Details
-
Task
-
Resolution: Fixed
-
Major - P3
-
None
-
None
-
None
-
Server Security
-
Fully Compatible
-
Security 2023-03-06
Description
In the v2 QE protocol, the following changes must be made to the processing of encrypted updates:
- reject v1 payload types (FLE2FindEqualityPayload or FLE2FindRangePayload in the query, FLE2InsertUpdatePayload in the updates)
- remove the code that generates & inserts ECC documents for every encrypted field removed.
- remove the code that inserts ECOC documents for every encrypted field removed (Note that this removes just 1 out of 2 ECOC insertions in the current algorithm)
- the Garbage Collection procedure must be implemented to pull from _safeContent_ the tags that correspond to removed field values.