Card Decryption

Sensitive data about the card such as the card number and CVV are encrypted on the data the partner receives via the webhook or an API endpoint.

πŸ“˜

CIPHER ALGORITHM

aes-256-cbc

πŸ“˜

DECRYPTION KEY

App Secret Key

πŸ“˜

Sample Code Decryption

Using NodeJS
https://replit.com/@Olanipekunife/AES-Decryption

Using PHP
https://replit.com/@Olanipekunife/AES-Decryption-PHP

Next Steps

  • The encrypted string needs to be converted to a buffer
const encryptedStringBuffer = Buffer.from(encryptedString, 'hex');
  • The IV(initialization vector) that will be used to decrypt can be gotten first 16 characters of the buffer created from the encrypted string(encryptedStringBuffer)
// Initialization Vector
const iv = encryptedStringBuffer.slice(0, 16)
  • To get the encrypted text that needs to be decrypted, the first 16 characters which is the IV needs to be removed from the encrypted string buffer
const encryptedText = encryptedStringBuffer.slice(16);

Generating a suitable key that can be used

// Key length is dependent on the algorithm, such as for aes192, it's 24 bytes, or aes256, it's 32 bytes. You need to have a key length of 32 byte (256 bit)
const key = crypto
                .createHash('sha256')
                .update(String(app_secret_key))
                .digest('base64')
                .substring(0, 32);

  • Define the algorithm which is via AES Encryption
const algorithm = 'aes-256-cbc'; // Using AES encryption
  • The next thing to do here will be to decipher the key with the AES encryption and the Initialisation vector (IV).
let decipher = crypto.createDecipheriv(algorithm, key, iv);

let decrypted = decipher.update(encryptedText);

decrypted = Buffer.concat([decrypted, decipher.final()]);
  • Convert your decrypted value to String.
const decryptedString = decrypted.toString();

Did this page help you?