Encryption
Mechanism
Server
- decrypt (request_data, server_private_key)
- encrypt (response_data, client_public_key)
Algorithm info
- Algorithm: RSA
- Mode: ECB
- Padding: PKCS1Padding
Keys
Both Server and Client own their key pair: public key & private key
- Public key: provide for the other side to encrypt data
- Private key: keep secretly to decrypt data
- Key size**: 2048 bits**
- Key format: Base64-encoded string
For development, check the Credentials section
Do cipher block by block
Due to the RSA cipher with 2048 bits key can only encrypt input data at maximum size of 245 bytes (the encrypted result is always 256 bytes), we have to split the data into valid sized blocks and do cipher on each block, then append the output bytes to the final result.
We recommend:
- For encryption: split input bytes into blocks of any size <= 245 bytes (ex: 200 bytes per block)
- For decryption: split input bytes into blocks of size 256 bytes
Decrypt response data
- Decode Base64 the “data” field
- Decrypt the obtained byte array using client’s private key
- Convert the decrypted byte array to UTF-8 String
- Convert the above String to JSON Object