<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 09:04:10 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[JAVA-5275] CSFLE/QE Support for more than 1 KMS provider per type</title>
                <link>https://jira.mongodb.org/browse/JAVA-5275</link>
                <project id="10006" key="JAVA">Java Driver</project>
                    <description>&lt;p&gt;This ticket was split from &lt;tt&gt;&lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-2731&quot; title=&quot;CSFLE/QE Support for more than 1 KMS provider per type&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DRIVERS-2731&quot;&gt;DRIVERS-2731&lt;/a&gt;&lt;/tt&gt;, please see that ticket for a detailed description. &lt;/p&gt;</description>
                <environment></environment>
        <key id="2530038">JAVA-5275</key>
            <summary>CSFLE/QE Support for more than 1 KMS provider per type</summary>
                <type id="2" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14711&amp;avatarType=issuetype">New Feature</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="10038" iconUrl="https://jira.mongodb.org/images/icons/subtask.gif" description="">Backlog</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="dbeng-pm-bot">PM Bot</reporter>
                        <labels>
                    </labels>
                <created>Wed, 20 Dec 2023 18:50:10 +0000</created>
                <updated>Mon, 5 Feb 2024 16:38:24 +0000</updated>
                                                                            <component>Client Side Encryption</component>
                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                    <issuelinks>
                            <issuelinktype id="10620">
                    <name>Issue split</name>
                                                                <inwardlinks description="split from">
                                        <issuelink>
            <issuekey id="2449521">DRIVERS-2731</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_14266" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Documentation Changes Summary</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>&lt;p&gt;1.  What would you like to communicate to the user about this feature?&lt;br/&gt;
2.  Would you like the user to see examples of the syntax and/or executable code and its output?&lt;br/&gt;
3.  Which versions of the driver/connector does this apply to?&lt;/p&gt;</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_21553" key="com.atlassian.jira.plugin.system.customfieldtypes:labels">
                        <customfieldname>Quarter</customfieldname>
                        <customfieldvalues>
                                        <label>FY25Q2</label>
    
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i2n9hw:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_21457" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Upstream Changes Summary</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-2731&quot; title=&quot;CSFLE/QE Support for more than 1 KMS provider per type&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DRIVERS-2731&quot;&gt;DRIVERS-2731&lt;/a&gt;:&lt;/p&gt;
&lt;h1&gt;&lt;a name=&quot;Summary&quot;&gt;&lt;/a&gt;Summary&lt;/h1&gt;
&lt;h2&gt;&lt;a name=&quot;DriverChanges&quot;&gt;&lt;/a&gt;Driver Changes&lt;/h2&gt;

&lt;p&gt;Some drivers may need API changes to accept an arbitrary string where a KMS provider is accepted: &lt;tt&gt;kmsProviders&lt;/tt&gt;, &lt;tt&gt;KMSProvidersTLSOptions&lt;/tt&gt;, &lt;tt&gt;ClientEncryption.createDataKey()&lt;/tt&gt;, and &lt;tt&gt;RewrapManyDataKeyOpts.provider&lt;/tt&gt;&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://docs.google.com/spreadsheets/d/1lbGE5Id1Q7wxJfmHJf8rz1SlaD6LZY33zFM9GWaMHSE/edit#gid=0&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Can current drivers accept arbitrary strings for KMS identifier?&lt;/a&gt; suggests Node and Rust will need API changes.&lt;/p&gt;

&lt;p&gt;Drivers may need changes to support named KMS providers in the &lt;tt&gt;KMSProvidersTLSOptions&lt;/tt&gt; map.&lt;/p&gt;
&lt;h2&gt;&lt;a name=&quot;TestChanges&quot;&gt;&lt;/a&gt;Test Changes&lt;/h2&gt;

&lt;p&gt;Specification tests are added. This introduces use of the &lt;tt&gt;encrypt&lt;/tt&gt; and &lt;tt&gt;decrypt&lt;/tt&gt;&#160;operations in the unified test format.&lt;/p&gt;

&lt;p&gt;The Unified Test Format schema 1.18 is added to allow &lt;tt&gt;patternProperties&lt;/tt&gt; in &lt;tt&gt;kmsProviders.&lt;/tt&gt;&lt;/p&gt;

&lt;p&gt;Tests refer to additional KMS providers: &lt;tt&gt;local:name1&lt;/tt&gt;, &lt;tt&gt;aws:name1&lt;/tt&gt;, &lt;tt&gt;gcp:name1&lt;/tt&gt;, &lt;tt&gt;azure:name1&lt;/tt&gt;, and &lt;tt&gt;kmip:name1&lt;/tt&gt;.&lt;/p&gt;

&lt;p&gt;The &lt;tt&gt;name1&lt;/tt&gt; KMS providers may be configured exactly as the unnamed KMS providers. I.e. &lt;tt&gt;aws:name1&lt;/tt&gt; is configured the same as &lt;tt&gt;aws&lt;/tt&gt;.&lt;/p&gt;

&lt;p&gt;To test configuring two KMS providers of the same type referring to distinct credentials, two more test KMS providers are defined: &lt;tt&gt;local:name2&lt;/tt&gt; and &lt;tt&gt;aws:name2&lt;/tt&gt;.&lt;/p&gt;

&lt;p&gt;Test credentials for &lt;tt&gt;aws:name2&lt;/tt&gt; are available in AWS Secrets Manager under &lt;tt&gt;drivers/csfle&lt;/tt&gt;. The &lt;tt&gt;aws:name2&lt;/tt&gt; account credentials are in &lt;tt&gt;FLE_AWS_SECRET2&lt;/tt&gt; and &lt;tt&gt;FLE_AWS_KEY2&lt;/tt&gt;. See &lt;a href=&quot;https://wiki.corp.mongodb.com/display/DRIVERS/Using+AWS+Secrets+Manager+to+Store+Testing+Secrets&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://wiki.corp.mongodb.com/display/DRIVERS/Using+AWS+Secrets+Manager+to+Store+Testing+Secrets&lt;/a&gt; for more background on how the secrets are managed.&lt;/p&gt;

&lt;p&gt;Prose Test 11 (&lt;tt&gt;KMS TLS Options Tests&lt;/tt&gt;) is extended to test named KMS providers.&lt;/p&gt;
&lt;h1&gt;&lt;a name=&quot;References&quot;&gt;&lt;/a&gt;References&lt;/h1&gt;

&lt;p&gt;&lt;a href=&quot;https://github.com/mongodb/specifications/pull/1492&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/specifications/pull/1492&lt;/a&gt; includes the specification change and tests.&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/pull/1509&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/pull/1509&lt;/a&gt; is a reference implementation in the C driver.&lt;/p&gt;</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>