[SERVER-43670] CSFLE JSON Schema should result in an error for isRemoteSchema:false if non-encrypted property is specified Created: 23/Sep/19  Updated: 05/Dec/22  Resolved: 17/Nov/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Christopher Cho Assignee: Backlog - Query Optimization
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Query Optimization
Participants:

 Description   

According to the driver spec for CSFLE: 

https://github.com/mongodb/specifications/blob/master/source/client-side-encryption/client-side-encryption.rst#schemamap

 

Schemas supplied in the schemaMap only apply to configuring automatic encryption for client side encryption. Other validation rules in the JSON schema will not be enforced by the driver and will result in an error.

 

As stated, a validation rule in the schemaMap such as the following should generate an error:

 

 

{"bsonType":"object","encryptMetadata":{"keyId":[{"$binary": {"base64":"...==","subType":"04"}}]},"properties":{
...
  "name":{"bsonType":"string","description":"must be a string and is required"},
...
}

However, this is instance is currently ignored and no Exceptions are produced during CRUD operations on documents with encrypted fields.



 Comments   
Comment by Jacob Evans [ 17/Nov/22 ]

Closing since FLE 2.0 does not use JSON schema for declaring encrypted fields

Generated at Thu Feb 08 05:03:46 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.