Fixed #8 and #9, code clean-up

Author: jaaufauvre

Mastercard.Developer.ClientEncryption.Core/Encryption/JWE/JweEncryption.cs

@@ -8,26 +8,26 @@ namespace Mastercard.Developer.ClientEncryption.Core.Encryption.JWE
 {
     public static class JweEncryption
     {
-        private const string ALGORITHM = "RSA-OAEP-256";
-        private const string ENCRYPTION = "A256GCM";
-        private const string CONTENT_TYPE = "application/json";
+        private const string Algorithm = "RSA-OAEP-256";
+        private const string Encryption = "A256GCM";
+        private const string ContentType = "application/json";
 
         public static string EncryptPayload(string payload, JweConfig config)
         {
             try
             {
                 // Parse the given payload
-                JToken json = JObject.Parse(payload);
+                var payloadToken = JToken.Parse(payload);
 
                 // Encrypt
                 foreach (var entry in config.EncryptionPaths)
                 {
-                    string jsonPathIn = entry.Key;
-                    string jsonPathOut = entry.Value;
-                    json = EncryptPayloadPath(json, jsonPathIn, jsonPathOut, config);
+                    var jsonPathIn = entry.Key;
+                    var jsonPathOut = entry.Value;
+                    payloadToken = EncryptPayloadPath(payloadToken, jsonPathIn, jsonPathOut, config);
                 }
 
-                return json.ToString();
+                return payloadToken.ToString();
             }
             catch (Exception ex)
             {
@@ -40,16 +40,16 @@ public static string DecryptPayload(string payload, JweConfig config)
             try
             {
                 // Parse the given payload
-                JToken json = JObject.Parse(payload);
+                var payloadToken = JToken.Parse(payload);
 
                 // Perform decryption
                 foreach (var entry in config.DecryptionPaths)
                 {
-                    string jsonPathIn = entry.Key;
-                    string jsonPathOut = entry.Value;
-                    json = DecryptPayloadPath(json, jsonPathIn, jsonPathOut, config);
+                    var jsonPathIn = entry.Key;
+                    var jsonPathOut = entry.Value;
+                    payloadToken = DecryptPayloadPath(payloadToken, jsonPathIn, jsonPathOut, config);
                 }
-                return json.ToString();
+                return payloadToken.ToString();
             }
             catch (Exception ex)
             {
@@ -59,26 +59,26 @@ public static string DecryptPayload(string payload, JweConfig config)
 
         private static JToken DecryptPayloadPath(JToken payload, string jsonPathIn, string jsonPathOut, JweConfig config)
         {
-            JToken token = payload.SelectToken(jsonPathIn);
-            if (JsonUtils.IsNullOrEmptyJson( token ))
+            var token = payload.SelectToken(jsonPathIn);
+            if (JsonUtils.IsNullOrEmptyJson(token))
             {
                 // Nothing to decrypt
                 return payload;
             }
 
             // Read and remove encrypted data and encryption fields at the given JSON path
-            string encryptedValue = ReadAndDeleteJsonKey(payload, token, config.EncryptedValueFieldName);
+            var encryptedValue = ReadAndDeleteJsonKey(payload, token, config.EncryptedValueFieldName);
             if (string.IsNullOrEmpty(encryptedValue))
             {
                 // Nothing to decrypt
                 return payload;
             }
-            JweObject jweObject = JweObject.Parse(encryptedValue);
-            string decryptedValue = jweObject.Decrypt(config);
+            var jweObject = JweObject.Parse(encryptedValue);
+            var decryptedValue = jweObject.Decrypt(config);
 
             if ("$".Equals(jsonPathOut))
             {
-                return JObject.Parse(decryptedValue);
+                return JToken.Parse(decryptedValue);
             }
 
             JsonUtils.CheckOrCreateOutObject(payload, jsonPathOut);
@@ -95,30 +95,28 @@ private static JToken DecryptPayloadPath(JToken payload, string jsonPathIn, stri
 
         private static string ReadAndDeleteJsonKey(JToken context, JToken token, string key)
         {
-            if (!string.IsNullOrEmpty(key))
+            if (string.IsNullOrEmpty(key)) return token.ToString();
+            var value = context.SelectToken(key);
+            if (null != value && null != value.Parent)
             {
-                var value = context.SelectToken(key);
-                if (null != value && null != value.Parent)
-                {
-                    value.Parent.Remove();
-                }
+                value.Parent.Remove();
             }
             return token.ToString();
         }
 
         private static JToken EncryptPayloadPath(JToken json, string jsonPathIn, string jsonPathOut, JweConfig config)
         {
-            JToken token = json.SelectToken(jsonPathIn);
+            var token = json.SelectToken(jsonPathIn);
             if (JsonUtils.IsNullOrEmptyJson(token))
             {
                 // Nothing to encrypt
                 return json;
             }
 
             // Encode and encrypt
-            string inJsonString = JsonUtils.SanitizeJson(token.ToString(Formatting.None));
-            JweHeader header = new JweHeader(ALGORITHM, ENCRYPTION, config.EncryptionKeyFingerprint, CONTENT_TYPE);
-            string encrypted = JweObject.Encrypt(config, inJsonString, header);
+            var inJsonString = JsonUtils.SanitizeJson(token.ToString(Formatting.None));
+            var header = new JweHeader(Algorithm, Encryption, config.EncryptionKeyFingerprint, ContentType);
+            var encrypted = JweObject.Encrypt(config, inJsonString, header);
 
             // Delete data in the clear
             if ("$".Equals(jsonPathIn))
@@ -134,7 +132,7 @@ private static JToken EncryptPayloadPath(JToken json, string jsonPathIn, string
             JsonUtils.CheckOrCreateOutObject(json, jsonPathOut);
             var outJsonToken = json.SelectToken(jsonPathOut) as JObject;
             JsonUtils.AddOrReplaceJsonKey(outJsonToken, config.EncryptedValueFieldName, encrypted);
-            return outJsonToken;
+            return json;
         }
     }
 }

Mastercard.Developer.ClientEncryption.Core/Encryption/JWE/JweHeader.cs

@@ -1,5 +1,4 @@
-using System;
-using System.Text;
+using System.Text;
 using Newtonsoft.Json.Linq;
 using Mastercard.Developer.ClientEncryption.Core.Utils;
 #pragma warning disable 1591 // "Missing XML comment for publicly visible type or member."
@@ -8,15 +7,15 @@ namespace Mastercard.Developer.ClientEncryption.Core.Encryption.JWE
 {
     internal sealed class JweHeader
     {
-        const string ALGORITHM = "alg";
-        const string KEY_ID = "kid";
-        const string ENCRYPTION_ALGORITHM = "enc";
-        const string CONTENT_TYPE = "cty";
+        private const string Algorithm = "alg";
+        private const string KeyId = "kid";
+        private const string EncryptionAlgorithm = "enc";
+        private const string ContentType = "cty";
 
-        public string Enc { get; private set; }
-        public string Kid { get; private set; }
-        public string Alg { get; private set; }
-        public string Cty { get; private set; }
+        public string Enc { get; }
+        public string Kid { get; }
+        public string Alg { get; }
+        public string Cty { get; }
 
         public JweHeader(string alg, string enc, string kid, string cty)
         {
@@ -26,32 +25,27 @@ public JweHeader(string alg, string enc, string kid, string cty)
             Cty = cty;
         }
 
-        public JObject Json
-        {
-            get
-            {
-                return new JObject(
-                    new JProperty(KEY_ID, Kid),
-                    new JProperty(CONTENT_TYPE, Cty),
-                    new JProperty(ENCRYPTION_ALGORITHM, Enc),
-                    new JProperty(ALGORITHM, Alg)
-                );
-            }
-        }
+        public JObject Json =>
+            new JObject(
+                new JProperty(KeyId, Kid),
+                new JProperty(ContentType, Cty),
+                new JProperty(EncryptionAlgorithm, Enc),
+                new JProperty(Algorithm, Alg)
+            );
 
-        public static JweHeader Parse(String encoded)
+        public static JweHeader Parse(string encoded)
         {
             // Decode and parse the string
-            byte[] decoded = Base64Utils.URLDecode(encoded);
-            string json = Encoding.UTF8.GetString(decoded);
-            JObject jobject = JObject.Parse(json);
+            var decoded = Base64Utils.URLDecode(encoded);
+            var json = Encoding.UTF8.GetString(decoded);
+            var jobject = JObject.Parse(json);
 
             // Wrap it up
             return new JweHeader(
-                ((string)jobject[ALGORITHM]),
-                ((string)jobject[ENCRYPTION_ALGORITHM]),
-                ((string)jobject[KEY_ID]),
-                ((string)jobject[CONTENT_TYPE])
+                ((string)jobject[Algorithm]),
+                ((string)jobject[EncryptionAlgorithm]),
+                ((string)jobject[KeyId]),
+                ((string)jobject[ContentType])
             );
         }
     }

Mastercard.Developer.ClientEncryption.Core/Encryption/JWE/JweObject.cs

@@ -21,52 +21,51 @@ internal class JweObject
 
         public string Decrypt(JweConfig config)
         {
-            byte[] unwrappedKey = RsaEncryption.UnwrapSecretKey(config, Base64Utils.URLDecode(EncryptedKey), "SHA-256");
+            var unwrappedKey = RsaEncryption.UnwrapSecretKey(config, Base64Utils.URLDecode(EncryptedKey), "SHA-256");
             if (unwrappedKey == null)
             {
-                throw new EncryptionException(String.Format("Failed to unwrap key {0}", EncryptedKey));
+                throw new EncryptionException($"Failed to unwrap key {EncryptedKey}");
             }
 
-            string encryptionMethod = Header.Enc;
+            var encryptionMethod = Header.Enc;
 
             byte[] plaintext;
-            if (A256GCM.Equals(encryptionMethod))
+            switch (encryptionMethod)
             {
-                plaintext = AesGcm.Decrypt(unwrappedKey, this);
-            }
-            else if (A128CBC_HS256.Equals(encryptionMethod))
-            {
-                plaintext = AesCbc.Decrypt(unwrappedKey, this);
-            }
-            else
-            {
-                throw new EncryptionException(String.Format("Encryption method {0} is not supported", encryptionMethod));
+                case A256GCM:
+                    plaintext = AesGcm.Decrypt(unwrappedKey, this);
+                    break;
+                case A128CBC_HS256:
+                    plaintext = AesCbc.Decrypt(unwrappedKey, this);
+                    break;
+                default:
+                    throw new EncryptionException($"Encryption method {encryptionMethod} is not supported");
             }
             return Encoding.UTF8.GetString(plaintext);
         }
 
-        public static string Encrypt(JweConfig config, String payload, JweHeader header)
+        public static string Encrypt(JweConfig config, string payload, JweHeader header)
         {
-            byte[] cek = AesEncryption.GenerateCek(256);
-            byte[] encryptedSecretKeyBytes = RsaEncryption.WrapSecretKey(config.EncryptionCertificate.GetRSAPublicKey(), cek, "SHA-256");
-            string encryptedKey = Base64Utils.URLEncode(encryptedSecretKeyBytes);
+            var cek = AesEncryption.GenerateCek(256);
+            var encryptedSecretKeyBytes = RsaEncryption.WrapSecretKey(config.EncryptionCertificate.GetRSAPublicKey(), cek, "SHA-256");
+            var encryptedKey = Base64Utils.URLEncode(encryptedSecretKeyBytes);
 
-            byte[] iv = AesEncryption.GenerateIV();
-            byte[] payloadBytes = Encoding.UTF8.GetBytes(payload);
+            var iv = AesEncryption.GenerateIV();
+            var payloadBytes = Encoding.UTF8.GetBytes(payload);
 
-            string headerString = header.Json.ToString();
-            string encodedHeader = Base64Utils.URLEncode(Encoding.UTF8.GetBytes(headerString));
-            byte[] aad = Encoding.ASCII.GetBytes(encodedHeader);
+            var headerString = header.Json.ToString();
+            var encodedHeader = Base64Utils.URLEncode(Encoding.UTF8.GetBytes(headerString));
+            var aad = Encoding.ASCII.GetBytes(encodedHeader);
 
             var encrypted = AesGcm.Encrypt(cek, iv, payloadBytes, aad);
             return Serialize(encodedHeader, encryptedKey, Base64Utils.URLEncode(iv), Base64Utils.URLEncode(encrypted.Ciphertext), Base64Utils.URLEncode(encrypted.AuthTag));
         }
 
-        public static JweObject Parse(String encryptedPayload)
+        public static JweObject Parse(string encryptedPayload)
         {
-            string[] fields = encryptedPayload.Trim().Split('.');
+            var fields = encryptedPayload.Trim().Split('.');
 
-            JweObject jweObject = new JweObject();
+            var jweObject = new JweObject();
             jweObject.RawHeader = fields[0];
             jweObject.Header = JweHeader.Parse(jweObject.RawHeader);
             jweObject.EncryptedKey = fields[1];

Mastercard.Developer.ClientEncryption.Tests/Net4x/Mastercard.Developer.ClientEncryption.Tests.Net4x.csproj

@@ -63,6 +63,9 @@
     <Compile Include="..\NetCore2\Encryption\JweConfigBuilderTest.cs">
       <Link>Encryption\JweConfigBuilderTest.cs</Link>
     </Compile>
+    <Compile Include="..\NetCore2\Encryption\JWE\JweEncryptionTest.cs">
+      <Link>Encryption\JWE\JweEncryptionTest.cs</Link>
+    </Compile>
     <Compile Include="..\NetCore2\Interceptors\RestResponseDouble.cs">
       <Link>Interceptors\RestResponseDouble.cs</Link>
     </Compile>

Mastercard.Developer.ClientEncryption.Tests/Net5/Mastercard.Developer.ClientEncryption.Tests.Net5.csproj

@@ -60,6 +60,9 @@
     </Compile> 
     <Compile Include="..\NetCore2\Encryption\JWE\JweHeaderTest.cs">
         <Link>Encryption\JWE\JweHeaderTest.cs</Link>
+    </Compile>    
+    <Compile Include="..\NetCore2\Encryption\JWE\JweEncryptionTest.cs">
+      <Link>Encryption\JWE\JweEncryptionTest.cs</Link>
     </Compile>
     <Compile Include="..\NetCore2\Encryption\RSA\RsaEncryptionTest.cs">
       <Link>Encryption\RSA\RsaEncryptionTest.cs</Link>