tink icon indicating copy to clipboard operation
tink copied to clipboard
verified publisher icon tink-crypto

paymentmethodtoken in python

Open Bastien-BO opened this issue 4 years ago • 5 comments

Help us help you

I'm working for a PSP and curently trying to add Gpay support for a python backend.

Is your feature request related to a problem?

The gpay doc ask to use tink to handle keysets and messages encryption/decryption with paymentmethodtoken. The only integration of it that i found is in java.

Describe the solution you'd like

Having a equivalent of paymentmethodtoken in Python.

Describe alternatives you've considered

Additional context

Bastien-BO avatar Nov 08 '21 16:11 Bastien-BO

Have you tried https://github.com/google-pay/tink-jni-examples/tree/master/TinkJNIPython?

thaidn avatar Nov 17 '21 18:11 thaidn

@thaidn thanks for your reply,

I didn't know this package exist, thanks for it. Sadly since it's a bridge to the java lib i'm not going to use it.

I'm curently making my own lib that use simple python with PyCryptodome

Bastien-BO avatar Nov 17 '21 19:11 Bastien-BO

If you can share the code, I can help you review it.

On Wed, Nov 17, 2021 at 11:19 AM Bastien Bouchoux @.***> wrote:

@thaidn https://github.com/thaidn thanks for your reply,

I didn't know this package exist, thanks for it. Sadly since it's a bridge to the java lib i'm not going to use it.

I'm curently making my own lib that use simple python with PyCryptodome

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/google/tink/issues/552#issuecomment-971897040, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAB23AIYKZIN4M32PM5ASLUMP54PANCNFSM5HTEAZYA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

-- https://vnhacker.blogspot.com

thaidn avatar Nov 17 '21 19:11 thaidn

thanks

i have to finish it first so hopefully in a week or two :+1:

Bastien-BO avatar Nov 19 '21 09:11 Bastien-BO

in my quest of writing this lib I'm facing an issue with the message decryption part.

to give you more insight to were i am:

Verify intermediate signing key => done Verify payload signature => done Decrypt payload content => doing

I have a hard time understanding what operations are done in the encryptedMessage decryption process. My understanding is that this process start with decrypt:

private String unsealECV2(String sealedMessage) throws GeneralSecurityException {
    JsonObject jsonMsg = JsonParser.parseString(sealedMessage).getAsJsonObject();
    validateECV2(jsonMsg);
    String signedMessage = verifyECV2(jsonMsg);
    String decryptedMessage = decrypt(signedMessage);
    validateMessage(decryptedMessage);
    return decryptedMessage;
  }

Is that true or am i totaly missing the actual way it works ? I'm a bit confuse about kem and dem, i don't understand what they are doing.

Bastien-BO avatar Nov 19 '21 10:11 Bastien-BO

Closing this due to inactivity. Please reopen this issue in https://github.com/tink-crypto/tink-py/issues if you have further questions/follow-up comments.

morambro avatar Jan 04 '24 10:01 morambro