0.6.4 (2025-01-14)
Changes from v0.4.0 to v0.6.4
Features
- Add implementation for
hmac-sha512(#74) - Add fingerprint table and db interface (#75)
- Add api for fingerprint (#76)
- Add support for caching for fingerprint API (#80)
- Add deep health check with support for diagnostics (#64)
- Add support for sending master key to key manager (#131)
- Add v2 api for /fingerprint (#119)
- Add ttl to locker entries (#88)
- Add support for multi-tenancy (#97)
- Integrate hyperswitch encryption service (#110)
- Add support for tls server within axum (#103)
- Adding support for v2 API (#135)
Bug Fixes
- Address non-digit character cases in card number validation (#93)
- Remove custodian from under JWE+JWS (#137)
Refactors
- Add support for accepting ttl in seconds as opposed to datetime (#89)
- Remove
tenant_idcolumn from all existing tables (#105) - Add db migrations for v2 (#107)
Enhancement
- Reduce unnecessary complexity from caching (#79)
Compatibility
This version of the Hyperswitch Card Vault is compatible with the following versions of the other components:
- App server: v1.113.0
- Control Center: v1.36.1
- Web Client: v0.109.2
- WooCommerce Plugin: v1.6.1
- Key Manager: v0.1.7
Database Migrations
-- DB Difference between v0.4.0 and v0.6.4
-- Your SQL goes here
ALTER TABLE locker ADD COLUMN IF NOT EXISTS ttl TIMESTAMP DEFAULT NULL;
-- Your SQL goes here
ALTER TABLE merchant DROP CONSTRAINT merchant_pkey, ADD CONSTRAINT merchant_pkey PRIMARY KEY (merchant_id);
ALTER TABLE merchant DROP COLUMN IF EXISTS tenant_id;
ALTER TABLE locker DROP CONSTRAINT locker_pkey, ADD CONSTRAINT locker_pkey PRIMARY KEY (merchant_id, customer_id, locker_id);
ALTER TABLE locker DROP COLUMN IF EXISTS tenant_id;
-- Your SQL goes here
ALTER TABLE fingerprint RENAME COLUMN card_fingerprint TO fingerprint_id;
ALTER TABLE fingerprint RENAME COLUMN card_hash TO fingerprint_hash;
CREATE TABLE IF NOT EXISTS vault (
id SERIAL,
entity_id VARCHAR(255) NOT NULL,
vault_id VARCHAR(255) NOT NULL,
encrypted_data BYTEA NOT NULL,
created_at TIMESTAMP NOT NULL DEFAULT now()::TIMESTAMP,
expires_at TIMESTAMP DEFAULT NULL,
PRIMARY KEY (entity_id, vault_id)
);
CREATE TABLE IF NOT EXISTS entity (
id SERIAL,
entity_id VARCHAR(255) NOT NULL,
enc_key_id VARCHAR(255) NOT NULL,
PRIMARY KEY (entity_id)
);
-- Your SQL goes here
ALTER TABLE entity
ADD COLUMN IF NOT EXISTS created_at TIMESTAMP NOT NULL DEFAULT now()::TIMESTAMP;Configuration Changes
Diff of configuration changes between v0.4.0 and v0.6.4
diff --git a/config.example.toml b/config.example.toml
index f5c83e8..b91b25e 100644
--- a/config.example.toml
+++ b/config.example.toml
@@ -24,12 +24,14 @@ port = 5432 # the port of the database
dbname = "locker"
[secrets]
-tenant = "hyperswitch"
-master_key = "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308"
-
-tenant_public_key = ""
locker_private_key = ""
+[tenant_secrets]
+hyperswitch = { master_key = "feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308", public_key = "", schema = "public" }
+
+# Aws kms as secrets manager
+[secrets_management]
+secrets_manager = "aws_kms"
+
+#[secrets_management.aws_kms]
+#key_id = "kms_key_id"
+#region = "kms_region"
+
+# TLS server within axum
+[tls]
+certificate = "cert.pem"
+private_key = "key.pem"
-[aws_kms]
-region = "us-west-2"
-key_id = "abc"
+# Api client
+[api_client]
+client_idle_timeout = 90
+pool_max_idle_per_host = 10
+identity = ""
-[vault_kv2]
-url = "http://127.0.0.1:8200"
-token = "hvs.abc"
+# Configuration for the external Key Manager Service
+[external_key_manager]
+url = "http://localhost:5000"
+cert = ""
Full Changelog: v0.4.0...v0.6.4