我想实现greenpay支付服务网站链接。https:/support.greenpay.mehces-mxarticles360020166071-Proceso-de-tokenizaci%C3%B3n-sin-formulario。
我成功地得到了令牌响应
(
[session] => 2b0905d7-ed02-48de-80b2-63b1020afa67
[token] => b5a2176f-1ac8-4373-b188-979ca3f95ab4
)
我在加密过程中遇到了问题,这是为了使ld和lk的加密。
{
"session": "session obtained in 'Create a tokenization order'",
"ld": "data of the card or token encrypted with AES-CTR-128 in HEX format",
"lk": "Keys AES encrypted with public key in base64 format"
}
动态生成一对AES密钥(Key,Counter),用于加密卡信息。
每个密钥是一个16字节的数组。
密钥包含AES加密的密钥。 Counter是AES的CTR模式的计数器。
用卡片的数据对JSON对象进行加密,并将加密结果转换成十六进制格式。
十六进制格式的字符串对应于支付请求的 "正文 "中必须发送的值 "ld"。 支付请求正文中必须发送的值 "ld",对应于用AES-CTR-128加密包含卡片信息的JSON对象时得到的十六进制格式的字符串。 用RSA加密 "GreenPay支持团队 "提供的公钥的AES密钥(密钥、计数器)。
通过加密AES密钥对得到的base64格式的字符串对应于 "lk "值,必须在支付请求的 "body "中发送。
必须在支付请求正文中发送的 "lk "值对应于AES密钥加密的base64编码。
代码链接< https:/gitlab.comgp-examplestokenizetokenize_nodejsblobdeveloptokenize.js。 >
function generateAESPairs () {
var key = [] var iv for (let k = 0; k < 16; k++) { key.push(Math.floor(Math.random() * 255)) } for (let k = 0; k < 16; k++) { iv = Math.floor(Math.random() * 255) }
return { k: key, s: iv }
}
// Creates an JSON object with the card data and AES key Pair encrypted
function pack (obj, session, pair_) {
var pair = (pair_ !== undefined) ? pair_ : generateAESPairs() var textBytes = aesjs.utils.utf8.toBytes(JSON.stringify(obj)) // eslint-disable-next-line new-cap
var aesCtr = new aesjs.ModeOfOperation.ctr(pair.k, new aesjs.Counter(pair.s))
var encryptedBytes = aesCtr.encrypt(textBytes) var encryptedHex = aesjs.utils.hex.fromBytes(encryptedBytes)
var returnObj = { session: session, ld: encryptedHex, lk: rsa_.encrypt(JSON.stringify(pair)) }
console.log("Pack: ", JSON.stringify(returnObj), "\n")
return returnObj
}
private function EncryptData($source,$pub_key)
{
//RSA encryption
// $fp=fopen("/etc/httpd/conf/ssl.crt/server.crt","r");
// $pub_key=fread($fp,8192);
// fclose($fp);
$encrypted = null;
// echo "source: $source";
// $pubkey = openssl_get_publickey($pub_key);
openssl_public_encrypt($source,$encrypted, $pub_key );
// echo "\n encrypted: \n";
// print_r($encrypted);
return(base64_encode($encrypted));
}
private function generateAESPairs() {
$key = array();
$iv;
for ($k = 0; $k < 16; $k++) {
array_push($key,floor(mt_rand(0, 255)));
}
for ($k = 0; $k < 16; $k++) {
$iv = floor(mt_rand(0, 255));
}
return array('k'=>$key,'s'=>$iv);
}
//in calling function
$temp_pair=$this->generateAESPairs();
$encryption_key=implode(',',$temp_pair['k']);
$iv=$temp_pair['s'];
echo "encryption_key: $encryption_key \n";
$pair=json_encode($temp_pair);
// Create some data to encrypt
$str_len = strlen($cardDataJson);
$data = "";
// Converting String to binary for encryption
for ($i=0;$i<$str_len;$i++)
$data .= decbin(ord($cardDataJson[$i]));
// $data = $cardDataJson;
// echo "\n encryption iv: $iv \n";
// echo "\n temp_pair: \n";
// print_r($temp_pair);
echo "\n json_encode pair: $pair \n";
$EncryptDataPairBase64= $this->EncryptData($pair,$public_key);
// echo "\n EncryptDataPairBase64: $EncryptDataPairBase64 \n";
// print_r($EncryptDataPairBase64);
echo "\nBefore encryption: $data\n";
// Encrypt $data using aes-256-cbc cipher with the given encryption key and
// our initialization vector. The 0 gives us the default options, but can
// be changed to OPENSSL_RAW_DATA or OPENSSL_ZERO_PADDING
$encrypted = openssl_encrypt($data, AES_128_CTR, $encryption_key, 0, $iv);
$encryptedHexa= bin2hex($encrypted);
echo "Encrypted: $encrypted\n";
echo "encryptedHexa: $encryptedHexa\n";