mastercard-api-core
Version:
Core functionality for MasterCard API
132 lines (100 loc) • 4.21 kB
JavaScript
var FieldLevelEncryption = require('../fle/field-level-encryption');
var DataEncoding = require('../util/data-encoding');
var utils = require('../../utils');
var config = {
triggeringEndPath: [
'/mes/api/v1/merchants/.*/transactions',
'/paygo/api/v1/merchants/.*/transactions',
'/mpqr-mes/api/v1/merchants/.*/transactions',
'/mpqr-paygo/api/v1/merchants/.*/transactions',
'/mes/api/v1/transactions',
'/paygo/api/v1/transactions',
'/mpqr-mes/api/v1/transactions',
'/mpqr-paygo/api/v1/transactions',
],
fieldsToEncrypt: [],
fieldsToDecrypt: ['items', 'data.extraData'],
symmetricAlgorithm: 'AES-CBC',
symmetricCipher: 'AES',
symmetricKeysize: 128,
asymmetricCipher: 'RSA-OAEP',
oaepHashingAlgorithm: 'SHA-512',
oaepHashingAlgorithmFieldName: 'oaepHashingAlgorithm',
publicKeyFingerprintHashing: 'SHA-256',
publicKeyFingerprintFieldName: 'publicKeyFingerprint',
ivFieldName: 'iv',
encryptedKeyFieldName: 'encryptedKey',
dataEncoding: DataEncoding.BASE64,
}
function MESCryptography(opts) {
FieldLevelEncryption.call(this, {
publicCertificatePath: opts.publicCertificatePath,
keystorePath: opts.keystorePath,
privateKeyAlias: opts.privateKeyAlias,
privateKeyPassword: opts.privateKeyPassword,
publicKeyFingerprint: opts.publicKeyFingerprint,
privateKeyPath: opts.privateKeyPath,
config: config,
});
}
MESCryptography.prototype = Object.create(FieldLevelEncryption.prototype);
MESCryptography.prototype.constructor = MESCryptography;
MESCryptography.prototype.encrypt = function(requestObj) {
if (this.publicCertificate == null || requestObj == null) {
return requestObj;
}
var length = config.fieldsToEncrypt.length;
for (var i = 0; i < length; i++) {
var fieldToEncrypt = config.fieldsToEncrypt[i];
var objectDetail = utils.get(requestObj, fieldToEncrypt);
if (objectDetail == null) {
continue;
}
var payload = JSON.stringify(objectDetail.object);
const encrypted = this.encryptPlainText(payload);
var parent = objectDetail.parent;
var objectFieldName = objectDetail.objectFieldName;
parent[objectFieldName] = encrypted.cipherText;
parent[config.ivFieldName] = encrypted.iv;
parent[config.encryptedKeyFieldName] = encrypted.encryptedKey;
if (config.publicKeyFingerprintFieldName != null) {
parent[config.publicKeyFingerprintFieldName] = encrypted.publicKeyFingerprint;
}
if (config.oaepHashingAlgorithmFieldName != null) {
parent[config.oaepHashingAlgorithmFieldName] = encrypted.oaepHashingAlgorithm;
}
}
return requestObj;
}
MESCryptography.prototype.decrypt = function(responseObj) {
if (this.privateKey == null || responseObj == null) {
return responseObj;
}
var length = config.fieldsToDecrypt.length;
for (var i = 0; i < length; i++) {
var fieldToDecrypt = config.fieldsToDecrypt[i];
var objectDetail = utils.get(responseObj, fieldToDecrypt);
if (objectDetail == null) {
continue;
}
var parent = objectDetail.parent;
var objectFieldName = objectDetail.objectFieldName;
// read encrypted key
var encryptedKey = parent[config.encryptedKeyFieldName];
delete parent[config.encryptedKeyFieldName];
var oaepHashingAlgorithm = parent[config.oaepHashingAlgorithmFieldName];
if (oaepHashingAlgorithm != null) {
delete parent[config.oaepHashingAlgorithmFieldName];
}
// remove public key fingerprint field
delete parent[config.publicKeyFingerprintFieldName];
// read iv
var ivString = parent[config.ivFieldName];
delete parent[config.ivFieldName];
// decrypt the data
var decryptedData = this.decryptCipherText(objectDetail.object, ivString, encryptedKey, oaepHashingAlgorithm);
parent[objectFieldName] = JSON.parse(decryptedData);
}
return responseObj;
}
module.exports = MESCryptography;