feat(connectors): [Redsys] add 3D secure card payment support, including transaction capture, cancellation, and refunds (#7508)

Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com>
2025-10-29 00:49:42 +08:00 · 2025-03-21 15:08:44 +05:30
parent 0efeaa890f
commit a1ecce8f25
58 changed files with 3153 additions and 536 deletions
--- a/crates/common_utils/src/crypto.rs
+++ b/crates/common_utils/src/crypto.rs
@ -416,6 +416,57 @@ impl VerifySignature for Sha256 {
    }
 }

+/// TripleDesEde3 hash function
+#[derive(Debug)]
+#[cfg(feature = "crypto_openssl")]
+pub struct TripleDesEde3CBC {
+    padding: common_enums::CryptoPadding,
+    iv: Vec<u8>,
+}
+
+#[cfg(feature = "crypto_openssl")]
+impl TripleDesEde3CBC {
+    const TRIPLE_DES_KEY_LENGTH: usize = 24;
+    /// Initialization Vector (IV) length for TripleDesEde3
+    pub const TRIPLE_DES_IV_LENGTH: usize = 8;
+
+    /// Constructor function to be used by the encryptor and decryptor to generate the data type
+    pub fn new(
+        padding: Option<common_enums::CryptoPadding>,
+        iv: Vec<u8>,
+    ) -> Result<Self, errors::CryptoError> {
+        if iv.len() != Self::TRIPLE_DES_IV_LENGTH {
+            Err(errors::CryptoError::InvalidIvLength)?
+        };
+        let padding = padding.unwrap_or(common_enums::CryptoPadding::PKCS7);
+        Ok(Self { iv, padding })
+    }
+}
+
+#[cfg(feature = "crypto_openssl")]
+impl EncodeMessage for TripleDesEde3CBC {
+    fn encode_message(
+        &self,
+        secret: &[u8],
+        msg: &[u8],
+    ) -> CustomResult<Vec<u8>, errors::CryptoError> {
+        if secret.len() != Self::TRIPLE_DES_KEY_LENGTH {
+            Err(errors::CryptoError::InvalidKeyLength)?
+        }
+        let mut buffer = msg.to_vec();
+
+        if let common_enums::CryptoPadding::ZeroPadding = self.padding {
+            let pad_len = Self::TRIPLE_DES_IV_LENGTH - (buffer.len() % Self::TRIPLE_DES_IV_LENGTH);
+            if pad_len != Self::TRIPLE_DES_IV_LENGTH {
+                buffer.extend(vec![0u8; pad_len]);
+            }
+        };
+        let cipher = openssl::symm::Cipher::des_ede3_cbc();
+        openssl::symm::encrypt(cipher, secret, Some(&self.iv), &buffer)
+            .change_context(errors::CryptoError::EncodingFailed)
+    }
+}
+
 /// Generate a random string using a cryptographically secure pseudo-random number generator
 /// (CSPRNG). Typically used for generating (readable) keys and passwords.
 #[inline]
--- a/crates/common_utils/src/errors.rs
+++ b/crates/common_utils/src/errors.rs
@ -95,6 +95,12 @@ pub enum CryptoError {
    /// The cryptographic algorithm was unable to verify the given signature
    #[error("Failed to verify signature")]
    SignatureVerificationFailed,
+    /// The provided key length is invalid for the cryptographic algorithm
+    #[error("Invalid key length")]
+    InvalidKeyLength,
+    /// The provided IV length is invalid for the cryptographic algorithm
+    #[error("Invalid IV length")]
+    InvalidIvLength,
 }

 /// Errors for Qr code handling