Decrypt JWT_PRIVATE_SIGNING_JWK on stage, prod, and edge

[rgraber]

In preparation for moving from pyjwkest to PyJWT, we need to update our JWT_PRIVATE_SIGNING_JWK. Currently, it has a few of the optional parameters set. However, to be compatible with PyJWT, we need to either have all of these parameters set, or none of them.

Arch BOM needs access to the original value in order to see which parameters are set, add the new ones, then re-encrypt. We need SRE to decrypt it and give us (or just @rgraber as eSRE) access in Keeper or through some other secure method. We also need to make sure we're not using any old public keys in production.

We could roll the JWK instead of updating its contents, but that would require updating the public key in every IDA in every environment, which is a significant lift. See openedx/edx-platform#31927 for a description of the original issue.

[github-actions]

This is now https://2u-internal.atlassian.net/browse/PSRE-2383

[rgraber]

Accidentally removed the escalate label but it has indeed been escalated. Please do not re-add as it will create a new issue.