question

Hello,

I am trying to encrypt the card info for getting Card Token, but I have no idea why the encryption is wrong.

This is what I am doing:

$pa_key = bin2hex( base64_decode( TA_PUBLIC_KEY_DEV ) ) // The key is from the CDN

// According to JAVA example the first 256 characters are modulus and second 256 characters are the exponent. (Unless I read something wrong)

$modulus  = substr( $pa_key, 0, 256 );
$exponent = substr( $pa_key, 256, 256 );

// I use latest version of phpseclib to generate the public key
// https://phpseclib.com/docs/rsa#raw-rsa-public-keys

$rsa_public_key = PublicKeyLoader::load(
   array(
     'e' => new BigInteger( $exponent, 256 ), // I tried also with 16 instead 256
     'n' => new BigInteger( $modulus, 256 ), // I tried also with 16 instead 256
   )
);

// According to JAVA example the prefix is 00000000

$encrypted = $rsa_public_key->encrypt( '00000000' . $card_number );

$pan = base64_encode( $encrypted );

Note that I also tried getting modulus and exponent from the pay/key endpoing and sending a transarmor_key_id in the request for the token, but still got same error response.
I even tried with getting the public key from the PEM key returned form that same endpoint and encrypt the card with it and got the same error again.

The data is the following:

CDN TA_PUBLIC_KEY_DEV:
vyYRQA3cS4wV9yk+6bFzA7KLDmE+D/SOP+Q5bNOPG9nUDkAPalRBz12KA5SDxTw2vO1BIeSFUQlYTpzEDb/XkfNNm5e6nqf12M4kdHP1F2EXW4WArilUZegAVw/Y7FvAkA8PQFbfgmBirSa5GS/fuAHjemqEf0DxIgq552IDeFw3nB0vccK6ePue5sVB9Sm2vWpKm/lj2UE4P6z2ngZr5V31cSAVN08USxHvz+MEnoUBKt6aKvfRUAp4iFyIpxlp4eylxY8zizPekS29lcRMsI9hGug2CoKFhhUJ1gD8G280zIoWCxysNvl40k/l8OTtPKrnlhAzQcIyy/RB0lwb6QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGVTU=

Our decoded value of the key above:
bf2611400ddc4b8c15f7293ee9b17303b28b0e613e0ff48e3fe4396cd38f1bd9d40e400f6a5441cf5d8a039483c53c36bced4121e4855109584e9cc40dbfd791f34d9b97ba9ea7f5d8ce247473f51761175b8580ae295465e800570fd8ec5bc0900f0f4056df826062ad26b9192fdfb801e37a6a847f40f1220ab9e76203785c379c1d2f71c2ba78fb9ee6c541f529b6bd6a4a9bf963d941383facf69e066be55df5712015374f144b11efcfe3049e85012ade9a2af7d1500a78885c88a71969e1eca5c58f338b33de912dbd95c44cb08f611ae8360a8285861509d600fc1b6f34cc8a160b1cac36f978d24fe5f0e4ed3caae796103341c232cbf441d25c1be900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065535

Modulus value from the above (the first 256 characters of the string above)
bf2611400ddc4b8c15f7293ee9b17303b28b0e613e0ff48e3fe4396cd38f1bd9d40e400f6a5441cf5d8a039483c53c36bced4121e4855109584e9cc40dbfd791f34d9b97ba9ea7f5d8ce247473f51761175b8580ae295465e800570fd8ec5bc0900f0f4056df826062ad26b9192fdfb801e37a6a847f40f1220ab9e76203785c

Exponent value from the decoded key ( the second 256 charters of the string above, starting 256 position to 512 )
379c1d2f71c2ba78fb9ee6c541f529b6bd6a4a9bf963d941383facf69e066be55df5712015374f144b11efcfe3049e85012ade9a2af7d1500a78885c88a71969e1eca5c58f338b33de912dbd95c44cb08f611ae8360a8285861509d600fc1b6f34cc8a160b1cac36f978d24fe5f0e4ed3caae796103341c232cbf441d25c1be9

Generated RSA Public Key using the modulus and exponent
-----BEGIN PUBLIC KEY-----
MIICIDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAQBiZjI2MTE0MDBkZGM0Yjhj
MTVmNzI5M2VlOWIxNzMwM2IyOGIwZTYxM2UwZmY0OGUzZmU0Mzk2Y2QzOGYxYmQ5
ZDQwZTQwMGY2YTU0NDFjZjVkOGEwMzk0ODNjNTNjMzZiY2VkNDEyMWU0ODU1MTA5
NTg0ZTljYzQwZGJmZDc5MWYzNGQ5Yjk3YmE5ZWE3ZjVkOGNlMjQ3NDczZjUxNzYx
MTc1Yjg1ODBhZTI5NTQ2NWU4MDA1NzBmZDhlYzViYzA5MDBmMGY0MDU2ZGY4MjYw
NjJhZDI2YjkxOTJmZGZiODAxZTM3YTZhODQ3ZjQwZjEyMjBhYjllNzYyMDM3ODVj
AoIBADM3OWMxZDJmNzFjMmJhNzhmYjllZTZjNTQxZjUyOWI2YmQ2YTRhOWJmOTYz
ZDk0MTM4M2ZhY2Y2OWUwNjZiZTU1ZGY1NzEyMDE1Mzc0ZjE0NGIxMWVmY2ZlMzA0
OWU4NTAxMmFkZTlhMmFmN2QxNTAwYTc4ODg1Yzg4YTcxOTY5ZTFlY2E1YzU4ZjMz
OGIzM2RlOTEyZGJkOTVjNDRjYjA4ZjYxMWFlODM2MGE4Mjg1ODYxNTA5ZDYwMGZj
MWI2ZjM0Y2M4YTE2MGIxY2FjMzZmOTc4ZDI0ZmU1ZjBlNGVkM2NhYWU3OTYxMDMz
NDFjMjMyY2JmNDQxZDI1YzFiZTk=
-----END PUBLIC KEY-----

Card used: 6011361000006668
Prefix used: 00000000

Generated pan using the generated public key for encryption:
MDF6ssGpYN3tbzLy5cMkNM/nefm4YggJTb0+xTVjDXbrSUzJOslb7tJBszxAU+RQhatSwmPHd9kEIl9aQogJSEt8+QfKsh0ivPVnvAU45zSw5S6XVQw+lxnI7DGFdBygh6XFhr7Yzq+00Fwv2bByWBKGH+mSMzuAAhx9bD73b3bymnpXLoG2Jzv90BAdtPSYChENVTfqh1RGyGVnquGP8lsKME9eQsY83r/siHkH76PGXHdV8Axvbp8pD4Hytxm2BwDBsXvGaeDBg7O8vvJOoRMDviHg9e8wfftgWQZcse1BlF8D3vMHu7BwQ2gQsLLKgCmihHYl5Dh13mv0lFUZ2A==

Error returned:
Array
(
    [message] => 500 Internal Server Error
    [error] => Array
        (
            [type] => api_error
            [code] => processing_error
            [message] => An error occurred while processing the token request.
        )

)

Request Body:
{
"card": {
"encrypted_pan": "MDF6ssGpYN3tbzLy5cMkNM/nefm4YggJTb0+xTVjDXbrSUzJOslb7tJBszxAU+RQhatSwmPHd9kEIl9aQogJSEt8+QfKsh0ivPVnvAU45zSw5S6XVQw+lxnI7DGFdBygh6XFhr7Yzq+00Fwv2bByWBKGH+mSMzuAAhx9bD73b3bymnpXLoG2Jzv90BAdtPSYChENVTfqh1RGyGVnquGP8lsKME9eQsY83r/siHkH76PGXHdV8Axvbp8pD4Hytxm2BwDBsXvGaeDBg7O8vvJOoRMDviHg9e8wfftgWQZcse1BlF8D3vMHu7BwQ2gQsLLKgCmihHYl5Dh13mv0lFUZ2A==",
"first6": "601136",
"last4": "6668",
"exp_month": "09",
"exp_year": "23",
"cvv": "123",
"brand": "Discover"
}
}

POST => https://token-sandbox.dev.clover.com/v1/tokens