This library is for use with Braintree's payment gateway in concert with one of the supported client libraries. It encrypts sensitive payment information using the public key of an asymmetric key pair.
In your build.gradle
, add the following:
dependencies {
...
compile 'com.braintreepayments:encryption:2.+'
}
In your pom.xml
add the following:
<dependencies>
...
<dependency>
<groupId>com.braintreepayments</groupId>
<artifactId>encryption</artifactId>
<version>[2.0,)</version>
<type>jar</type>
</dependency>
</dependencies>
Download the jar file and include it in your project.
Configure the library to use your public key.
Braintree braintree = new Braintree("YOUR_CLIENT_SIDE_PUBLIC_ENCRYPTION_KEY");
And call the encrypt
method passing in the data you wish to be encrypted.
String encryptedValue = braintree.encrypt("sensitiveValue");
Because we are using asymmetric encryption, you will be unable to decrypt the data you have
encrypted using your public encryption key. Only the Braintree Gateway will be able to decrypt
these encrypted values. This means that encryptedValue
is now safe to pass through your servers
to be used in the Server-to-Server API of one of our client libraries.
When Client-Side encryption is enabled for your Braintree Gateway account, a key pair is generated and you are given a specially formatted version of the public key.
The normal use case for this library is to encrypt a credit card number and CVV code before a form is submitted to your servers. A simple example of this in Android might look something like this:
public class BraintreeActivity extends Activity {
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
}
public void submitForm(View view) {
String ccNumber = encryptFormField(creditCard);
String ccExpDate = encryptFormField(expirationDate);
String ccCvv = encryptFormField(cvv);
postTask = new PostToMerchantServerTask();
postTask.execute(new String[] { ccNumber, ccExpDate, ccCvv });
}
private String getFieldText(EditText field) {
return new String(field.getText().toString());
}
private String encryptFormField(View formField) {
String formFieldText = getFieldText((EditText) formField);
Braintree braintree = new Braintree(publicKey);
try {
return braintree.encrypt(formFieldText);
} catch(BraintreeEncryptionException e) {
throw new RuntimeException("Encryption failed!");
}
}
}
braintree_android_encryption is open source and available under the MIT license. See the LICENSE file for more info.