diff --git a/charts/plugin-br-bank-transfer/README.md b/charts/plugin-br-bank-transfer/README.md index 68c2c54e..955cc700 100644 --- a/charts/plugin-br-bank-transfer/README.md +++ b/charts/plugin-br-bank-transfer/README.md @@ -188,8 +188,8 @@ Key secrets configured via `bankTransfer.secrets`: | `REDIS_PASSWORD` | Redis/Valkey password | | `MONGO_PASSWORD` | MongoDB password | | `MONGO_URI` | MongoDB connection URI (auto-generated if not provided) | -| `JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64` | Encryption key (32-byte base64) | -| `RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64` | Encryption key (32-byte base64) | +| `JD_INCOMING_RAW_XML_ENCRYPTION_KEY` | Encryption key (hex-encoded 32-byte AES-256, 64 hex chars) | +| `RECIPIENT_DETAILS_ENCRYPTION_KEY` | Encryption key (hex-encoded 32-byte AES-256, 64 hex chars) | | `JD_WEBHOOK_NOTIFICATION_RAW_XML_DECRYPTION_KEY_BASE64` | Decryption key (32-byte base64) | --- diff --git a/charts/plugin-br-bank-transfer/templates/secrets.yaml b/charts/plugin-br-bank-transfer/templates/secrets.yaml index bdf876f3..e1a7610c 100644 --- a/charts/plugin-br-bank-transfer/templates/secrets.yaml +++ b/charts/plugin-br-bank-transfer/templates/secrets.yaml @@ -73,9 +73,11 @@ stringData: JD_PRIVATE_KEY_PEM: {{ .Values.bankTransfer.secrets.JD_PRIVATE_KEY_PEM | quote }} {{- end }} - # Encryption Keys (32-byte base64 encoded) - JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64: {{ required "bankTransfer.secrets.JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64 is required" .Values.bankTransfer.secrets.JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64 | quote }} - RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64: {{ required "bankTransfer.secrets.RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64 is required" .Values.bankTransfer.secrets.RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64 | quote }} + # Encryption Keys + # The application expects hex-encoded 32-byte AES-256 keys (64 hex characters). + # Values.bankTransfer.secrets should provide hex-encoded keys directly. + JD_INCOMING_RAW_XML_ENCRYPTION_KEY: {{ required "bankTransfer.secrets.JD_INCOMING_RAW_XML_ENCRYPTION_KEY is required" .Values.bankTransfer.secrets.JD_INCOMING_RAW_XML_ENCRYPTION_KEY | quote }} + RECIPIENT_DETAILS_ENCRYPTION_KEY: {{ required "bankTransfer.secrets.RECIPIENT_DETAILS_ENCRYPTION_KEY is required" .Values.bankTransfer.secrets.RECIPIENT_DETAILS_ENCRYPTION_KEY | quote }} # Midaz M2M Credentials (optional) {{- if .Values.bankTransfer.secrets.MIDAZ_CLIENT_ID }} diff --git a/charts/plugin-br-bank-transfer/values-template.yaml b/charts/plugin-br-bank-transfer/values-template.yaml index c9191080..4eca9950 100644 --- a/charts/plugin-br-bank-transfer/values-template.yaml +++ b/charts/plugin-br-bank-transfer/values-template.yaml @@ -202,9 +202,9 @@ bankTransfer: # JD_PASSWORD: "" # JD_PRIVATE_KEY_PEM: "" - # Encryption Keys - REQUIRED (32-byte base64 encoded) - JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64: "" # REQUIRED - RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64: "" # REQUIRED + # Encryption Keys - REQUIRED (hex-encoded 32-byte AES-256 keys, 64 hex characters) + JD_INCOMING_RAW_XML_ENCRYPTION_KEY: "" # REQUIRED + RECIPIENT_DETAILS_ENCRYPTION_KEY: "" # REQUIRED # Midaz M2M Credentials (if MIDAZ_AUTH_ENABLED=true) # MIDAZ_CLIENT_ID: "" diff --git a/charts/plugin-br-bank-transfer/values.yaml b/charts/plugin-br-bank-transfer/values.yaml index 7b8d4539..b77a8cfa 100644 --- a/charts/plugin-br-bank-transfer/values.yaml +++ b/charts/plugin-br-bank-transfer/values.yaml @@ -360,9 +360,9 @@ bankTransfer: # JD_PASSWORD: "" # JD_PRIVATE_KEY_PEM: "" - # Encryption Keys (REQUIRED - 32-byte base64 encoded) - JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64: "" - RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64: "" + # Encryption Keys (REQUIRED - hex-encoded 32-byte AES-256 keys, 64 hex characters) + JD_INCOMING_RAW_XML_ENCRYPTION_KEY: "" + RECIPIENT_DETAILS_ENCRYPTION_KEY: "" # Midaz M2M Credentials (optional) # MIDAZ_CLIENT_ID: "" # MIDAZ_CLIENT_SECRET: ""