Skip to content

Latest commit

 

History

History
98 lines (73 loc) · 3.23 KB

README.md

File metadata and controls

98 lines (73 loc) · 3.23 KB

Swift support Swift Package Manager compatible

Xenissuing

The XenIssuing SDK provides a secure way to handle sensitive operations in your iOS applications. This SDK includes:

  • SecureSession: A module that ensures encrypted communication between your application and Xendit's services.

Prerequisites

  • iOS 10.15 or later
  • Swift 5.0 or later
  • A public key from Xendit (Contact Xendit to obtain this)

Usage

Creating a Secure Session

  1. First, initialize a secure session with your Xendit public key:
import Xenissuing

let publicKey = """
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA... // Your RSA public key without header/footer
"""

do {
    // Create secure session
    let secureSession = try Xenissuing.createSecureSession(
        xenditPublicKeyData: Data(base64Encoded: publicKey)!
    )
    
    // Get session key (for validation)
    let sessionKey = secureSession.getKey().base64EncodedString()
    
    // Get encrypted session ID and URL encode it for API requests
    let sessionId = secureSession.getEncryptedKey().base64EncodedString()
    
    // Important: URL encode the session ID as it will be used as a URL parameter
    let allowedCharacters = CharacterSet(charactersIn: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")
    let encodedSessionId = sessionId.addingPercentEncoding(withAllowedCharacters: allowedCharacters) ?? ""
    
    // Use encodedSessionId when making API requests, for example:
    // https://api.xendit.co/your/endpoint?session_id={encodedSessionId}
} catch {
    print("Error creating secure session:", error)
}

Public Key Format

The public key should be:

  • An RSA public key provided by Xendit
  • Without the "-----BEGIN PUBLIC KEY-----" and "-----END PUBLIC KEY-----" headers
  • A single continuous string (can use Swift multi-line string format for readability)

Example format:

let publicKey = """
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA...
"""

Session ID Usage

The session ID must be URL encoded because:

  • It contains base64 characters that may include '+' and '/'
  • It will be used as a URL parameter in API requests
  • URL encoding ensures safe transmission of the session ID in HTTP requests

Example API usage:

let apiUrl = "https://api.xendit.co/card_issuing//cards/\(cardId)/pan?session_id=\(encodedSessionId)"

Decrypting Card Data

When you receive encrypted card data from Xendit's API:

do {
    let decryptedData = try secureSession.decryptCardData(
        secret: encryptedCardData, // Base64 encoded encrypted data
        iv: initializationVector   // Base64 encoded IV
    )
    
    // Process the decrypted card data
    let cardInfo = String(data: decryptedData, encoding: .utf8)
} catch {
    print("Decryption error:", error)
}

Support

For issues, questions, or assistance, please reach out to the XenIssuing team at Xendit.