Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-39896

Write shell JS API for explicitly encrypting and decrypting data

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 4.1.11
    • None
    • Shell
    • None
    • Fully Compatible
    • Security 2019-04-08, Security 2019-04-22, Security 2019-05-06
    • 0

    Description

      Including reading and writing encrypted payload format (see Bindata SubType 6 document)

      This should be done by extending and deriving from DBClientBase a new class that implements encrypt, decrypt, and generateDataKey. The Mongo object in Javascript is just an adapter for DBClientBase so deriving a new class from it that maintains the KMS information would be the least intrusive.

      API:

          encrypt(algorithm: string, keyId: UUID, iv? : byte[]) : BinData {}
          decrypt(value: BinData) : BSON {}
      

      Attachments

        Activity

          People

            shreyas.kalyan@mongodb.com Shreyas Kalyan
            mark.benvenuto@mongodb.com Mark Benvenuto
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: