Steps to generate the encrypted token

 

1.Prepare an Object with the following sample details.

{
"client_id":
"client_secret":
"epoch"://Current Time stamp
}// Will be shared later

2.Encrypt the above object using the following key.

Key will be shared at the time of Integration.

3. Encryption can be done by the following programming languages as follows:

Encryption code in java:

package com.example.encryp_decryp;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.stereotype.Service;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.SecureRandom;
import java.util.Arrays;
import org.apache.commons.codec.binary.Base64;
import com.example.demo.service.EncryptionService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
@SpringBootApplication
public class EncrypDecrypApplication {
public static void main(String[] args) {
SpringApplication.run(EncrypDecrypApplication.class, args);
}
}
@Service
public class EncryptionService {
private static final int AES_KEY_SIZE = 256;
private static final int AES_BLOCK_SIZE = 16;
public String encryptResponse(byte[] responseBody, String key) throws Exception {
byte[] iv = new byte[AES_BLOCK_SIZE];
SecureRandom random = new SecureRandom();
random.nextBytes(iv);
byte[] decodedKey = Base64.decodeBase64(key);
SecretKeySpec secretKeySpec = new SecretKeySpec(decodedKey, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, new IvParameterSpec(iv));
byte[] paddedData = pkcs7Padding(responseBody, AES_BLOCK_SIZE);
byte[] encrypted = cipher.doFinal(paddedData);
byte[] result = new byte[iv.length + encrypted.length];
System.arraycopy(iv, 0, result, 0, iv.length);
System.arraycopy(encrypted, 0, result, iv.length, encrypted.length);
return Base64.encodeBase64String(result);
}
public String decryptRequest(String encryptedString, String key) throws Exception {
byte[] byteCipherText = Base64.decodeBase64(encryptedString);
byte[] iv = Arrays.copyOfRange(byteCipherText, 0, AES_BLOCK_SIZE);
byte[] cipherText = Arrays.copyOfRange(byteCipherText, AES_BLOCK_SIZE, byteCipherText.length);
byte[] decodedKey = Base64.decodeBase64(key);
SecretKeySpec secretKeySpec = new SecretKeySpec(decodedKey, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, new IvParameterSpec(iv));
byte[] decrypted = cipher.doFinal(cipherText);
String decryptedString = new String(decrypted).trim();
return rmNoise(decryptedString);
}
private byte[] pkcs7Padding(byte[] data, int blockSize) {
int padding = blockSize - (data.length % blockSize);
byte[] padText = new byte[padding];
Arrays.fill(padText, (byte) padding);
byte[] paddedData = new byte[data.length + padding];
System.arraycopy(data, 0, paddedData, 0, data.length);
System.arraycopy(padText, 0, paddedData, data.length, padding);
return paddedData;
}
private String rmNoise(String data) {
for (int i = data.length() - 1; i >= 0; i--) {
if (data.charAt(i) == '}') {
return data.substring(0, i + 1);
}
}
return data;
}
}
@RestController
@RequestMapping("/api")
public class EncryptionController {
@Autowired
private EncryptionService encryptionService;
@GetMapping("/encrypt")
public String encrypt(@RequestParam String responseBody, @RequestParam String key) throws Exception {
return encryptionService.encryptResponse(responseBody.getBytes(), key);
}
@GetMapping("/decrypt")
public String decrypt(@RequestParam String encryptedString, @RequestParam String key) throws Exception {
return encryptionService.decryptRequest(encryptedString, key);
}
}

Encryption code in PHP:

function Encr($data) { $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc')); $dataBytes = str_split($data);
$length = count($dataBytes); echo "length of payload: " . $length . "\n"; // if ($length % 16 != 0)
{ // $extendBlock = 16 - ($length % 16); //
$payloadBytesBlock = array_merge($dataBytes, array_fill(0, $extendBlock, chr($extendBlock))); // } else
{ // $payloadBytesBlock = $dataBytes; // }
$a = base64_decode("a6T8tOCYiSzDTrcqPvCbJfy0wSQOVcfaevH0gtwCtoU=");
echo "length of key: " . strlen($a) . "\n";
$block = openssl_cipher_iv_length('aes-256-cbc');
$paddedData = PKCS7Padding($dataBytes, $block);
$encrypted = openssl_encrypt($paddedData, 'aes-256-cbc', $a, OPENSSL_RAW_DATA, $iv);
$result = $iv . $encrypted;
$str = base64_encode($result);
echo "result encrypted string: " . $str . "\n";
return $str;
}
function PKCS7Padding($data, $blockSize) {
$padding = $blockSize - (count($data) % $blockSize);
return array_merge($data, array_fill(0, $padding, chr($padding)));
} ?>```

Note:

  1. Encrypted token containing Client id, Client secret and epoch timestamp.
    [Client will get the encrypted data by encrypting client id, client secret ,epoch timestamp using a unique key]
  2. If a transaction is getting timed out, it may be considered as FAILED case.