[SERVER-41264] Mongocryptd is willing to mark single-valued types for encryption Created: 21/May/19  Updated: 29/Oct/23  Resolved: 23/May/19

Status: Closed
Project: Core Server
Component/s: Querying
Affects Version/s: 4.1.11
Fix Version/s: 4.1.12

Type: Bug Priority: Major - P3
Reporter: David Storch Assignee: David Storch
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Documented
Related
is related to SERVER-40516 Ban single-valued BSON types in FLE Closed
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Query 2019-06-03
Participants:

 Description   

As an example:

MongoDB Enterprise > db.runCommand({insert: "c", documents: [{foo: null}], jsonSchema: {type: "object", properties: {foo: {encrypt: {algorithm: "AEAD_AES_256_CBC_HMAC_SHA_512-Random", keyId: [UUID()]}}}}})
{
    "hasEncryptionPlaceholders" : true,
    "schemaRequiresEncryption" : true,
    "result" : {
        "insert" : "c",
        "documents" : [
            {
                "foo" : BinData(6,"ACgAAAAQYQACAAAABWtpABAAAAAEZmnmqwnBSdWUoZ2vHYphTwp2AAA=")
            }
        ],
        "lsid" : {
            "id" : UUID("b9389483-7de4-44b8-a832-e4e264e5c1bc")
        }
    },
    "ok" : 1
}

This should be illegal, since the client-side encryption system should not permit either random or deterministic encryption of null, undefined, minKey, and maxKey per SERVER-40516.

The flaw is that we make these checks when analyzing the JSON schema, but not when we're actually producing intent-to-encrypt markings. The same validity checks need to be made in both places.



 Comments   
Comment by Githook User [ 23/May/19 ]

Author:

{'email': 'david.storch@10gen.com', 'name': 'David Storch', 'username': 'dstorch'}

Message: SERVER-41264 Make mongocryptd error on attempt to randomly encrypt single-valued type.

Prior to this change, null, undefined, minKey, and maxKey
were banned if specified under 'encrypt.bsonType'. However,
with the random encryption algorithm, 'encrypt.bsonType' is
not required. If the client's schema specified random
encryption without any type information, mongocryptd could
incorrectly mark an illegal type for random encryption. That
flaw is corrected in this patch, by checking for an illegal
type in two places – first, when analyzing the schema, and
second, when marking a BSON element for encryption.
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/ec84fdafaf19c9339f68dcbd3b68784aebf9627a

Generated at Thu Feb 08 04:57:15 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.