Uploaded image for project: 'Node.js Driver'
  1. Node.js Driver
  2. NODE-5686

Add CSOT support to client side encryption

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Unresolved
    • Priority: Icon: Unknown Unknown
    • None
    • Affects Version/s: None
    • Component/s: None
    • Hide

      Create a copy of the Kickoff Template with the issue key (NODE-XXX) in the filename and share a link to the new doc via this field.

      Show
      Create a copy of the Kickoff Template with the issue key (NODE-XXX) in the filename and share a link to the new doc via this field.
    • Not Needed
    • Hide

      1. What would you like to communicate to the user about this feature?
      2. Would you like the user to see examples of the syntax and/or executable code and its output?
      3. Which versions of the driver/connector does this apply to?

      Show
      1. What would you like to communicate to the user about this feature? 2. Would you like the user to see examples of the syntax and/or executable code and its output? 3. Which versions of the driver/connector does this apply to?

      Use Case

      As a... Driver Engineer
      I want... to add support for CSOT in CSFLE 
      So that... the driver will be compliant with the CSOT spec

      User Impact

      • N/A: New Feature

      Dependencies

      • Required CSOT feature

      Unknowns

      • questions that need to be answered to determine implementation

      Acceptance Criteria

      Implementation Requirements

      • Ensure that remaining timeoutMS is used for timeout in following scenarios
        • executing listCollections command to retrieve collection schemas
        • executing find commands to get data from key vault
        • executing commands against mongocryptd
        • to timeout HTTP requests against KMS server to decrypt data keys
      • Ensure that maxTimeMS is not appended to any command when executing against mongocryptd
      • Add support for timeoutMS to ClientEncryption
        • Note that the option should not be supported on the individual encryption/decryption apis on ClientEncryption objects, but to be configured once on its construction and have the option be applied to all calls on this object

      Testing Requirements

      • Implement prose test #2 from CSOT spec
      • Implement prose test #3 from CSOT spec
      • Implement the following spec unit tests
        • The remaining timeoutMS value should apply to HTTP requests against KMS servers for CSFLE. 
        • The remaining timeoutMS value should apply to commands sent to mongocryptd as part of automatic encryption.
      • Add integration tests that verify that the timeoutMS option configured on the ClientEncryption object applies to all APIs listed here

      Documentation Requirements

      Follow Up Requirements

      • None

        1.
        		 Ensure StateMachine.execute respects timeoutMS NODE-6389 Sub-task In Progress Aditi Khare  
        2.
        		 Add timeoutMS support to autoEncryption NODE-6390 Sub-task Ready for Work Unassigned  
        3.
        		 Add timeoutMS support to Explicit Encryption NODE-6391 Sub-task Ready for Work Unassigned  
        4.
        		 Add timeoutMS to Explicit Encryption Data Key Management NODE-6392 Sub-task Ready for Work Unassigned  

            Assignee:
            aditi.khare@mongodb.com Aditi Khare
            Reporter:
            bailey.pearson@mongodb.com Bailey Pearson
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: