Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 4.1.11
Affects Version/s: None
Component/s: Shell
Labels:
None

Backwards Compatibility:
Fully Compatible
Sprint:
Security 2019-04-08, Security 2019-04-22, Security 2019-05-06
Linked BF Score:
0
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

Including reading and writing encrypted payload format (see Bindata SubType 6 document)

This should be done by extending and deriving from DBClientBase a new class that implements encrypt, decrypt, and generateDataKey. The Mongo object in Javascript is just an adapter for DBClientBase so deriving a new class from it that maintains the KMS information would be the least intrusive.

API:

    encrypt(algorithm: string, keyId: UUID, iv? : byte[]) : BinData {}
    decrypt(value: BinData) : BSON {}

depends on

SERVER-39892 Integrate KMS Message Library with synchronous stream-oriented socket network layer

Closed

is depended on by

SERVER-39897 Implement field level encryption for various commands in JS shell API

Closed

Assignee:: Shreyas Kalyan
Reporter:: Mark Benvenuto
Participants:: Githook User, Mark Benvenuto, Shreyas Kalyan
Votes:: 0 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: Feb 28 2019 11:57:57 PM UTC
Updated:: Oct 29 2023 10:23:25 PM UTC
Resolved:: May 03 2019 07:51:25 PM UTC
Confidence Status Last Update:: 02/Apr/19 5:32 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates