rust/hyperswitch
1
0
Fork 0
mirror of https://github.com/juspay/hyperswitch.git synced 2025-10-30 01:27:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor(core): use HMAC-SHA512 to calculate payments response hash (#1302)

Browse Source
This commit is contained in:
Shankar Singh C
2023-05-31 13:21:39 +05:30
committed by GitHub
parent 0be900d238
commit 7032ea8494
3 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crates/router/src/core/admin.rs
View File

@ -129,7 +129,7 @@ pub async fn create_merchant_account(
let payment_response_hash_key = req let payment_response_hash_key = req
.payment_response_hash_key .payment_response_hash_key
.or(Some(generate_cryptographically_secure_random_string(32))); .or(Some(generate_cryptographically_secure_random_string(64)));
db.insert_merchant_key_store(key_store) db.insert_merchant_key_store(key_store)
.await .await

10
crates/router/src/core/payments/helpers.rs
View File

@ -1242,14 +1242,14 @@ pub fn make_url_with_signature(
.payment_response_hash_key .payment_response_hash_key
.as_ref() .as_ref()
.get_required_value("payment_response_hash_key")?; .get_required_value("payment_response_hash_key")?;
let signature = hmac_sha256_sorted_query_params( let signature = hmac_sha512_sorted_query_params(
&mut url.query_pairs().collect::<Vec<_>>(), &mut url.query_pairs().collect::<Vec<_>>(),
key.as_str(), key.as_str(),
)?; )?;
url.query_pairs_mut() url.query_pairs_mut()
.append_pair("signature", &signature) .append_pair("signature", &signature)
.append_pair("signature_algorithm", "HMAC-SHA256"); .append_pair("signature_algorithm", "HMAC-SHA512");
url.to_owned() url.to_owned()
} else { } else {
url.to_owned() url.to_owned()
@ -1275,7 +1275,7 @@ pub fn make_url_with_signature(
}) })
} }
pub fn hmac_sha256_sorted_query_params( pub fn hmac_sha512_sorted_query_params(
params: &mut [(Cow<'_, str>, Cow<'_, str>)], params: &mut [(Cow<'_, str>, Cow<'_, str>)],
key: &str, key: &str,
) -> RouterResult<String> { ) -> RouterResult<String> {
@ -1286,8 +1286,8 @@ pub fn hmac_sha256_sorted_query_params(
.collect::<Vec<_>>() .collect::<Vec<_>>()
.join("&"); .join("&");
let signature = crypto::HmacSha256::sign_message( let signature = crypto::HmacSha512::sign_message(
&crypto::HmacSha256, &crypto::HmacSha512,
key.as_bytes(), key.as_bytes(),
final_string.as_bytes(), final_string.as_bytes(),
) )

2
crates/router/src/lib.rs
View File

@ -64,7 +64,7 @@ pub mod headers {
pub const X_CC_VERSION: &str = "X-CC-Version"; pub const X_CC_VERSION: &str = "X-CC-Version";
pub const X_ACCEPT_VERSION: &str = "X-Accept-Version"; pub const X_ACCEPT_VERSION: &str = "X-Accept-Version";
pub const X_DATE: &str = "X-Date"; pub const X_DATE: &str = "X-Date";
pub const X_WEBHOOK_SIGNATURE: &str = "X-Webhook-Signature"; pub const X_WEBHOOK_SIGNATURE: &str = "X-Webhook-Signature-512";
} }
pub mod pii { pub mod pii {