Encryption

To ensure data security, the platform encrypts each request and response.

The merchant needs to use the symmetric encryption algorithm AES/ECB/PKCS5Padding to encrypt the request body and decrypt the response body, and the all results are encoded in Base64.

The merchant should provide a 128-bit AES key in advance（Base64 Encoding format）。

Request Body

For the meaning of each field in the original request body, please refer to the API descriptions.

Merchant：The original request body should be encrypted using the AES key, and then Base64-encoded. The result is used as the value of the bizContent field in the actual request body.

SanSan Platform：The value of the bizContent field in the actual request body received will be decoded by Base64 and then decrypted using the AES key. The result is the original request body.

{
  "key_1": "value_1",
  "key_2": "value_2",
  "key_3": "value_3"
}

Tool Samples

<?php

class AesUtils {

    public static function aesEncrypt(string $keyStr, string $plaintext): string {
        return base64_encode(openssl_encrypt($plaintext, 'AES-128-ECB', base64_decode($keyStr), OPENSSL_RAW_DATA));
    }

    public static function aesDecrypt(string $keyStr, string $ciphertext): string {
        return openssl_decrypt(base64_decode($ciphertext), 'AES-128-ECB', base64_decode($keyStr), OPENSSL_RAW_DATA);
    }
}

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;

import static java.nio.charset.StandardCharsets.UTF_8;

public class AesUtils {
    
    private static final Base64.Encoder ENCODER = Base64.getEncoder();
    private static final Base64.Decoder DECODER = Base64.getDecoder();

    public static String aesEncrypt(SecretKey key, String plaintext) throws Exception {
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, key);
        byte[] cipherBytes = cipher.doFinal(plaintext.getBytes(UTF_8));
        return new String(ENCODER.encode(cipherBytes), UTF_8);
    }

    public static String aesDecrypt(SecretKey key, String ciphertext) throws Exception {
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, key);
        byte[] cipherBytes = DECODER.decode(ciphertext.getBytes(UTF_8));
        return new String(cipher.doFinal(cipherBytes), UTF_8);
    }

    public static SecretKey newAesKey(String keyStr) {
        return new SecretKeySpec(DECODER.decode(keyStr.getBytes(UTF_8)), "AES");
    }

    public static String toAesKeyStr(SecretKey key) {
        return new String(ENCODER.encode(key.getEncoded()), UTF_8);
    }
}

Java 6 users can consider using the org.apache.commons.codec.binary.Base64 class instead of the java.util.Base64 class added inJava 8.

PreviousQuick Start NextSignature

Last updated 1 year ago