Closed TenDRILLL closed 1 year ago
Looking into webcrypto, but this might take a while.
Commit ae204fe9f9c4c20a70df3ef02810701f5a556fa1 addresses this, need to implement. Asking @Ugi0 to double-check if it's valid.
Checked and following commits fix issues with it: a6a3826af5c0cf01ab667ee5a60b5c5523391230 b28d895431f38f1e1f0983a7b58105bd66cb32a8 afa198234c39b345541156629148c97317c80e85 458587f62fdd095191de3a413c8b156551e2de49 6f1404030ade8fd1216c441d9f450d5a5a829b62
Feature deployed into production.
Argos's encryption is very basic and should be changed into a more secure algorithm. This was never intended to be used in the long-term but rather to obfuscate plaintext strings.
All relevant data should be stored inside signed JWT tokens.Definition of Done:
- [ ] JWT tokens implementedUpdate 14/05/2023: JWT tokens aren't what we need, implementing AES-GCM instead with random IV for added security. Encoded data will be stringified JSON.