To create an encrypted password, we need Base64 encoded RSA public key, and to decrypt the response, we need the private key. Decryption is happening on the ConnectPay side.
The process to generate private and public key pairs:
- This Java code generates a new RSA key pair with a modulus size of 4096 bits and then encodes the public and private keys in Base64 and outputs them to the console.
- The output for the public key is in the PEM format, which is a common format used for storing public keys. The PEM format consists of a header line and a footer line. The same key we need to provide to the javascript.
- The output for the private key is also in Base64, but it is not in the PEM format. Instead, the output simply consists of the Base64-encoded key data, with a header and footer line indicating that it is a private key.
Sample Program to generate Public key and private key :
package com.course.demo.rsa;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Base64;
public class RSAExample {
public static void main(String[] args) throws Exception {
// Generate a new RSA key pair
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(4096, new SecureRandom());
KeyPair keyPair = keyPairGenerator.generateKeyPair();
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();
String publicKeyPEM = Base64.getEncoder().encodeToString(publicKey.getEncoded());
publicKeyPEM = "-----BEGIN PUBLIC KEY-----\n" + publicKeyPEM + "\n-----END PUBLIC KEY-----";
System.out.println("publicKeyPEM");
System.out.println(publicKeyPEM);
// Use below private key to decrypt reponse data
System.out.println("Private key:");
System.out.println(Base64.getEncoder().encodeToString(privateKey.getEncoded()));
}
}
The process to encrypt a password:
- getPublicKey() method will get a public key which is given by the Java program.
- The encrypPassword() method will take two parameters: one is a public key, and the other is the password.
- We are using RSA-OEAP node-forge lib for encryption. using the given public key will encrypt the password using SHA156 and label password and return back the encrypted string. For that encrypted string, we need to provide the Java decryption class.
Sample program to encrypt text:
password = 'ConnectPay@2024';
publicKey = getPublicKey();
encrypt = encryptPIN(publicKey, password);
console.log(encrypt);
function encryptPassword(publicKeytemp, password) {
var publicKey = forge.pki.publicKeyFromPem(publicKeytemp);
var encryptedPassword = publicKey.encrypt(password, 'RSA-OAEP', {
md: forge.md.sha256.create(),
mgf1: {
md: forge.md.sha256.create(),
},
label: '##CP',
});
var encryptedPasswordEncoded = forge.util.encode64(encryptedPassword);
return encryptedPasswordEncoded;
}
function getPublicKey() {
return (
'-----BEGIN PUBLIC KEY-----' +
'MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkq2ZAT7hgNwQpyogbzNc0iNV6a6PxvW8nSY1aaRJlumUm5rh0USpF9pjaB771e6aTGQFlsIxYGnobNrzCFcRb5YqPKGg0oT9wa0F0lUF4nxFNJNy2FGWx+zbN3Y0UtYewV+k8dBIdPwRRIohLdp+wGbjZdxyN3WLbt/mvq0Qbx1OP8euIDARnA9NtO7fwSyLIt3/H90Zt3jcqMeft2ws5qQiGthgpANNOF6nbsyYF//sdngcBZ56KaT7GWjN1S3VXqz5k7FpmPAbf3dn+eWxmFP2M1YbewVw2mSRnNWkLQO1sv32c335qBB7NxPeET56lQ87Fjv+32lmaWE5l8yNqmosxXGDZTny99VIT+3+qx4EZ4jGYcLpVhnEwJ3qvpE5AAd4akBuEd3uRW+sBmLkJMbUlEdGyz/hGpiIt8fYBwQISpv4Db1Q5Rv6Dzcd1LIUlIEZG85Md5D8TLtSZvZlDOBehgZa+di4XMImhG6wt1aXOwfpVzqlXKLdtx7v4YQckHPag3tbCHQG6ZyoOr4RFxBRXmuDWNi8JG5My7LiFzM1OLrxp/bKliWFb+Aj0HFsPEDBG07uq1xR0ifK0xWOYV3Ea1awDkTg/5xu2vfga8H5gmVztDgytfyhqlYeknadYGKsG4xmjOQf2oqtGXbzmBhpiOxt8zuyR384AeOrgqsCAwEAAQ==' +
'-----END PUBLIC KEY-----'
);
}