Aes256GcmDecrypt
Decrypt AES256GCM-encrypted data in Apple Pay Payment Tokens.
This library is necessary for Ruby < 2.4 (if you use the stdlib openssl rather than the openssl gem), as the OpenSSL bindings do not support setting the length of the initialisation vector (IV). Setting the IV length is necessary for decrypting Apple Pay data.
The library becomes obsolete when we start using Ruby >= 2.4.
Usage
bundle install
bundle exec rake test
irb -r base64 -I lib -r aes256gcm_decrypt
ciphertext_and_tag = Base64.decode64(File.read('spec/token_data_base64.txt'))
key = [File.read('spec/key_hex.txt').strip].pack('H*')
begin
puts Aes256GcmDecrypt::decrypt(ciphertext_and_tag, key)
rescue Aes256GcmDecrypt::AuthenticationError => e
# somebody is up to something
rescue Aes256GcmDecrypt::Error => e
# super class for the possible errors; Aes256GcmDecrypt::InputError and
# Aes256GcmDecrypt::OpenSSLError are left, i.e. either you supplied invalid
# input or we got an unexpected error from OpenSSL
end
See also the specs.