fix(bank-transfer): correct encryption key env var names

charts/plugin-br-bank-transfer/README.md

@@ -188,8 +188,8 @@ Key secrets configured via `bankTransfer.secrets`:
 | `REDIS_PASSWORD` | Redis/Valkey password |
 | `MONGO_PASSWORD` | MongoDB password |
 | `MONGO_URI` | MongoDB connection URI (auto-generated if not provided) |
-| `JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64` | Encryption key (32-byte base64) |
-| `RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64` | Encryption key (32-byte base64) |
+| `JD_INCOMING_RAW_XML_ENCRYPTION_KEY` | Encryption key (hex-encoded 32-byte AES-256, 64 hex chars) |
+| `RECIPIENT_DETAILS_ENCRYPTION_KEY` | Encryption key (hex-encoded 32-byte AES-256, 64 hex chars) |
 | `JD_WEBHOOK_NOTIFICATION_RAW_XML_DECRYPTION_KEY_BASE64` | Decryption key (32-byte base64) |
 
 ---

charts/plugin-br-bank-transfer/templates/secrets.yaml

@@ -73,9 +73,11 @@ stringData:
   JD_PRIVATE_KEY_PEM: {{ .Values.bankTransfer.secrets.JD_PRIVATE_KEY_PEM | quote }}
   {{- end }}
 
-  # Encryption Keys (32-byte base64 encoded)
-  JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64: {{ required "bankTransfer.secrets.JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64 is required" .Values.bankTransfer.secrets.JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64 | quote }}
-  RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64: {{ required "bankTransfer.secrets.RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64 is required" .Values.bankTransfer.secrets.RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64 | quote }}
+  # Encryption Keys
+  # The application expects hex-encoded 32-byte AES-256 keys (64 hex characters).
+  # Values.bankTransfer.secrets should provide hex-encoded keys directly.
+  JD_INCOMING_RAW_XML_ENCRYPTION_KEY: {{ required "bankTransfer.secrets.JD_INCOMING_RAW_XML_ENCRYPTION_KEY is required" .Values.bankTransfer.secrets.JD_INCOMING_RAW_XML_ENCRYPTION_KEY | quote }}
+  RECIPIENT_DETAILS_ENCRYPTION_KEY: {{ required "bankTransfer.secrets.RECIPIENT_DETAILS_ENCRYPTION_KEY is required" .Values.bankTransfer.secrets.RECIPIENT_DETAILS_ENCRYPTION_KEY | quote }}
 
   # Midaz M2M Credentials (optional)
   {{- if .Values.bankTransfer.secrets.MIDAZ_CLIENT_ID }}

charts/plugin-br-bank-transfer/values-template.yaml

@@ -202,9 +202,9 @@ bankTransfer:
     # JD_PASSWORD: ""
     # JD_PRIVATE_KEY_PEM: ""
 
-    # Encryption Keys - REQUIRED (32-byte base64 encoded)
-    JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64: ""  # REQUIRED
-    RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64: ""  # REQUIRED
+    # Encryption Keys - REQUIRED (hex-encoded 32-byte AES-256 keys, 64 hex characters)
+    JD_INCOMING_RAW_XML_ENCRYPTION_KEY: ""  # REQUIRED
+    RECIPIENT_DETAILS_ENCRYPTION_KEY: ""  # REQUIRED
 
     # Midaz M2M Credentials (if MIDAZ_AUTH_ENABLED=true)
     # MIDAZ_CLIENT_ID: ""

charts/plugin-br-bank-transfer/values.yaml

@@ -360,9 +360,9 @@ bankTransfer:
     # JD_PASSWORD: ""
     # JD_PRIVATE_KEY_PEM: ""
 
-    # Encryption Keys (REQUIRED - 32-byte base64 encoded)
-    JD_INCOMING_RAW_XML_ENCRYPTION_KEY_BASE64: ""
-    RECIPIENT_DETAILS_ENCRYPTION_KEY_BASE64: ""
+    # Encryption Keys (REQUIRED - hex-encoded 32-byte AES-256 keys, 64 hex characters)
+    JD_INCOMING_RAW_XML_ENCRYPTION_KEY: ""
+    RECIPIENT_DETAILS_ENCRYPTION_KEY: ""
     # Midaz M2M Credentials (optional)
     # MIDAZ_CLIENT_ID: ""
     # MIDAZ_CLIENT_SECRET: ""