• Sandbox request is in plain format. For UAT and production request response data needs to be transmitted in encrypted format only.
  • To pass encrypted request data, use AES 128 - AES/CBC/PKCS5Padding with secret key shared by ESB and encode data with base64 encoding. This is part of encrypt function.
    Example:
    Sample request: 
    {
    "GetEligibilityCheckRequest": {
        "SubHeader": {
            "requestUUID": "AL1231-17092021",
            "serviceRequestId": "hafdvd",
            "serviceRequestVersion": "1.0",
            "channelId": "TBD"
        },
        "GetEligibilityCheckRequestBody": {
            "mobileNumber": "98765*****"
        }
    }
}
  • Note: Plain Text request highlighted in BOLD need to be encrypted in AES128 algorithm and send in "GetEligibilityCheckRequestBodyEncrypted" tag.
  • encrypted request: 
    {
    "GetEligibilityCheckRequest": {
        "SubHeader": {
            "requestUUID": "AL1231-17092021",
            "serviceRequestId": "hafdvd",
            "serviceRequestVersion": "1.0",
            "channelId": "TBD"
        },
        "GetEligibilityCheckRequestBodyEncrypted": "MFictTWmaV5A+QVV+Wzqe8qF9LGRvaXkQDMb1ZJgeSh4EhSCPQ3BXdR35Kfzlfp9PyTs0+cNNnMBevRn3d9RLLZ5p2DQNh2xc9gxTGc/1bph6MZFvSH1Af7tZMERiyiS"
    }
}
  • To decrypt response data, decode data with base64 decoding and use same AES 128 - AES/CBC/PKCS5Padding with secret key shared by ESB.
    Example:
    Sample response: 
    {
    "GetEligibilityCheckResponse": {
        "SubHeader": {
            "requestUUID": "AL1231-17092021
            "serviceRequestId": "hafdvd",
            "serviceRequestVersion": "1.0",
            "channelId": "TBD"
        },
        "GetEligibilityCheckResponseBody": {
            "LOAN_AMOUNT": 2500000,
            "INTEREST_RATE": "9.25,9,8.85,8.85,8.75",
            "TENOR": 84,
            "LTV": "100% on Road",
            "PROCESSING_FEE": "3500,4500,5500,6500,7000",
            "STP_FLAG": 1,
            "EXTRA_6": "null",
            "EXTRA_7": "null",
            "EXTRA_8": "null"
        }
    }
}
    Encrypted response: 
    {
    "GetEligibilityCheckResponse": {
        "SubHeader": {
            "requestUUID": "AL1231-17092021
            "serviceRequestId": "hafdvd",
            "serviceRequestVersion": "1.0",
            "channelId": "TBD"
        },
        "GetEligibilityCheckResponseBodyEncrypted": "7Z37GZ0Or32nvct/3MJbmU384sCMCpWCmfFz3UyKDXSoCQDZBr9v3x5Vn00cAemnUBQkC5t6imJIhCt5AY2AVoJV0N/J3Bdw+laALnGtTPbhT+xG1mGI689A1pntqx1NerleCjfKKvxZqtJ1JoKpTGcDyS/I8XwIMsN8TajHS9T3ug3cJ3In6EZA9IFuAv+R35FM2kczFrjBN4kUhSmF9XehUbGa8uk6TLTQT6HXlfzbLHF8tqw976L5q0UdmNhbHn1DmSQmEAxMOvn+TbSUSA2K02DEP70Fif2Ozk4d7M0="
    }
}
Note: In case of encrypted response if \r\n or escape character \ is observed, it can be replaced by empty string.

 

Java

import java.io.ByteArrayOutputStream;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;

public class AESEncDec {
    
    public static String encryptCallBack(String key, String str_resp)
	{
			    
			ByteArrayOutputStream baos = new ByteArrayOutputStream(key.length() / 2);
				
		    for (int i = 0; i < key.length(); i += 2) {
		        String output = key.substring(i, i + 2);	       
		        int decimal = Integer.parseInt(output, 16);	        
		        baos.write(decimal);
		    }
			    
				
		    try {
				SecretKeySpec skeySpec = new SecretKeySpec(baos.toByteArray(), "AES");
			      
			    byte [] iv1 = new byte [] {(byte) 0x8E, 0x12, 0x39, (byte) 0x9C, 0x07, 0x72, 0x6F, 0x5A, (byte) 0x8E, 0x12, 0x39, (byte) 0x9C, 0x07,0x72, 0x6F, 0x5A};
				AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv1);

			    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
			    cipher.init(1, skeySpec,paramSpec);
			     

			    byte[] encrypted = cipher.doFinal(str_resp.getBytes("UTF-8"));
			    
			    ByteArrayOutputStream os = new ByteArrayOutputStream();
			    os.write(iv1);
			    os.write(encrypted);
			   byte[] encryptedWithIV = os.toByteArray();
			 
			    //return new String(Base64.encode(os.toByteArray()));
			    String encryptedResult = Base64.getEncoder().encodeToString(encryptedWithIV);
			    return encryptedResult;
			} 
		    catch (Exception ex) 
		    {
			   ex.printStackTrace();
			}

			return null;
	}
			
	public static String decryptCallBack(String key, String encrypted)
	{
			    
			ByteArrayOutputStream baos = new ByteArrayOutputStream(key.length() / 2);
					
			for (int i = 0; i < key.length(); i += 2) 
			{
				String output = key.substring(i, i + 2);	       
				int decimal = Integer.parseInt(output, 16);	        
				baos.write(decimal);
			}
				    
			try
			{
			    SecretKeySpec skeySpec = new SecretKeySpec(baos.toByteArray(), "AES");
			    
			    //byte[] encryptedIVandTextAsBytes = Base64.decode(encrypted);
			    byte[] encryptedIVandTextAsBytes = Base64.getDecoder().decode(encrypted);
			    byte[] iv = Arrays.copyOf(encryptedIVandTextAsBytes, 16);
			    byte[] ciphertextByte = Arrays.copyOfRange(encryptedIVandTextAsBytes, 16, encryptedIVandTextAsBytes.length);
			    
			    
			    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
			    cipher.init(2, skeySpec, new IvParameterSpec(iv));
			    byte[] decryptedTextBytes = cipher.doFinal(ciphertextByte);	
			    
			    String original = new String(decryptedTextBytes, "UTF-8");

			    return original;
			}
			catch (Exception ex) 
			{
			     ex.printStackTrace();
			}

			return null;
	}
    
    public static void main(String args[]) {
      
      AESEncDec m = new AESEncDec();
      
      final String keyAsHexString = "46C1EB633ECAB0CA0F52*****E92EA72";
      String plainText = "{ \"mobileNumber\": \"483249c1d0e10d0762ff0ec55365a0f79e*****2f1f1ab08f2b2c2a70b7aaa3b\" }";
      
      String encrptedString = m.encryptCallBack(keyAsHexString,plainText);
      
      System.out.println("Encrypted data = " + encrptedString);
      
      String decrypt = m.decryptCallBack(keyAsHexString,encrptedString);
      System.out.println("Decrypted data = " + decrypt);
      
    }
}
Axis Aha!