This document list down the encrypted API mechanism that are available for the listed APIs. This only covers the encryption method applied on the payload. For payload details, refer to each API’s documentation.
This is a tentative Work-In-Progress document available for internal use only. Any part of the document can change over time. Please refer to this document only once this warning is removed.
Which APIs are supported for encryption?
Product | Plain API Endpoint | Encrypted API Endpoint | API Doc |
---|---|---|---|
Outbound Multicast | |||
Outbound Dialler | https://central.phonon.io/kairos-apis/enc/outbounddialer/create |
Encryption Mechanism:
The payload of the supported APIs are encrypted with the following method. We use AES-512 & RSA for encryption of payload.
Summary of Steps:
Download the Public Key (public_key.pem) file from “Edit Flow” section.
Take the valid JSON payload of the API which needs to be passed.
Encode the payload using Base64 encoding. Let’s call the result “payload-B64”.
Generate a random string of upto 2048 characters to be used as the signature key
Encode that with Base64 encoding. Let’s call it “signatureKey-B64”
Use AES-512/ECB/PKCS5Padding encryption method to encrypt “payload-B64” with “signatureKey-B64”. Let’s call the result “payload-B64-AES”.
Encrypt the encoded signature key with RSA Encryption using the Public Key obtained on step 1. Let’s call it “signatureKey-B64-RSA”.
Send both “payload-B64-AES” and “signatureKey-B64-RSA” as parameters to the encrypted API.
Sample Example:
1. Original Sample Request Data :
{ "api-version": "1.0", "security-id": "f534794a88b87200f1fd7c6af0c09ffcf9a4abf465c09a957c22c22b00ce2221", "flow-id": "BTFpAuqF", "calls": [ { "client-identifier": "{% now 'iso-8601', '' %}", "start-time": "{% now 'iso-8601', '' %}", "contact-numbers": [ "6262772728" ], "keys": [ { "name": "$flow.key.customername", "value": "Parin" }, { "name": "$flow.key.product", "value": "Health" } ] } ] }
2. Base64 Encoded String :
IHsKICAidmlzaXRvciI6ICI5MTk4Nzk1ODU3MDAiLAogICJjdXN0VG9rZW4iOiAidTFkOXowM2IiLAogICJkdXJhdGlvbiI6ICI5MDAiLAogICJzY2hlZHVsZWRfY2FsbGJhY2tfdGltZSI6ICIyMDIxLTAzLTI3IDEyOjAwOjAwIiwKICAidWRmNSI6ICJST1NTRSIsCiAgInVkZjciOiAiU0NIRU1FTkFNRVNXSVRDSCBJTiIsCiAgInVkZjExIjogInBhZ2U7Uk9TU0lEO0lOVkVTVE9STkFNRTtTQ0hFTUVOQU1FO0FNT1VOVDtVTklUUztFWElUTE9BREFNVDtPdGhlcmRldGFpbHM7Rm9saW8gY291bnQ7RGV0YWlscztSZWRlbXB0aW9uZm9saW9jb3VudDtTd2l0Y2hmb2xpb2NvdW50IiwKICAidWRmMTIiOiAiUmVhc29uO0ZPTElPTk87Q1JFQVRFRE9OIiwKfQ==
3. Generate a random string for encryption as symmetric and encode it with Base64 Encoding
Random Key : test1234
Base64 Encoded:: dGVzdDEyMzQ=
4. Symmetric Key encryption of data from Point 2 & 3 – Algorithm : AES/ECB/PKCS5Padding
AES Encryption Data :
14nZnSU51sms3Lhu60/9cuUAMsEwWIqxhj68zWWc70adIHDrS6Ad4csvQ/1X/x8EkwhKKJITcbXEv1GEFpp0mJ7a1a77LfHHUDAqRrhM7J2V38D66emu6BzDouVLf+OjZLYgl81Fi+lXLDHV3/Oc3c/w01bpM3CCQWt+kOuE8C1W8UEa6F1E5QfVwzE7EFy8U8tMvjj0twphvOKOXC0pSVWkIoUUUZiRsLRnvwZlby7GRazBLmC6rYXaY834ge2+Nsb84beI9OxIz/PDF5qUA1opYD4eLTvc1o2qr8Igu5ZlmBuqs0VQTOyntlVFjhFFSZPVCgacrbO33lnz9XP0CEUjKiV/hhfMmJrkbCfHJ8+eLyMygJE/9Abi2PPyhCql2N8/TPNH3TiTPS9z6pBkaL98BB+6YoFL6hKnt+euYjjtO5H12Ys9fh+BhPCNW9qIW+qAn1K/N6pQZnXESLtVxieK41RWSEZxP+K6IQLO56+ieFBpQ80Fyif3S18bwcZxNca5GHllagWRXg+/AhC/5ZUnc5mLtctvMLTpl8Fv+YWfHg7/qKjhIRXF7wFDodYJZFbJrBsTaF1fZPprq4PNXq7KlgoEtWnbM9oByFVLJkuHHvKzmRVWMBoJGaTS84CffqnBLKCmqvPLwepAwBAPpthWXddFjJkd8QGpZc1xIto=
5. RSA Encryption For Base64 encoded random Key :
VZATnCid3xMId80c4NVx365ubTYEEOE7y/3/sEjgKpWHyVsZmtuTuLC8ohdgunFmT8SsAYZtGydhKH9LJG6PwmYBCb+DNxdXnZ3Vrg+V+m/uA0tFp1CarEr5J5fMqN5fO9Qyb82JKk5ZamVmv0NRlMXxBi7S1hT0b85ZrpKaIX2OP6rYnDVeXDwIObj1XzvUna+sidbkHNeFJ+/m7xJONOof8Mv2FtAh65JWW/mdUzRbFCv/lBNHO7P6j6E1wNAE8UUgR7WrPusYlaw0S76yGo5p2r+mlG5/hZZMVU3ZUJvm4rP++tiZFuz1mpGjm4g2eUv6ugJ7fPyKSiFySNgX7g==
6. Final Encrypted JSON Request -
In the end the whole JSON Request will look like this :
{
"RequestEncryptedValue":"14nZnSU51sms3Lhu60/9cuUAMsEwWIqxhj68zWWc70adIHDrS6Ad4csvQ/1X/x8EkwhKKJITcbXEv1GEFpp0mJ7a1a77LfHHUDAqRrhM7J2V38D66emu6BzDouVLf+OjZLYgl81Fi+lXLDHV3/Oc3c/w01bpM3CCQWt+kOuE8C1W8UEa6F1E5QfVwzE7EFy8U8tMvjj0twphvOKOXC0pSVWkIoUUUZiRsLRnvwZlby7GRazBLmC6rYXaY834ge2+Nsb84beI9OxIz/PDF5qUA1opYD4eLTvc1o2qr8Igu5ZlmBuqs0VQTOyntlVFjhFFSZPVCgacrbO33lnz9XP0CEUjKiV/hhfMmJrkbCfHJ8+eLyMygJE/9Abi2PPyhCql2N8/TPNH3TiTPS9z6pBkaL98BB+6YoFL6hKnt+euYjjtO5H12Ys9fh+BhPCNW9qIW+qAn1K/N6pQZnXESLtVxieK41RWSEZxP+K6IQLO56+ieFBpQ80Fyif3S18bwcZxNca5GHllagWRXg+/AhC/5ZUnc5mLtctvMLTpl8Fv+YWfHg7/qKjhIRXF7wFDodYJZFbJrBsTaF1fZPprq4PNXq7KlgoEtWnbM9oByFVLJkuHHvKzmRVWMBoJGaTS84CffqnBLKCmqvPLwepAwBAPpthWXddFjJkd8QGpZc1xIto=",
"RequestDigitalSignatureValue":"VZATnCid3xMId80c4NVx365ubTYEEOE7y/3/sEjgKpWHyVsZmtuTuLC8ohdgunFmT8SsAYZtGydhKH9LJG6PwmYBCb+DNxdXnZ3Vrg+V+m/uA0tFp1CarEr5J5fMqN5fO9Qyb82JKk5ZamVmv0NRlMXxBi7S1hT0b85ZrpKaIX2OP6rYnDVeXDwIObj1XzvUna+sidbkHNeFJ+/m7xJONOof8Mv2FtAh65JWW/mdUzRbFCv/lBNHO7P6j6E1wNAE8UUgR7WrPusYlaw0S76yGo5p2r+mlG5/hZZMVU3ZUJvm4rP++tiZFuz1mpGjm4g2eUv6ugJ7fPyKSiFySNgX7g==",
}
7. Response
You’ll be getting the general response that you get from either API.
{ "api-response-code": 200, "api-response-message": "Success", "request-id": "367a25ec-065b-4ca7-a73f-70d1da818a22", "call-details": [ { "client-identifier": "2021-05-17T05:47:30.536Z", "phonon-uuid": "6a79da04-cf07-4c42-973f-998ea3380708" } ] }
Add Comment