Skip to content
This repository was archived by the owner on Feb 28, 2024. It is now read-only.

Configuration Object

Jump to bottom
Marco edited this page May 14, 2019 · 3 revisions

Whether you decide to use the library integrating with a generated OpenAPI Client or by calling the FieldLevelEncryption.encrypt()/FieldLevelEncryption.decrypt() functions, you need to create a proper config object to instruct which fields to encrypt or decrypt, how to encrypt/decrypt and more.

To create a new FieldLevelEncryption or use the OpenAPIInterceptor object, you have to create a proper config object accordingly with the Mastercard Service you intend to use.

Object Properties

paths: Array of object, with the following properties:

  • path: Endpoint for which enable the payload encryption/decryption
  • toEncrypt: Array of object
    • element: Path to element to be encrypted in request object
    • object: Path to object where to store encryption fields in request object
  • toDecrypt: Array of object
    • element: path to element where to store decrypted fields in response object
    • obj: path to object with encryption fields

oaepPaddingDigestAlgorithm: OAEP padding digest algorithm to use (SHA-256 or SHA-512)

dataEncoding: encoding used to encode/decode encrypted fields, 'hex' or 'base64'.

publicKeyFingerprint: (optional if publicKeyFingerprintType is set) public key fingerprint with hex encoding. When not provided, it is computed from the library.

publicKeyFingerprintType: type of public fingerprint to generate, certificate or publicKey.

encryptionCertificate:path to the public encryption certificate (PEM)

encryptedValueFieldName:field name with encrypted data

With Header encryption params:

ivHeaderName: HTTP header name containing IV data

encryptedKeyHeaderName: HTTP header name containing encrypted key

oaepHashingAlgorithmHeaderName: HTTP header name containing OAEP hashing algorithm to use

publicKeyFingerprintHeaderName: HTTP header name containing public key fingerprint

With Payload encryption params:

ivFieldName: Payload field name containing IV data

encryptedKeyFieldName: Payload field name containing encrypted key

oaepHashingAlgorithmFieldName: Payload field name containing OAEP hashing algorithm to use

publicKeyFingerprintFieldName: Payload field name containing public key fingerprint

Using Private key

privateKey: path to private key

Using Private key store

keyStore: path to private key store (.p12)

keyStoreAlias: key store alias

keyStorePassword: key store password

Note: privateKey or keyStore are optional and only needed for decrypting.

Clone this wiki locally