diff --git a/src/main/java/it/pagopa/swclient/mil/idpay/azurekeyvault/util/EncryptUtil.java b/src/main/java/it/pagopa/swclient/mil/idpay/azurekeyvault/util/EncryptUtil.java index fa02ffb..fd1ed03 100644 --- a/src/main/java/it/pagopa/swclient/mil/idpay/azurekeyvault/util/EncryptUtil.java +++ b/src/main/java/it/pagopa/swclient/mil/idpay/azurekeyvault/util/EncryptUtil.java @@ -5,22 +5,22 @@ import java.math.BigInteger; import java.nio.charset.StandardCharsets; -import java.security.InvalidKeyException; -import java.security.KeyFactory; -import java.security.NoSuchAlgorithmException; -import java.security.PublicKey; +import java.security.*; import java.security.spec.InvalidKeySpecException; +import java.security.spec.MGF1ParameterSpec; import java.security.spec.RSAPublicKeySpec; import java.util.Base64; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; +import javax.crypto.spec.OAEPParameterSpec; +import javax.crypto.spec.PSource; @ApplicationScoped public class EncryptUtil { - public String encryptSessionKeyForIdpay(PublicKeyIDPay publicKeyIDPay, String sessionKey) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { + public String encryptSessionKeyForIdpay(PublicKeyIDPay publicKeyIDPay, String sessionKey) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException { String modulusBase64 = publicKeyIDPay.getN(); String exponentBase64 = publicKeyIDPay.getE(); @@ -38,12 +38,15 @@ public String encryptSessionKeyForIdpay(PublicKeyIDPay publicKeyIDPay, String se KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PublicKey rsaPublicKey = keyFactory.generatePublic(rsaPublicKeySpec); - Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding"); + Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPPadding"); + OAEPParameterSpec oaepParams = new OAEPParameterSpec("SHA-256", "MGF1", + new MGF1ParameterSpec("SHA-256"), PSource.PSpecified.DEFAULT); + cipher.init(Cipher.ENCRYPT_MODE, rsaPublicKey, oaepParams); + byte[] sessionKeyBytes = sessionKey.getBytes(StandardCharsets.UTF_8); - cipher.init(Cipher.ENCRYPT_MODE, rsaPublicKey); byte[] encryptedSessionKeyBytes = cipher.doFinal(sessionKeyBytes); // encryptedSessionKeyBytes contains encrypted session key - return Base64.getUrlEncoder().encodeToString(encryptedSessionKeyBytes); + return Base64.getEncoder().encodeToString(encryptedSessionKeyBytes); } } diff --git a/src/main/java/it/pagopa/swclient/mil/idpay/service/TransactionsService.java b/src/main/java/it/pagopa/swclient/mil/idpay/service/TransactionsService.java index e7d4d56..894225c 100644 --- a/src/main/java/it/pagopa/swclient/mil/idpay/service/TransactionsService.java +++ b/src/main/java/it/pagopa/swclient/mil/idpay/service/TransactionsService.java @@ -535,7 +535,6 @@ public Uni authorizeTransaction(CommonHeader headers, AuthorizeTransac // Start trying to encrypt session key with public key retrieved String encryptedSessionKey = encryptUtil.encryptSessionKeyForIdpay(publicKeyIDPay, unwrappedKey.getValue()); - String hexPinBlock = base64ToHex(authorizeTransaction.getAuthCodeBlockData().getAuthCodeBlock()); PinBlockDTO pinBlock = PinBlockDTO.builder()