mastercard_core_sdk 2.1.0 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/LICENSE.txt +1 -1
- data/README.md +2 -2
- data/lib/mastercard_core_sdk/constants/constants.rb +5 -0
- data/lib/mastercard_core_sdk/util/jwe_util.rb +77 -14
- data/lib/mastercard_core_sdk/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eb7a5b5153515b9deedd68ba3e042138af3d027e
|
|
4
|
+
data.tar.gz: a619aeb5071cf002518bc1f593bf911e9657e363
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 484e37b42ce71cf8239744bbe350afb755d035463b4e9fea1a5702c1da6da4e3fa9468897cc5af2f381ef70e11d111a74395b2866db25c99035796815acb3a81
|
|
7
|
+
data.tar.gz: 94d04ebb0ff7cb390078fb569589ba8b6f8aa83d910dc6a93ee7c98e5f50a6eab5dab7dd176ddb4491bb73ba27693696f12c10f672cc435f161ebe3f568cc2e7
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
|
@@ -53,10 +53,10 @@ MasterCardApiConfiguration.sandbox = false #By default Sandbox environment is s
|
|
|
53
53
|
```
|
|
54
54
|
|
|
55
55
|
## Copyright
|
|
56
|
-
Copyright (c) 2018,
|
|
56
|
+
Copyright (c) 2018, Mastercard International Incorporated. See LICENSE for details.
|
|
57
57
|
|
|
58
58
|
## LICENSE
|
|
59
|
-
Copyright (c) 2018,
|
|
59
|
+
Copyright (c) 2018, Mastercard International Incorporated. All rights reserved.
|
|
60
60
|
|
|
61
61
|
Redistribution and use in source and binary forms, with or without modification, are
|
|
62
62
|
permitted provided that the following conditions are met:
|
|
@@ -83,6 +83,8 @@ module MastercardCoreSdk
|
|
|
83
83
|
ERR_MSG_CONVERSION = "Conversion failed."
|
|
84
84
|
ERR_MSG_API_CONFIG = "Api Config cannot be null."
|
|
85
85
|
ERR_MSG_HOST_URL = "Host URL cannot be empty."
|
|
86
|
+
ERR_MSG_VERIFY_SIGNATURE = "Signature verification failed."
|
|
87
|
+
ERR_MSG_DECRYPTION = "JWE decryption failed."
|
|
86
88
|
|
|
87
89
|
NULL_RESPONSE_PARAMETERS_ERROR = "Response parameters cannot be null."
|
|
88
90
|
NULL_OAUTH_PARAMETERS_ERROR = "Oauth parameters cannot be null."
|
|
@@ -95,7 +97,10 @@ module MastercardCoreSdk
|
|
|
95
97
|
ERR_MSG_CONTENT_TYPE = "Content-type is not supported :"
|
|
96
98
|
|
|
97
99
|
EMPTY_JWE_PAYLOAD_ERR = "JWE encrypted payload should not be null."
|
|
100
|
+
EMPTY_JWE_DECRYPT_PAYLOAD_ERR = "JWE encrypted payload should not be null."
|
|
98
101
|
EMPTY_JWE_PRIVATE_KEY_ERR = "Private key should not be null."
|
|
99
102
|
EMPTY_JWE_RESPONSE_TYPE_ERR = "Response type should not be null."
|
|
103
|
+
EMPTY_PUBLIC_KEY_ERR = "Masterpass PublicKey should not be null."
|
|
104
|
+
EMPTY_SIGNATURE_ERR = "Signature string should not be null."
|
|
100
105
|
|
|
101
106
|
end
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
require 'jwe'
|
|
2
2
|
require 'json'
|
|
3
3
|
require 'logging'
|
|
4
|
+
require 'openssl'
|
|
5
|
+
require 'base64'
|
|
4
6
|
|
|
5
7
|
require_relative '../exceptions/sdk_validation_error'
|
|
6
8
|
require_relative '../converters/sdk_converter_factory'
|
|
@@ -14,37 +16,98 @@ module MastercardCoreSdk
|
|
|
14
16
|
class << self
|
|
15
17
|
include MastercardCoreSdk::Core, MastercardCoreSdk::Exceptions, MastercardCoreSdk::Converters
|
|
16
18
|
|
|
17
|
-
# Decrypt
|
|
18
|
-
# @param encrypted_jwe_payload the encrypted payload input.
|
|
19
|
-
# @param private_key the private key.
|
|
19
|
+
# Decrypt the encrypted payload and converts it to response type.
|
|
20
|
+
# @param [String] encrypted_jwe_payload the encrypted payload input.
|
|
21
|
+
# @param [OpenSSL::PKey::RSA] private_key the private key for decrypting encrypted payload.
|
|
20
22
|
# @param response_type the response type for conversion after decryption.
|
|
21
|
-
# @return [Object] the decrypted payload.
|
|
22
|
-
# @raise [
|
|
23
|
+
# @return [Object] the decrypted payload converted as per the response_type.
|
|
24
|
+
# @raise [SDKConversionError] if decrypted payload could not be converted into response_type.
|
|
23
25
|
def get_jwe_decrypted_payload(encrypted_jwe_payload, private_key, response_type)
|
|
24
|
-
|
|
25
|
-
|
|
26
|
+
decrypted_payload = jwe_decrypt_payload(encrypted_jwe_payload, private_key)
|
|
27
|
+
return convert_to_response_type(decrypted_payload, response_type)
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
# Decrypt the encrypted payload with the private key.
|
|
31
|
+
# @param [String] encrypted_jwe_payload the encrypted payload input.
|
|
32
|
+
# @param [OpenSSL::PKey::RSA] private_key the private key for decrypting encrypted payload.
|
|
33
|
+
# @raise [SDKValidationError] if encrypted_jwe_payload, private_key is not provided or decryption fails.
|
|
34
|
+
def jwe_decrypt_payload(encrypted_jwe_payload, private_key)
|
|
35
|
+
if(encrypted_jwe_payload.nil?)
|
|
26
36
|
@@logger.error EMPTY_JWE_PAYLOAD_ERR
|
|
27
37
|
raise SDKValidationError.new(EMPTY_JWE_PAYLOAD_ERR)
|
|
28
38
|
end
|
|
29
39
|
|
|
30
|
-
if(private_key.
|
|
40
|
+
if(private_key.nil?)
|
|
31
41
|
@@logger.error EMPTY_JWE_PRIVATE_KEY_ERR
|
|
32
42
|
raise SDKValidationError.new(EMPTY_JWE_PRIVATE_KEY_ERR)
|
|
33
43
|
end
|
|
34
44
|
|
|
35
|
-
|
|
45
|
+
begin
|
|
46
|
+
return JWE.decrypt(encrypted_jwe_payload, private_key)
|
|
47
|
+
rescue StandardError => error
|
|
48
|
+
@@logger.error error.message
|
|
49
|
+
raise SDKValidationError.new(ERR_MSG_DECRYPTION)
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
# Decrypt encrypted payload, verify signature and convert it to response type.
|
|
54
|
+
# @param [String] encrypted_jwe_payload the encrypted payload input.
|
|
55
|
+
# @param [String] signature the signature to be verified.
|
|
56
|
+
# @param [OpenSSL::PKey::RSA] private_key the private key for decrypting encrypted payload.
|
|
57
|
+
# @param [OpenSSL::PKey::RSA] public_key the Masterpass public key to verify signature.
|
|
58
|
+
# @param response_type the response type for conversion after decryption and verification of signature.
|
|
59
|
+
# @return [Object] the decrypted payload converted as per the response_type.
|
|
60
|
+
# @raise [SDKConversionError] if error on converting the decrypted payload into response type.
|
|
61
|
+
def decrypt_and_verify(encrypted_jwe_payload, signature, private_key, public_key, response_type)
|
|
62
|
+
decrypted_payload = jwe_decrypt_payload(encrypted_jwe_payload, private_key)
|
|
63
|
+
raise SDKValidationError.new(ERR_MSG_VERIFY_SIGNATURE) if !verify_signature(decrypted_payload, signature, public_key)
|
|
64
|
+
return convert_to_response_type(decrypted_payload, response_type)
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
# Verify the signature, with the digest, an instance of OpenSSL::Digest, provided to re-compute the message digest of the original data.
|
|
68
|
+
# @param [String] decrypted_payload the payload decrypted with JWE.
|
|
69
|
+
# @param [String] signature the signature to be verified.
|
|
70
|
+
# @param [OpenSSL::PKey::RSA] public_key the Masterpass public key to verify signature.
|
|
71
|
+
# @return [Boolean] true if signature is valid, false otherwise.
|
|
72
|
+
def verify_signature(decrypted_payload, signature, public_key)
|
|
73
|
+
if(decrypted_payload.nil?)
|
|
74
|
+
@@logger.error EMPTY_JWE_DECRYPT_PAYLOAD_ERR
|
|
75
|
+
raise SDKValidationError.new(EMPTY_JWE_DECRYPT_PAYLOAD_ERR)
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
if(signature.nil?)
|
|
79
|
+
@@logger.error EMPTY_SIGNATURE_ERR
|
|
80
|
+
raise SDKValidationError.new(EMPTY_SIGNATURE_ERR)
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
if(public_key.nil?)
|
|
84
|
+
@@logger.error EMPTY_PUBLIC_KEY_ERR
|
|
85
|
+
raise SDKValidationError.new(EMPTY_PUBLIC_KEY_ERR)
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
digest = OpenSSL::Digest::SHA256.new
|
|
89
|
+
return public_key.verify(digest, Base64.decode64(signature), decrypted_payload)
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
private
|
|
93
|
+
|
|
94
|
+
# Verify the signature, with the digest, an instance of OpenSSL::Digest, provided to re-compute the message digest of the original data.
|
|
95
|
+
# @param [String] decrypted_payload the payload decrypted with JWE.
|
|
96
|
+
# @return [Object] the decrypted payload converted as per the response_type.
|
|
97
|
+
# @raise [SDKValidationError] if response_type is not provided.
|
|
98
|
+
# @raise [SDKConversionError] if conversion of payload to response type fails.
|
|
99
|
+
def convert_to_response_type(payload, response_type)
|
|
100
|
+
if(response_type.nil?)
|
|
36
101
|
@@logger.error EMPTY_JWE_RESPONSE_TYPE_ERR
|
|
37
102
|
raise SDKValidationError.new(EMPTY_JWE_RESPONSE_TYPE_ERR)
|
|
38
103
|
end
|
|
39
|
-
|
|
40
|
-
begin
|
|
41
|
-
|
|
42
|
-
converter = SDKConverterFactory.get_converter(CONTENT_TYPE_JSON)
|
|
104
|
+
converter = SDKConverterFactory.get_converter(CONTENT_TYPE_JSON)
|
|
105
|
+
begin
|
|
106
|
+
return converter.response_content_converter(payload, response_type)
|
|
43
107
|
rescue StandardError => error
|
|
44
108
|
@@logger.error error.message
|
|
45
109
|
raise SDKConversionError.new(:error_message => error.message, :source => self.class)
|
|
46
110
|
end
|
|
47
|
-
return converter.response_content_converter(decrypted_jwe_payload, response_type)
|
|
48
111
|
end
|
|
49
112
|
|
|
50
113
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mastercard_core_sdk
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mastercard
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-08-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|