Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-73729

Split decryptAndParse functions of FLE2IndexedEqualityEncryptedValueV2 and FLE2IndexedRangeEncryptedValueV2

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 7.0.0-rc0
    • None
    • None
    • None
    • Fully Compatible
    • Security 2023-02-20
    • 153

    Description

      The current decryptAndParse functions in these two classes require both the serverToken and the serverDerivedFromData token so that they can parse and decrypt the entire serialized blob.

      However, it is often the case that only one of these tokens exist and only a certain section of the serialized blob needs to be decrypted. For example. in collScan finds, only the metadata block needs to be decrypted. During client decryption, only the user ciphertext needs to be decrypted.

      The interface of these classes should be rewritten so as to allow the parse & decryption of only certain sections of the serialized data.

      Attachments

        Activity

          People

            erwin.pe@mongodb.com Erwin Pe
            erwin.pe@mongodb.com Erwin Pe
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: