[SERVER-60625] Implement get for audit log encryption Created: 12/Oct/21  Updated: 29/Oct/23  Resolved: 26/Oct/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.2.0

Type: Task Priority: Major - P3
Reporter: Shreyas Kalyan Assignee: Erwin Pe
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by SERVER-60932 Add integration test for audit key en... Closed
Backwards Compatibility: Fully Compatible
Sprint: Security 2021-10-18, Security 2021-11-01
Participants:

 Description   

We should add a config option to use get for audit encryption instead of encrypt / decrypt. We then need to add support in the KMIP keystore to support this operation. This will involve retrieving the key from the KMIP keystore, encrypting the local encryption key, and storing the relevant metadata in the header (letting the decryptor know that the get operation was used).



 Comments   
Comment by Githook User [ 26/Oct/21 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: SERVER-60625 Implement get for audit log encryption
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/92656eb1287960495a1f4dbc5f5e782680f92af2

Generated at Thu Feb 08 05:50:19 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.