I am trying to do Braintree encrytion in java using braintree-android-encryption-1.0.0.jar downloaded from https://www.braintreepayments.com/docs/android about braintree_java HOT 10 CLOSED

Hey!

Happy to help you out with this. I will say that our support team is incredible, and will probably be able to get back to you faster and with better answers than I can on github. But we can try to knock it out on here as well!

Just wanted to double check a few things. Since you posted this issue under the normal java library as opposed to the android encryption library, are you trying to do use the braintree android encryption library in a normal java environment? What is it you're trying to do at a high level? Can you also give me a few details of the environment (Android version, java version, libraries that might impact it, etc)? Hopefully with those details we can figure out what's going on.

-Hurley
Braintree Developer

from braintree_java.

Hurley,

I appreciate a very quick response.The purpose is to encrypt credit card information @ java end (in a java class ). The java version is java6 and the library is android-encryption-1.0.0.jar downloaded from https://www.braintreepayments.com/docs/android . i am trying to encrypt in a normal java environment.

Thanks

from braintree_java.

Taking a step back, I will say that the android encryption library is only for android, so it's probably not the best to be trying to use it elsewhere. There are all sorts of additional issues that can pop up, and I'm sure that this is one of them. For this use case, where exactly are you trying to encrypt the card info? Are you doing it on the server? The library is supposed to be for the client side end (i.e. a phone or webpage that people go to). If you are doing this on the server, my concern would be that by the time it gets to your server, it should probably already be encrypted, if it's not there are all sorts of security and PCI issues that you will run into. Just some thoughts.

But to take a guess, I think the reason you're having issues is that the android-encryption library isn't really built to be a normal java library. I'm going to guess that it's probably a configuration problem. I'm not for sure on all of this, but I know that by default java only supports AES keys up to something like 128-bit (Might not be exact, but they have some sort of limit) out of the box. And in order to get bigger keys you have to apply a certain patch for "JCE Unlimited Strength Jurisdiction Policy Files". You should be able to get the file from oracle. That could very well be the issue you're having. A little googling seems to support that. This is just me taking a stab in the dark, but it sounds like that's a good place to check. As I mentioned before though, it sounds like this use case is a little odd, so it may not be the best approach depending on what you're going for.

-Hurley

from braintree_java.

Thanks for the information. I tried Android API after reading the link #9 on github

from braintree_java.

No problem! And yeah, I agree with that issue. In theory you should be able to use the android library in a normal java environment, but you may need to do a little more tweaking (Like what I mentioned with the policy files). So hopefully that sort of configuration.

I was also really hoping to hear what exactly it is you're trying to do overall. We don't normally see people that ever use the client side encryption libraries other than mobile phones and javascript (on websites). Generally they are able to accomplish whatever they need to by using the the normal braintree java library on a server and then use the client side encryption libraries on the phones or webpages. I might be able to help out a bit more if I knew about what you're goal is for processing the credit cards. For example, where is it that you are trying to encrypt the credit card info? Is it on a server or is this some sort of java application that will be distributed to users? What is the flow of the actual card info, where does it get inputted and where does it go from there? It sounds like an interesting project, so I'd be curious to learn and help more.

from braintree_java.

Below is the code which i am trying to execute with the android-encryption-1.0.0.jar (https://www.braintreepayments.com/docs/android),

Our requirement is to encrypt the credit card information, (which is in our database and not coming from user interface ) using brain tree encryption and and send it to level up.

static String publicKey = "MIIBCgKCAQEAsWqrT3RkCyH6yF7ir/lphFcc/lKk792OG5sCGW2dZW3A0NDVoNOpoP0Qj6S0uqgT5higISchdJKSaqurE0fBzqpys0n+o3jTShOxsAS+k1urH7kPtW3DSw9HPVZuKkY+C8a3JcfkFb7OLQsolDGmJdI7BLlt/KB52Z7rP2EqsjqrI+HMLgjN8zWnAl6RbAFNyAsHniww8z/z1BcXhen9UTr9LXcbhZjVjsOrGNR7Ylc2uaLbg/NRuEImXhGc53Dd0DSeKocEG4jdrwZSQFVZjf2D+Hoj11bivkhrd1dwa43rik4cr4qEOlRIdq/DbIroq2tTn46nwOmPd8cFSbu81wIDAQAB";

Braintree braintree = new Braintree(publicKey);
String encryptedCreditCardNumber = braintree
.encrypt("4111111111111111");

Thanks !!

from braintree_java.

The exact Java class code is below.

package com.service;

import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;

import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicHeader;
import org.codehaus.jackson.map.ObjectMapper;

import com.braintreegateway.encryption.Braintree;
import com.equinoxfitness.levelup.domain.CreditCard;
import com.equinoxfitness.levelup.domain.Wrapper;

public class BraintreeExample {
static String publicKey = "MIIBCgKCAQEAsWqrT3RkCyH6yF7ir/lphFcc/lKk792OG5sCGW2dZW3A0NDVoNOpoP0Qj6S0uqgT5higISchdJKSaqurE0fBzqpys0n+o3jTShOxsAS+k1urH7kPtW3DSw9HPVZuKkY+C8a3JcfkFb7OLQsolDGmJdI7BLlt/KB52Z7rP2EqsjqrI+HMLgjN8zWnAl6RbAFNyAsHniww8z/z1BcXhen9UTr9LXcbhZjVjsOrGNR7Ylc2uaLbg/NRuEImXhGc53Dd0DSeKocEG4jdrwZSQFVZjf2D+Hoj11bivkhrd1dwa43rik4cr4qEOlRIdq/DbIroq2tTn46nwOmPd8cFSbu81wIDAQAB";

public static void main(String[] args) throws Exception {
    Braintree braintree = new Braintree(publicKey);
    String encryptedCreditCardNumber = braintree
            .encrypt("4111111111111111");
//  String encryptedCvv = braintree.encrypt("111");
    String encryptedCvv = "$bt3|ios_1_0_1$FhNf0Mda7FKIm6pQVZHtnOtkgu2qAhvFxK/aSF9VW4rf6yw3gIpWC91vfEWsWFXB1Tedt38TNBxFdbBn2MQhLZPQxLhtfEPF2lEg72KPVaiteDuGLld2DyiC7Dw1vloO1Q764NNmi1zYkNT0ZZanKLq2rHwSE/SK+ciX+n7XDpT64gTJFgDK2+Ukm60YG8s5v/gizS4kff82BDW8HH6yrbZy82xvKhIsyII/tMq/+Gbbpr0MMJ294Kv1IfhhVSAKGKuCXVFHEyO5vtWIBG0JoX/opba1DiQu7th+Jd4x1cNMsvF6ELzf1K5lrFmIgN3eYWvgKkj02y9V2CMbbWmNmA==$1O2wRKgKLQDI2v+/Ze4NAPdvTro+Q3WtGEnZ/AZP47c=";
    // String encryptedExpirationDate = braintree.encrypt("01/2014");
    String postal = "$bt3|ios_1_0_1$paO7Qzz83NexBNBbjoM3I3VYIWPObWSqSz8/aRoCEV903EA8vDwwk3+LcrHV0xb9debtB3zT0g8+BdqZl219uZkYqa0HcbiA/l3bbb0MPrFMAeNczCyQlGPML89Nyos6GemUMfvJggrp+wxVm19+BgRWGUys1O8YT4F/+/TzZbcb7/yPaJ7otg16jzSF2n3siQZXIaG5jwpH/GtOy//ijtn3+rqbpajMmoqITwGRfCpICqzT3pAT4069ILdv/k9tg5I+IgnQwXpIKzNx+/srN22uZfzSz4lLvH/EVdI2fz+lGQ/ZfcPi412lA//owmOvylpXRuPYXVt6FPezJslArw==$1O2wRKgKLQDI2v+/Ze4NAPdvTro+Q3WtGEnZ/AZP47c=";

    String encryptedExpirationMonth = braintree.encrypt("01");
    String encryptedExpirationYear = braintree.encrypt("2014");
    System.out.println("encryptedCreditCardNumber: "
            + encryptedCreditCardNumber);
    System.out.println("encryptedCvv: " + encryptedCvv);
    System.out.println("encryptedExpirationMonth: "
            + encryptedExpirationMonth);
    System.out.println("encryptedExpirationYear: "
            + encryptedExpirationYear);


}

}

from braintree_java.

Oh ok. Well, if these card number are in a database, I would be a little concerned. There are a lot of security issues and PCI compliance problems that you will have to deal with by storing card numbers. I would highly suggest you reach out to our support team to chat about your integration. The reason we have these client side encryption libraries is so that you can encrypt the card numbers before they ever touch your servers or databases. So we might be able to help you simplify the process a lot for you. The support team would be able to help you out with that.

From a technical side, that code is pretty straight forward (Ignoring the strings you have there that were encrypted on ios). I can be about 99% sure that it must have something to do with your environment configuration. Did you take a look at the about the java policy rules I posted earlier? This link http://www.oracle.com/technetwork/java/javase/downloads/index.html that should contain the unlimited strength policy rules. This is the stackoverflow post that lead me there http://stackoverflow.com/questions/6900542/java-security-invalidkeyexception-illegal-key-size. Did trying to do unlock those larger key sizes help at all?

from braintree_java.

Thanks for the support. Closing the issue to avoid duplicates, as we are interacting with braintree support in a different thread.

Thanks!!

from braintree_java.

Able to solve the issue by installing unrestricted JCE policy files from IBM.

http://pic.dhe.ibm.com/infocenter/java7sdk/v7r0/index.jsp?topic=%2Fcom.ibm.java.security.component.doc%2Fsecurity-component%2Fintroduction.html.

Thanks for all the support !!

from braintree_java.