Uploaded image for project: 'Libmongocrypt'
  1. Libmongocrypt
  2. MONGOCRYPT-768

Support multiple schemas for auto encryption

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Unknown Unknown
    • 1.13.0
    • Affects Version/s: None
    • Component/s: None
    • None

      Summary

      Support multiple schemas for a single auto-encryption operation.

      Background & Motivation

      Needed for $lookup support. A $lookup can reference multiple collections.

      See Technical Design: Support $lookup in CSFLE and QE for a description of the new csfleEncryptionSchemas field.

      Proposed behavior

      • If QE schemas are found (and no JSON schemas), only pass encryptionInformation. Use empty entries for collections with no schema.
      • If JSON schemas are found (and no QE schemas), only pass csfleEncryptionSchemas. Use empty entries for collections with no schema.
      • If both QE and JSON schemas are found:
        • If there is a remote JSON schema return an error. Tell user to specify collections in encryptedFieldsMap to ignore the remote JSON schema. This is a short-term workaround for SERVER-100260.
        • Otherwise, pass both encryptionInformation and csfleEncryptionSchemas and let query analysis return an error.

            Assignee:
            kevin.albertson@mongodb.com Kevin Albertson
            Reporter:
            kevin.albertson@mongodb.com Kevin Albertson
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: