Skip to content

Service Configurations for Client Encryption Java

Jump to bottom
ShimonaR-MC edited this page Jan 8, 2024 · 8 revisions

Table of Contents

Overview

Predefined service configurations for the Java client encryption library.

Configurations

MDES Token Connect

The following configuration applies to the endpoint POST /connect/{maj}/pushAccount

FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder.aFieldLevelEncryptionConfig()
        .withEncryptionPath("$.pushFundingAccount.encryptedPayload.encryptedData", "$.pushFundingAccount.encryptedPayload")
        .withEncryptionCertificate(encryptionCertificate)
        .withOaepPaddingDigestAlgorithm("SHA-512")
        .withEncryptedValueFieldName("encryptedData")
        .withEncryptedKeyFieldName("encryptedKey")
        .withIvFieldName("iv")
        .withOaepPaddingDigestAlgorithmFieldName("oaepHashingAlgorithm")
        .withEncryptionCertificateFingerprintFieldName("publicKeyFingerprint")
        .withFieldValueEncoding(FieldValueEncoding.HEX)
        .build();

MDES Digital Enablement API

FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder.aFieldLevelEncryptionConfig()
        .withEncryptionPath("$.cardInfo.encryptedData", "$.cardInfo") // Before version 1.2.9
        .withEncryptionPath("$.fundingAccountInfo.encryptedPayload.encryptedData", "$.fundingAccountInfo.encryptedPayload")
        .withEncryptionPath("$.encryptedPayload.encryptedData", "$.encryptedPayload")
        .withDecryptionPath("$.tokenDetail", "$.tokenDetail.encryptedData")
        .withDecryptionPath("$.encryptedPayload", "$.encryptedPayload.encryptedData")
        .withEncryptionCertificate(encryptionCertificate)
        .withDecryptionKey(decryptionKey)
        .withOaepPaddingDigestAlgorithm("SHA-512")
        .withEncryptedValueFieldName("encryptedData")
        .withEncryptedKeyFieldName("encryptedKey")
        .withIvFieldName("iv")
        .withOaepPaddingDigestAlgorithmFieldName("oaepHashingAlgorithm")
        .withEncryptionCertificateFingerprintFieldName("publicKeyFingerprint")
        .withFieldValueEncoding(FieldValueEncoding.HEX)
        .build();

Installment APIs

FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder.aFieldLevelEncryptionConfig()
        .withEncryptionPath("$.calculatorReqData.primaryAccountNumber", "$.calculatorReqData")
        .withEncryptionPath("$.configReqData.primaryAccountNumber", "$.configReqData")
        .withEncryptionPath("$.processInstallmentReqData.primaryAccountNumber", "$.processInstallmentReqData")
        .withEncryptionPath("$.receiveIssuerApprReqData.primaryAccountNumber", "$.receiveIssuerApprReqData")
        .withEncryptionCertificate(encryptionCertificate)
        .withOaepPaddingDigestAlgorithm("SHA-256")
        .withEncryptedValueFieldName("primaryAccountNumber")
        .withEncryptedKeyFieldName("wrappedKey")
        .withIvFieldName("iv")
        .withFieldValueEncoding(FieldValueEncoding.BASE64)
        .build();

Payment Account Management

FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder.aFieldLevelEncryptionConfig()
        .withEncryptionPath("$.encryptedPayload.encryptedData", "$.encryptedPayload")
        .withDecryptionPath("$.encryptedPayload", "$.encryptedPayload.encryptedData")
        .withEncryptionCertificate(encryptionCertificate)
        .withDecryptionKey(decryptionKey)
        .withOaepPaddingDigestAlgorithm("SHA-512")
        .withEncryptedValueFieldName("encryptedData")
        .withEncryptedKeyFieldName("encryptedKey")
        .withIvFieldName("iv")
        .withOaepPaddingDigestAlgorithmFieldName("oaepHashingAlgorithm")
        .withEncryptionCertificateFingerprintFieldName("publicKeyFingerprint")
        .withFieldValueEncoding(FieldValueEncoding.HEX)
        .build();

Payment Account Reference Inquiry

FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder.aFieldLevelEncryptionConfig()
        .withEncryptionPath("$.encryptedPayload.encryptedData", "$.encryptedPayload")
        .withDecryptionPath("$.encryptedPayload", "$.encryptedPayload.encryptedData")
        .withEncryptionCertificate(encryptionCertificate)
        .withDecryptionKey(decryptionKey)
        .withOaepPaddingDigestAlgorithm("SHA-512")
        .withEncryptedValueFieldName("encryptedData")
        .withEncryptedKeyFieldName("encryptedKey")
        .withIvFieldName("iv")
        .withOaepPaddingDigestAlgorithmFieldName("oaepHashingAlgorithm")
        .withEncryptionCertificateFingerprintFieldName("publicKeyFingerprint")
        .withFieldValueEncoding(FieldValueEncoding.HEX)
        .build();

Mastercard QR for Merchant Aggregators

FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder.aFieldLevelEncryptionConfig()
        .withDecryptionPath("$", "$.items")
        .withDecryptionKey(decryptionKey)
        .withOaepPaddingDigestAlgorithm("SHA-512")
        .withEncryptedValueFieldName("items")
        .withEncryptedKeyFieldName("encryptedKey")
        .withIvFieldName("iv")
        .withOaepPaddingDigestAlgorithmFieldName("oaepHashingAlgorithm")
        .withFieldValueEncoding(FieldValueEncoding.BASE64)
        .build();

Mastercard Directory Services

FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder.aFieldLevelEncryptionConfig()
        .withEncryptionPath("$", "$.encrypted_payload")
        .withDecryptionPath("$.encrypted_payload", "$")
        .withEncryptionCertificate(encryptionCertificate)
        .withDecryptionKey(decryptionKey)
        .withOaepPaddingDigestAlgorithm("SHA-256")
        .withEncryptedValueFieldName("data")
        .withEncryptedKeyHeaderName("x-encrypted-key")
        .withIvHeaderName("x-iv")
        .withOaepPaddingDigestAlgorithmHeaderName("x-oaep-hashing-algorithm")
        .withEncryptionKeyFingerprintHeaderName("x-public-key-fingerprint")
        .withFieldValueEncoding(FieldValueEncoding.BASE64)
        .build();

Buyer Payment Agent

FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder.aFieldLevelEncryptionConfig()
        .withEncryptionCertificate(encryptionCertificate) 
        .withDecryptionKey(decryptionKey) 
        .withEncryptionPath("$.card", "$.encryptedCard")
        .withDecryptionPath("$.encryptedCard", "$.card")
        .withDecryptionPath("$.encryptedSupplierBankAccount", "$.supplierBankAccount")
        .withOaepPaddingDigestAlgorithm("SHA-256") 
        .withEncryptedValueFieldName("encryptedValue") 
        .withEncryptedKeyFieldName("encryptedKey")
        .withIvFieldName("iv") 
        .withOaepPaddingDigestAlgorithmFieldName("oaepPaddingDigestAlgorithm")
        .withEncryptionKeyFingerprintFieldName("publicKeyFingerprint")
        .withFieldValueEncoding(FieldLevelEncryptionConfig.FieldValueEncoding.BASE64) 
        .build();

Supplier Payment Agent

FieldLevelEncryptionConfig config = FieldLevelEncryptionConfigBuilder.aFieldLevelEncryptionConfig()
        .withDecryptionKey(decryptionKey)
        .withDecryptionPath("$.encryptedCard", "$.card")
        .withEncryptionPath("$.supplierBankAccount", "$.encryptedSupplierBankAccount")
        .withDecryptionPath("$.encryptedSupplierBankAccount", "$.supplierBankAccount")
        .withOaepPaddingDigestAlgorithm("SHA-256")
        .withEncryptedValueFieldName("encryptedValue")
        .withEncryptedKeyFieldName("encryptedKey")
        .withIvFieldName("iv")
        .withOaepPaddingDigestAlgorithmFieldName("oaepPaddingDigestAlgorithm")
        .withEncryptionKeyFingerprintFieldName("publicKeyFingerprint")
        .withFieldValueEncoding(FieldLevelEncryptionConfig.FieldValueEncoding.BASE64)
        .build();
Clone this wiki locally