[SERVER-72932] Implement v2 changes to Queryable Encryption Updates Created: 17/Jan/23  Updated: 29/Oct/23  Resolved: 03/Mar/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 7.0.0-rc0

Type: Task Priority: Major - P3
Reporter: Erwin Pe Assignee: Erwin Pe
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Backwards Compatibility: Fully Compatible
Sprint: Security 2023-03-06
Participants:

 Description   

In the v2 QE protocol, the following changes must be made to the processing of encrypted updates:

  • reject v1 payload types (FLE2FindEqualityPayload or FLE2FindRangePayload in the query, FLE2InsertUpdatePayload in the updates)
  • remove the code that generates & inserts ECC documents for every encrypted field removed.
  • remove the code that inserts ECOC documents for every encrypted field removed (Note that this removes just 1 out of 2 ECOC insertions in the current algorithm)
  • the Garbage Collection procedure must be implemented to pull from _safeContent_ the tags that correspond to removed field values.


 Comments   
Comment by Githook User [ 03/Mar/23 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: SERVER-72932 Implement v2 changes to Queryable Encryption Updates
Branch: master
https://github.com/mongodb/mongo/commit/e869094e1f0dc5561fda90a78b849e5aa36b1cba

Generated at Thu Feb 08 06:23:11 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.