Problems doing direct decryption in server side

41 views
Skip to first unread message

Christian Valencia

unread,
Jan 9, 2025, 10:55:29 AMJan 9
to tink-users
hi, currently I'm facing an error when I'm trying to decrypt a token, I'm using this guide to generate the public and private keys https://developers.google.com/pay/api/web/guides/resources/payment-data-cryptography#public-key-format
I added the public one to the console and implemented the Tink library
image (5).png 
but I'm getting this error

java.security.GeneralSecurityException: cannot verify signature
at com.google.crypto.tink.apps.paymentmethodtoken.PaymentMethodTokenRecipient.verify(PaymentMethodTokenRecipient.java:471)
at com.google.crypto.tink.apps.paymentmethodtoken.PaymentMethodTokenRecipient.verifyIntermediateSigningKey(PaymentMethodTokenRecipient.java:545)
at com.google.crypto.tink.apps.paymentmethodtoken.PaymentMethodTokenRecipient.verifyECV2(PaymentMethodTokenRecipient.java:411)
at com.google.crypto.tink.apps.paymentmethodtoken.PaymentMethodTokenRecipient.unsealECV2(PaymentMethodTokenRecipient.java:375)
at com.google.crypto.tink.apps.paymentmethodtoken.PaymentMethodTokenRecipient.unseal(PaymentMethodTokenRecipient.java:352)
at com.test.googlepay.GooglepayApplication.main(GooglepayApplication.java:61)


and this is the implementation:

String decryptedMessage =
new PaymentMethodTokenRecipient.Builder()
.fetchSenderVerifyingKeysWith(GooglePaymentsPublicKeysManager.INSTANCE_TEST)
.recipientId("merchant:MerchantId")
.protocolVersion("ECv2")
.addRecipientPrivateKey(privateKey)
.build()
.unseal(encryptedText);

Do you know what I'm doing wrong?
Reply all
Reply to author
Forward
0 new messages