Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-39896

Write shell JS API for explicitly encrypting and decrypting data

    XMLWordPrintable

Details

    • Task
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • 4.1.11
    • Shell
    • None
    • Fully Compatible
    • Security 2019-04-08, Security 2019-04-22, Security 2019-05-06
    • 0

    Description

      Including reading and writing encrypted payload format (see Bindata SubType 6 document)

      This should be done by extending and deriving from DBClientBase a new class that implements encrypt, decrypt, and generateDataKey. The Mongo object in Javascript is just an adapter for DBClientBase so deriving a new class from it that maintains the KMS information would be the least intrusive.

      API:

          encrypt(algorithm: string, keyId: UUID, iv? : byte[]) : BinData {}
          decrypt(value: BinData) : BSON {}
      

      Attachments

        Issue Links

          Activity

            People

              shreyas.kalyan@mongodb.com Shreyas Kalyan
              mark.benvenuto@mongodb.com Mark Benvenuto
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: