Uploaded image for project: 'Libmongocrypt'
  1. Libmongocrypt
  2. MONGOCRYPT-7

Key broker deduplication broken

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Critical - P2 Critical - P2
    • None
    • None
    • None
    • None

    Description

      The key broker acts as intermediary storage of keys for encrypting/decrypting a single operation. When markings are received in libmongocrypt, the key broker tracks all requested key ids and alt names. When key documents are received,  some entries are deduplicated (because a key may have been requested by both id and alt name, or multiple alt names). Due to a bug in this logic, it was possible for the key broker to lose key entries, resulting in an encryption/decryption failure due to missing key.

      Attachments

        Activity

          People

            kevin.albertson@mongodb.com Kevin Albertson
            kevin.albertson@mongodb.com Kevin Albertson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: