This section focuses on the encryption and decryption process, aiming to assist the client’s system developers in quickly integrating with Infinia.

Interaction Process

Public Key Exchange

The interaction process begins with a secure exchange of public keys, enabling both parties to perform encryption and signature verification.

Client Request

The Client encrypts the requestData using Infinia’s public key, ensuring that only Infinia can decrypt and access the contents.

After encryption, the Client signs the encrypted requestData with its private key, allowing Infinia to verify the data’s authenticity and integrity.

The Client then sends the encrypted and signed request to Infinia.

Infinia Verification & Response

Upon receipt, Infinia verifies the signature using the Client’s public key to confirm the data origin and integrity.

Infinia then decrypts the requestData using its private key.

Infinia prepares the responseData, encrypts it using the Client’s public key (so only the Client can decrypt it), and sends the encrypted response back to the Client.

Client Response Handling

The Client decrypts the responseData using its private key, completing the secure exchange.

Security Guarantees

This process ensures that throughout the communication:

Confidentiality is maintained (only the intended recipient can decrypt).

Authenticity & Integrity are ensured (digital signatures confirm the origin and prevent tampering).

Interaction Mode

Encryption and Decryption Interaction

The encryption and decryption process is as follows:

Communication Method

All basic communication is carried out using the HTTPS protocol through the POST method.

Request Message

The message is assembled using the post-json mode.
All parameter values need to be converted to UTF-8 character encoding before sending.

Example:
headers:
content-type :application/json
Post

{"appId": "fb4a62a5-c5fa-4396-a180-1daebaf1e0c8","dataType": "JSON","requestData": "VTwESOGHoIr0Z80+znwrq0YBiWSCUyxA4tF9BiaFJQEtHA01brsfPAndyH3r+FItjYDRYcr30DIgwSjGUnIENPsBWgVKNEdAjaHZcSz/kYMZuAcD+zfvRL9U74LG3GV5OM23uE1eIQ2Px5cxrjr8kc6jaTBBDy5GiUAeV3/5AzSqXb4jyLoxntQ3zLFVwRbt4dWbsTJfVpKgAqK12hO/uZgZhMIXt7FT1lFE0v1JcV33FMHf7TLOk0ennlpR+yP6tv1Bn+TCJ4Lu3VpgHcNE1+ETn1dz0df6JNE6ELCmN30y2AjQCdkJGc3TH4gKXq5S4sXtrtlUNX7T9Ved3pwHfAyQqMAgSmCLzxAJBOWpGCl2Z6BcS2DDnGxl5BcepK0G+P1vphzrOsnnV97diEmL5s7QEiGZXlYWMkeJKHmulE6H1gT1bDvotMCEIm4+NCzIxxivyeEGQghjcvW4qfeI9W3OnHjlsJZPfmguzd+AWV3r6Pj+U3uufd/KM0gnJ88hen7t4RDw1SSPNwcttW1UKSzhNAdMGrJVJU2A6M8OnKuQSY6WvGnqJFuiBSHompxYNvtWAyRJUEivRWGqSmXMJPmePwW2CY3oPqkRxgHtAipjR/twRTP665c0rZ+/qwlxwFGIxsmvEC2FGreFzdQfJZ2S/BowtLXylzQFTPLnkt8=", "version": "1.0.0"}

Response Message

The response message returned by the Infinia system is provided in HTTP-body-JSON format,
with all JSON data encoded in UTF-8.

Example:

{"responseData": "n1VknZyFiUM3IV4mWJ9exV12CVr7iUCrqLSkff7/Y43f68hdDPXWGVlyb8BiUK4o9z4G32qGltn0uuoURjqCiNxLH8aqkirTDsMghQe3Scj4xcVA0/nr+0BG63x+4s8HXN554WcVO/aiWgBGXIAFSgZR47n5inQAvq2dKUWfPx5KZuAZxbyFnIHTcStHgS1lWSPiim7aQYZbZTSC6x9vXIPbKP7CGSglTiVEPKFAFuOYfaogeIjryU1uVYT+zwbeLKiL5PBLKkeFKpsp9Fypug9rGmcD7q6C7/yvYw2hFi44xlW/M93WEkfg1WYFS4Ti6+67hzAOtRNIyh3JB57p8Hzya1qnlmFjYSc/totW/bVE1iD7aVRaqpgdYIwD9CdcqYFWF3RlLOckd5WUQCNwrsCDFVdpE9YJE7LQnt/7RE8WJOMxyPOdBFdVsXMpNpVfm5J1cOWIRJzd9p//h/A158X+eep+YR40ihBUUVDvJ8Z1gbG6Xi8a3CJIXVgsF26YVIlyVZrfUcb06Ojko0sVWfX4p/EChjRBTP9WwN5qdsbijF/RBT/cmpb8Xhw0VBN538xYmmOk4cAv6T/PxourIUB5y2+yByUikosB3rfZ7ve/iXTsmprbJQOB5Db7gPuve9UDq8tjK8mMwGSQdCBmC3tCQDt7igB6CGi3jQ6dcsE=","appId": "fb4a62a5-c5fa-4396-a180-1daebaf1e0c8","message": "Operation completed successfully. ", "code": "SUC-200"}

Security Control

RSA Key Generation

RSA keys are generated using the OpenSSL tool commands.

Step 1:
First, enter the OpenSSL tool and input the following commands:

OpenSSL>genrsa -out app_private_key.pem  1024  #generate private key
OpenSSL>pkcs8 -topk8 -inform PEM -in app_private_key.pem -outform PEM -nocrypt -out app_private_key_pkcs8.pem #Java developers need to convert private key to PKCS8 format
OpenSSL>rsa -in app_private_key.pem -pubout -out app_public_key.pem #generate public key
OpenSSL>exit #exit OpenSSL program

After completing the above steps, developers will see three files in the current folder (the OpenSSL working directory):

app_private_key.pem (developer's RSA private key, suitable for non-Java languages)

app_private_key_pkcs8.pem (developer's RSA private key in PKCS8 format, suitable for Java)

app_public_key.pem (developer's RSA public key)

Developers should keep the private key and submit the public key to Infinia.
Below are examples of the private and public key files.

Note:
Java developers need to remove the headers, footers, line breaks, and spaces from the generated PKCS8 private key and input it as a string in their code.
.NET and PHP developers do not need to perform the PKCS8 command operation.

Standard Private Key File Example

(For PHP, .NET)

MIICXgIBAAKBgQDSoTVPEVImo011TQbvwfPrGFoqv7+Ubner1jdox7KXZP1/sOvj
nzmVKj5nTZrczTDJr1IR1QIGRlrYKFHrUO7kgrG+455jFT+tQLpe5l598I6mYrjv
NWgJ4CtjNe3LVchN76IkR0qxXxUKURdJyJhY98ojQ/AmKGST0xAN1wnXmQIDAQAB
AoGALnd2BT1y/CcmnWwizZ3iK8kxiyDGKP690+DsVGdJ1PBopFTplUu5LlklbzDF
q1RxIO1Wk6yER9IZlHpAqEMwkD51xanHZzNcFy9ABrW4AZa6k//tfK9ExVnCvYV1
d0g0E/QkCOHooV2WCw88k4vkwxmuhUiedHoabvynnWiL16kCQQDrWmxgXXtzq5my
Rfhy2DaQ757MVYiI4gt9KiPSKS9DP9DzF4qdlZcQ+VIXWKvBlHmHanYgDLquqZmc
aZpJQmDTAkEA5RuLCihqyYBXfXhwH55fMYK4yOVtLTAtXsoEI++6vu9A9Sz8XBdH
vG4UIoUp5m4F7Mk5o3NIekfmybWbY/hCYwJBALaAk/HWC9kShEidwZ8s0oNpjPZe
jVW4E7inaMebcC7x2ZHn+3FfgpmC/IlmFSozfFnp0FfiBxFSKvADY8TTWEkCQQCM
t+8dbRex7gdOxHOxp/d2FIFkuy3kjGvBhbknTW5ZKeCu9lOGSLJB9Sae0UWcB8XR
2wJw9zT0DkedatMngutbAkEAwDeXv/CwNszSGTRI4jezMcIEXybPQKSzu7GYvdwS
TwFhOM58XPiGlbU+D1hx0my0ru31damCYvB1qUt+bt1E8w==

PKCS8 Processed Private Key File Example

(For Java)

MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANKhNU8RUiajTXVN
Bu/B8+sYWiq/v5Rud6vWN2jHspdk/X+w6+OfOZUqPmdNmtzNMMmvUhHVAgZGWtgoUetQ7uSCsb7jnmMVP61Aul7mXn3wjqZiuO81aAngK2M17ctVyE3voiRHSrFfFQpR
F0nImFj3yiND8CYoZJPTEA3XCdeZAgMBAAECgYAud3YFPXL8JyadbCLNneIryTGL
IMYo/r3T4OxUZ0nU8GikVOmVS7kuWSVvMMWrVHEg7VaTrIRH0hmUekCoQzCQPnXF
qcdnM1wXL0AGtbgBlrqT/+18r0TFWcK9hXV3SDQT9CQI4eihXZYLDzyTi+TDGa6F
SJ50ehpu/KedaIvXqQJBAOtabGBde3OrmbJF+HLYNpDvnsxViIjiC30qI9IpL0M/
0PMXip2VlxD5UhdYq8GUeYdqdiAMuq6pmZxpmklCYNMCQQDlG4sKKGrJgFd9eHAf
nl8xgrjI5W0tMC1eygQj77q+70D1LPxcF0e8bhQihSnmbgXsyTmjc0h6R+bJtZtj
+EJjAkEAtoCT8dYL2RKESJ3BnyzSg2mM9l6NVbgTuKdox5twLvHZkef7cV+CmYL8
iWYVKjN8WenQV+IHEVIq8ANjxNNYSQJBAIy37x1tF7HuB07Ec7Gn93YUgWS7LeSM
a8GFuSdNblkp4K72U4ZIskH1Jp7RRZwHxdHbAnD3NPQOR51q0yeC61sCQQDAN5e/
8LA2zNIZNEjiN7MxwgRfJs9ApLO7sZi93BJPAWE4znxc+IaVtT4PWHHSbLSu7fV1
qYJi8HWpS35u3UTz

Public Key File Example

MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSoTVPEVImo011TQbvwfPrGFoq
v7+Ubner1jdox7KXZP1/sOvjnzmVKj5nTZrczTDJr1IR1QIGRlrYKFHrUO7kgrG+
455jFT+tQLpe5l598I6mYrjvNWgJ4CtjNe3LVchN76IkR0qxXxUKURdJyJhY98oj
Q/AmKGST0xAN1wnXmQIDAQAB

Step 2: Processing the Application Public Key Format

Remove the headers, footers, line breaks, and spaces from the public key file.

Convert it into a single-line string.

Common Issues with PHP's RSA Configuration

If the merchant system is Windows-based and the system32 directory does not contain libeay32.dll and ssleay32.dll,
these files need to be copied into the system32 directory.

If the php_openssl.dll file is not present in the php\ext directory of the PHP installation,
place the php_openssl.dll file in this directory.

Encryption and Decryption

Interaction Process#

Security Guarantees#

Interaction Mode#

Encryption and Decryption Interaction#

#

Communication Method#

Request Message#

Response Message#

Security Control#

RSA Key Generation#

Standard Private Key File Example#

PKCS8 Processed Private Key File Example#

Public Key File Example#

Common Issues with PHP's RSA Configuration#