mastercard_core_sdk 2.1.0 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0a1a32938c92a314feadfbf5c46bc304491c1816
-  data.tar.gz: 92fdcf8f20d8741a82cb46c5b107dfabc61b8f5e
+  metadata.gz: eb7a5b5153515b9deedd68ba3e042138af3d027e
+  data.tar.gz: a619aeb5071cf002518bc1f593bf911e9657e363
 SHA512:
-  metadata.gz: ce672fd31f12e542368e524684f074634a2bb9e09cb1692c5c532e843db80e567efdeb69215fa49dc227445a55493da6c564c8b1a6280505520d3bbb29689e7c
-  data.tar.gz: c5136d0d37273b6e53499076a907bef2202e8b08946dcfafe62f5e8b71d9be11194f6d1cc10709b175942ddce204d86e2b7b7ca06760b38e510a96792a77a63f
+  metadata.gz: 484e37b42ce71cf8239744bbe350afb755d035463b4e9fea1a5702c1da6da4e3fa9468897cc5af2f381ef70e11d111a74395b2866db25c99035796815acb3a81
+  data.tar.gz: 94d04ebb0ff7cb390078fb569589ba8b6f8aa83d910dc6a93ee7c98e5f50a6eab5dab7dd176ddb4491bb73ba27693696f12c10f672cc435f161ebe3f568cc2e7

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2018, MasterCard International Incorporated
+Copyright (c) 2018, Mastercard International Incorporated
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification, are 

data/README.md

@@ -53,10 +53,10 @@ MasterCardApiConfiguration.sandbox = false  #By default Sandbox environment is s
 ```
 
 ## Copyright
-Copyright (c) 2018, MasterCard International Incorporated. See LICENSE for details.
+Copyright (c) 2018, Mastercard International Incorporated. See LICENSE for details.
 
 ## LICENSE
-Copyright (c) 2018, MasterCard International Incorporated. All rights reserved.
+Copyright (c) 2018, Mastercard International Incorporated. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification, are 
 permitted provided that the following conditions are met:

data/lib/mastercard_core_sdk/constants/constants.rb

@@ -83,6 +83,8 @@ module MastercardCoreSdk
   ERR_MSG_CONVERSION = "Conversion failed."
   ERR_MSG_API_CONFIG = "Api Config cannot be null."
   ERR_MSG_HOST_URL = "Host URL cannot be empty."
+  ERR_MSG_VERIFY_SIGNATURE = "Signature verification failed."
+  ERR_MSG_DECRYPTION = "JWE decryption failed."
 
   NULL_RESPONSE_PARAMETERS_ERROR = "Response parameters cannot be null."
   NULL_OAUTH_PARAMETERS_ERROR = "Oauth parameters cannot be null."
@@ -95,7 +97,10 @@ module MastercardCoreSdk
   ERR_MSG_CONTENT_TYPE = "Content-type is not supported :"
   
   EMPTY_JWE_PAYLOAD_ERR = "JWE encrypted payload should not be null."
+  EMPTY_JWE_DECRYPT_PAYLOAD_ERR = "JWE encrypted payload should not be null."
   EMPTY_JWE_PRIVATE_KEY_ERR = "Private key should not be null."
   EMPTY_JWE_RESPONSE_TYPE_ERR = "Response type should not be null."
+  EMPTY_PUBLIC_KEY_ERR = "Masterpass PublicKey should not be null."   
+  EMPTY_SIGNATURE_ERR = "Signature string should not be null."
   
 end

data/lib/mastercard_core_sdk/util/jwe_util.rb

@@ -1,6 +1,8 @@
 require 'jwe'
 require 'json'
 require 'logging'
+require 'openssl'
+require 'base64'
 
 require_relative '../exceptions/sdk_validation_error'
 require_relative '../converters/sdk_converter_factory'
@@ -14,37 +16,98 @@ module MastercardCoreSdk
       class << self
         include MastercardCoreSdk::Core, MastercardCoreSdk::Exceptions, MastercardCoreSdk::Converters
         
-        # Decrypt JWE encrypted payload.
-        # @param encrypted_jwe_payload the encrypted payload input.
-        # @param private_key the private key.
+        # Decrypt the encrypted payload and converts it to response type.
+        # @param [String] encrypted_jwe_payload the encrypted payload input.
+        # @param [OpenSSL::PKey::RSA] private_key the private key for decrypting encrypted payload.
         # @param response_type the response type for conversion after decryption.
-        # @return [Object] the decrypted payload.
-        # @raise [SDKValidationError] if encrypted_jwe_payload, private_key, response_type is not provided.
+        # @return [Object] the decrypted payload converted as per the response_type.
+        # @raise [SDKConversionError] if decrypted payload could not be converted into response_type.
         def get_jwe_decrypted_payload(encrypted_jwe_payload, private_key, response_type) 
-
-          if(encrypted_jwe_payload.to_s.empty?)
+          decrypted_payload = jwe_decrypt_payload(encrypted_jwe_payload, private_key)
+          return convert_to_response_type(decrypted_payload, response_type)
+        end
+        
+        # Decrypt the encrypted payload with the private key.
+        # @param [String] encrypted_jwe_payload the encrypted payload input.
+        # @param [OpenSSL::PKey::RSA] private_key the private key for decrypting encrypted payload.
+        # @raise [SDKValidationError] if encrypted_jwe_payload, private_key is not provided or decryption fails.
+        def jwe_decrypt_payload(encrypted_jwe_payload, private_key)
+          if(encrypted_jwe_payload.nil?)
              @@logger.error EMPTY_JWE_PAYLOAD_ERR
              raise SDKValidationError.new(EMPTY_JWE_PAYLOAD_ERR) 
           end
       
-          if(private_key.to_s.empty?)
+          if(private_key.nil?)
              @@logger.error EMPTY_JWE_PRIVATE_KEY_ERR
              raise SDKValidationError.new(EMPTY_JWE_PRIVATE_KEY_ERR) 
           end
           
-          if(response_type.to_s.empty?)
+          begin
+             return JWE.decrypt(encrypted_jwe_payload, private_key)
+          rescue StandardError => error
+             @@logger.error error.message
+             raise SDKValidationError.new(ERR_MSG_DECRYPTION) 
+          end
+        end
+        
+        # Decrypt encrypted payload, verify signature and convert it to response type.
+        # @param [String] encrypted_jwe_payload the encrypted payload input.
+        # @param [String] signature the signature to be verified.
+        # @param [OpenSSL::PKey::RSA] private_key the private key for decrypting encrypted payload.
+        # @param [OpenSSL::PKey::RSA] public_key the Masterpass public key to verify signature.
+        # @param response_type the response type for conversion after decryption and verification of signature.
+        # @return [Object] the decrypted payload converted as per the response_type.
+        # @raise [SDKConversionError] if error on converting the decrypted payload into response type.
+        def decrypt_and_verify(encrypted_jwe_payload, signature, private_key, public_key, response_type) 
+          decrypted_payload = jwe_decrypt_payload(encrypted_jwe_payload, private_key)
+          raise SDKValidationError.new(ERR_MSG_VERIFY_SIGNATURE) if !verify_signature(decrypted_payload, signature, public_key)
+          return convert_to_response_type(decrypted_payload, response_type)          
+        end
+
+        # Verify the signature, with the digest, an instance of OpenSSL::Digest, provided to re-compute the message digest of the original data.
+        # @param [String] decrypted_payload the payload decrypted with JWE.
+        # @param [String] signature the signature to be verified.
+        # @param [OpenSSL::PKey::RSA] public_key the Masterpass public key to verify signature.
+        # @return [Boolean] true if signature is valid, false otherwise.
+        def verify_signature(decrypted_payload, signature, public_key)
+          if(decrypted_payload.nil?)
+             @@logger.error EMPTY_JWE_DECRYPT_PAYLOAD_ERR
+             raise SDKValidationError.new(EMPTY_JWE_DECRYPT_PAYLOAD_ERR) 
+          end
+          
+          if(signature.nil?)
+             @@logger.error EMPTY_SIGNATURE_ERR
+             raise SDKValidationError.new(EMPTY_SIGNATURE_ERR) 
+          end
+          
+          if(public_key.nil?)
+             @@logger.error EMPTY_PUBLIC_KEY_ERR
+             raise SDKValidationError.new(EMPTY_PUBLIC_KEY_ERR) 
+          end
+          
+          digest = OpenSSL::Digest::SHA256.new
+          return public_key.verify(digest, Base64.decode64(signature), decrypted_payload)
+        end
+        
+        private
+        
+        # Verify the signature, with the digest, an instance of OpenSSL::Digest, provided to re-compute the message digest of the original data.
+        # @param [String] decrypted_payload the payload decrypted with JWE.
+        # @return [Object] the decrypted payload converted as per the response_type.
+        # @raise [SDKValidationError] if response_type is not provided.
+        # @raise [SDKConversionError] if conversion of payload to response type fails.
+        def convert_to_response_type(payload, response_type)
+          if(response_type.nil?)
              @@logger.error EMPTY_JWE_RESPONSE_TYPE_ERR
              raise SDKValidationError.new(EMPTY_JWE_RESPONSE_TYPE_ERR) 
           end
-          
-          begin
-            decrypted_jwe_payload = JWE.decrypt(encrypted_jwe_payload, private_key)
-            converter = SDKConverterFactory.get_converter(CONTENT_TYPE_JSON)
+          converter = SDKConverterFactory.get_converter(CONTENT_TYPE_JSON)
+          begin 
+            return converter.response_content_converter(payload, response_type)
           rescue StandardError => error
             @@logger.error error.message
             raise SDKConversionError.new(:error_message => error.message, :source => self.class) 
           end
-          return converter.response_content_converter(decrypted_jwe_payload, response_type)
         end
         
       end

data/lib/mastercard_core_sdk/version.rb

@@ -1,3 +1,3 @@
 module MastercardCoreSdk
-   VERSION = "2.1.0"
+   VERSION = "2.2.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mastercard_core_sdk
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.0
 platform: ruby
 authors:
 - Mastercard
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-02-19 00:00:00.000000000 Z
+date: 2018-08-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler