feat: create key in encryption service for merchant and user (#4910)

Co-authored-by: Arjun Karthik <m.arjunkarthik@gmail.com> Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com>
2025-10-31 18:17:13 +08:00 · 2024-07-11 20:39:40 +05:30
parent f63a678d71
commit 43741df4a7
35 changed files with 668 additions and 7 deletions
--- a/crates/router/src/core/encryption.rs
+++ b/crates/router/src/core/encryption.rs
@ -0,0 +1,55 @@
+use base64::Engine;
+use common_utils::{
+    keymanager::transfer_key_to_key_manager,
+    types::keymanager::{EncryptionTransferRequest, Identifier},
+};
+use error_stack::ResultExt;
+use hyperswitch_domain_models::merchant_key_store::MerchantKeyStore;
+use masking::ExposeInterface;
+
+use crate::{consts::BASE64_ENGINE, errors, types::domain::UserKeyStore, SessionState};
+
+pub async fn transfer_encryption_key(
+    state: &SessionState,
+) -> errors::CustomResult<usize, errors::ApiErrorResponse> {
+    let db = &*state.store;
+    let key_stores = db
+        .get_all_key_stores(&db.get_master_key().to_vec().into())
+        .await
+        .change_context(errors::ApiErrorResponse::InternalServerError)?;
+    send_request_to_key_service_for_merchant(state, key_stores).await
+}
+
+pub async fn send_request_to_key_service_for_merchant(
+    state: &SessionState,
+    keys: Vec<MerchantKeyStore>,
+) -> errors::CustomResult<usize, errors::ApiErrorResponse> {
+    futures::future::try_join_all(keys.into_iter().map(|key| async move {
+        let key_encoded = BASE64_ENGINE.encode(key.key.clone().into_inner().expose());
+        let req = EncryptionTransferRequest {
+            identifier: Identifier::Merchant(key.merchant_id.clone()),
+            key: key_encoded,
+        };
+        transfer_key_to_key_manager(&state.into(), req).await
+    }))
+    .await
+    .change_context(errors::ApiErrorResponse::InternalServerError)
+    .map(|v| v.len())
+}
+
+pub async fn send_request_to_key_service_for_user(
+    state: &SessionState,
+    keys: Vec<UserKeyStore>,
+) -> errors::CustomResult<usize, errors::ApiErrorResponse> {
+    futures::future::try_join_all(keys.into_iter().map(|key| async move {
+        let key_encoded = BASE64_ENGINE.encode(key.key.clone().into_inner().expose());
+        let req = EncryptionTransferRequest {
+            identifier: Identifier::User(key.user_id.clone()),
+            key: key_encoded,
+        };
+        transfer_key_to_key_manager(&state.into(), req).await
+    }))
+    .await
+    .change_context(errors::ApiErrorResponse::InternalServerError)
+    .map(|v| v.len())
+}