我正在尝试建立Greenpay支付服务网站链接:https://support.greenpay.me/hc/es-mx/articles/360020166071-Proceso-de-tokenizaci%C3%B3n-sin-formulario
我成功获得令牌响应
(
[session] => 2b0905d7-ed02-48de-80b2-63b1020afa67
[token] => b5a2176f-1ac8-4373-b188-979ca3f95ab4
)
我正在获取用于制作ld和lk的加密探针
{
"session": "session obtained in 'Create a tokenization order'",
"ld": "data of the card or token encrypted with AES-CTR-128 in HEX format",
"lk": "Keys AES encrypted with public key in base64 format"
}
动态生成一对AES密钥(密钥,计数器),该密钥将用于加密卡信息。
每个键都是16个字节的数组。
密钥包含在AES中加密的密钥。 计数器是AES CTR模式的计数器。
使用卡中的数据对JSON对象进行加密,然后将加密结果转换为十六进制格式。
十六进制格式的字符串对应于必须在付款请求的“正文”中发送的值“ ld” 您必须在付款请求的正文中发送的值“ ld”对应于十六进制格式的字符串,该字符串是使用AES-CTR-128加密包含卡信息的JSON对象时获得的 用RSA加密“ GreenPay支持团队”提供的AES密钥(密钥,计数器)。
通过加密AES密钥对获得的base64格式的字符串对应于必须在付款请求的“正文”中发送的“ lk”值。
必须在付款请求的正文中发送的值“ lk”对应于AES密钥加密的base64中的编码。
代码链接<https://gitlab.com/gp-examples/tokenize/tokenize_nodejs/blob/develop/tokenize.js>
function generateAESPairs () {
var key = [] var iv for (let k = 0; k < 16; k++) { key.push(Math.floor(Math.random() * 255)) } for (let k = 0; k < 16; k++) { iv = Math.floor(Math.random() * 255) }
return { k: key, s: iv }
}
// Creates an JSON object with the card data and AES key Pair encrypted
function pack (obj, session, pair_) {
var pair = (pair_ !== undefined) ? pair_ : generateAESPairs() var textBytes = aesjs.utils.utf8.toBytes(JSON.stringify(obj)) // eslint-disable-next-line new-cap
var aesCtr = new aesjs.ModeOfOperation.ctr(pair.k, new aesjs.Counter(pair.s))
var encryptedBytes = aesCtr.encrypt(textBytes) var encryptedHex = aesjs.utils.hex.fromBytes(encryptedBytes)
var returnObj = { session: session, ld: encryptedHex, lk: rsa_.encrypt(JSON.stringify(pair)) }
console.log("Pack: ", JSON.stringify(returnObj), "\n")
return returnObj
}
private function EncryptData($source,$pub_key)
{
//RSA encryption
// $fp=fopen("/etc/httpd/conf/ssl.crt/server.crt","r");
// $pub_key=fread($fp,8192);
// fclose($fp);
$encrypted = null;
// echo "source: $source";
// $pubkey = openssl_get_publickey($pub_key);
openssl_public_encrypt($source,$encrypted, $pub_key );
// echo "\n encrypted: \n";
// print_r($encrypted);
return(base64_encode($encrypted));
}
private function generateAESPairs() {
$key = array();
$iv;
for ($k = 0; $k < 16; $k++) {
array_push($key,floor(mt_rand(0, 255)));
}
for ($k = 0; $k < 16; $k++) {
$iv = floor(mt_rand(0, 255));
}
return array('k'=>$key,'s'=>$iv);
}
//in calling function
$temp_pair=$this->generateAESPairs();
$encryption_key=implode(',',$temp_pair['k']);
$iv=$temp_pair['s'];
echo "encryption_key: $encryption_key \n";
$pair=json_encode($temp_pair);
// Create some data to encrypt
$str_len = strlen($cardDataJson);
$data = "";
// Converting String to binary for encryption
for ($i=0;$i<$str_len;$i++)
$data .= decbin(ord($cardDataJson[$i]));
// $data = $cardDataJson;
// echo "\n encryption iv: $iv \n";
// echo "\n temp_pair: \n";
// print_r($temp_pair);
echo "\n json_encode pair: $pair \n";
$EncryptDataPairBase64= $this->EncryptData($pair,$public_key);
// echo "\n EncryptDataPairBase64: $EncryptDataPairBase64 \n";
// print_r($EncryptDataPairBase64);
echo "\nBefore encryption: $data\n";
// Encrypt $data using aes-256-cbc cipher with the given encryption key and
// our initialization vector. The 0 gives us the default options, but can
// be changed to OPENSSL_RAW_DATA or OPENSSL_ZERO_PADDING
$encrypted = openssl_encrypt($data, AES_128_CTR, $encryption_key, 0, $iv);
$encryptedHexa= bin2hex($encrypted);
echo "Encrypted: $encrypted\n";
echo "encryptedHexa: $encryptedHexa\n";