The following presents instructions of coding with Go of Tink library for Google Pay gateway/processor partners. The sample Go code uses Java Native Interface (JNI) to create API bridge allowing Java code to be called by native Go applications.
Download and decompress “TinkJNIGo” under $GOPATH/. Please also ensure:
- GCC is installed
- Java Runtime Environment 8 or later is installed
- Go is installed
- File main.go and directory tinkjni are placed under $GOPATH/
Get package timob/jnigi
go get github.com/timob/jnigiNote: please ignore the message complaining that jni.h and jni_md.h cannot be found
Copy jni.h, /jni_md.h from $JAVA_HOME to $GOPATH/github.com/timob/jnigi
cp $JAVA_HOME/include/jni.h $GOPATH/github.com/timob/jnigi/jni.h
cp $JAVA_HOME/include/linux/jni_md.h $GOPATH/github.com/timob/jnigi/jni_md.hOnce again, get package timob/jnigi
go get github.com/timob/jnigiModify settings in tinkjni/conf.json to fit your environment
{
"//" : "JVM Library - path to libjvm.so (Linux), libjvm.dylib (mac), jvm.dll (Windows)",
"JVMLibraryPath": "/usr/lib/jvm/default-java/lib/server/libjvm.so",
"//" : "ECv1 or ECv2",
"ProtocolVersion" : "ECv2",
"//" : "Base64-encoded Google signing key",
"GoogleSigningKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGnJ7Yo1sX9b4kr4Aa5uq58JRQfzD8bIJXw7WXaap\\/hVE+PnFxvjx4nVxt79SdRuUVeu++HZD0cGAv4IOznc96w==",
"//" : "Recipient Id format - gateway:<name of your gateway>",
"RecipientId" : "gateway:example",
"//" : "Base64-encoded PKCS8 private key generated by gateway",
"RecipientPrivateKey" : "your base64-encoded PKCS8 private key"
}IMPORTANT NOTES
For PRODUCTION environment, it is advisable to fetch the Private Key from Hardware Security Module (HSM) or Environment Variables instead of storing it as plain text in config files.
For Google Signing Key, please refresh it annually as part of your own annual key rotation. The Google Signing Key can be downloaded from below URLs: Test: https://payments.developers.google.com/paymentmethodtoken/test/keys.json Production: https://payments.developers.google.com/paymentmethodtoken/keys.json
Generate a sample token using Token Generator on TEST environment and place it in variable sampleToken of main.go
Run main.go and the output shall contain the decrypted data