Encryption / Decryption of API requests / Response

Encryption of Request

APIs shared have an encryption/decryption mechanism set on them. To pass a request as an encrypted request. Kindly follow the below steps in Java.
Make an encryption class and follow the below steps.

Encryption using AES Algorithm with ECB Mode and PKCS5 padding:

Import the required libraries in Java:
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;

Create an Encryption Function:

Implement the encrypt function to perform encryption. This function takes two parameters: the string to be encrypted (strToEncrypt) and a secret key (secret) for encryption.

public static String encrypt(String strToEncrypt, String secret) {
try {
if (CommonUtil.isEmpty(strToEncrypt))
return "";

SecretKeySpec secretKeySpec = getKeySpec(secret);

Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);

byte[] encryptedBytes = cipher.doFinal(strToEncrypt.getBytes(StandardCharsets.UTF_8));

return Base64.getEncoder().encodeToString(encryptedBytes);
} catch (Exception e) {
LOGGER.error("Error while encrypting: " + e.getMessage());
}
return null;
}

Generate a SecretKeySpec

private static SecretKeySpec getKeySpec(String secretKey) throws NoSuchAlgorithmException {
byte[] key = secretKey.getBytes(StandardCharsets.UTF_8);
MessageDigest sha = MessageDigest.getInstance("SHA-256");
key = sha.digest(key);
key = Arrays.copyOf(key, 16); // Use only the first 128 bits for AES-128
return new SecretKeySpec(key, "AES");
}

Call the encrypt function to get the encrypted data
String stringToEncrypt = "This is a confidential message.";
String secretKey = "YourSecretKey123";

String encryptedData = encrypt(stringToEncrypt , secretKey);

Now pass the above encryptedData in the API request, It will return an encrypted Response. To Decrypt the response, make a method for decrypt logic like this:-

public static String decrypt(String strToDecrypt, String secret) {
try {
if (CommonUtil.isEmpty(strToDecrypt))
return "";
SecretKeySpec secretKeySpec = getKeySpec(secret);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));

} catch (Exception e) {
LOGGER.error("Error while decrypting: " + e.getMessage());
}
return null;
}

To get the decrypted response, execute the below operation.

String response = "This is a confidential message.";
String secretKey = "YourSecretKey123";

String decryptedData = decrypt(response, secretKey);

NOTE- Pass the input String without any double quotes(“ “) and the encrypted string should not have any trailing whitespaces.

Encryption / Decryption of API requests / Response

Encryption of Request#

Encryption using AES Algorithm with ECB Mode and PKCS5 padding:#

Create an Encryption Function:#

Generate a SecretKeySpec#