This part will explain how Faspay account use encrypt method AES 256 for authorization.
- String data that will be encrypted -> $plaintext = "APP_KEY:APP_SECRET";
- algorithm used for encryption -> $algo = "aes256";
- The Key used for encryption -> faspay_secret (generated by faspay) Step for encrypted the key :
- 1.hashing key uses the sha 256 algorithm and its output is raw binary data.
- 2.then, taken 32 characters from the front. Ex : $password = substr(hash('sha256', $key, true), 0, 32);
- IV for encryption (generated by faspay) Step for encrypted IV :
- 1.hashing IV uses the md5 algorithm.
- 2.then taken 16 characters from behind. Ex : $iv = substr(md5($key.self::$iv), -16);
- Encryption using openssl by including the plaintext, algo, password and iv for the encryption process, and encryption output is binary raw data. $encrypted = openssl_encrypt($plaintext, $algo, $password, OPENSSL_RAW_DATA, $iv);
- the encryption results are re-encrypted using the base64 encode method to make lowercase hexits. $base64 = base64_encode($encrypted);