-0000" />
<input type="text" name="buyr_mail" value="test@test.co.kr" />

<input type="text" name="pay_method" value="100000000000" />

<a href="#none" onclick="jsf__pay(document.order_info);">action</a>

<input type="hidden" name="site_cd" value="T0000" />
<input type="hidden" name="site_name" value="TEST SITE" />

<input type="hidden" name="res_cd" value=""/>
<input type="hidden" name="res_msg" value=""/>
<input type="hidden" name="enc_info" value=""/>
<input type="hidden" name="enc_data" value=""/>
<input type="hidden" name="ret_pay_method" value=""/>
<input type="hidden" name="tran_cd" value=""/>
<input type="hidden" name="use_pay_method" value=""/>
</form>
</body>
</html>

Returned Authentication Parameter Guide

Returned Parameter

stringvar

enc_data

Encrypted data retuned by the payment UI.


stringvar

enc_info

Encrypted data retuned by the payment UI.


stringvar

tran_cd

Transaction code

callback Data Received Example

<!-- callback Data Received Example -->

1<input type="hidden" name="enc_info"        value=""/>
2<input type="hidden" name="enc_data"        value=""/>
3<input type="hidden" name="tran_cd"         value=""/>

Authorization Request

Request Authorization of authentication data with API URL.

<!-- API Call -->

1https://spl.kcp.co.kr/gw/enc/v1/payment

Test : https://stg-spl.kcp.co.kr/gw/enc/v1/payment


Authorization Request Data

Authorization Request Data needs to be as Json String method.

Refer to server certificate section for issurance of kcp_cert_infocertificate data that is required for authorization.

<!-- Authorization Request Data -->

1{
2 "tran_cd":”00100000”,
3 "ordr_mony":"1004",
4 "kcp_cert_info":"-----BEGIN CERTIFICATE-----MIID3DCCAsSgAwIBAgIJAM...=-----END CERTIFICATE-----",
5 "site_cd":"T1234",
6 "enc_data":"SnvXdGftIEjAequorkpNhJXc4u3GRuotLHW9vyDDOhdeorM4DPXMJgJlIEoRo6divo=",
7 "enc_info":"A12345B12345"
8}

Response is returned in the same form of Json


Server Certificate

Extraction of data values from NHN KCP issued certificate,
For Merchant authentication, the certificate information issued by KCP must be delivered in text format.
The text value within the certificate must be serialized and delivered as the value of kcp_cert_info.

the parameter kcp_cert_info is needed for requesting Authorization cancel(mod) trade registration inquery


Authorization Request Parameter

Required Parameter

string5

site_cd

Merchant ID


stringvar

kcp_cert_info

Serialized KCP Server Certificate


stringvar

enc_data

Encrypted data retuned by the payment UI.<


stringvar

enc_info

Encrypted data retuned by the payment UI.


stringvar

tran_cd

Transaction type.


numbervar

ordr_mony

Actual payment request money

API Authorization sample

String target_URL = "https://stg-spl.kcp.co.kr/gw/enc/v1/payment";  //dev

JSONObject json_req = new JSONObject();

json_req.put("tran_cd", tran_cd);
json_req.put("site_cd", site_cd);
json_req.put("kcp_cert_info", kcp_cert_info);
json_req.put("enc_data", enc_data);
json_req.put("enc_info", enc_info);
json_req.put("ordr_mony",ordr_mony);

String temp_req_data = json_req.toString();
String req_data = temp_req_data.replace(",",",\r\n");

String inputLine = null;
StringBuffer outResult = new StringBuffer();

// API REQ
URL url = new URL(target_URL);
HttpURLConnection conn = (HttpURLConnection)url.openConnection();
conn.setDoOutput(true);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Accept-Charset", "UTF-8");

OutputStream os = conn.getOutputStream();
os.write(req_data.getBytes("UTF-8"));
os.flush();

// API RES
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8"));
while ((inputLine = in.readLine()) != null)
{
  outResult.append(inputLine);
}
conn.disconnect();

String temp_result = outResult.toString();
String res_data = temp_result.replace(",",",\r\n");
header("Content-type: text/html; charset=utf-8");

$target_URL = "https://stg-spl.kcp.co.kr/gw/enc/v1/payment"; //dev

$data = [
          'tran_cd'        => $tran_cd,
          'site_cd'        => $site_cd,
          'kcp_cert_info'  => $kcp_cert_info,
          'enc_data'       => $enc_data,
          'enc_info'       => $enc_info,
          'ordr_mony'      => $ordr_mony
        ];

$req_data = json_encode($data);

$header_data = array( "Content-Type: application/json", "charset=utf-8" );

// API REQ
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $target_URL);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header_data);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $req_data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

// API RES
$res_data  = curl_exec($ch);

// RES JSON DATA Parsing
$json_res = json_decode($res_data, true);

$res_cd = $json_res["res_cd"];
$res_msg = $json_res["res_msg"];

curl_close($ch);
target_URL = "https://stg-spl.kcp.co.kr/gw/enc/v1/payment"; //dev

req_data = "{\"tran_cd\" : \"" + tran_cd + "\"," +
            "\"site_cd\":\"" + site_cd + "\"," +
            "\"kcp_cert_info\":\"" + KCP_CERT_INFO + "\"," +
            "\"enc_data\":\"" + enc_data + "\"," +
            "\"enc_info\":\"" + enc_info + "\"," +
            "\"ordr_mony\":\"" + ordr_mony + "\"}";
// API REQ
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(target_URL);
req.Method = "POST";
req.ContentType = "application/json";

byte[] byte_req = Encoding.UTF8.GetBytes(req_data);
req.ContentLength = byte_req.Length;

Stream st = req.GetRequestStream();
st.Write(byte_req, 0, byte_req.Length);
st.Close();

// API RES
HttpWebResponse res = (HttpWebResponse)req.GetResponse();
StreamReader st_read = new StreamReader(res.GetResponseStream(), Encoding.GetEncoding("utf-8"));
res_data = st_read.ReadToEnd();

st_read.Close();
res.Close();

// RES JSON DATA Parsing
JObject json_data = JObject.Parse(res_data);
res_cd = json_data["res_cd"].ToString();
res_msg = json_data["res_msg"].ToString();
target_URL = "https://stg-spl.kcp.co.kr/gw/enc/v1/payment" 'dev

req_data = "{""tran_cd"":""" & tran_cd & """,""site_cd"":""" & site_cd & """,""kcp_cert_info"":""" & kcp_cert_info & """,""enc_data"":""" & enc_data & """,""enc_info"":""" & enc_info & """,""ordr_mony"":""" & ordr_mony & """}"

' API REQ
set req = Server.CreateObject("MSXML2.ServerXMLHTTP")
req.open "POST", target_URL, false
req.setRequestHeader "Content-Type", "application/json;charset=UTF-8"
req.send req_data

if req.status = 200 then
    res_data = req.ResponseText
else
    res_data = "http error code : " & req.status
end if
set req = nothing

'' RES JSON DATA Parsing
set json_data = JSON.parse(res_data)

res_cd = json_data.res_cd
res_msg = json_data.res_msg
//REQ DATA
  var req_data = {
    tran_cd : f_get_parm(req.body.tran_cd),
    site_cd : site_cd,
    kcp_cert_info : KCP_CERT_INFO,
    enc_data : f_get_parm(req.body.enc_data),
    enc_info : f_get_parm(req.body.enc_info),
    ordr_mony : '1'
  };

  fetch("https://stg-spl.kcp.co.kr/gw/enc/v1/payment", {
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
      },
      body: JSON.stringify(req_data),
    })
    //  API RES
    .then(response => {
      return response.json();
    })
    .then(data => {

  res.render('kcp_api_pay', {
    req_data : JSON.stringify(req_data),
    res_data : JSON.stringify(data),
    });
});
# API
target_URL = 'https://stg-spl.kcp.co.kr/gw/enc/v1/payment' #dev
headers = {'Content-Type': 'application/json', 'charset': 'UTF-8'}

site_cd = f_get_parm(request.form['site_cd'])

# REQ DATA
req_data = {
  'tran_cd' : f_get_parm(request.form['tran_cd']),
  'site_cd' : site_cd,
  'kcp_cert_info' : KCP_CERT_INFO,
  'enc_data' : f_get_parm(request.form['enc_data']),
  'enc_info' : f_get_parm(request.form['enc_info']),
  'ordr_mony' : '1'
}

res = requests.post(target_URL, headers=headers, data=json.dumps(req_data, ensure_ascii=False, indent="\t").encode('utf8'))

Authorization Result

Common Return Paramter

Authorization Success Parameter


string5

res_cd

Result code
If the request is approved, ‘0000’ will return.


string100

res_msg

Result message


string100

res_en_msg

Result message in English


string14

tno

Transaction number


number12

amount

Payment Amount


Authorization Failure Parameter


string5

res_cd

Result code
If the request is failed, an error code will return.


string100

res_msg

Result message

Authorization response Parameter

Credit Card Payment Response Parameter


string4

card_cd

The issuer code


string32

card_name

The name of the issuer


string16

card_no

The card number used for the purchase.


string8

app_no

The authorization number of the purchase


number14

app_time

The time of payment (approval) using Credit Card


string1

noinf

No interest option for the purchase. (Y/N)


number12

quota

Installment period.


number12

card_mny

Credit Card portion of the payment amount


number8

coupon_mny

The coupon discount amount or the payment amount using PAYCO Point will be returned.


string1

partcanc_yn

A partial refund availability indicator.


string4

isp_issuer_cd

The issuer code for ISP-Card


string32

isp_issuer_nm

The name of the issuer for ISP-Card


number12

payco_point_mny

Amount of PAYCO point used for the transaction


Bank Transfer Response Parameter


string20

bankname

The name of the bank used


string4

bankcode

The bank code


number9

cash_authno

The Cash Receipt Authorization Number


number14

cash_no

The Cash Receipt Transaction Number


number12

bk_mny

The amount transferred for the purchase


number14

app_time

The time of payment (approval) for the purchase


Virtual Account Response Parameter


string20

bankname

The name of the bank used


string4

bankcode

The Bank Code


string20

account

The virtual account number for the purchase


number14

va_date

Deposit deadline for virtual account


number14

app_time

The time of payment (approval) for the purchase


Mobile Billing Response Parameter


string4

van_cd

Mobile Payment Issuer (Carrier) Code


string4

van_id

Product/Contents classification


string3

commid

The Mobile Carrier code


number11

mobile_no

Mobile number for the purchase.


string4

pnt_issue

Points Settlement Company Code


string20

pnt_app_no

Points Authorization Number


number14

pnt_app_time

The time of payment using points


string1

pnt_receipt_gubn

Cash Receipt registered (Y/N)


number9

cash_authno

Cash receipt approval number for the purchase


number12

add_pnt

Earned/usable points for the purchase


number12

use_pnt

The used points for the purchase


number12

rsv_pnt

The total points available for use


string4

tk_van_code

Voucher company code


number20

tk_app_no

Voucher authorization number


number14

tk_app_time

The time of payment using voucher


Cash Receipt Response Parameter


number9

cash_authno

Cash Receipt authorization number


number14

cash_no

Cash Receipt transaction number

Authorization Page Configuration

When configuring the Authorization page Authorization Generate Signature Auto Cancel Result function can be included.

For Auto Cancel function, refer to Transaction Modification page.

For Singaure Generation function, refer to Server Certificate page.

Call payment window, Download if an entire sample source including Call payment window, and Authorization is needed


kcp_sign_data

Below codes for processing authorization is included in the auto-cancel logic and,

kcp_sign_data is required for transaction query and cancel request.

To create kcp_sign_data private key is required. For test server private key refer to download menu.

kcp_sign_data example

public class MakeSplParam
{
	static{ Security.addProvider( new BouncyCastleProvider() ); }

    private static final String PRIVATE_KEY        	= "../splPrikeyPKCS8.pem";
    private static final String PRIVATE_KEY_PASSWD 	= "changeit";
    private static final String ORG_SIGN_DATA 		= "T0000^20210719000000^PACA";
    private static final String SIGNATURE_ALGORITHM = "SHA256WithRSA";

    public static void main(String[] args)
    {

        PrivateKey priKey       = loadSplMctPrivateKeyPKCS8( PRIVATE_KEY, PRIVATE_KEY_PASSWD );

        String signData   = makeSignatureData( priKey, ORG_SIGN_DATA );

        System.out.println( "\n[signdata(kcp_sign_data)] : " );
        System.out.println( signData );
        System.out.println( "-----------------------------\n" );

    }

    public static PrivateKey loadSplMctPrivateKeyPKCS8( String filePath, String privateKeyPassword )
    {
        PrivateKey priKey = null;

        try
        {
            Path path = Paths.get( filePath );

            String strPriKeyData = Files.readAllLines( path )
                    .stream()
                    .filter( line -> !line.startsWith( "-----BEGIN" ) && !line.startsWith( "-----END" ) )
                    .collect( Collectors.joining() );

            // Base64 decoding
            byte[] btArrPriKey   = Base64.getDecoder().decode( strPriKeyData );

            ASN1Sequence derSeq = ASN1Sequence.getInstance( btArrPriKey );
            PKCS8EncryptedPrivateKeyInfo encPkcs8PriKeyInfo = new PKCS8EncryptedPrivateKeyInfo( org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo.getInstance( derSeq ) );

            JcaPEMKeyConverter pemKeyConverter = new JcaPEMKeyConverter();
            InputDecryptorProvider decProvider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build( privateKeyPassword.toCharArray() );

            PrivateKeyInfo priKeyInfo          = encPkcs8PriKeyInfo.decryptPrivateKeyInfo( decProvider );
            priKey                             = pemKeyConverter.getPrivateKey( priKeyInfo );

        }
        catch (IOException e)
        {
            e.printStackTrace();
        }
        catch (OperatorCreationException e)
        {
            e.printStackTrace();
        }
        catch (PKCSException e)
        {
            e.printStackTrace();
        }

        return priKey;
    }

    public static String makeSignatureData(PrivateKey priKey, String targetData)
    {
        String signData = null;

        byte[] btArrTargetData = targetData.getBytes( StandardCharsets.UTF_8 );

        try {
            Signature sign = Signature.getInstance( SIGNATURE_ALGORITHM );
            sign.initSign( priKey );
            sign.update( btArrTargetData );

            byte[] btArrSignData = sign.sign();

            signData = Base64.getEncoder().encodeToString( btArrSignData );

        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (InvalidKeyException e) {
            e.printStackTrace();
        } catch (SignatureException e) {
            e.printStackTrace();
        }

        return signData;
    }

}
<?php
  $cancel_target_data = "T0000^22284971100001^STSC";
  echo "cancel_target_data : ".$cancel_target_data."<br><br>";

  $inquery_target_data = "T0000^22284971100001^PACA";
  echo "inquery_target_data : ".$inquery_target_data."<br><br>";

  $key_data = file_get_contents('../splPrikeyPKCS8.pem');

  $pri_key = openssl_pkey_get_private($key_data,'changeit');

  openssl_sign($cancel_target_data, $signature, $pri_key, 'sha256WithRSAEncryption');
  echo "cancel_signature :".base64_encode($signature)."<br><br>";

  openssl_sign($inquery_target_data, $signature, $pri_key, 'sha256WithRSAEncryption');
  echo "inquery_signature :".base64_encode($signature)."<br><br>";
?>
namespace kcp_sign_data_sample
{
  class Program
  {
      static void Main(string[] args)
      {
          // PKCS#8 PEM READ
          StreamReader sr = new StreamReader("../splPrikeyPKCS8.pem");
          String privateKeyText = sr.ReadToEnd();

          string privateKeyPass = "changeit";

          StringReader stringReader = new StringReader(privateKeyText);
          PemReader pemReader = new PemReader(stringReader, new PasswordFinder(privateKeyPass));
          RsaPrivateCrtKeyParameters keyParams = (RsaPrivateCrtKeyParameters)pemReader.ReadObject();

          var textToSign = "T0000^22671971380028^PACA";

          byte[] tmpSource = Encoding.ASCII.GetBytes(textToSign);

          ISigner sign = SignerUtilities.GetSigner(PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id);
          sign.Init(true, keyParams);
          sign.BlockUpdate(tmpSource, 0, tmpSource.Length);

          var kcp_sign_data = sign.GenerateSignature();

          // Console
          Console.WriteLine("kcp_sign_data:" + Convert.ToBase64String(kcp_sign_data));
          Console.ReadKey();
      }

      private class PasswordFinder : IPasswordFinder
      {
          private string password;
          public PasswordFinder(string pwd)
          {
          password = pwd;
          }
           public char[] GetPassword()
          {
          return password.ToCharArray();
          }
      }
  }
}
<%
KeyPath = "../splPrikeyPKCS8.pem"
KeyPw	= "changeit"

textToSign = "T0000^22671971380028^PACA"
set kcpSign = server.createobject("kcp_sign_data_lib.GenSign")
kcp_sign_data = kcpSign.Sign(KeyPath, KeyPw, textToSign)

response.write "original: " + textToSign + "<br/>"
response.write "kcp_sign_data : " + kcp_sign_data + "<br/>"
%>
// Inquery
const data = "T0000^22296971511092^PACA";
console.log('\n>>> Message:\n\n' + data);


// crypto Set
const crypto = require('crypto');
const fs = require('fs');
const ALGORITHM = "RSA-SHA256";
const SIGNATURE_FORMAT = "base64";

const signature = getSignatureToVerify(data);

// READ
function getPrivateKeySomehow()
{
    const pKey = fs.readFileSync('../splPrikeyPKCS8.pem', 'utf8' ); // "splPrikeyPKCS8.pem"

    const pKeyObj = crypto.createPrivateKey({
        key : pKey,
        passphrase : "changeit", // "changeit"
        format : "pem",
        type : "pkcs8"
        })

    const pKeyStr = pKeyObj.export({
         format: 'pem',
          type: 'pkcs8'
        }).toString();

    return pKeyStr;
}

function getSignatureToVerify(data)
{
    const privateKey = getPrivateKeySomehow();
    const sign = crypto.createSign(ALGORITHM);
    sign.update(data);
    const signature = sign.sign(privateKey, SIGNATURE_FORMAT);
    console.log(">>> Signature:\n\n" + signature);
    return signature;
}

import OpenSSL
from OpenSSL import crypto
import base64
data = 'T0000^22671971380028^PACA'

# READ
# "splPrikeyPKCS8.pem"
key_file = open('../splPrikeyPKCS8.pem', 'r')
key = key_file.read()
key_file.close()

# "changeit"
password = 'changeit'.encode('utf-8')
pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, key, password)

sign = OpenSSL.crypto.sign(pkey, data, 'sha256')
kcp_sign_data = base64.b64encode(sign)
print("kcp_sign_data : ", kcp_sign_data)