[SERVER-44044] Remove unused second parameter from KeyVault.createDataKey() Created: 16/Oct/19  Updated: 29/Oct/23  Resolved: 05/Nov/19

Status: Closed
Project: Core Server
Component/s: Security, Shell
Affects Version/s: None
Fix Version/s: 4.3.1, 4.2.3

Type: Improvement Priority: Major - P3
Reporter: Ravind Kumar (Inactive) Assignee: Shreyas Kalyan
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Documented
is documented by DOCS-13121 Investigate changes in SERVER-44044: ... Closed
Related
Backwards Compatibility: Fully Compatible
Backport Requested:
v4.2
Sprint: Security 2019-11-04, Security 2019-11-18
Participants:

 Description   

In the 4.2 mongo shell, KeyVault.createKey() takes three parameters. The second parameter customerMasterKey indicates that the user should set a CMK for the local KMS.

From discussions, this appears to be a vestigial parameter in the context of the local KMS that is ultimately not used. The generateDataKey method eventually boils down to an kms_local.encrypt where the specified CMK is unused.

The documentation will be modified to have users input an empty string ("") for the parameter. To clean this up, the second parameter should be optional (or rejected?) when kms = "local" .



 Comments   
Comment by Githook User [ 03/Jan/20 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@mongodb.com', 'username': 'shreyaskal'}

Message: SERVER-44044 Remove unused second parameter from KeyVault.createDataKey()

(cherry picked from commit 05aec2872159cf583fe8655ca55f4bf70268efcf)
Branch: v4.2
https://github.com/mongodb/mongo/commit/f9af7e53f24ac8d8bd16b788d871b263ae1612a9

Comment by Githook User [ 03/Jan/20 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@mongodb.com', 'username': 'shreyaskal'}

Message: SERVER-44044 Remove unused second parameter from KeyVault.createDataKey()

(cherry picked from commit 0a325880da7d34f4eed430b372fc43a35132a4f3)
Branch: v4.2
https://github.com/10gen/mongo-enterprise-modules/commit/9db286dea166341f6f42adf91383ea5044a7e92e

Comment by Githook User [ 05/Nov/19 ]

Author:

{'username': 'shreyaskal', 'email': 'shreyas.kalyan@mongodb.com', 'name': 'Shreyas Kalyan'}

Message: SERVER-44044 Remove unused second parameter from KeyVault.createDataKey()
Branch: master
https://github.com/mongodb/mongo/commit/05aec2872159cf583fe8655ca55f4bf70268efcf

Comment by Githook User [ 05/Nov/19 ]

Author:

{'username': 'shreyaskal', 'email': 'shreyas.kalyan@mongodb.com', 'name': 'Shreyas Kalyan'}

Message: SERVER-44044 Remove unused second parameter from KeyVault.createDataKey()
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/0a325880da7d34f4eed430b372fc43a35132a4f3

Comment by Kevin Albertson [ 16/Oct/19 ]

The API for drivers already specifies the masterKey as a BSON document to closely correspond to the masterKey schema of document in the key vault collection and not to tie arguments to AWS specifics:

class DataKeyOpts {
   masterKey: Optional<Document>
   keyAltNames: Optional<Array[String]> // An alternative to \_id to reference a key.
}

The spec notes that it is required for AWS, but not applicable for local:

Drivers MUST document the expected value of masterKey for "aws" and that it is required, not optional.
If the kmsProvider is "local" the masterKey is not applicable.

So I do not think we need to make a change in drivers.

Comment by Ravind Kumar (Inactive) [ 16/Oct/19 ]

As a sidebar, I noticed in the java driver docs we aren't making clear the relationship between the `DataKeyOpts.masterKey` value and `kmsProvider`. Without an example, a user cannot know that aws requires `masterKey` and `local` ignores it. Not sure how consistent we are across driver docs on making the relationship consistent.

Comment by Kenneth White [ 16/Oct/19 ]

I have an example of how this looks for shell with a local key here (line 50):
https://gist.github.com/kennwhite/6fce02fc707cd33f147b3b8d31ee5cfa#file-hello_world_shell_local-js-L50
vs with KMS (line 51):
https://gist.github.com/kennwhite/ac586cfa1f8673a5cbec8c8b91e29bbc#file-hello_world_shell_kms-js-L51

Comment by Bernie Hackett [ 16/Oct/19 ]

kevin.albertson jeff.yemin, do we already have a ticket to track this work in drivers?

Comment by Ravind Kumar (Inactive) [ 16/Oct/19 ]

cc behackett kenneth.white

Kenn pointed out that there might be driver-side changes depending on what drivers do with the CMK for local KMS. If we are universally throwing away the CMK for local KMS, I think its worth logging a warning that the CMK value is ignored for local KMS (just so there are no surprises) and updating driver docs to state the same.

Generated at Thu Feb 08 05:04:49 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.