Re: My decryption code is not working

sarfaraz
Regular Visitor

My decryption code is not working

Hi,

I created one demo account. i want to check the visa check out process. i am trying to do that but not able decrypt the payment data. I have attached my code please help me out i am getting

Exception in thread "main" java.lang.RuntimeException: HMAC validation failed.
at enc.Visa.decrypt(Visa.java:53)
at enc.Visa.main(Visa.java:26)

 

 ///////////

 

package enc;

import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.util.Arrays;

import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;

public class Visa {


public static void main(String[] args) {
byte[] key="QvXXBZVOFhd8QMPDZM1eNpe7lorG1GJRZCKmJtsewNpD8VYfIVryJq5NVCRlTIo+82u7rFUZcHZ5syp9TwR8uVKs/y2UHs3F7CGlVvwoNvbTUISPCe22VUPVY5V0Wx0N".getBytes();
byte[] data="zujgv9vJ8etUOtYjwOBuuc3xHs6MfV6lHHN6Vuax/b0QUiGKBXH3kTPQLD7U+GPUvoIP53fihf3eaPbmk5N0gJ+Kafp1xXketqUfJ9Z4bDvEDkthq+UILCPQqzgfb8EHFutppK2+WNEVQ4AI0zd8iTDxvpXsbta4PTylNezoSM79zOe5De3d3DgoZNe75mCp727Z2xhGJcHQnBfmxTz9zGrlwgiiZeDtiXTVDxlR5j1/fMFBUXSgJ4VYsgaE+ks9zcA5maUgPiWU6DJGfTePkHzyigBmc0Ii6j4hk5QuCKTSIoVsDtuA2DRmdHxO6I4ARpSitHnyRnSycj5fFjuYWP5HNTYqjPH/a19QjA6clOQjg35uebCTsZuhVUi3wVeU4u7/E6QAqAG5ElbiLnb8KHko1QxrQvIAiog8Cpah5uCGxZS9kR4fjSyZ3Brl7eMRT+kvNeCOufVFB8mH+SHKZatKvEuzdJ7WhlNLLSr2nHeA9FVteyLz2qfOUpC2hsNA8zrVDjVTSj5Rm1Ad7dkCSXoXmcY6C48oMFAf3BDao1fLPPHHrG4Z+OuQM621wt35bYYPvhr+V4TY+tbI1vbczocoI0xjDaSgLzezy9VDayx+ZJaAPDz8OJQ1ugI4p3pYs7HkA1PaS0LVWTRzH4gV+TylV6ndSfl0/0NGSlb6+S0OtbTyFk/kKhqIOa1DxLyhXSYRqLfLKZ/9QACRg465YBFFWUukBviRDFRPjgrxMBOwS7haIzKYVcPQpCcv7yXjdK/Bqy/nHxrnODDaSVboCUE3HaEMlhU6xf4Am3MYi3gflWjMaZvSDXBhIXYvs2BSkHbjEMfEoDycuLgJQgiZYviNOdioP4FaVio0+B46y+wXM3qWxLSnvRV2BnDX5O7spKn4efBpuyjDyTx7r6Tc6FZ1oxYzepljwla4XS4YYKr8jrXWzY+xd8gBzAOWR1poQJLR+/erJU5yFlFLk5wdEZJEUncPmw/+kvrkqTRh2bpgfd1ugI3e97/qZy1guKlf7AtGhlYJFR1nTBZgqN4O+EwWt8miCb8RD74ICxxISWUtntYbbCwLlQjg1cRaTtEwUi0me3ChBfa9Tu9IwNRbcVXLV4Uzhno0oXC88umX2e92qXTwCNjC4rJikck5le1Pm+vnCy3nJFIQ+0vAFgvH2pAuJCPA9swMHt1JqLGMdgfHfD6wP6Hm1do7e1Tq1SP41vBhv2qBTqzCbkT2nXLyxaPp3yyBGZjkpvbiFlAJzQ6SI+u9fOm158SDCajji+CK0eiK+rRmIGJRRC1QmtcFUl8r2qiDzhEvLCCvxos0iozM500YYv/wDA9UJS7DjiaFmX727PWow9ly2cauztILogJfyGP69CQHI1RFm9Zye3F4I+8q9TU7hYEjuy/ch4QHA8bftc9Qgyk4CZh/GU9Tdfu0HzpZMRDQ20+C1BCEVA51wHh27A8U/9wG/X3b/b+4JUJ6Bd0dhadjYk9Z2jM3fgmHl6z6t5/N4J4SA4/m25/58q6X5cX/zC43ij5JhSYZX+u5tmepJCNgeEmKGddvOaXIijou6kSyF+vjxorCii9cGRXPgIatYcGJAr7hRiQVtPdA76+w3DxNVUPFIIClPT3PhyHtK+B1kkb48Jhbqa7mqpDobBY3Ub7TCPzdv3cxobBbsyO1I/kJ5dVDOL2Oh65Z2auNdcO025t4hjd2IQnmd630wSygC+QEazQ4HgHuvEGdmdyN69/iznwWXML0PG2xHDEguCUX94TGroneevRI/8W58WI8uTKBOezQuptglP6SXa+lTwYlC1QEhopoeOuxTvVNdTN2OqE+xWFWftn24Q/luXN3yguPc54iq1YhQrnsvVr+UCHcpNPDi0SW1+bno7nB8tX/UVa2ThF5NkwvPrj/5B7FQE++N0ytB42rblwf0Ck5xEcAO9k/YRhbqsSReKrm5yjjcob1pXDmHkCCUEu3SnmVQ4xQjqTm5vpgBjFprDPC07TWMiu/pTVXDzu3sa5z0BbspmMRiKDtInfz308yCOjBDyDcR9E1Lg4HLLuFvkXVO8pXBuXlMtTHISsYGwRCmXdb3ITEtewT5z/tm1CuehqmFW665SlOVUX9GhUHtwWAJ9jEumwLsII3hLX+IQwM611xbz0y9TZqzuy2eqsiGlpDknBHy+cDAgzXhepX0y4X/xybPct7NC9k9AZ6rmmk2/B8c7ITNz/MGDOxkhHLsfSYqEQwxf/QHQrgJBqnnc+5keszaV1JR/PUrtWYP6srt4CSFAEiSJ2rcMai72MS4MMunsFzG+1lqOq3J2mTNDTmpZb0jfk2llBRYYdcP9Y3U+Ru2cTFzeHqg74NO9Ywe8l062BOhX1hhoTy+c7ojF8AnVkl6WENd2I+Og==".getBytes();
try {
Visa.decrypt(key, data);
} catch (GeneralSecurityException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";
private static final String HASH_ALGORITHM = "SHA-256";
private static final String HMAC_ALGORITHM = "HmacSHA256";
private static final int IV_LENGTH = 16, HMAC_LENGTH = 32;
private static final Charset utf8 = Charset.forName("UTF-8");
private static final Provider bcProvider;
static {
bcProvider = new BouncyCastleProvider();
if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
Security.addProvider(bcProvider);
}
}
private static byte[] decrypt(byte[] key,byte[] data) throws GeneralSecurityException{
byte[] decodedData = Base64.decode(data);
if (decodedData == null || decodedData.length <= IV_LENGTH) {
throw new RuntimeException("Bad input data.");
}
byte[] hmac = new byte[HMAC_LENGTH];
System.arraycopy(decodedData, 0, hmac, 0, HMAC_LENGTH);
if (!Arrays.equals(hmac,
hmac(key, decodedData, HMAC_LENGTH, decodedData.length - HMAC_LENGTH))) {
throw new RuntimeException("HMAC validation failed.");
}
byte[] iv = new byte[IV_LENGTH];
System.arraycopy(decodedData, HMAC_LENGTH, iv, 0, IV_LENGTH);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM, bcProvider);
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(hash(key), "AES"),
new IvParameterSpec(iv));
return cipher.doFinal(decodedData, HMAC_LENGTH + IV_LENGTH,
decodedData.length - HMAC_LENGTH - IV_LENGTH);
}
private static byte[] hash(byte[] key) throws NoSuchAlgorithmException {
MessageDigest md = MessageDigest.getInstance(HASH_ALGORITHM);
md.update(key);
return md.digest();
}
private static byte[] hmac(byte[] key, byte[] data, int offset, int length)
throws GeneralSecurityException {
Mac mac = Mac.getInstance(HMAC_ALGORITHM, bcProvider);
mac.init(new SecretKeySpec(key, HMAC_ALGORITHM));
mac.update(data, offset, length);
return mac.doFinal();
}
}

////////////

Thanks in advance,

 

Sarfaraz Khan

sarfarazkhan.cpp@gmail.com
 

2 REPLIES 2
Sanobar
Frequent Helper

Re: My decryption code is not working

Hi,

 

I'm working on this with the Visa Checkout expert team and will get back to you asap.

 

Thanks,

Sanobar

sarfaraz
Regular Visitor

Re: My decryption code is not working

Thanks, please help me out..Thanks in advance.