• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Question Encrypt Security Credendials

I have a vendor that requires encryption of security credentials to access their system. I have not done any encryption using OpenEdge and I am not sure if its possible. Our environment is OE 11.3 on Windows Server 2012 R2 and IIS 6.0. The encryption requirements are as follows.

M-Pesa Core authenticates a transaction by decrypting the security credentials. Security credentials are generated by encrypting the base64 encoded initiator password with M-Pesa’s public key, a X509 certificate.

The algorithm for generating security credentials is as follows:

  • Write the unencrypted password into a byte array.
  • Encrypt the array with the M-Pesa public key certificate. Use the RSA algorithm, and use PKCS #1.5 padding (not OAEP), and add the result to the encrypted stream.
  • Convert the resulting encrypted byte array into a string using base64 encoding. The resulting base64 encoded string is the security credential.