Skip to content

Commit bb115d9

Browse files
karen-avetisyan-mckaren-avetisyan-mc
authored
Merge pull request #99 from nchandran10/main
EncryptionUtils - added support for passing key and certificate as bytes array
2 parents 50bfc06 + 3d5080b commit bb115d9

File tree

3 files changed

+68
-11
lines changed

3 files changed

+68
-11
lines changed

pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
<groupId>com.mastercard.developer</groupId>
88
<artifactId>client-encryption</artifactId>
9-
<version>1.8.2</version>
9+
<version>1.8.3</version>
1010
<packaging>jar</packaging>
1111
<description>Library for Mastercard API compliant payload encryption/decryption</description>
1212
<url>https://github.com/Mastercard/client-encryption-java</url>

src/main/java/com/mastercard/developer/utils/EncryptionUtils.java

Lines changed: 25 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
package com.mastercard.developer.utils;
22

3-
import java.io.FileInputStream;
4-
import java.io.FileNotFoundException;
3+
import java.io.ByteArrayInputStream;
54
import java.io.IOException;
5+
import java.io.InputStream;
66
import java.nio.charset.StandardCharsets;
77
import java.nio.file.Files;
88
import java.nio.file.Paths;
@@ -32,17 +32,32 @@ private EncryptionUtils() {
3232
/**
3333
* Populate a X509 encryption certificate object with the certificate data at the given file path.
3434
*/
35-
public static Certificate loadEncryptionCertificate(String certificatePath) throws CertificateException, FileNotFoundException {
35+
public static Certificate loadEncryptionCertificate(String certificatePath) throws CertificateException, IOException {
36+
return loadEncryptionCertificate(Files.newInputStream(Paths.get(certificatePath)));
37+
}
38+
39+
/**
40+
* Populate a X509 encryption certificate object with the certificate data at the given certificate data in bytes.
41+
*/
42+
public static Certificate loadEncryptionCertificate(InputStream certificateStream) throws CertificateException {
3643
CertificateFactory factory = CertificateFactory.getInstance("X.509");
37-
return factory.generateCertificate(new FileInputStream(certificatePath));
44+
return factory.generateCertificate(certificateStream);
3845
}
3946

4047
/**
4148
* Load a RSA decryption key from a file (PEM or DER).
4249
*/
4350
public static PrivateKey loadDecryptionKey(String keyFilePath) throws GeneralSecurityException, IOException {
44-
byte[] keyDataBytes = Files.readAllBytes(Paths.get(keyFilePath));
45-
String keyDataString = new String(keyDataBytes, StandardCharsets.UTF_8);
51+
InputStream keyStream = new ByteArrayInputStream(Files.readAllBytes(Paths.get(keyFilePath)));
52+
return loadDecryptionKey(keyStream);
53+
}
54+
55+
/**
56+
* Load a RSA decryption key from key data in bytes.
57+
*/
58+
public static PrivateKey loadDecryptionKey(InputStream keyDataStream) throws GeneralSecurityException, IOException {
59+
byte[] keyBytes = keyDataStream.readAllBytes();
60+
String keyDataString = new String(keyBytes, StandardCharsets.UTF_8);
4661

4762
if (keyDataString.contains(PKCS_1_PEM_HEADER)) {
4863
// OpenSSL / PKCS#1 Base64 PEM encoded file
@@ -63,17 +78,17 @@ public static PrivateKey loadDecryptionKey(String keyFilePath) throws GeneralSec
6378
}
6479

6580
// We assume it's a PKCS#8 DER encoded binary file
66-
return readPkcs8PrivateKey(Files.readAllBytes(Paths.get(keyFilePath)));
81+
return readPkcs8PrivateKey(keyBytes);
6782
}
6883

6984
/**
7085
* Load a RSA decryption key out of a PKCS#12 container.
7186
*/
7287
public static PrivateKey loadDecryptionKey(String pkcs12KeyFilePath,
73-
String decryptionKeyAlias,
74-
String decryptionKeyPassword) throws GeneralSecurityException, IOException {
88+
String decryptionKeyAlias,
89+
String decryptionKeyPassword) throws GeneralSecurityException, IOException {
7590
KeyStore pkcs12KeyStore = KeyStore.getInstance("PKCS12");
76-
pkcs12KeyStore.load(new FileInputStream(pkcs12KeyFilePath), decryptionKeyPassword.toCharArray());
91+
pkcs12KeyStore.load(Files.newInputStream(Paths.get(pkcs12KeyFilePath)), decryptionKeyPassword.toCharArray());
7792
return (PrivateKey) pkcs12KeyStore.getKey(decryptionKeyAlias, decryptionKeyPassword.toCharArray());
7893
}
7994

src/test/java/com/mastercard/developer/utils/EncryptionUtilsTest.java

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,10 @@
66
import org.junit.jupiter.params.provider.CsvSource;
77
import org.junit.rules.ExpectedException;
88

9+
import java.io.InputStream;
10+
import java.nio.file.Files;
911
import java.nio.file.NoSuchFileException;
12+
import java.nio.file.Paths;
1013
import java.security.PrivateKey;
1114
import java.security.cert.Certificate;
1215
import java.security.spec.InvalidKeySpecException;
@@ -68,6 +71,26 @@ void testLoadDecryptionKey_ShouldSupportPkcs8Der(String keyLocation, String expe
6871
assertArrayEquals(base64Decode(expectedEncoding), privateKey.getEncoded());
6972
}
7073

74+
@ParameterizedTest
75+
@CsvSource({
76+
"pkcs8/test_key_pkcs8-2048.der, MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD0ynqAQWn0T7/VJLletTJgoxsTt5TR3IkJ+Yk/Pxg6Q5hXuiGrBdC+OVo/9hrNnptuZh9rZYKto6lbSjYFiKMeBDvPZrYDPzusp0C0KllIoVbzYiOezD76XHsQAEje0UXbzZlXstPXef2bi2HkqV26ST167L5O4moK8+7jHMT80T6XgsUyvyt8PjsQ9CSu6fnD9NfCSYmt2cb16OXcEtA7To2zoGznXqB6JhntFjG0jxee7RkLR+moOqMI9kFM5GSIV4uhwQ9FtOCjUf7TFAU12wwfX/QXUEj6G93GVtzf6QdkVkWh4EyRHeMLyMNc5c0Iw1ZvXdOKfoeo9F47QpbzAgMBAAECggEAK3dMmzuCSdxjTsCPnc6E3H35z914Mm97ceb6RN26OpZIFcO6OLj2oOBkMxlLFxnDta2yhIpo0tZNuyUJRKBHfov35tLxHNB8kyK7rYIbincDjoHtm0PfJuuG+odiaRY11lrCkLzzOr6xlo4AWu7r8qkQnqQtAqrXc4xu7artG4rfMIunGnjjWQGzovtey1JgZctO97MU4Wvw18vgYBI6JM4eHJkZxgEhVQblBTKZs4OfiWk6MRHchgvqnWugwl213FgCzwy9cnyxTP13i9QKaFzL29TYmmN6bRWBH95z41M8IAa0CGahrSJjudZCFwsFh413YWv/pdqdkKHg1sqseQKBgQD641RYQkMn4G9vOiwB/is5M0OAhhUdWH1QtB8vvhY5ISTjFMqgIIVQvGmqDDk8QqFMOfFFqLtnArGn8HrKmBXMpRigS4ae/QgHEz34/RFjNDQ9zxIf/yoCRH5PmnPPU6x8j3bj/vJMRQA6/yngoca+9qvi3R32AtC5DUELnwyzNwKBgQD5x1iEV+albyCNNyLoT/f6LSH1NVcO+0IOvIaAVMtfy+hEEXz7izv3/AgcogVZzRARSK0qsQ+4WQN6Q2WG5cQYSyB92PR+VgwhnagVvA+QHNDL988xoMhB5r2D2IVSRuTB2EOg7LiWHUHIExaxVkbADODDj7YV2aQCJVv0gbDQJQKBgQCaABix5Fqci6NbPvXsczvM7K6uoZ8sWDjz5NyPzbqObs3ZpdWK3Ot4V270tnQbjTq9M4PqIlyGKp0qXO7ClQAskdq/6hxEU0UuMp2DzLNzlYPLvON/SH1czvZJnqEfzli+TMHJyaCpOGGf1Si7fhIk/f0cUGYnsCq2rHAU1hhRmQKBgE/BJTRs1MqyJxSwLEc9cZLCYntnYrr342nNLK1BZgbalvlVFDFFjgpqwTRTT54S6jR6nkBpdPmKAqBBcOOX7ftL0b4dTkQguZLqQkdeWyHK8aiPIetYyVixkoXM1xUkadqzcTSrIW1dPiniXnaVc9XSxtnqw1tKuSGuSCRUXN65AoGBAN/AmT1S4PAQpSWufC8NUJey8S0bURUNNjd52MQ7pWzGq2QC00+dBLkTPj3KOGYpXw9ScZPbxOthBFzHOxERWo16AFw3OeRtn4VB1QJ9XvoA/oz4lEhJKbwUfuFGGvSpYvg3vZcOHF2zlvcUu7C0ub/WhOjV9jZvU5B2Ev8x1neb",
77+
"pkcs8/test_key_pkcs8-2048.pem, MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD0ynqAQWn0T7/VJLletTJgoxsTt5TR3IkJ+Yk/Pxg6Q5hXuiGrBdC+OVo/9hrNnptuZh9rZYKto6lbSjYFiKMeBDvPZrYDPzusp0C0KllIoVbzYiOezD76XHsQAEje0UXbzZlXstPXef2bi2HkqV26ST167L5O4moK8+7jHMT80T6XgsUyvyt8PjsQ9CSu6fnD9NfCSYmt2cb16OXcEtA7To2zoGznXqB6JhntFjG0jxee7RkLR+moOqMI9kFM5GSIV4uhwQ9FtOCjUf7TFAU12wwfX/QXUEj6G93GVtzf6QdkVkWh4EyRHeMLyMNc5c0Iw1ZvXdOKfoeo9F47QpbzAgMBAAECggEAK3dMmzuCSdxjTsCPnc6E3H35z914Mm97ceb6RN26OpZIFcO6OLj2oOBkMxlLFxnDta2yhIpo0tZNuyUJRKBHfov35tLxHNB8kyK7rYIbincDjoHtm0PfJuuG+odiaRY11lrCkLzzOr6xlo4AWu7r8qkQnqQtAqrXc4xu7artG4rfMIunGnjjWQGzovtey1JgZctO97MU4Wvw18vgYBI6JM4eHJkZxgEhVQblBTKZs4OfiWk6MRHchgvqnWugwl213FgCzwy9cnyxTP13i9QKaFzL29TYmmN6bRWBH95z41M8IAa0CGahrSJjudZCFwsFh413YWv/pdqdkKHg1sqseQKBgQD641RYQkMn4G9vOiwB/is5M0OAhhUdWH1QtB8vvhY5ISTjFMqgIIVQvGmqDDk8QqFMOfFFqLtnArGn8HrKmBXMpRigS4ae/QgHEz34/RFjNDQ9zxIf/yoCRH5PmnPPU6x8j3bj/vJMRQA6/yngoca+9qvi3R32AtC5DUELnwyzNwKBgQD5x1iEV+albyCNNyLoT/f6LSH1NVcO+0IOvIaAVMtfy+hEEXz7izv3/AgcogVZzRARSK0qsQ+4WQN6Q2WG5cQYSyB92PR+VgwhnagVvA+QHNDL988xoMhB5r2D2IVSRuTB2EOg7LiWHUHIExaxVkbADODDj7YV2aQCJVv0gbDQJQKBgQCaABix5Fqci6NbPvXsczvM7K6uoZ8sWDjz5NyPzbqObs3ZpdWK3Ot4V270tnQbjTq9M4PqIlyGKp0qXO7ClQAskdq/6hxEU0UuMp2DzLNzlYPLvON/SH1czvZJnqEfzli+TMHJyaCpOGGf1Si7fhIk/f0cUGYnsCq2rHAU1hhRmQKBgE/BJTRs1MqyJxSwLEc9cZLCYntnYrr342nNLK1BZgbalvlVFDFFjgpqwTRTT54S6jR6nkBpdPmKAqBBcOOX7ftL0b4dTkQguZLqQkdeWyHK8aiPIetYyVixkoXM1xUkadqzcTSrIW1dPiniXnaVc9XSxtnqw1tKuSGuSCRUXN65AoGBAN/AmT1S4PAQpSWufC8NUJey8S0bURUNNjd52MQ7pWzGq2QC00+dBLkTPj3KOGYpXw9ScZPbxOthBFzHOxERWo16AFw3OeRtn4VB1QJ9XvoA/oz4lEhJKbwUfuFGGvSpYvg3vZcOHF2zlvcUu7C0ub/WhOjV9jZvU5B2Ev8x1neb",
78+
"pkcs1/test_key_pkcs1-2048.pem, MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDMJPwAG210B9bznVVU0xKSmBxZnXIVODE275yg+kvxSDU5mBFg6CD59yP8DwxNiz/JeAgmEjWChdUX/01k9+vKsE/F4Ug4l74IZ48YyBe/cXuj25XTXTNzIiaAqe2/c2ssJXD22vMghoo2C/CCY8OF6AexalUyvsuTYMvlCY8Tbwnx6Qmdh8cnMZRKUlgmkKgJW07ts88MJxaCuU7OhqBO6O2nIFFYA9EmgDUnZvu6/Ouqa5QZ/xiqDwwh43tS7GziNKTeuwNcwITlwJUpr5t+hNXVdFAnY8AF026/Af/CqixGDdhOAV1YzjoBjgOAjPOpj/FJ4uJt3UfODbAdBMzrAgMBAAECggEBAMuaO2eT81cdFopEKb3/AfAJG4VZXVXChHspAYsf96v+e28ktnhzK6iCj3YuP/P65LR4LZBi6tFxzzUu4K7KAXZW4EkYReKDnPle574smlrKwSiMseJrewviTIpYcJFYeNQ/x2m8t22CIciDoe05uOENqNaOmciRuBIWIWUeYn9aoDsiMQ56EaKpOOt/Jekvyttwa35yElvbPSxF2UAGOXUxPaz1wIdkvDPrHV4NAMNjLDalFGYR10xnlVa0B3fsjxFaXY0esyyCBxonMgDkud12xGqYxXDv7WoUggrRkc5OSe++BDz5Ts/6vy/v7ea5+9fglqQ+KeCPnjeyVs4ZqkECgYEA7UXhER4p8KkYyjuRZmwABICQRv7kVy7iOsTNmR/aOTlYLjORaWZICprLVYsgQY/bksKjSjy9MR/HS0426QkyYQl7BWLnnU3HP5yVytuIlFxfo/xFMJ5wm1CNQ6rAcO8o02lwATzPPRg4ui0nGEIflJPdoTTuxzXn0r0QYzN52uECgYEA3EG9uCEzE3uVO5K/Ew7A1A5aAp9bNX59NctDtKAWEgKoRXrudgebSv+P2U3ZW3G6HouGpnavWSHMQ6HIfPtgEg0BhSqOOgUBVR+wdntq4zux1AFnHVXBLZdE+CWCmyj3ASFMTPvkLssfj/ae7UEhUB24TZxz3nAo8RR7Gmz8TUsCgYEAimnEVK8K+kg6nObI+D2yeO3ivHe/DpjcAjqCUXxCWjV4mmMcxaaUChOo4Dsr0vMvvNpsVUc/eqO2J9j1sVXbHL5iFI9Q2/Pect5Oh6svbpTAejIUzrrup7wC3GGEp5zsbP/KBf7KSjKSDRGAB+ey8oKbvInbbTymAsql/6iswiECgYEAuukzFZFe5banMpHaglKvwoSXT8hpv2Ci4samox6C/C+zGpsyx4i2+RMcwHy26kn9drRSxOrM7OeojvA40g8EPO06kAZIAeaDdfhZaIJdd44N32p9VcCTGZxYE/jI9+Dwk83tERtlTWxkUWgpAA+YNIO0BnCxR1+I7uTBfvBjvzcCgYBDrjptyo8peY0Jzaijg7hWBwLZp/M27GhR8uAV6FVESP+1uG06k3g3CECxCE3Pi6HVSaW6UpNMZnrtVaKQCJDyKnkdIExFVP8DhkJSHmid1TXJXEfpDT57JD4UX6NOCcB0ynSyYvDvJ6bodx6SSyB03CEMqJ8VMjXeYpZSHyAF7A=="
79+
})
80+
void testLoadDecryptionKey_ShouldSupportPkcs8DerBytes(String keyLocation, String expectedEncoding) throws Exception {
81+
82+
// GIVEN
83+
InputStream keyStream = Files.newInputStream(Paths.get(String.format("./src/test/resources/keys/%s", keyLocation)));
84+
85+
// WHEN
86+
PrivateKey privateKey = EncryptionUtils.loadDecryptionKey(keyStream);
87+
88+
// THEN
89+
assertNotNull(privateKey);
90+
assertEquals("RSA", privateKey.getAlgorithm());
91+
assertArrayEquals(base64Decode(expectedEncoding), privateKey.getEncoded());
92+
}
93+
7194
@ParameterizedTest
7295
@CsvSource({
7396
"test_key_pkcs1-512.pem",
@@ -87,6 +110,25 @@ void testLoadDecryptionKey_ShouldSupportPkcs1Base64Pem_512bits(String fileName)
87110
assertEquals("RSA", privateKey.getAlgorithm());
88111
}
89112

113+
@ParameterizedTest
114+
@CsvSource({
115+
"test_key_pkcs1-512.pem",
116+
"test_key_pkcs1-1024.pem",
117+
"test_key_pkcs1-4096.pem"
118+
})
119+
void testLoadDecryptionKey_ShouldSupportPkcs1Base64PemBytes_512bits(String fileName) throws Exception {
120+
121+
// GIVEN
122+
InputStream keyStream = Files.newInputStream(Paths.get(String.format("./src/test/resources/keys/pkcs1/%s", fileName)));
123+
124+
// WHEN
125+
PrivateKey privateKey = EncryptionUtils.loadDecryptionKey(keyStream);
126+
127+
// THEN
128+
assertNotNull(privateKey);
129+
assertEquals("RSA", privateKey.getAlgorithm());
130+
}
131+
90132
@Test
91133
public void testLoadDecryptionKey_ShouldSupportPkcs12() throws Exception {
92134

0 commit comments

Comments
 (0)