Skip to content

EncryptKey

It is the public key for data encryption. The encryption key changes once in 24 hours and is valid for 48 hours.Meaning,two keys will be used in the operation.

Get current key for PAN encryption

Please pay attention that the endpoint is different from the basic! (w/o authorization)

GET- /encryptkey(1)

  1. Sandbox server (uses test data)
    https://secure.sandbox.payerly.tech/encryptkey
    Production server (uses live data)
    https://secure.payerly.tech/encryptkey

Code samples

async function importPublicKey(apiPublicKeyUrl) {
    return await fetch(apiPublicKeyUrl)
        .then((response) => {
            return response.json();
        })
        .then(async (object) => {
            return await window.crypto.subtle.importKey(
                "jwk",
                object.jwk,
                object.alg,
                false,
                ["encrypt"]
            );
        })
        .catch(function (err) {
            console.error(err);
        });
}
async function encryptMessage(message, publicKey) {
    let enc = new TextEncoder();
    let encoded = enc.encode(message);


    return await window.crypto.subtle
    .encrypt(
        {
             name: PublicKeyObject.algorithm.name,
        },
        PublicKeyObject,
        encoded
     )
    .catch(function (err) {
        console.error(err);
     });
}

function ab2str(buf) {
return String.fromCharCode.apply(null, new Uint8Array(buf));
}

let PublicKeyObject = null;
const url = "https://{API_URL}/encryptkey";
importPublicKey(url).then((publicKey) => {
    PublicKeyObject = publicKey;
    encryptMessage(cardCredentials, PublicKeyObject.publicKey).then(encryptedMessage => {
        const encryptedMessageString = ab2str(encryptedMessage);
        const encryptedBase64 = window.btoa(encryptedMessageString);
        const encrypted_data = { encryptedCardData: encryptedBase64 }
        console.log(encrypted_data);
});
});
const cardCredentials = JSON.stringify({
       pan: "4111111111111111",
       cvv: "444",
       exp_month: 11,
       exp_year: 30
});

<?php
include 'phpseclib/autoload.php';  //using strandard php seclib

$card['pan'] = "4111111111111111";  //string
$card['cvv'] = "123";  //srting
$card['exp_month'] = 12;  //int
$card['exp_year'] = 2030;  //int

// get actual encrypt key from URL
$url = "https://{API_URL}/encryptkey";
$arrContextOptions = ["ssl" => ["verify_peer" => false, "verify_peer_name" => false] ];
$res = json_decode(file_get_contents($url, false, stream_context_create($arrContextOptions)), true);

$rsa = new \phpseclib\Crypt\RSA();
$rsa->loadKey($res['pem']);  //public key in PEM format from URL
$rsa->setEncryptionMode($rsa::ENCRYPTION_OAEP);
$rsa->setHash('sha256');
$rsa->setMGFHash('sha256');

$encryptedCardDataBinary = $rsa->encrypt(json_encode($card));

$paymentData['object']['encryptedCardData'] = base64_encode($encryptedCardDataBinary);
$paymentData['object']['cardHolder'] = "John Doe";

$paymentData['type'] = "card";

$payment['paymentData'] = $paymentData;
?>
RESPONSE HEADERS:
Parameter Type Description
Date string(date-time) The Date header indicates the server time.
RESPONSE SCHEMA: application/json
Parameter Type Description
jwk string Public key (JWK)
pem string Public key (PEM)
alg string Sign algorithm
200 
  {
      "jwk": "string",
      "pem": "string",
      "alg": "string"
  }
default 
  {
    "error": {
      "code": 65535,
      "description": "string",
      "traceId": "string",
      "details": [
        {
          "value": "string",
          "description": "string",
          "fields": [
            {
              "name": "string",
              "type": "string",
              "value": "string"
            }
          ]
        }
      ]      
    }
  }