Skip to main content

Encrypt Function

Encrypt data within the request body. The data to be encrypted may include a token, identified by token notation. In this case, the token will be detokenized prior to encryption.

The encrypt function will detokenize the payload, encrypt the data within the “Data” parameter in the function space, and replace the function space with the resulting, encoded ciphertext, before forwarding the request to the specified URL.

RSA

Function parameters:

Parameter NameValue
FUNCTIONEncrypt
TYPERSA
KEYProvide the public (RSA) key to be used for encryption
ENCODINGBASE64 or HEX (encodes ciphertext)
DATAData to be encrypted. This may include tokens located by token notation. If a token and/or a function is contained in the data parameter, the token will be detokenized prior to encryption.
PADDINGThe padding mode to use. Supported modes are "OAEP" and "PKCS1". Both modes work independent of digest mode. Note that OAEP mode will leverage MGF1 along with the specified digest.
DIGESTThe message digest to use. Supported modes are "SHA1", "SHA256", "SHA384", and "SHA512".

RSA Encrypt Examples:

POST https://test-tgapi.tokenex.com/detokenize HTTP/1.1
Content-Type: application/json
TX-URL: https://www.example.com
TX-TokenEx-ID: YourTokenExID
TX-APIKey: YourAPIKey

{
  "card": {
    "type": "MC",
    "encryptedCardNumber":"{{{{FUNCTION:Encrypt,TYPE:RSA,KEY:-----BEGIN PUBLIC KEY-----r28El+rBesEzTA9XGfvvj4saHyHJkcCdze55ZmzKt5Ix87/TOKAl5urCX530Jzi+gF3TFX3WZj5ejwdSS9UDKqB1YG21F9FkGmzmYKltF5+/a01AqZh3F0VwYcCm3LJPmv2vzOdWZSrNEXpijQaGMfklUyj4ifsy5c5A54SF8MlNRUQMIJ1PXA+5tPdyJF2qBQoRCb33IeziRgUMw9XrF5LBiem5qICbuH6P/N8SMa524gtYKv+Wkz8a7UR8Psh9mCEQbxWEoj5zjVKOwdOvxzo3XIT3qTLNAP/ShTUIfXKN0jZN3XRKg4lOLRHUXSrDcIy+CaWkcnrHQZjPgudGu30UXCFGgR26wt66vKeRCU2dtUyjWU/ew76hWqWMn3Ov+vHlQvwx-----END PUBLIC KEY-----,ENCODING:HEX,Data:{{{545454tEc3Hk5454}}}}}}}",
    "expDate": "1122",
    "cardValidationNum": "123"
  }
}

AES/Rijndael

Function parameters:

ParameterValue
FUNCTIONEncrypt
TYPEAES _or _Rijndael
ENCODINGBASE64 or HEX (encodes ciphertext)
IVThe base64-encoded initialization vector for the symmetric algorithm. This should be a unique, random value for each unique request.
DATAData to be encrypted. This may include tokens located by token notation. If a token and/or a function is contained in the data parameter, the token will be detokenized prior to encryption.

AES/Rijndael Encrypt Examples:

POST https://test-tgapi.tokenex.com/detokenize HTTP/1.1
Content-Type: application/json
TX-URL: https://www.example.com
TX-TokenEx-ID: YourTokenExID
TX-APIKey: YourAPIKey

{
  "card": {
    "type": "MC",
    "encryptedCardNumber":"{{{{FUNCTION:Encrypt,TYPE:AES,IV:dGhpc2lzYW5pdmthcGljaA==,ENCODING:Base64,Data:{{{545454tEc3Hk5454}}}}}}}",
    "expDate": "1122",
    "cardValidationNum": "123"
  }
}
Last updated on