[DRIVERS-1950] FLE 1.0 Shared Library Created: 13/Oct/21  Updated: 21/Apr/23  Resolved: 21/Apr/23

Status: Closed
Project: Drivers
Component/s: None
Fix Version/s: None

Type: Epic Priority: Major - P3
Reporter: Esha Bhargava Assignee: Unassigned
Resolution: Done Votes: 0
Labels: phase2
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on MONGOCRYPT-366 FLE 1.0 Shared Library Closed
Initiative
Issue split
split to CDRIVER-4272 FLE 1.0 Shared Library Closed
split to CSHARP-4022 FLE 1.0 Shared Library Closed
split to GODRIVER-2288 FLE 1.0 Shared Library Closed
split to JAVA-4458 FLE 1.0 Shared Library Closed
split to MOTOR-874 FLE 1.0 Shared Library Closed
split to NODE-3912 FLE 1.0 Shared Library Closed
split to PHPC-2045 FLE 1.0 Shared Library Closed
split to PYTHON-3081 FLE 1.0 Shared Library Closed
split to RUBY-2886 FLE 1.0 Shared Library Closed
split to RUST-1161 FLE 1.0 Shared Library Closed
split to CXX-2433 Support In-Use Encryption Shared Library Closed
Related
is related to DRIVERS-2465 Test crypt_shared with older server v... Closed
is related to DRIVERS-2355 Test with consistent versions of cryp... Implementing
Driver Changes: Needed
Server Compat: 5.3
Quarter: FY23Q2
Upstream Changes Summary:

New C++ shared library for doing FLE query analysis available on MongoDB supported platforms. This will be consumed by libmongocrypt in drivers at runtime.

Release - new tarballs and packages will be product, feeds will need to be updated
Drivers - libmongocrypt will need to be updated to use it. Drivers will need to be updated to stop depending on mongocryptd
Compass/DevTools - MongoSH/others can stop packaging mongocryptd

Downstream Changes Summary:

Note: the following instructions do not account for the rename of the shared library. Please also see DRIVERS-2338.

The csfle shared library is a new component that replaces the mongocryptd process. csfle is loaded by libmongocrypt at runtime.

Please see the following specifications PRs for a description of the driver changes:

Please see the C driver implementation for reference.

Bindings changes

Upgrade libmongocrypt dependency to 1.5.0. Drivers can use 1.5.0-alpha0 to test. Binaries are available from this upload-all task.

Update the bindings to libmongocrypt to add the new functions:

  • mongocrypt_csfle_version_string
  • mongocrypt_csfle_version
  • mongocrypt_setopt_append_csfle_search_path
  • mongocrypt_setopt_set_csfle_lib_path_override

Driver changes

Pass AutoEncryptionOpts.extraOptions.csflePath to libmongocrypt with {} mongocrypt_setopt_set_crypt_shared_lib_path_override.

If AutoEncryptionOpts.bypassAutoEncryption is unset or false, pass "$SYSTEM" to mongocrypt_setopt_append_csfle_search_path for the mongocrypt_t in a MongoClient configured with AutoEncryptionOpts.

If AutoEncryptionOpts.extraOptions.csfleRequired is true, error if csfle is not loaded. Determine if csfle is loaded by checking if mongocrypt_csfle_version_string is NULL.

Do not attempt to spawn mongocryptd if csfle is loaded.

Test changes

Please see https://github.com/mongodb/specifications/pull/1199 for a description of test changes.

Please see https://github.com/mongodb-labs/drivers-evergreen-tools/pull/196 for a script to download the csfle shared library.

Case:
Engineering Lead: Kevin Albertson Kevin Albertson
Product Manager: Rachelle Palmer Rachelle Palmer
Program Manager: Esha Bhargava Esha Bhargava
Cost Threshold %: 100
Detailed Project Statuses:

Summary: Support the csfle shared library, which replaces mongocryptd.

Author: Colby

2022-05-03:

  • C implementation is complete
  • Go and .NET implementations will start this week

2022-04-19:

  • Changes in draft review and Colby is working on tests

2022-04-05:

  • Colby is actively working on the spec changes

Driver Compliance:
Key Status/Resolution FixVersion
CDRIVER-4272 Fixed 1.22.0, 1.22.0-beta0
CXX-2433 Done 3.8.0
CSHARP-4022 Fixed 2.16.0
GODRIVER-2288 Fixed 1.10.0
JAVA-4458 Fixed 4.7.0
NODE-3912 Done 4.9.0
MOTOR-874 Duplicate
PYTHON-3081 Fixed 4.2
PHPC-2045 Fixed 1.14.0
RUBY-2886 Done 2.18.1
RUST-1161 Duplicate
SWIFT-1467 Duplicate

 Description   

Summary

Support the csfle shared library, which replaces mongocryptd.

Motivation

Who is the affected end user?

Users of CSFLE.

How does this affect the end user?

End users no longer need to have a separate mongocryptd process running.

Is this issue urgent?

MongoDB 6.0.

Is this ticket required by a downstream team?

Shell.

Is this ticket only for tests?

No. There is functional impact.



 Comments   
Comment by PM Bot [ 01/Apr/22 ]

If you are not logged in, you can view the tickets in this epic by following this link.

Comment by PM Bot [ 18/Jan/22 ]

If you are not logged in, you can view the tickets in this epic by following this link.

Comment by Alexander Golin (Inactive) [ 14/Dec/21 ]

Blocked until PM-2403 closes

Generated at Thu Feb 08 08:24:21 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.