Uploaded image for project: 'Node.js Driver'
  1. Node.js Driver
  2. NODE-5686

Add CSOT support to client side encryption

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Unknown Unknown
    • 6.11.0
    • Affects Version/s: None
    • Component/s: None
    • 5
    • 0
    • Not Needed
    • Hide

      Create a copy of the Kickoff Template with the issue key (NODE-XXX) in the filename and share a link to the new doc via this field.

      Show
      Create a copy of the Kickoff Template with the issue key (NODE-XXX) in the filename and share a link to the new doc via this field.
    • Not Needed

      Use Case

      As a... Driver Engineer
      I want... to add support for CSOT in CSFLE 
      So that... the driver will be compliant with the CSOT spec

      User Impact

      • N/A: New Feature

      Dependencies

      • Required CSOT feature

      Unknowns

      • questions that need to be answered to determine implementation

      Acceptance Criteria

      Implementation Requirements

      • Ensure that remaining timeoutMS is used for timeout in following scenarios
        • executing listCollections command to retrieve collection schemas
        • executing find commands to get data from key vault
        • executing commands against mongocryptd
        • to timeout HTTP requests against KMS server to decrypt data keys
      • Ensure that maxTimeMS is not appended to any command when executing against mongocryptd
      • Add support for timeoutMS to ClientEncryption
        • Note that the option should not be supported on the individual encryption/decryption apis on ClientEncryption objects, but to be configured once on its construction and have the option be applied to all calls on this object

      Testing Requirements

      • Implement prose test #2 from CSOT spec
      • Implement prose test #3 from CSOT spec
      • Implement the following spec unit tests
        • The remaining timeoutMS value should apply to HTTP requests against KMS servers for CSFLE. 
        • The remaining timeoutMS value should apply to commands sent to mongocryptd as part of automatic encryption.
      • Add integration tests that verify that the timeoutMS option configured on the ClientEncryption object applies to all APIs listed here

      Documentation Requirements

      Follow Up Requirements

      • None

        There are no Sub-Tasks for this issue.

            Assignee:
            aditi.khare@mongodb.com Aditi Khare
            Reporter:
            bailey.pearson@mongodb.com Bailey Pearson
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: