Authorization
This part will explain how Faspay account use encrypt method AES 256 for authorization.
Example
String data that will be encrypted -> $plaintext = "APP_KEY:APP_SECRET";
Algorithm used for encryption -> $algo = "aes256";
The Key used for encryption -> faspay_secret (generated by Faspay) Step for encrypted the key :
Hashing key uses the sha 256 algorithm and its output is raw binary data.
Then, taken 32 characters from the front. Ex : $password = substr(hash('sha256', $key, true), 0, 32);
IV for encryption (generated by faspay) Step for encrypted IV :
Hashing IV uses the md5 algorithm.
Then taken 16 characters from behind. Ex : $iv = substr(md5($key.self::$iv), -16);
Encryption using openssl by including the plaintext, algo, password and iv for the encryption process, and encryption output is binary raw data. $encrypted = openssl_encrypt($plaintext, $algo, $password, OPENSSL_RAW_DATA, $iv);
the encryption results are re-encrypted using the base64 encode method to make lowercase hexits. $base64 = base64_encode($encrypted);
Last updated