prime-reportstream Add Encryption for files sent to NATUS/LA

Problem statement

The files we are currently sending NATUS are encrypted on submission, but the files that NATUS place are not encrypted. NATUS wants extra encryptions on the message before sending on on the wire so they can manually decrypt it with the same key they provide us.

What you need to know

NATUS/LA proposes to give us the key to use for encryption. They want to rotate the key periodically and they will unencrypt in. Files should be Sha 512 AES. This would sit in the REST transport. To make it configurable, we need to add extra settings on the receiver transport settings.

Acceptance criteria

[x] Uploaded files will be fully encrypted
[ ] Testing complete

To do

[ ] ...

Jan 12 '24 18:01 LaFreda1

Ott received postman collection. Will prioritize after CA PHL

Feb 08 '24 18:02 LaFreda1

Spoke with Flexion group yesterday, will likely prioritize this work above CA PHL. @ sprints away

Feb 09 '24 21:02 LaFreda1

ETOR told me to hold off on development for now until they tell to me continue.

Feb 26 '24 14:02 oslynn

Waiting on Flexion for response/action. Ott asked for help from Flexion to overcome an issue.

Apr 22 '24 16:04 chris-kuryak

Contacted Natus to see if we can update the AES algorithm to a better one. I still wait for them to answer.

May 16 '24 16:05 oslynn

Waiting for DevOp to get ReportStream to resolve the api.neometrics.com (Natus REST server) DNS. Ticket: https://app.zenhub.com/workspaces/prime-devops-606cb208a8c112000fd48349/issues/gh/cdcgov/prime-devops/129

May 22 '24 14:05 oslynn

Slack: @John King

@Jorge Lopez

@pkendall

@victorchaparro

@Chris Kuryak (he/him) [ULE6] FYI: CDC resolved the issue regarding the LA-PHL domain name can't be found by ResportStream when RS tries to send an encrypted message. I checked the connection and sent the encrypted test message to LA-PHL.ETOR-NBS-ORDERS successfully.

Jun 04 '24 14:06 oslynn