Nhảy tới nội dung

Mechanism

Server

  • decrypt (request_data, server_private_key)
  • encrypt (response_data, client_public_key)

Algorithm info

  • Algorithm: RSA
  • Mode: ECB
  • Padding: PKCS1Padding

Keys

Both Server and Client own their key pair: public key & private key

  • Public key: provide for the other side to encrypt data
  • Private key: keep secretly to decrypt data
  • Key size**: 2048 bits**
  • Key format: Base64-encoded string

For development, check the Credentials section

Do cipher block by block

Due to the RSA cipher with 2048 bits key can only encrypt input data at maximum size of 245 bytes (the encrypted result is always 256 bytes), we have to split the data into valid sized blocks and do cipher on each block, then append the output bytes to the final result.

We recommend:

  • For encryption: split input bytes into blocks of any size <= 245 bytes (ex: 200 bytes per block)
  • For decryption: split input bytes into blocks of size 256 bytes

Decrypt response data

  1. Decode Base64 the “data” field
  2. Decrypt the obtained byte array using client’s private key
  3. Convert the decrypted byte array to UTF-8 String
  4. Convert the above String to JSON Object