[MONGOCRYPT-85] Support explicit encryption and decryption Created: 05/Apr/19  Updated: 28/Oct/23  Resolved: 17/Apr/19

Status: Closed
Project: Libmongocrypt
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major - P3
Reporter: Kevin Albertson Assignee: Samantha Ritter (Inactive)
Resolution: Fixed Votes: 0
Labels: API
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by JAVA-3226 POC - Support Client-side FLE Closed
Epic Link: Build libmongocrypt library

 Description   

This is to support explicitly encrypting any BSON value or explicitly decrypting a BSON binary subtype 6 value.

For client code that does this:

keyvault.encrypt("some value", { key_id: BinData(...), algorithm: "..." } )

The driver should use libmongocrypt to encrypt "some value". We can reuse the mongocrypt_ctx_t type. I'm roughly thinking of:

mongocrypt_ctx_setopt_key_id (mongocrypt_ctx_t *ctx, mongocrypt_binary_t *key_id);
mongocrypt_ctx_setopt_key_algorithm (mongocrypt_ctx_t *ctx, const char* algorithm, uint32_t algorithm_len);
mongocrypt_ctx_setopt_key_initialization_vector (mongocrypt_ctx_t *ctx, const char* iv, uint32_t iv_len);
mongocrypt_ctx_init_explicit_encrypt (mongocrypt_ctx_t *ctx, mongocrypt_buffer_t *wrapped_value);

Then the context can be used the same way as auto encryption.

Drivers will likely need to wrap the BSON value to encrypt in a document. So in the above example, wrapped_value would represent the document

{ "v": "some value" }

.



 Comments   
Comment by Githook User [ 17/Apr/19 ]

Author:

{'email': 'samantha.ritter@10gen.com', 'name': 'samantharitter', 'username': 'samantharitter'}

Message: CDRIVER-3072 support explicit encryption and decryption
Branch: master
https://github.com/10gen/libmongocrypt/commit/56336c561e91274d0276a8263398aa8499d24a5a

Comment by Ian Whalen (Inactive) [ 08/Apr/19 ]

awesome thanks!

Comment by Ian Whalen (Inactive) [ 08/Apr/19 ]

samantha.ritter kevin.albertson could we talk about pulling this into scheduled ASAP? This seems to block POCs and we'd like to wrap all of those blockers ASAP to hit our April 16 spec/poc completion.

Generated at Thu Feb 08 09:07:56 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.