Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(core): generate response hash key if not specified in create merchant account request #1232

Merged
merged 2 commits into from
May 23, 2023
Merged

refactor(core): generate response hash key if not specified in create merchant account request #1232

merged 2 commits into from
May 23, 2023

Conversation

ShankarSinghC
Copy link
Contributor

@ShankarSinghC ShankarSinghC commented May 22, 2023
edited
Loading

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

create a hash key if it is not present, which will be used by merchant to verify if the response is coming from hyperswitch

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

How did you test it?

Hash key generated screenshots
Screenshot 2023-05-23 at 11 03 00 AM

Screenshot 2023-05-23 at 11 07 51 AM

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed submitted code
  • I added unit tests for my changes where possible
  • I added a CHANGELOG entry if applicable

@ShankarSinghC ShankarSinghC requested a review from a team as a code owner May 22, 2023 17:26
@ShankarSinghC ShankarSinghC added A-core Area: Core flows S-waiting-on-review Status: This PR has been implemented and needs to be reviewed C-refactor Category: Refactor labels May 22, 2023
@ShankarSinghC ShankarSinghC self-assigned this May 22, 2023
@SanchithHegde
Copy link
Member

Assuming that the hash algorithm used for calculating the signature is HMAC-SHA256 (based on this snippet), using UUID v4 as the hash key is definitely a bad idea, UUIDs must not be used for any cryptographic purposes at all. Consider using a CSPRNG to securely generate a random string instead, of length 32 or 64 characters. You can use the generate_cryptographically_secure_random_string() utility function for the same.

hyperswitch/crates/common_utils/src/crypto.rs

Lines 305 to 312 in c1b631b

/// Generate a random string using a cryptographically secure pseudo-random number generator
/// (CSPRNG). Typically used for generating (readable) keys and passwords.
#[inline]
pub fn generate_cryptographically_secure_random_string(length: usize) -> String {
use rand::distributions::DistString;
rand::distributions::Alphanumeric.sample_string(&mut rand::rngs::OsRng, length)
}

@SanchithHegde SanchithHegde added S-waiting-on-author Status: This PR is incomplete or needs to address review comments and removed S-waiting-on-review Status: This PR has been implemented and needs to be reviewed labels May 22, 2023
@ShankarSinghC ShankarSinghC added S-waiting-on-review Status: This PR has been implemented and needs to be reviewed R-waiting-on-L1 Review: Waiting on L1 reviewer and removed S-waiting-on-author Status: This PR is incomplete or needs to address review comments S-waiting-on-review Status: This PR has been implemented and needs to be reviewed labels May 23, 2023
@ShankarSinghC ShankarSinghC added this to the May 2023 Release milestone May 23, 2023
@SanchithHegde SanchithHegde changed the title refactor(core): Generate hash key refactor(core): generate response hash key if not specified in create merchant account request May 23, 2023
@Narayanbhat166 Narayanbhat166 added this pull request to the merge queue May 23, 2023
@SanchithHegde SanchithHegde added S-ready-for-merge and removed R-waiting-on-L1 Review: Waiting on L1 reviewer labels May 23, 2023
Merged via the queue into main with commit 7b74cab May 23, 2023
@SanchithHegde SanchithHegde deleted the hash_key_gen branch May 23, 2023 09:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SanchithHegde SanchithHegde SanchithHegde approved these changes

@Narayanbhat166 Narayanbhat166 Narayanbhat166 approved these changes

Assignees

@ShankarSinghC ShankarSinghC

Labels
A-core Area: Core flows C-refactor Category: Refactor
Projects
No open projects
hyperswitch - Public Roadmap
Status: Merged
Milestone
May 2023 Release
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ShankarSinghC @SanchithHegde @Narayanbhat166