java source code of CryptoServiceImpl

paymentgateway-master
- keys
  - mips_iplatebnibrana.csob.cz.cer
  - mips_platebnibrana.csob.cz.cer
  - readme.txt
  - mips_iplatebnibrana.csob.cz.pub
  - mips_platebnibrana.csob.cz.pub
- Integration Examples
  - eAPI v1.7
    - php
      - logger.php
      - init-result.php
      - sign-verify-test.php
      - init-json-result.php
      - keys
        .htaccess
      - readme.txt
      - log
        .htaccess
      - index.php
      - bootstrap.min.css
      - struct.php
      - payment.php
      - setup.php
      - crypto.php
      - index-json.php
    - java
      - eAPI-v17-connector
        src
        main
        resources
        logback.xml
        java
        cz
        monetplus
        mips
        eapi
        v17
        RunModeProvider.java
        connector
        INativeAPIv17Resource.java
        entity
        PayInitReq.java
        CustReq.java
        PayReq.java
        PayRes.java
        SignBase.java
        Signable.java
        ApiBase.java
        PayOneclickInitReq.java
        PayRefundReq.java
        ext
        TrxDatesExtension.java
        PrivateApiExtension.java
        Extension.java
        MaskedClnRPExtensionV16.java
        CartItem.java
        EchoRes.java
        EchoReq.java
        CustRes.java
        config
        JaxRsClientConfig.java
        JaxRsClientStarter.java
        StaticExitCodeGenerator.java
        ArgsConfig.java
        service
        CryptoService.java
        NativeApiV17Service.java
        CryptoServiceImpl.java
        RespCode.java
        MipsException.java
        NativeApiV17ServiceImpl.java
        modes
        PaymentProcessMode.java
        PaymentInitMode.java
        CustomerInfoMode.java
        EchoGetMode.java
        PaymentOneclickStartMode.java
        EchoPostMode.java
        PaymentCloseMode.java
        PaymentStatusMode.java
        PaymentRefundMode.java
        PaymentReverseMode.java
        PaymentOneclickInitMode.java
        RunMode.java
        RunModeProviderImpl.java
        Application.java
        run.bat
        pom.xml
        README.txt
        config
        payment-oneclick-base.json
        payment-init-base.json
        application.properties
        run.sh
  - eAPI v1.6
    - php
      - logger.php
      - init-result.php
      - sign-verify-test.php
      - init-json-result.php
      - keys
        .htaccess
      - readme.txt
      - log
        .htaccess
      - index.php
      - bootstrap.min.css
      - struct.php
      - payment.php
      - setup.php
      - crypto.php
      - index-json.php
    - dotNET
      - CsobGTWDemo
        CsobGatewayClientExample.sln
        CsobGatewayClientExample
        Common
        Constants.cs
        Enums.cs
        CsobGatewayClientExample.csproj
        packages.config
        Assets
        payment-oneclick-base.json
        payment-init-base.json
        App.config
        Security
        Crypto.cs
        Properties
        AssemblyInfo.cs
        Communication
        DataObjects
        ApiBase.cs
        EchoRequest.cs
        PayRefundReq.cs
        PayReq.cs
        CartItem.cs
        SignBase.cs
        PayRes.cs
        CustReq.cs
        IBasePostRequest.cs
        SignBaseRequest.cs
        PayOneclickInitReq.cs
        ClientResponse.cs
        EchoRes.cs
        PayInitReq.cs
        GatewayClient.cs
        Program.cs
      - README.txt
      - .gitattributes
      - CsobGatewayExampleSnippet.cs
      - .gitignore
    - java
      - eAPI-v16-connector
        src
        main
        resources
        logback.xml
        java
        cz
        monetplus
        mips
        eapi
        v16
        RunModeProvider.java
        connector
        INativeAPIv16Resource.java
        entity
        PayInitReq.java
        CustReq.java
        PayReq.java
        PayRes.java
        SignBase.java
        Signable.java
        ApiBase.java
        PayOneclickInitReq.java
        PayRefundReq.java
        ext
        TrxDatesExtension.java
        PrivateApiExtension.java
        Extension.java
        CartItem.java
        EchoRes.java
        EchoReq.java
        CustRes.java
        config
        JaxRsClientConfig.java
        JaxRsClientStarter.java
        StaticExitCodeGenerator.java
        ArgsConfig.java
        service
        NativeApiV16Service.java
        CryptoService.java
        CryptoServiceImpl.java
        NativeApiV16ServiceImpl.java
        RespCode.java
        MipsException.java
        modes
        PaymentProcessMode.java
        PaymentInitMode.java
        CustomerInfoMode.java
        EchoGetMode.java
        PaymentOneclickStartMode.java
        EchoPostMode.java
        PaymentCloseMode.java
        PaymentStatusMode.java
        PaymentRefundMode.java
        PaymentReverseMode.java
        PaymentOneclickInitMode.java
        RunMode.java
        RunModeProviderImpl.java
        Application.java
        run.bat
        pom.xml
        README.txt
        config
        payment-oneclick-base.json
        payment-init-base.json
        application.properties
        run.sh
  - eAPI v1.0
    - php
      - logger.php
      - init-result.php
      - sign-verify-test.php
      - init-json-result.php
      - keys
        .htaccess
      - readme.txt
      - log
        .htaccess
      - index.php
      - bootstrap.min.css
      - struct.php
      - payment.php
      - setup.php
      - crypto.php
      - index-json.php
    - java
      - eAPI-v1-connector
        src
        main
        resources
        logback.xml
        java
        cz
        monetplus
        mips
        eapi
        v1
        RunModeProvider.java
        connector
        entity
        PayInitReq.java
        CustReq.java
        PayReq.java
        PayRes.java
        SignBase.java
        Signable.java
        ApiBase.java
        CartItem.java
        EchoRes.java
        EchoReq.java
        CustRes.java
        INativeAPIv1Resource.java
        config
        JaxRsClientConfig.java
        JaxRsClientStarter.java
        StaticExitCodeGenerator.java
        ArgsConfig.java
        service
        CryptoService.java
        CryptoServiceImpl.java
        NativeApiV1Service.java
        RespCode.java
        MipsException.java
        NativeApiV1ServiceImpl.java
        modes
        PaymentProcessMode.java
        PaymentInitMode.java
        CustomerInfoMode.java
        EchoGetMode.java
        EchoPostMode.java
        PaymentCloseMode.java
        PaymentStatusMode.java
        PaymentRefundMode.java
        PaymentReverseMode.java
        RunMode.java
        RunModeProviderImpl.java
        Application.java
        run.bat
        pom.xml
        readme.txt
        config
        payment-init-base.json
        application.properties
        run.sh
  - eAPI v1.5
    - php
      - logger.php
      - init-result.php
      - sign-verify-test.php
      - init-json-result.php
      - keys
        .htaccess
      - readme.txt
      - log
        .htaccess
      - index.php
      - bootstrap.min.css
      - struct.php
      - payment.php
      - setup.php
      - crypto.php
      - index-json.php
    - java
      - eAPI-v15-connector
        src
        main
        resources
        logback.xml
        java
        cz
        monetplus
        mips
        eapi
        v15
        RunModeProvider.java
        connector
        entity
        PayInitReq.java
        CustReq.java
        PayReq.java
        PayRes.java
        PayRecurrentReq.java
        SignBase.java
        Signable.java
        ApiBase.java
        PayRefundReq.java
        CartItem.java
        EchoRes.java
        EchoReq.java
        CustRes.java
        config
        JaxRsClientConfig.java
        JaxRsClientStarter.java
        INativeAPIv15Resource.java
        StaticExitCodeGenerator.java
        ArgsConfig.java
        service
        NativeApiV15ServiceImpl.java
        CryptoService.java
        CryptoServiceImpl.java
        RespCode.java
        MipsException.java
        NativeApiV15Service.java
        modes
        PaymentProcessMode.java
        PaymentInitMode.java
        CustomerInfoMode.java
        EchoGetMode.java
        EchoPostMode.java
        PaymentCloseMode.java
        PaymentStatusMode.java
        PaymentRecurrentMode.java
        PaymentRefundMode.java
        PaymentReverseMode.java
        RunMode.java
        RunModeProviderImpl.java
        Application.java
        run.bat
        pom.xml
        readme.txt
        config
        payment-recurrent-base.json
        payment-init-base.json
        application.properties
        run.sh
  - eAPI v1.8
    - php
      - logger.php
      - init-result.php
      - sign-verify-test.php
      - init-json-result.php
      - keys
        .htaccess
      - readme.txt
      - log
        .htaccess
      - index.php
      - bootstrap.min.css
      - struct.php
      - payment.php
      - setup.php
      - crypto.php
      - index-json.php
    - dotNET
      - CsobGTWDemo
        CsobGatewayClientExample.sln
        CsobGatewayClientExample
        Common
        Constants.cs
        Enums.cs
        CsobGatewayClientExample.csproj
        packages.config
        Assets
        payment-oneclick-base.json
        payment-init-base.json
        App.config
        Security
        Crypto.cs
        Properties
        AssemblyInfo.cs
        Communication
        DataObjects
        ApiBase.cs
        EchoRequest.cs
        PayRefundReq.cs
        PayReq.cs
        CartItem.cs
        SignBase.cs
        PayRes.cs
        CustReq.cs
        IBasePostRequest.cs
        SignBaseRequest.cs
        PayOneclickInitReq.cs
        ClientResponse.cs
        EchoRes.cs
        PayInitReq.cs
        GatewayClient.cs
        Program.cs
      - README.txt
      - .gitattributes
      - CsobGatewayExampleSnippet.cs
      - .gitignore
    - java
      - eAPI-v18-connector
        src
        main
        resources
        logback.xml
        java
        cz
        monetplus
        mips
        eapi
        v18
        RunModeProvider.java
        connector
        entity
        PayInitReq.java
        CustReq.java
        PayReq.java
        PayRes.java
        SignBase.java
        OneclickEchoReq.java
        OneclickInitReq.java
        Signable.java
        ApiBase.java
        PayRefundReq.java
        ext
        TrxDatesExtension.java
        PrivateApiExtension.java
        Extension.java
        MaskedClnRPExtensionV16.java
        CartItem.java
        OneclickEchoRes.java
        EchoRes.java
        EchoReq.java
        CustRes.java
        config
        JaxRsClientConfig.java
        JaxRsClientStarter.java
        INativeAPIv18Resource.java
        StaticExitCodeGenerator.java
        ArgsConfig.java
        service
        CryptoService.java
        NativeApiV18ServiceImpl.java
        CryptoServiceImpl.java
        NativeApiV18Service.java
        RespCode.java
        MipsException.java
        modes
        PaymentProcessMode.java
        PaymentInitMode.java
        EchoGetMode.java
        EchoPostMode.java
        PaymentCloseMode.java
        EchoCustomerMode.java
        PaymentStatusMode.java
        OneclickInitMode.java
        OneclickStartMode.java
        OneclickEchoMode.java
        PaymentRefundMode.java
        PaymentReverseMode.java
        RunMode.java
        RunModeProviderImpl.java
        Application.java
        run.bat
        pom.xml
        README.txt
        config
        payment-init-oneclick-base.json
        oneclick-init-base.json
        payment-init-base.json
        application.properties
        payment-init-custom-base.json
        run.sh
- LICENSE
- CHANGELOG.md
- README.md
- .gitignore

package cz.monetplus.mips.eapi.v18.service;

import java.io.File;
import java.io.FileReader;
import java.io.Reader;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.StringUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

import cz.monetplus.mips.eapi.v18.connector.entity.SignBase;

@Service
public class CryptoServiceImpl implements CryptoService, InitializingBean {

	static final Logger LOG = LoggerFactory.getLogger(CryptoServiceImpl.class);
	
	@Value("${merchant.private.key.filename}")
	private String merchantPrivateKeyFilename;

	private PrivateKey merchantPrivateKey;

	@Value("${mips.public.key.filename}")
	private String mipsPublicKeyFilename;

	private PublicKey mipsPublicKey;
	
	@Override
	public void afterPropertiesSet() throws Exception {

		if (Security.getProvider("BC") == null) {
		    Security.addProvider(new BouncyCastleProvider());
		}

		File merchantPrivateKeyFile = new File(merchantPrivateKeyFilename);
		if (!merchantPrivateKeyFile.isFile() || !merchantPrivateKeyFile.canRead()) {
			throw new IllegalArgumentException("Unable to load merchant private key from " + merchantPrivateKeyFile.getAbsolutePath());
		}

		merchantPrivateKey = initializePrivateKey(merchantPrivateKeyFile);
		
		File mipsPublicKeyFile = new File(mipsPublicKeyFilename);
		if (!mipsPublicKeyFile.isFile() || !mipsPublicKeyFile.canRead()) {
			throw new IllegalArgumentException("Unable to load mips public key from " + mipsPublicKeyFile.getAbsolutePath());
		}

		String mipsPublicKeyData = FileUtils.readFileToString(mipsPublicKeyFile);
		mipsPublicKey = initializePublicKey(mipsPublicKeyData);
	
	}
	
	private PrivateKey initializePrivateKey(File file) {
		try {
			PEMReader reader = null;
			try {
				Reader fileReader = new FileReader(file);
				reader = new PEMReader(fileReader);
				KeyPair keyPair= (KeyPair)reader.readObject();
				return keyPair.getPrivate();
			}
			catch (Exception e) {
				throw new IllegalArgumentException("Invalid private key: ", e);
			}
			finally {
				reader.close();
			}
		}
		catch (Exception e) {
			throw new RuntimeException(e);
		}
	}

	private PublicKey initializePublicKey(String data) {
		try {
			data = StringUtils.remove(data, "-----BEGIN PUBLIC KEY-----");
			data = StringUtils.remove(data, "-----END PUBLIC KEY-----");
			X509EncodedKeySpec keySpec = new X509EncodedKeySpec(Base64.decodeBase64(data));
			KeyFactory keyFactory = KeyFactory.getInstance("RSA");
			return keyFactory.generatePublic(keySpec);
		}
		catch (Exception e) {
			throw new IllegalArgumentException("Invalid public key: ", e);
		}
	}

	@Override
	public boolean isSignatureValid(SignBase signBase) {
		try {
			String data2Verify = signBase.toSign();
			LOG.info("data to verify: '{}'", data2Verify);
			LOG.info("signature: '{}'", signBase.signature);
			return verify(mipsPublicKey, data2Verify, signBase.signature);
		}
		catch (Exception e) {
			LOG.warn("Invalid signature: ", e);
			return false;
		}
	}

	@Override
	public void createSignature(SignBase signBase) throws MipsException {
		signBase.fillDttm();
		String data2Sign = signBase.toSign();
		signBase.signature = sign(merchantPrivateKey, data2Sign);
		LOG.info("data to sign: '{}'", data2Sign);
		LOG.info("signature: '{}'", signBase.signature);
	}

	protected String sign(PrivateKey key, String plainData) throws MipsException {
		try {
			Signature instance = Signature.getInstance("SHA256withRSA");
			instance.initSign(key);
			instance.update(plainData.getBytes("UTF-8"));
			byte[] signature = instance.sign();
			return Base64.encodeBase64String(signature);
		}
		catch (Exception e) {
			throw new MipsException(RespCode.INTERNAL_ERROR, "sign failed: ", e);
		}
	}

	protected boolean verify(PublicKey key, String plainData, String signature) throws MipsException {
		try {
			byte[] sign = Base64.decodeBase64(signature);
			Signature instance = Signature.getInstance("SHA256withRSA");
			instance.initVerify(key);
			instance.update(plainData.getBytes("UTF-8"));
			return instance.verify(sign); 
		}
		catch (Exception e) {
			throw new MipsException(RespCode.INTERNAL_ERROR, "verify failed: ", e);
		}
	}
	
}