[ ] This PR modifies application configuration/environment variables
Motivation and Context
PCI compliance requires application to follow some standards where encryption and decryption should not happen within the application as snapshot might have DEK and data together. So separate service should be used for encryption and decryption. In application wherever we are calling encrypt and decrypt it will be replaced by API call to encryption service.
How did you test it?
Changes can be verified only through logs. Look for "Fall back to Application Encryption" or "Fall back to Application Decryption" in the logs post deployment after running below tests. If logs are present encryption/decryption failed with encryption service and fall back to the application encryption which has to be investigated.
Test with merchant created before the changes deployed
Create Payment
Retrieve Payment
Create Refund
Retrieve Payment
Test with merchant created after the changes deployed
Create Merchant
Create API Key
Create MCA
Create Payment
Retrieve Payment
Create Refund
Retrieve Payment
Requires sanity on all the flows
Checklist
[x] I formatted the code cargo +nightly fmt --all
[x] I addressed lints thrown by cargo clippy
[x] I reviewed the submitted code
[ ] I added unit tests for my changes where possible
Type of Change
Description
Additional Changes
Motivation and Context
PCI compliance requires application to follow some standards where encryption and decryption should not happen within the application as snapshot might have DEK and data together. So separate service should be used for encryption and decryption. In application wherever we are calling encrypt and decrypt it will be replaced by API call to encryption service.
How did you test it?
Changes can be verified only through logs. Look for "Fall back to Application Encryption" or "Fall back to Application Decryption" in the logs post deployment after running below tests. If logs are present encryption/decryption failed with encryption service and fall back to the application encryption which has to be investigated.
Test with merchant created before the changes deployed
Checklist
cargo +nightly fmt --all
cargo clippy