rust/hyperswitch
1
0
Fork 0
mirror of https://github.com/juspay/hyperswitch.git synced 2025-11-02 04:04:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore(cards): add configuration option to change the decryption scheme locker (#5140)

Browse Source 
Co-authored-by: Shakthidhar Bhaskar <shakthidhar.bhaskar@juspay.in>
This commit is contained in:
Nishant Joshi
2024-06-28 15:08:07 +05:30
committed by GitHub
parent 6df8f0646b
commit d2626fa3fe
5 changed files with 58 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
crates/router/src/core/blocklist/transformers.rs
View File

@ -144,11 +144,15 @@ async fn call_to_locker_for_fingerprint(
.get_response_inner("JweBody")
.change_context(errors::VaultError::GenerateFingerprintFailed)?;
let decrypted_payload =
decrypt_generate_fingerprint_response_payload(jwekey, jwe_body, Some(locker_choice))
.await
.change_context(errors::VaultError::GenerateFingerprintFailed)
.attach_printable("Error getting decrypted fingerprint response payload")?;
let decrypted_payload = decrypt_generate_fingerprint_response_payload(
jwekey,
jwe_body,
Some(locker_choice),
locker.decryption_scheme.clone(),
)
.await
.change_context(errors::VaultError::GenerateFingerprintFailed)
.attach_printable("Error getting decrypted fingerprint response payload")?;
let generate_fingerprint_response: blocklist::GenerateFingerprintResponsePayload =
decrypted_payload
.parse_struct("GenerateFingerprintResponse")
@ -159,9 +163,9 @@ async fn call_to_locker_for_fingerprint(
async fn decrypt_generate_fingerprint_response_payload(
jwekey: &settings::Jwekey,
jwe_body: encryption::JweBody,
locker_choice: Option<api_enums::LockerChoice>,
decryption_scheme: settings::DecryptionScheme,
) -> CustomResult<String, errors::VaultError> {
let target_locker = locker_choice.unwrap_or(api_enums::LockerChoice::HyperswitchCardVault);
@ -174,7 +178,10 @@ async fn decrypt_generate_fingerprint_response_payload(
let private_key = jwekey.vault_private_key.peek().as_bytes();
let jwt = payment_methods::get_dotted_jwe(jwe_body);
let alg = jwe::RSA_OAEP;
let alg = match decryption_scheme {
settings::DecryptionScheme::RsaOaep => jwe::RSA_OAEP,
settings::DecryptionScheme::RsaOaep256 => jwe::RSA_OAEP_256,
};
let jwe_decrypted = encryption::decrypt_jwe(
&jwt,

43
crates/router/src/core/payment_methods/cards.rs
View File

@ -1325,11 +1325,15 @@ pub async fn get_payment_method_from_hs_locker<'a>(
let jwe_body: services::JweBody = response
.get_response_inner("JweBody")
.change_context(errors::VaultError::FetchPaymentMethodFailed)?;
let decrypted_payload =
payment_methods::get_decrypted_response_payload(jwekey, jwe_body, locker_choice)
.await
.change_context(errors::VaultError::FetchPaymentMethodFailed)
.attach_printable("Error getting decrypted response payload for get card")?;
let decrypted_payload = payment_methods::get_decrypted_response_payload(
jwekey,
jwe_body,
locker_choice,
locker.decryption_scheme.clone(),
)
.await
.change_context(errors::VaultError::FetchPaymentMethodFailed)
.attach_printable("Error getting decrypted response payload for get card")?;
let get_card_resp: payment_methods::RetrieveCardResp = decrypted_payload
.parse_struct("RetrieveCardResp")
.change_context(errors::VaultError::FetchPaymentMethodFailed)
@ -1378,11 +1382,15 @@ pub async fn call_to_locker_hs<'a>(
.get_response_inner("JweBody")
.change_context(errors::VaultError::FetchCardFailed)?;
let decrypted_payload =
payment_methods::get_decrypted_response_payload(jwekey, jwe_body, Some(locker_choice))
.await
.change_context(errors::VaultError::SaveCardFailed)
.attach_printable("Error getting decrypted response payload")?;
let decrypted_payload = payment_methods::get_decrypted_response_payload(
jwekey,
jwe_body,
Some(locker_choice),
locker.decryption_scheme.clone(),
)
.await
.change_context(errors::VaultError::SaveCardFailed)
.attach_printable("Error getting decrypted response payload")?;
let stored_card_resp: payment_methods::StoreCardResp = decrypted_payload
.parse_struct("StoreCardResp")
.change_context(errors::VaultError::ResponseDeserializationFailed)?;
@ -1459,11 +1467,15 @@ pub async fn get_card_from_hs_locker<'a>(
let jwe_body: services::JweBody = response
.get_response_inner("JweBody")
.change_context(errors::VaultError::FetchCardFailed)?;
let decrypted_payload =
payment_methods::get_decrypted_response_payload(jwekey, jwe_body, Some(locker_choice))
.await
.change_context(errors::VaultError::FetchCardFailed)
.attach_printable("Error getting decrypted response payload for get card")?;
let decrypted_payload = payment_methods::get_decrypted_response_payload(
jwekey,
jwe_body,
Some(locker_choice),
locker.decryption_scheme.clone(),
)
.await
.change_context(errors::VaultError::FetchCardFailed)
.attach_printable("Error getting decrypted response payload for get card")?;
let get_card_resp: payment_methods::RetrieveCardResp = decrypted_payload
.parse_struct("RetrieveCardResp")
.change_context(errors::VaultError::FetchCardFailed)?;
@ -1513,6 +1525,7 @@ pub async fn delete_card_from_hs_locker<'a>(
jwekey,
jwe_body,
Some(api_enums::LockerChoice::HyperswitchCardVault),
locker.decryption_scheme.clone(),
)
.await
.change_context(errors::ApiErrorResponse::InternalServerError)

6
crates/router/src/core/payment_methods/transformers.rs
View File

@ -199,6 +199,7 @@ pub async fn get_decrypted_response_payload(
jwekey: &settings::Jwekey,
jwe_body: encryption::JweBody,
locker_choice: Option<api_enums::LockerChoice>,
decryption_scheme: settings::DecryptionScheme,
) -> CustomResult<String, errors::VaultError> {
let target_locker = locker_choice.unwrap_or(api_enums::LockerChoice::HyperswitchCardVault);
@ -211,7 +212,10 @@ pub async fn get_decrypted_response_payload(
let private_key = jwekey.vault_private_key.peek().as_bytes();
let jwt = get_dotted_jwe(jwe_body);
let alg = jwe::RSA_OAEP;
let alg = match decryption_scheme {
settings::DecryptionScheme::RsaOaep => jwe::RSA_OAEP,
settings::DecryptionScheme::RsaOaep256 => jwe::RSA_OAEP_256,
};
let jwe_decrypted = encryption::decrypt_jwe(
&jwt,