RsaOaep256 Encryption - with C# How to encrypt the Credit Card Info

Jefferson
Regular Visitor

RsaOaep256 Encryption - with C# How to encrypt the Credit Card Info

RsaOaep256 Encryption - CyberSource Flex API

Hello everyone, i am trying to develop a proof of concept use the Cybersource Rest API . 

Right now i am following this documentation to implement.

https://developer.visa.com/capabilities/cybersource/reference#cybersource__cybersource_flex_api__v1_...

 

The First step about the Generate Key  is working just fine, but the next step Tokenize a Card, i am facing a problem with the required Card Info.

In the documentation the JSON Body request this format

 

{
  • "keyId": "05BgbFie7vX5vzSMKOoqEAAdfpdR4kas",
  • "cardDetails": {
    • "cardNumber": "ejbhIpMEgYnIODcB4//rrVxMHrqHcnLD6pDRF36jlEk72bETAfiOoxmpI9pGiidqMmkgAnvJfVgR3CLAV5EdG4Mu5IWK26QRnVtwvsVEUtpah7IylbxV9MLvXh2FjIJskKCWNLidb1G4PN5963hnV3IoZd2pF99JwV9lPhOHT5ymlNeg7sTzQQDN1I0/yJApds+t79hl9QVp4PusUDfSsPQTtR2frzlH4V3W+XjHDhmy5oNhiUaVxv27cyG1SWeCKkVC9tc8zLy4pvlgoplrLV8JRaS9hfWalJjv2xtk3DXmNT2urtFv2evcI3LM/S29KlJjPXZcBp0IYyB/taunCA==",
    • "cardType": "001"
    }

 

But if a Post my request using this JSON format i have a JSON Format response warning me about the error, so i change the Json Body to

{

  "keyId": "08Q9LVyAGl04sMGMxytx2nw5YIOrWWuy",
  "cardInfo": {
    "cardNumber": "ejbhIpMEgYnIODcB4//rrVxMHrqHcnLD6pDRF36jlEk72bETAfiOoxmpI9pGiidqMmkgAnvJfVgR3CLAV5EdG4Mu5IWK26QRnVtwvsVEUtpah7IylbxV9MLvXh2FjIJskKCWNLidb1G4PN5963hnV3IoZd2pF99JwV9lPhOHT5ymlNeg7sTzQQDN1I0/yJApds+t79hl9QVp4PusUDfSsPQTtR2frzlH4V3W+XjHDhmy5oNhiUaVxv27cyG1SWeCKkVC9tc8zLy4pvlgoplrLV8JRaS9hfWalJjv2xtk3DXmNT2urtFv2evcI3LM/S29KlJjPXZcBp0IYyB/taunCA==",
    "cardType": "001"
  }
}

 

Second Issue

Now i need to encrypt the Card info using an algorithm as visa Api inform,  "If the encryption type of RsaOaep256 was used in the Generate Key request, this value needs to be the RSA OAEP 256 encrypted card number."

 

How can i format the credit card info using this algorithm? I look to some examples on the internet but there's few information about how to deal with it.
 

If I try to post the same creditcard that the documentation provide, the API return an error.

Body from my HTTP

{

 

  "keyId": "08Q9LVyAGl04sMGMxytx2nw5YIOrWWuy",

  "cardInfo": {

    "cardNumber": "ejbhIpMEgYnIODcB4//rrVxMHrqHcnLD6pDRF36jlEk72bETAfiOoxmpI9pGiidqMmkgAnvJfVgR3CLAV5EdG4Mu5IWK26QRnVtwvsVEUtpah7IylbxV9MLvXh2FjIJskKCWNLidb1G4PN5963hnV3IoZd2pF99JwV9lPhOHT5ymlNeg7sTzQQDN1I0/yJApds+t79hl9QVp4PusUDfSsPQTtR2frzlH4V3W+XjHDhmy5oNhiUaVxv27cyG1SWeCKkVC9tc8zLy4pvlgoplrLV8JRaS9hfWalJjv2xtk3DXmNT2urtFv2evcI3LM/S29KlJjPXZcBp0IYyB/taunCA==",

    "cardType": "001"

  }

}

Response

{

    "responseStatus": {

        "status": 400,

        "reason": "DECRYPTION_ERROR",

        "message": "Cannot decrypt PAN (RsaOaep256): data hash wrong",

        "correlationId": null,

        "details": [],

        "_embedded": {}

    },

    "_links": {

        "self": null,

        "documentation": [],

        "next": []

    }

}

 

4 REPLIES 4
vkamboj
Community Moderator

Re: RsaOaep256 Encryption - with C# How to encrypt the Credit Card Info

Hi Jefferson,

Thank you for your interest in the CyberSource API. In addition to below, what you are seeing in the reference for the CyberSource

 

API and its related sample request is that there is a discrepancy in the information. On the API reference, we have cardInfo, however in the sample request we have cardDetails.

 

One of the two needs to be updated and, most likely, it will be the sample request. We are currently working on resolving this issue by publishing the correct sample request information on the portal.

 

Please let me know if you have other questions or you can submit another case to developer@visa.com. 

 

Thank You,
Vaibhav 

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.
vibhash
Dabbler

Re: RsaOaep256 Encryption - with C# How to encrypt the Credit Card Info

Hi 

I am also facing the same error. Do we have a sloution to this. Where can I find the updated working sample JSON

vibhash
Dabbler

Re: RsaOaep256 Encryption - with C# How to encrypt the Credit Card Info

Hi Jefferson,

Were you able to overcome the above issue. If yes, can you please provide your inputs
neiba
Helper

Re: RsaOaep256 Encryption - with C# How to encrypt the Credit Card Info

Hi everyone,

I have the same issus, when I try tokenizing the card info:
request:
<pre>
{ "keyId":"08BB06qeCtosikwD710XyXE9BZVLrdsq",
"cardInfo":{
"cardNumber":"ry+Dj8iRBBzBn3n2uxtxdPGXP1HyWtAL2+dtzSAS9V46e2Z\/ERmdvF+GT+xRx8tHM1FcOUj1x7sOijkCkx8o5JyFAixbStOaLzQ9hSlOcCrXA6RSPn9SLSwlyZ2mKD5NYHkPArdjbBf9sZi8tetENB\/KMvQ\/GsOcLJdrqYSIed4Tm0s6nM1zvpIp3rRV844\/L8ZuyjXIytg6Gany3VkTdl7XMi6isj3EpLsAwVS7zJwcENEngLkexZPVq+Z9qr4b9Ezp2TwI\/Yx59lUHCBURmdb2fqda6mW8U9dBOCs6bcTYbJQVZdbG1zYhnx+ZzAro36QwxDeUGRH+mKMgdFWvKA==",
"cardExpirationMonth":"4",
"cardExpirationYear":"2019",
"cardType":"001"}
}

Response
<pre>"responseStatus": {
"status": 400,
"reason": "DECRYPTION_ERROR",
"message": "Cannot decrypt PAN (RsaOaep256): data hash wrong",
"correlationId": null,
"details": []
},

Please, have you found any solution to this problem?