[FEATURE] Add JWE + JWS Encryption/Decryption Layer in data APIs
NishantJoshi00 opened this issue · comments
Description
The purpose of this task is to make the communication with the locker encrypted end-to-end, as a prerequisite for PCI-DSS certification.
Work Involved
- Create/Test the JWE + JWS algorithm, with support for multiple
key_id
s - Create a middleware to perform encryption and decryption of request body for data API calls.
- Add support for multi-tenant look for the public key.