Re: encPaymentInstrument JWE Validation

constvar

I am sending enrollPAN payloads to VTS and getting ERROR results back.

message:{"errorResponse":{"status":400,"message":"Input for encPaymentInstrument is invalid or inconsistent with the profile.","reason":"invalidParameter","details":[{"location":"encPaymentInstrument"}]}}

Does this mean the "Decryption" at VTS has succeeded or not?

My current Payload is: [08:29:29 UTC - referenceid = "1529569752745652900" ]

"clientAppID":"Connekt","clientDeviceID":"823780937495628394529374","encPaymentInstrument":"eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6IlFldzZrZlltYlZzSnotLXkiLCJ0YWciOiJIcHhJalpDVTJaS3ZLSFZ3ZGVsNExBIiwia2lkIjoiVzVWMlNKTkpVQjI1U0lZVFgzWVEyMV96bkd6MkZ1UGpuYXBneGh3eUJWMDBjRWhkOCIsImNoYW5uZWxTZWN1cml0eUNvbnRleHQiOiJTSEFSRURfU0VDUkVUIiwiZW5jIjoiQTI1NkdDTSIsImlhdCI6IjE1Mjk1NzAyNDkwMDAifQ.AfSWKL75oD43R_EZ.UWV3NmtmWW1iVnNKei0teQ.q8O8QjTtGeY1gFxpTZr9MHN6bvj8Mb-JoJSfvsBxoSdc4zKFoiXGdTw7ZMIx_5heVwLWwMscz6WphOKBQh2xJ6dUi7q7fqFSccUkPjUT6lAT_YzCSlYxrt6Yit3kF8EkJKB-VIT8hr5DdeKqpqb2YIqJop_QH-BaVrOOSTzaa1eHDq8AfD0nNunySfxU1fQPPoiPyBPKGZH6yY3WOFxmhTzFZRI9yBRMyxkENavUgS5OwBRtKZ4Aa-lylxc_F6rex4bBFD5fcMcGzE3usyMgjHt4IIGKYjQowVwWIxHcaOefDzQAtw5kSOsNm8262tPklshRigA5HrMAbcvL8L4yUXQ0BzCWFQe2lq0iZ0gshk5V_SlTDaFlwI1M0Bpcvy84GwXV.iiKa4CeLtTfkgyKRaTDOXQ","locale":"en_US","panSource":"ISSUER_PUSH_PROVISION","platformType":"ANDROID"}

Has anyone have any test vectors to test the construction of the JWE, including the encryption algorithm inputs?

inputs: "all inputs" to have a reproducable correct payload.

e.g. iat, kid, shared_secret, the random generated cek, iv, and the JSON encPaymentInstrument in clear text, etc.

expected output: the body of the http web call e.g. JWE JSON payload.

DianaVisaPM

Hi @constvar,

I am currently working on your query and will get back to you soon. While I work on your query, here's some code that might be useful to you.

Sample code for payment instrument

{

"accountNumber": "4411059860000004",

"name": "BillEvans",

"cvv2": "123",

"expirationDate": {

"month": "10",

"year": "2015"

},

"billingAddress": {

"line1": "801MetroCenterBlvd",

"line2": null,

"city": "FosterCity",

"state": "CA",

"country": "US",

"postalCode": "94404"

},

Thanks,

Diana

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

DianaVisaPM

Hi @constvar,

To follow up, the 400 error means the PAN entered was invalid, the device used was invalid, or the PAN was not enrolled. Token Services support isn't widely distributed. More integration assistance would be given to priority merchants depending on their annual sales level if they contact developer@visa.com.

When contacting developer@visa.com, please make sure to reference this community forum post query.

Thanks,

Diana

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

constvar

It was an encryption error, my JWE implementation was incorrect.

After solving the JWE encryption problem, I received a different error related to a field inside the encPaymenIntrument,

indicating that the decryption has succeeded.

🙂

DianaVisaPM

HI @constvar,

Great to hear your decryption has succeeded! Thanks for sharing its success!

Thanks,

Diana

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

Raveen

Hi,

I saw that you have sorted out JWE decryption and can you please share some piece of code in GitHub or Somewhere then it will be very helpful for me and others who is struggling to get it done.

Thank you

DianaVisaPM

Hey @Raveen,

To further investigate, please provide the following information:

1. End Point
2. Request Header
3. Request Body
4. Response Header (include the x-correlation-id)
5. Response Body

Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.

Thanks,

Diana

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

nk-checkout

Can you please share you implementation? Getting same error here

DianaVisaPM

Hey @nk-checkout,

To further investigate, please provide the following information:

1. End Point
2. Request Header
3. Request Body
4. Response Header (include the x-correlation-id)
5. Response Body

Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.

Thanks,

Diana

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

adamlee

did u fix this error because I have the same message