Second encryption

So we need to encrypt the request

Keys that you need: https://nanokassa.ru/integration/documentation/publichnye-rsa-klyuchi/

So we need to encrypt this request:

{    
    "ab":"GYBhagdYGWgahjGDHASgdjhas...ASDGd",     
    "de":"GYBhagdYGWgahjGDHASgdjhas...ASDGd",     
    "kassaid":"123456",     
    "kassatoken":"3212312312312",     
    "test":"1"
}

So this small request after senond encryption will become to:

{
    "aab":"ASDHGSADHgshadgahsGDHAGD..SADGsg",
    "dde":"ASDHGSADHgshadgahsGDHAGD..SADGsg", 
    "test":"1"
}

Parameter test - about test or army request.

In parameter aab will be packet that contains key for decrypting packet dde. Parameter aab encypted with RSA.

In parameter dde will be packet that contains main information about transaction. Parameter dde ecnrypted with AES256-CTR.

$request2 = '{
"ab": "GYBhagdYGWgahjGDHASgdjhas...ASDGd", "de": "GYBhagdYGWgahjGDHASgdjhas...ASDGd", "kassaid":"123456", "kassatoken": "3212312312312", "test":"1"
}';
$pw2 = random_bytes(32);
$IVdata2 = random_bytes(16);
$pw2 = random_bytes(32);
$mk2 = 'xxx2'; // HMAC control in base64
$dataAES2 = openssl_encrypt($request2, "aes-256-ctr", $pw2, OPENSSL_RAW_DATA, $IVdata2);
$hmac2 = hash_hmac('sha512', $IVdata2.$dataAES2, base64_decode($mk2), true);
$returnDataDE2 = base64_encode($hmac2.$IVdata2.$dataAES2);

Structure of parameter dde: 64 bytes HMAC, 16 bytes IVDATA, and other bytes for other information.

Lets see on parameter aab.

These functions (on PHP) (dont forget to install openssl extension), work correctly with encrypting (pubkey is just for example). For using RSA you should use openssl_public_encrypt function.

$pubkey2 = "-----BEGIN PUBLIC KEY-----
HASGDHJASGDASDSAGD .... SADGHASDHASJGDAHJS==
-----END PUBLIC KEY-----";
openssl_public_encrypt($pw2, $aab_rsa, $pubkey2, OPENSSL_PKCS1_OAEP_PADDING)
$aab = base64_encode ($aab_rsa);
$returnDataAAB = $aab;

So now we can understand how to get this JSON structure

{
    "aab":"ASDHGSADHgshadgahsGDHAGD..SADGsg",
    "dde":"ASDHGSADHgshadgahsGDHAGD..SADGsg", 
    "test":"1"
}

Lets go to part of sending data to Nanokassa.