CCAvenue: "Error!!! in decrypting application request"

Question

I am trying to integrate CCAvenue Payment gateway in my iOS app developed in swift4. I am getting

"Error!!! Problem in decrypting application request"

I have check for answer given at: https://stackoverflow.com/a/37327122/3548469 but no luck with my case.

Here is what I have tried from documents

private func gettingRsaKey(completion: @escaping (_ success: Bool, _ object: AnyObject?) -> ()){

    let serialQueue = DispatchQueue(label: "serialQueue", qos: .userInitiated)

    serialQueue.sync {
        print("access_code=\(CC_AVENUE_ACCESSKEY)")
        print("order_id=\(self.orderId)")
        self.rsaKeyDataStr = "access_code=\(CC_AVENUE_ACCESSKEY)&order_id=\(self.orderId)"
        let requestData = self.rsaKeyDataStr.data(using: String.Encoding.utf8)
        guard let urlFromString = URL(string: CC_AVENUE_RSAURL) else{
            return
        }
        var urlRequest = URLRequest(url: urlFromString)
        urlRequest.setValue("application/x-www-form-urlencoded", forHTTPHeaderField: "content-type")
        urlRequest.httpMethod = "POST"
        urlRequest.httpBody = requestData

        let session = URLSession(configuration: URLSessionConfiguration.default)
        print("session",session)


        session.dataTask(with: urlRequest as URLRequest) {
            (data, response, error) -> Void in

            if let response = response as? HTTPURLResponse, 200...299 ~= response.statusCode{

                guard let data = data else{
                    print("No value for data")
                    completion(false, "Not proper data for RSA Key" as AnyObject?)
                    return
                }
                print("data :: ",data)
                completion(true, data as AnyObject?)
            }
            else{
                completion(false, "Unable to generate RSA Key please check" as AnyObject?)
            }
            }.resume()
    }
}

 var request: NSMutableURLRequest?

private func encyptCardDetails(data: Data){

    guard let rsaKeytemp = String(bytes: data, encoding: String.Encoding.ascii) else{
        print("No value for rsaKeyTemp")
        return
    }
    rsaKey = rsaKeytemp
    rsaKey = self.rsaKey.trimmingCharacters(in: CharacterSet.newlines)
    rsaKey =  "-----BEGIN PUBLIC KEY-----\n\(self.rsaKey)\n-----END PUBLIC KEY-----\n"
    print("rsaKey :: ",rsaKey)

    let myRequestString = "amount=\(amount)&currency=\(getCurrency())"
    let ccTool = CCTool()
    var encVal = ccTool.encryptRSA(myRequestString, key: rsaKey)

    encVal = CFURLCreateStringByAddingPercentEscapes(
        nil,
        encVal! as CFString,
        nil,
        "!*'();:@&=+$,/?%#[]" as CFString,
        CFStringBuiltInEncodings.UTF8.rawValue) as String?

    let urlAsString = "https://secure.ccavenue.com/transaction/initTrans"
    let encryptedStr = String(format:"merchant_id=%@&order_id=%@&redirect_url=%@&cancel_url=%@&enc_val=%@&access_code=%@", CC_AVENUE_MERCHANTID, self.orderId, CC_AVENUE_REDIRECTURL, CC_AVENUE_REDIRECTURL, encVal!,CC_AVENUE_ACCESSKEY)
    print("access_code=\(CC_AVENUE_ACCESSKEY)")
    print("order_id=\(self.orderId)")

    let myRequestData = encryptedStr.data(using: String.Encoding.utf8)

    request  = NSMutableURLRequest(url: URL(string: urlAsString)! as URL, cachePolicy: NSURLRequest.CachePolicy.reloadIgnoringCacheData, timeoutInterval: 30)
    request?.setValue("application/x-www-form-urlencoded", forHTTPHeaderField: "content-type")
    request?.setValue(urlAsString, forHTTPHeaderField: "Referer")
    request?.httpMethod = "POST"
    request?.httpBody = myRequestData

    print("\n\n\nwebview :: ",request?.url as Any)
    print("\n\n\nwebview :: ",request?.description as Any)
    print("\n\n\nwebview :: ",request?.httpBody?.description as Any)
    print("\n\n\nwebview :: ",request?.allHTTPHeaderFields! as Any)

    let session = URLSession(configuration: URLSessionConfiguration.default)
    print("session",session)

    session.dataTask(with: request! as URLRequest) {
        (data, response, error) -> Void in

        if let response = response as? HTTPURLResponse, 200...299 ~= response.statusCode{

            guard let data = data else{
                print("No value for data")
                return
            }
            DispatchQueue.main.async {
                self.viewWeb.loadRequest(self.request! as URLRequest)
            }
            print("data :: ",data)
        }else{
            print("into else")
            showAlertWithTitleWithMessage(message: "Unable to load webpage currently, Please try again later.")
        }
        }.resume()
}

I am able to generate RSA key not able to go further.

Note*

I have live account and I am using accesscode and Merchant key for the account AccessCode and orderId are same that been used to generate RSA key.

Answer 1

Hey I faced the same issue. Its because of the new CCAvenue SDK. The flow of CCAvenue for loading the page request is of three steps.

1) We get an RSA key from our server.

2) We encrypt the order details using this RSA key and create a web request.

3) Open the request in a webview.

The issue arrises when there is no delay left between step 1 and step 3. For overcoming this issue the new SDK introduced a new step for creating a delay.

1) We get an RSA key from our server.

2) We encrypt the order details using this RSA key and create a web request.

3) CCAvenue introduced a new URLRequest here just for making a delay in step 1 and 4

4) Open the request in a webview.

This works for most of the times but it fails when the step 3 is completed in milli seconds or in other terms there is no delay or very little delay in step 1 and step 4.

So the workaround here is to create a manual delay in step 1 and step 4.

SO change your function to below:

private func encyptCardDetails(data: Data){

guard let rsaKeytemp = String(bytes: data, encoding: String.Encoding.ascii) else{
    print("No value for rsaKeyTemp")
    return
}
rsaKey = rsaKeytemp
rsaKey = self.rsaKey.trimmingCharacters(in: CharacterSet.newlines)
rsaKey =  "-----BEGIN PUBLIC KEY-----\n\(self.rsaKey)\n-----END PUBLIC KEY-----\n"
print("rsaKey :: ",rsaKey)

let myRequestString = "amount=\(amount)&currency=\(getCurrency())"
let ccTool = CCTool()
var encVal = ccTool.encryptRSA(myRequestString, key: rsaKey)

encVal = CFURLCreateStringByAddingPercentEscapes(
    nil,
    encVal! as CFString,
    nil,
    "!*'();:@&=+$,/?%#[]" as CFString,
    CFStringBuiltInEncodings.UTF8.rawValue) as String?

let urlAsString = "https://secure.ccavenue.com/transaction/initTrans"
let encryptedStr = String(format:"merchant_id=%@&order_id=%@&redirect_url=%@&cancel_url=%@&enc_val=%@&access_code=%@", CC_AVENUE_MERCHANTID, self.orderId, CC_AVENUE_REDIRECTURL, CC_AVENUE_REDIRECTURL, encVal!,CC_AVENUE_ACCESSKEY)
print("access_code=\(CC_AVENUE_ACCESSKEY)")
print("order_id=\(self.orderId)")

let myRequestData = encryptedStr.data(using: String.Encoding.utf8)

request  = NSMutableURLRequest(url: URL(string: urlAsString)! as URL, cachePolicy: NSURLRequest.CachePolicy.reloadIgnoringCacheData, timeoutInterval: 30)
request?.setValue("application/x-www-form-urlencoded", forHTTPHeaderField: "content-type")
request?.setValue(urlAsString, forHTTPHeaderField: "Referer")
request?.httpMethod = "POST"
request?.httpBody = myRequestData

print("\n\n\nwebview :: ",request?.url as Any)
print("\n\n\nwebview :: ",request?.description as Any)
print("\n\n\nwebview :: ",request?.httpBody?.description as Any)
print("\n\n\nwebview :: ",request?.allHTTPHeaderFields! as Any)

let session = URLSession(configuration: URLSessionConfiguration.default)
print("session",session)

session.dataTask(with: request! as URLRequest) {
    (data, response, error) -> Void in

    if let response = response as? HTTPURLResponse, 200...299 ~= response.statusCode{

        guard let data = data else{
            print("No value for data")
            return
        }

        // Create the delay here
        DispatchQueue.main.asyncAfter(deadline: .now()+1.0, execute: {
            self.viewWeb.loadRequest(self.request! as URLRequest)
        }
        print("data :: ",data)
    }else{
        print("into else")
        showAlertWithTitleWithMessage(message: "Unable to load webpage currently, Please try again later.")
    }
    }.resume()
}