[SERVER-59937] Verify the encrypted audit log IVs have correct sequence Created: 14/Sep/21  Updated: 29/Oct/23  Resolved: 15/Oct/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.1.0-rc0

Type: Task Priority: Major - P3
Reporter: Erwin Pe Assignee: Erwin Pe
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Sprint: Security 2021-09-20, Security 2021-10-04, Security 2021-10-18
Participants:

 Description   

The audit log encryption feature uses an incrementing IV counter when encrypting each log line. This counter serves as an integrity check on the sequence of each individual log line so, that we can verify that no lines have been removed or swapped in the middle of the audit log file.

mongoauditdecrypt should have a way of checking the IVs are monotonically increasing by 1 every time it decrypts a log line, and fail when a log line does not have the expected IV.



 Comments   
Comment by Githook User [ 15/Oct/21 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: SERVER-59937 Verify the encrypted audit log IVs have correct sequence
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/d4975b552b4cd79958715b288087619f37b26029

Generated at Thu Feb 08 05:48:33 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.