Pin Encryption
The change card pin API requires both the old and new pins in the request payload to be encrypted. This is to secure the pin as the request is being sent to Card 360 API.
To encrypt the pin, you would need the public key which would be shared during the onboarding process however a test public key can be found in the provided code snippet. You would also need the BouncyCastle library so kindly download and import the appropriate version for your platform.
The below implementation is in Java but can me converted to any other suitable programming language.
private static String publicKeyString = "-----BEGIN PUBLIC KEY-----\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX2FzmhB3SzIHmNXcdgSr522CiZ3i1hXMi2kxBn8H5KhaQLxpmDxE414+Pwzp8hoP9DlgtV/TvLwh9GwUJF20ny+KEMcnW3Q3l6JnhNcsWpT6yuCu2xTcD2uflzrgtCUPrBxTTgYvBctMFxpRq2mXPFjKjyAitKOuVOa5NDpsNx+wYbjKFuujYGHYGJqjDp4ne1Yvz8BNPVLsoWYQiqorNomqoAhIBGqJA8uJtbvJFt0mwght4HsUp79/8vPG08KYyYJ9obFWUNff8rDdd7HYcFauKI4ogk6Y8gyypCL/ciWk5E3VexPdx+3Ft8X73P+jnCeOvDyS2sHyV2HpZdUNwIDAQAB-----END PUBLIC KEY-----";
public static void main(String[] args) {
try {
System.out.println(encryptPin("4588", publicKeyString));
} catch (Exception ex) {
ex.printStackTrace();
}
}
public static String encryptPin(String data, String publicKeyString) throws GeneralSecurityException {
return data.isEmpty() ? "" : new String(Hex.encode(encryptPK(Hex.encode(data.getBytes()), publicKeyString)));
}
public static byte[] encryptPK(byte[] data, String publicKeyString) throws GeneralSecurityException {
try {
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, getPublicKeyFromString(publicKeyString));
return cipher.doFinal(data);
} catch (GeneralSecurityException e) {
throw new GeneralSecurityException("Unable to encrypt data", e);
}
}
public static PublicKey getPublicKeyFromString(String publicKeyStr) {
PublicKey pubKey = null;
try {
publicKeyStr = publicKeyStr.replace("-----BEGIN PUBLIC KEY-----\n", "");
publicKeyStr = publicKeyStr.replace("-----END PUBLIC KEY-----", "");
byte[] publicBytes = Base64.decode(publicKeyStr);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicBytes);
pubKey = KeyFactory.getInstance("RSA").generatePublic(keySpec);
} catch (Exception ex) {
ex.printStackTrace();
}
return pubKey;
};
Updated 4 months ago