Updated README for arrays encryption and decryption using JWE

Mastercard · Oct 24, 2023 · ca0a2fd · ca0a2fd
1 parent 17a837b
commit ca0a2fd
Showing 1 changed file with 81 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -240,6 +240,7 @@ Output:
 - [Encrypting Entire Payloads](#encrypting-entire-payloads-jwe)
 - [Decrypting Entire Payloads](#decrypting-entire-payloads-jwe)
 - [First Level Field Encryption and Decryption](#encrypting-decrypting-first-level-field-jwe)
+- [Arrays Encryption and Decryption](#encrypting-decrypting-arrays-jwe)
 
 ##### • Introduction <a name="jwe-introduction"></a>
 
@@ -547,6 +548,86 @@ Output:
 }
 ```
 
+##### • Arrays Encryption and Decryption <a name="encrypting-decrypting-arrays-jwe"></a>
+
+To encrypt or decrypt values or fields in an array, use * wildcard in a path instead of array index. Multiple * wildcards can be used in the path if there are multiple nested arrays.
+
+Example of configuration:
+
+```js
+const config = {
+  paths: [
+    {
+      path: "/resource1",
+      toEncrypt: [
+        {
+          /* path to element to be encrypted in request json body */
+          element: "*.sensitive",
+          /* path to object where to store encryption fields in request json body */
+          obj: "*.encryptedData",
+        },
+      ],
+      toDecrypt: [
+        {
+          /* path to element where to store decrypted fields in response object */
+          element: "*.encryptedData",
+          /* path to object with encryption fields */
+          obj: "*.sensitive",
+        },
+      ],
+    },
+  ],
+  mode: "JWE",
+  encryptedValueFieldName: "encryptedData",
+  encryptionCertificate: "./path/to/public.cert",
+  privateKey: "./path/to/your/private.key",
+};
+```
+
+Example of encryption:
+
+```js
+const payload = [
+  { sensitive: "this is a secret!" },
+  { sensitive: "this is a top secret!" }
+];
+const jwe = new (require("mastercard-client-encryption").JweEncryption)(config);
+// …
+let responsePayload = jwe.encrypt("/resource1", header, payload);
+```
+
+Output:
+
+```json
+[
+  { "encryptedData": "eyJraWQiOiI3NjFiMDAzYzFlYWRlM….Y+oPYKZEMTKyYcSIVEgtQw" },
+  { "encryptedData": "eyJraWQiOiI3NjFiMDAzYzFlYWRlM….oL3IRuF-n28KZfTIC6z2KQ" }
+]
+```
+
+Example of decryption:
+
+```js
+const response = {};
+response.request = { url: "/resource1" };
+response.body =
+  "[" +
+  '    { "encryptedData": "eyJraWQiOiI3NjFiMDAzYzFlYWRlM….Y+oPYKZEMTKyYcSIVEgtQw" },' +
+  '    { "encryptedData": "eyJraWQiOiI3NjFiMDAzYzFlYWRlM….oL3IRuF-n28KZfTIC6z2KQ" }' +
+  "]";
+const jwe = new (require("mastercard-client-encryption").JweEncryption)(config);
+let responsePayload = jwe.decrypt(response);
+```
+
+Output:
+
+```json
+[
+  { "sensitive": "this is a secret!" },
+  { "sensitive": "this is a top secret!" }
+]
+```
+
 ### Integrating with OpenAPI Generator API Client Libraries <a name="integrating-with-openapi-generator-api-client-libraries"></a>
 
 [OpenAPI Generator](https://github.com/OpenAPITools/openapi-generator) generates API client libraries from [OpenAPI Specs](https://github.com/OAI/OpenAPI-Specification).