The shared secret key's length of 40 bytes that you received for mVisa Receive Side API might include additional components beyond just the raw AES encryption key. In cryptographic contexts, key lengths are often specified in bits, and when dealing with AES-256, it corresponds to a key length of 256 bits or 32 bytes.
However, the length of a key in a cryptographic system can sometimes include additional elements, such as salt values, initialization vectors, or other metadata that are used in the encryption or decryption process. These additional components are not the actual key used for the encryption algorithm but are necessary for the correct functioning of the cryptographic scheme.
In your case, the extra 8 bytes (40 bytes - 32 bytes) might be accounted for by such additional components. It's crucial to follow the documentation provided by mVisa or consult with their support to understand the specifics of the key format and whether there are additional components included in the shared secret key.
In cryptographic systems, the key derivation process and key handling mechanisms can vary between implementations, and it's not uncommon to have a key structure that includes more than just the raw key material. Always refer to the official documentation or contact the provider for accurate information about key formats and lengths.
