• Home
• com.yoti
• yoti-sdk-api
• 3.10.0
• source code
• EncryptedDataReader.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.yoti.api.client.spi.remote.EncryptedDataReader Maven / Gradle / Ivy

package com.yoti.api.client.spi.remote;

import static javax.crypto.Cipher.DECRYPT_MODE;

import static com.yoti.api.client.spi.remote.call.YotiConstants.SYMMETRIC_CIPHER;

import java.security.GeneralSecurityException;
import java.security.Key;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;

import com.yoti.api.client.ProfileException;
import com.yoti.api.client.spi.remote.proto.EncryptedDataProto;

import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

public class EncryptedDataReader {

    private EncryptedDataReader() {}

    static EncryptedDataReader newInstance() {
        return new EncryptedDataReader();
    }

    public byte[] decryptBytes(byte[] encryptedBytes, Key secretKey) throws ProfileException {
        EncryptedDataProto.EncryptedData encryptedData = parseEncryptedContent(encryptedBytes);
        return decrypt(encryptedData, secretKey);
    }

    private EncryptedDataProto.EncryptedData parseEncryptedContent(byte[] encryptedBytes) throws ProfileException {
        try {
            return EncryptedDataProto.EncryptedData.parseFrom(encryptedBytes);
        } catch (InvalidProtocolBufferException e) {
            throw new ProfileException("Cannot decode profile", e);
        }
    }

    private byte[] decrypt(EncryptedDataProto.EncryptedData encryptedData, Key secretKey) throws ProfileException {
        ByteString initVector = encryptedData.getIv();
        if (initVector == null || initVector.size() == 0) {
            throw new ProfileException("Receipt key IV must not be null.");
        }
        try {
            Cipher cipher = Cipher.getInstance(SYMMETRIC_CIPHER, BouncyCastleProvider.PROVIDER_NAME);
            cipher.init(DECRYPT_MODE, secretKey, new IvParameterSpec(initVector.toByteArray()));
            return cipher.doFinal(encryptedData.getCipherText().toByteArray());
        } catch (GeneralSecurityException gse) {
            throw new ProfileException("Error decrypting data", gse);
        } catch (IllegalArgumentException iae) {
            throw new ProfileException("Base64 encoding error", iae);
        }
    }

}