Payments Page Integration

4.1 Appendix A: Encryption Algorithms

4.1.1 Blowfish
4.1.2 AES
4.1.3 Twofish

4.1.1 Blowfish (recommended encryption algorithm)

Blowfish is a symmetric block cipher that can be used as a drop–in replacement for DES or IDEA.
It takes a variable-length key, from 32 bits to 448 bits.
Refer to https://www.schneier.com/academic/blowfish/download.html for source code examples.
This site has a number of source codes examples implemented in number of different languages.
The [Shared Encryption Key] value will be a key shared by the merchant and the payment gateway.
Please ensure your object to be encrypted is trimmed of all spaces, and is padded to be a multiple of 8–bytes for Blowfish encryption.
Use Cipher Mode: ECB and Output Type: Hex.

Figure 27. Sample JavaScript Blowfish Encryption

4.1.2 AES

AES (acronym of Advanced Encryption Standard) is a symmetric encryption algorithm.
AES was designed to be efficient in both hardware and software, and supports a block length of 128 bits and key lengths of 128, 192, and 256 bits.
Refer to https://aesencryption.net/ for source code examples. This site has a number of source code examples implemented in different languages.


			string encryptedMessage = AESEncrypt([Payload to Encrypt];

			string key [Shared Ecnryption Key];

			string salt [passed in the encSalt form variable];

			string iv [initialisation vector passed in the encIV form variable];

			int iterations [number of iterations passed in the encIterations form variable];

			public static string AESEncrypt(string input, string key, string salt, string iv, int iterations) { 

				…

			}

Figure 28. AES Encryption

4.1.3 Twofish

Twofish is a block cipher by Counterpane Labs, published in 1998.
It was one of the five Advanced Encryption Standard (AES) finalists, and was not selected as AES.
Twofish has a 128–bit block size, a key size ranging from 128 to 256 bits, and is optimized for 32–bit CPUs.
Refer to https://www.schneier.com/academic/twofish/download.html for source code examples.
This site has a number of source codes examples implemented in number of different languages.


			string encryptedMessage = TwoFishEncrypt([Payload to encrypt];

			string key [Shared Encryption Key];

			string salt [salt passed in the encSalt form variable];

			string iv [initialisation vector passed in the encIV form variable];

			int iterations [number of iteactions passed in the enIterations form variable];

			public static string TwoFishEncrypt(string input, string key, string salt, string iv, int iterations){  

				… 

			}

Figure 29. TwoFish Encryption

Continue

Continue to 4.2 Appendix B: Control Key – TransactionStatusCompletedURL

Return

Return to 4 Appendices

Return to 3. Implementation Steps

Return to 1. Contents