[DRIVERS-2687] Add BSON Binary Data subtype Sensitive Created: 27/Jul/23  Updated: 20/Dec/23

Status: Implementing
Project: Drivers
Component/s: BSON
Fix Version/s: None

Type: Spec Change Priority: Minor - P4
Reporter: William Qian Assignee: Noah Stapp
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-78082 Ensure $queryStats HMAC key argument ... Closed
Issue split
split to PHPC-2267 Support BSON Binary subtype 0x08 (sen... Closed
split to CXX-2722 Add binary data type Sensitive to the... Closed
split to PYTHON-3893 Add BSON Binary Data subtype Sensitive Closed
split to JAVA-5092 Add BSON Binary Data subtype Sensitive Backlog
split to NODE-5506 Add BSON Binary Data subtype Sensitive Backlog
split to CDRIVER-4700 Add BSON Binary Data subtype Sensitive Closed
split to CSHARP-4739 Add BSON Binary Data subtype Sensitive Closed
split to GODRIVER-2926 Add BSON Binary Data subtype Sensitive Closed
split to MOTOR-1166 Add BSON Binary Data subtype Sensitive Closed
split to RUBY-3309 Add BSON Binary Data subtype Sensitive Closed
split to RUST-1716 Add BSON Binary Data subtype Sensitive Closed
Problem/Incident
Related
is related to DOCS-16282 Add BSON Binary Data subtype Sensitive Backlog
Driver Changes: Needed
Server Compat: 7.1
Downstream Changes Summary:
  • BSON corpus tests have been updated. Drivers should sync to mongodb/specifications@db7eb39.
  • Drivers should add a new constant corresponding to BSON binary subtype 0x08. "Sensitive" should be included in its identifier (e.g. BinDataType::Sensitive or BSON_SUBTYPE_SENSITIVE).
Engineering Lead: Steve Silvester Steve Silvester
Program Manager: Esha Bhargava Esha Bhargava
Start date:
Driver Compliance:
Key Status/Resolution FixVersion
CXX-2722 Fixed 3.9.0
CDRIVER-4700 Fixed 1.25.0
CSHARP-4739 Fixed 2.22.0
GODRIVER-2926 Fixed 1.13.0, 1.13.1
JAVA-5092 Backlog
NODE-5506 Backlog
MOTOR-1166 Duplicate
PYTHON-3893 Done
PHPC-2267 Fixed 1.17.0
RUBY-3309 Fixed bson-5.0.0
RUST-1716 Done bson-2.9.0

 Description   
Downstream Change Summary
  • BSON corpus tests have been updated. Drivers should sync to mongodb/specifications@db7eb39.
  • Drivers should add a new constant corresponding to BSON binary subtype 0x08. "Sensitive" should be included in its identifier (e.g. BinDataType::Sensitive or BSON_SUBTYPE_SENSITIVE).

Summary

Introducing BSON Binary Data subtype 8: Sensitive.

Motivation

Who is the affected end user?

First and foremost, query stats users who wish to supply their own HMAC key will do so via this subtype.

How does this affect the end user?

Sensitive binary data are excluded from logging wherever possible, creating more security for sensitive values like HMAC keys.

How likely is it that this problem or use case will occur?

This will affect all query stats calls.

If the problem does occur, what are the consequences and how severe are they?

Without proper support for this subtype, users will not be able to use custom HMAC keys for query stats due to IDL binary data subtype validation.

Is this issue urgent?

A little. Query stats is not yet GA, but will be soon.

Is this ticket required by a downstream team?

Needed by query stats (and by extension, Atlas).

Is this ticket only for tests?

No.



 Comments   
Comment by Charlie Swanson [ 20/Dec/23 ]

noah.stapp@mongodb.com can we close this ticket? It looks like it's been implemented in the spec? Or is there more work to do here? In any case, I will move it out of PM-2885 epic since we are closing that epic. I will link it as 'caused by' I guess?

Comment by Githook User [ 04/Aug/23 ]

Author:

{'name': 'Noah Stapp', 'email': 'noah.stapp@mongodb.com', 'username': 'NoahStapp'}

Message: DRIVERS-2687 Add BSON Binary Data subtype Sensitive (#1446)
Branch: master
https://github.com/mongodb/specifications/commit/db7eb39bba5eafa33f48376dbe224180c8af705e

Comment by Bernie Hackett [ 28/Jul/23 ]

That makes sense. The scope of this is, more or less, add a test here:
https://github.com/mongodb/specifications/blob/master/source/bson-corpus/tests/binary.json

The BSON spec is at bsonspec.org, which I believe the docs team owns.

Comment by William Qian [ 28/Jul/23 ]

Yes, it's to ask that this be incorporated into enums and the spec online.

Comment by Bernie Hackett [ 28/Jul/23 ]

I would hope, and be shocked if this isn't true, that all drivers already support creating a BSON Binary with an arbitrary subtype. Otherwise users can't use custom binary subtypes in the type range reserved for user applications. Is the ask here to make a special language specific type for this?

Generated at Thu Feb 08 08:26:11 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.