Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 4.1.11
Affects Version/s: None
Component/s: Shell
Labels:
None

Backwards Compatibility:
Fully Compatible
Sprint:
Security 2019-04-08, Security 2019-04-22, Security 2019-05-06
Linked BF Score:
0

Including reading and writing encrypted payload format (see Bindata SubType 6 document)

This should be done by extending and deriving from DBClientBase a new class that implements encrypt, decrypt, and generateDataKey. The Mongo object in Javascript is just an adapter for DBClientBase so deriving a new class from it that maintains the KMS information would be the least intrusive.

API:

    encrypt(algorithm: string, keyId: UUID, iv? : byte[]) : BinData {}
    decrypt(value: BinData) : BSON {}

depends on

SERVER-39892 Integrate KMS Message Library with synchronous stream-oriented socket network layer

Closed

is depended on by

SERVER-39897 Implement field level encryption for various commands in JS shell API

Closed

is documented by

DOCS-12689 Docs for SERVER-39896: Write shell JS API for explicitly encrypting and decrypting data

Closed

Assignee:: Shreyas Kalyan

Reporter:: Mark Benvenuto

Participants:: Githook User, Mark Benvenuto, Shreyas Kalyan

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: Feb 28 2019 11:57:57 PM UTC

Updated:: Oct 29 2023 10:23:25 PM UTC

Resolved:: May 03 2019 07:51:25 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates