CyberSource 卡号加密 (RSA-OAEP-256) [英] CyberSource card number encryption (RSA-OAEP-256)
问题描述
这里有人知道如何在网络资源中加密卡号吗?
Is there anyone know here how do I encrypt card number in cybersource?
我尝试使用在线 RSAOAEP 加密工具加密我的,但我收到了这个回复
i tried to encrypt mine using online RSAOAEP encryption tool but i got this response
{
"responseStatus": {
"status": 400,
"reason": "DECRYPTION_ERROR",
"message": "Cannot decrypt PAN (RsaOaep256): data hash wrong",
"correlationId": null,
"details": [],
"_embedded": {}
},
"_links": {
"self": null,
"documentation": [],
"next": []
}
}
对于像我这样的新手来说,文档似乎还不够
there documentation seems not enough for newbie like me
推荐答案
我已经能够让 Flex API 工作.但是你一直在使用什么样的 SDK?我已经用 React Native v0.61.5
和 Typescript
和多个加密库实现了它:react-native-crypto, isomorphic-webcrypto、crypto-js、js-base64 和 buffer一>.但基本上这可以在任何 Javascript 框架上完成.
I've been able to get Flex API to work. But whay kind of SDK have you been using? I've implemented it with React Native v0.61.5
with Typescript
and with multiple cryptographic libraries: react-native-crypto, isomorphic-webcrypto, crypto-js, js-base64 and buffer. But basically this could be done on any Javascript framework.
我想你有 /Keys
请求工作,我猜你已经将 encryptionType
指定为 RsaOaep256
.
I suppose you have /Keys
request working and i guess you have specified the encryptionType
to RsaOaep256
.
下一步是导入您在上一步中收到的 JSON 网络密钥 (JWK),并使用导入的密钥对卡号进行加密.
Next step is to import the JSON web key (JWK) you received from previous step and encrypt the card number with imported key.
import webcrypto from "isomorphic-webcrypto"
const importKey = async (jsonWebKey: any) => {
return webcrypto.subtle.importKey(
"jwk",
{
...jsonWebKey,
alg: "RSA-OAEP-256",
ext: true,
},
{
name: "RSA-OAEP",
hash: "SHA-256",
},
false,
["encrypt"],
)
}
加密卡号
import { Buffer } from "buffer"
import webcrypto from "isomorphic-webcrypto"
import { Base64 } from "js-base64"
const encryptCardNumber = async (cardNumber: string, jsonWebKey: any): Promise<T> = {
const cardNumberBuffer = Buffer.from(cardNumber)
const publicKey = await importKey(jsonWebKey, "encrypt")
const encryptedCardNumberBuffer = await webcrypto.subtle.encrypt(
{
name: "RSA-OAEP",
hash: "SHA-256",
},
publicKey,
cardNumberBuffer
)
return Base64.btoa(String.fromCharCode.apply(null, new Uint8Array(encryptedCardNumberBuffer)))
}
这个函数的结果可以在cardInfo
下的请求正文中作为cardNumber
直接传递.
Result from this function can be dirrectly passed as cardNumber
in body of a request under cardInfo
.
此后,您将收到 token
、signature
、signedFields
和其他一些字段.您应该根据签名验证收到的值,以确保这些值未被篡改.
After this, you'll receive token
, signature
, signedFields
and some other fields. You should verify received values against the signature to ensure the values have not been tampered with.
这个很简单,我们只需要/Keys
请求中的公钥,我们可以在der/publicKey
下找到.
This one is pretty simple, we'll just need the public key from /Keys
request that we can find under der/publicKey
.
import crypto from "react-native-crypto"
const verifySignature = (publicKey: string, signature: string, signedFields: string, data: any): booelan => {
const dataToVerify = data.signedFields.split(",").map(field => data[field]).join(",")
const verificationKey = `-----BEGIN PUBLIC KEY-----\n${publicKey}\n-----END PUBLIC KEY-----`
return crypto.createVerify("RSA-SHA512").update(dataToVerify).verify(verificationKey, signature, "base64")
},
我希望这能帮助您或其他在实施 CyberSource 的 Flex API 时遇到问题的人,因为这对我造成了影响...
I hope this will help you or others having trouble with implementing the Flex API of CyberSource because that has taken toll on me...
这篇关于CyberSource 卡号加密 (RSA-OAEP-256)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!