Uploaded image for project: 'Libmongocrypt'
  1. Libmongocrypt
  2. MONGOCRYPT-570

Do not apply default to min/max values for int/long/date

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Unknown Unknown
    • 1.8.0, 1.8.0-alpha1
    • None
    • None
    • None
    • Not Needed

    Description

      Scope

      • Do not apply default to min/max values for explicit encryption with int/long/date.
      • Return an error if explicit encryption is attempted on int/long/date without min or max set.

      Background & Motivation

      libmongocrypt applies a default min/max to int/long/date.

      Requiring min/max for int/long/date matches the server behavior: https://github.com/mongodb/mongo/blob/ce9ae383244dc01c8961e3052ca9f48a0008c80d/src/mongo/crypto/encryption_fields_validation.cpp#L147-L155

      Not requiring a min/max may be a convenience to users. But, requiring the values may reduce risk of users unintentionally omitting min or max. Encrypting with an incorrect min or max may result in incorrect query results. Adding a default value to min and max can be considered in the future without making a backwards breaking change.

      Attachments

        Activity

          People

            kevin.albertson@mongodb.com Kevin Albertson
            kevin.albertson@mongodb.com Kevin Albertson
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: