Giters

juspay / hyperswitch-card-vault

Hyperswitch Card Vault is an open-source sensitive information storage system built on Rust.

Home Page:https://opensource.hyperswitch.io/going-live/pci-compliance/card-vault-installation

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[FEATURE] Add JWE + JWS Encryption/Decryption Layer in data APIs

NishantJoshi00 opened this issue · comments

commented

Description

The purpose of this task is to make the communication with the locker encrypted end-to-end, as a prerequisite for PCI-DSS certification.

Work Involved

  • Create/Test the JWE + JWS algorithm, with support for multiple key_ids
  • Create a middleware to perform encryption and decryption of request body for data API calls.
  • Add support for multi-tenant look for the public key.