YBAPIREQ061220254490336697
{"aPIReqRefNo":"YBAPIREQ061220254490336697","corporateID":"682500","corpSecParams":"5f7613c0d1194880aaa188c9c49f373ec230438af90c4ef1bf8cd7dafd9bf75cea72c49e73d9e0daf0d3a1446b3de0f767148ee2a0ef11b52d1b7ef253154bfc","salt":"D12CSAEW2943R3F34F9C"}
{ "X-IBM-Client-Id" : "ebd348f2e28c64fe5fa0a5e7b2586634", "X-IBM-Client-Secret": "2f30ec155df3d81530b301c9d1b6d8e2", "key":"Ikb/EbQY381gyKnCFPJggHrVeFIHSkxbmsH3zqQyOzbC44PYrf2V0bZac3TruHd+hZJi3DF6EHDv0dSy9yNKH3P0oM3TjqY0r/WyrcfshMHoyykMPk2rVsHd8cUlAu1Gp3nx+mbrpQ5iNmQz8zfps/C4RfO5ACt3e/+D4PLXISXnOVgbwkCeuOulWqw0odr3gV+R5YtcBLNphp1VGx+r+GXYwNDutgGKFojtGNSobvL7naPG/kKIymq79q6x3Z4rM3VFi/+lM2K2PPb69ENTy8JnAiB4PnXtZWQZhhCLOn+FFbMVg3rb1jn1XMEoFeZ7rc7GScnLv6UfWAQeSNJvZg==" }
{"payload":"sWSA2M8Vsr+K7nM15KX83UfFfmQZmdRttcsnlA4dP2f7ZQ8YxJK8ypP3\/sjXsky87YinPImbWobFdXLezlo7RoAp6i+TbSe2DY5CfHwugKhMhOJI4bJnNjWH2xxlipKkyl5Q7Lb3yCcMAXDjIGK9Sbji4gpd3KSLB8a4pmqT2657UmoqqxBF0gj6UoNCQFQAhc+g9fD7JXfFhRANcnH0Yvk6CZWpCh3zVjsWvTw4UW0BGSXSaMNBcGghiBL8IBs3YG6fq1kHRm1cBEMgvHdVlfcoyoR2IqzKg7VVAeMEYo9zi+UuNYMpjK5AaY4+XyjS3rr\/qZiUpleS7dRSu+J2GksyZ4j8LCJ\/p2mEc0XvH58=","hashValue":"7244343d01e41f76355c40b12821b3304fd74f85929710da0c4a08386376dfd6867c6836f023aa67bf46b38a80f85b7223972586c51edbc1507899bbd45893b8"}
- namespace App\Http\Controllers;
- use Illuminate\Http\Request;
- use phpseclib3\Crypt\RSA;
- use phpseclib3\Crypt\AES;
- use Illuminate\Support\Str;
- use Illuminate\Support\Facades\Http;
- class TestController extends Controller
- {
- public function encryptPayload(Request $request)
- {
- $input = $request->all();
- $aPIReqRefNo = 'YBAPIREQ' . date('dmY') . random_int(1000000000, 9999999999);
- function generateHexSalt($length = 16)
- {
- return bin2hex(random_bytes($length / 2));
- }
- function generateAESKey($salt)
- {
- return hash('sha256', $salt, true);
- }
- function encryptPayloadAES($payload, $key)
- {
- $aes = new AES('cbc');
- $aes->setKey($key);
- $aes->setIV(random_bytes(16));
- return $aes->encrypt($payload);
- }
- function extractPublicKeyFromCertificate($certificate)
- {
- $certData = openssl_x509_read($certificate);
- $publicKeyDetails = openssl_pkey_get_details(openssl_pkey_get_public($certData));
- return $publicKeyDetails['key'];
- }
- function encryptWithRSA($data, $publicKey)
- {
- $rsa = RSA::loadPublicKey($publicKey);
- return $rsa->encrypt($data);
- }
- function base64Encode($data)
- {
- return base64_encode($data);
- }
- $certificate = <code><<<</code>EOD
- -----BEGIN CERTIFICATE-----
- MIIGpjCCBY6gAwIBAgIQD5azSFw0HdzToy3O9u9jhDANBgkqhkiG9w0BAQsFADBE
- MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE
- aWdpQ2VydCBFViBSU0EgQ0EgRzIwHhcNMjAwNzA4MDAwMDAwWhcNMjEwNjE2MTIw
- MDAwWjCB4DEaMBgGA1UEDwwRR292ZXJubWVudCBFbnRpdHkxEzARBgsrBgEEAYI3
- PAIBAxMCSU4xGjAYBgNVBAUTEUdvdmVybm1lbnQgRW50aXR5MQswCQYDVQQGEwJJ
- TjEUMBIGA1UECBMLTWFoYXJhc2h0cmExDzANBgNVBAcTBk11bWJhaTEcMBoGA1UE
- ChMTU1RBVEUgQkFOSyBPRiBJTkRJQTEkMCIGA1UECxMbSU5URVJORVQgQkFOS0lO
- RyBERVBBUlRNRU5UMRkwFwYDVQQDExB5b25vYnVzaW5lc3Muc2JpMIIBIjANBgkq
- hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAOZYxBsK/5187m1dNJZsCQLG9cSre62
- VWjDvgtJnXuVLIs5NM2d3c/iks0ILK+Dx24HLqhXZ/9xm23ziexsaf1nqXqiMU5W
- n5Y2hsWwEp3I0Pa9mNVp/K2zeliX6aiO/3FldI0UodJi8mJXu8lTdFfv6LKPExJp
- +nBNKCsnBFHDBjBUUxya4AEXFqiIBUIkXSeKZ6kibmLMa8CioVSfzWdPmklNQJ8R
- /vVo5tg+owV55FP+Wnl0BcMKm4aG+QXiBqv3rpKHmDohJ4j9DOEz1C9JayP4Rdpz
- Ir3dvTwpyxZG3xwBi0a9m1QNRp9Smk5ayMMGOsfQMO4e9hlztZopgwIDAQABo4IC
- 9TCCAvEwHwYDVR0jBBgwFoAUak5Qv5honVt7IHXUWQF5SGaSMgYwHQYDVR0OBBYE
- FF3BGmz7C6gCe0WLzlMgv2UWHu3cMDEGA1UdEQQqMCiCEHlvbm9idXNpbmVzcy5z
- YmmCFHd3dy55b25vYnVzaW5lc3Muc2JpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
- FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDov
- L2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RVZSU0FDQUcyLmNybDA0oDKgMIYu
- aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RVZSU0FDQUcyLmNybDBL
- BgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3
- dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMHMGCCsGAQUFBwEBBGcwZTAkBggr
- BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMD0GCCsGAQUFBzAChjFo
- dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRFVlJTQUNBRzIuY3J0
- MAwGA1UdEwEB/wQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgD2XJQv0Xcw
- IhRUGAgwlFaO400TGTO/3wwvIAvMTvFk4wAAAXMuy1fbAAAEAwBHMEUCIQDbdqFJ
- fLvbZ0gkRmJf6e8YWaII5sQdasLSWkhljDNzMwIgQ6C2LDPGSQzF3GhZ2Zk6w6Mm
- EIBHRkjsBYvSYpNhlvcAdgBc3EOS/uarRUSxXprUVuYQN/vV+kfcoXOUsl7m9scO
- ygAAAXMuy1gKAAAEAwBHMEUCIQDb9zstnk4m6mstTBBRMG4ajqAHMfUbpITWxrDE
- xA6nfwIgRiPFMpiAMQO1DgSzxZJAhEduSP/vUI5axwoWm2ROpwswDQYJKoZIhvcN
- AQELBQADggEBADAvVutwG+yglgUfZhb18kanKPTxoCAw6MI+a29sDPY/+O5JG8Lh
- lYRmN3vqQfeswCFfTdk25KtjSzqSRHAZ/syrvLFOwcxjXMzf0Rh7rz/f0hw0437v
- vlDPgCDZo7Cp8RO9eZ5cy8ybyRT/iLKXqoI0c1dp4kMa1/wHhJFKBrnhYRHRP/Fa
- 3k8sqzDiKrNawuiTzkB3FrKVWUlc01/HzrViO2Gj/U7n0YRRQNMPwkPBbmPYDmM5
- VfAIs3yKLWZyjeqZVaWaui0KhZH0EQInRU22WNM0qyMKyC3YfvrpSoEBRLDUIrqc
- 6i62SGMFi+YzpcHrstaQrjLw+cnfVla83Bk=
- -----END CERTIFICATE-----
- EOD;
- $publicKey = extractPublicKeyFromCertificate($certificate);
- $salt = generateHexSalt();
- $aesKey = generateAESKey($salt);
- $payload = '{
- "aPIReqRefNo":"' . $aPIReqRefNo . '",
- "corporateID":"ABC12345678",
- "corpSecParams":"je2Wu3lGHtdTgSNniehbw/dCiY/+dA3X+4/B8wxHAAJCM4CdQXiXuQRY5FzMwgA7n8Ki+zmJbYrIg14KEeGg6jBrW4SDd9Awkwp9RwNskimION8dW3oDoD5KbqEfkoB55tVOK8BVO/1I7cXOeX1XAwyGHp65NM/Wb14Of8UtGtV+ZFVD1EX7A0SOx8hpEgPCKArkZRhokaXgR7+oSici59t/bQvNy+3iIhfO5mZYIr2KtdEDh8CdYZjjUZAqRlTo5dzrqVSi2PuYsgTo5/PXvY2UWA0duZrJG2+XSUJvFxDEHI97MIz7IQnn2uRnOBlfZeeNkTj2yn1CHqqjE3j4Xw==",
- "salt":"' . $salt . '"
- }';
- $compressedPayload = gzcompress($payload);
- $encryptedPayload = encryptPayloadAES($compressedPayload, $aesKey);
- try {
- $encryptedKey = encryptWithRSA(hex2bin($salt), $publicKey);
- } catch (Exception $e) {
- die('RSA Encryption Error: ' . $e->getMessage());
- }
- $base64EncodedKey = base64Encode($encryptedKey);
- $base64EncodedPayload = base64Encode($encryptedPayload);
- $hashedPayload = base64Encode(hash('sha512', $base64EncodedPayload, true));
- $data = '{
- "payload" : "' . $base64EncodedPayload . '",
- "hashValue" : "' . $hashedPayload . '"
- }';
- $secretId = '2f30ec155df3d81530b301c9d1b6d8e2';
- $ClientId = 'ebd348f2e28c64fe5fa0a5e7b2586634';
- $headers = [
- 'X-IBM-Client-Id' => $ClientId,
- 'X-IBM-Client-Secret' => $secretId,
- 'key' => $base64EncodedKey,
- ];
- $response = Http::withHeaders($headers)
- ->post('https://uatapibanking.yonobusiness.sbi/erpuat/uat/corp/cinb/authenticationService', [
- 'payload' => $base64EncodedPayload,
- 'hashValue' => $hashedPayload
- ]);
- }
- }