Sets encryption key, it is used to encrypt some sensitive information.
In order to improve openAPI security, we provide POST /dynamic_key + PUT /encryption_key to negotiate
an encryption_key in your oauth session.
After negotiate/set your aes_key, you can always use the encryption_key to encrypt
your sensitive information, such as the encrypted_pwd field in POST /users API request,
the encrypted_pwd field in PATCH /users/{id} API.
You should firstly call POST /dynamic_key to get a rsa public_key, after that, you can
use the got rsa public_key to encrypted your encryption_key and use the API to set the shared encryption_key.
For rsa public_key encryption, currently we just support oaep padding, using sha512 hash, no random number,
no label.
Alternatively, you can firstly call POST /dynamic_key to get a curve25519 public_key, after that, you can
generate your own curve25519 public_key and private_key. After that, you can use the API to send your own
public_key to onpremise and setup the shared encryption_key.
After set the encryption_key, you can always use the encryption_key until your current oauth token
has expired, namely the encryption_key has the same end_time ttl with your oauth token.
Note1: Currently we just support aes256-cbc with pkcs7 padding based on encryption_key.
Note2: If you need rsa public_key encryption to negotiate encryption_key, then its length must be 32 bytes.
Note3: When using rsa-oaep encryption, you must choose to use sha512 hash, no random number, no label.
Curve25519 itself use 32 bytes public_key and private_key.