<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 09:08:54 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[MONGOCRYPT-537] Switch QE to CBC for user data</title>
                <link>https://jira.mongodb.org/browse/MONGOCRYPT-537</link>
                <project id="17481" key="MONGOCRYPT">Libmongocrypt</project>
                    <description>&lt;p&gt;Change from CTR cipher mode to CBC cipher mode for encrypting the user data. In final cipher in use will be AES-256-CBC with AEAD provided by HMAC-SHA-256. This is not the same as the FLE 1 algorithm which took half of SHA-512 for AEAD.&lt;/p&gt;

&lt;p&gt;This impacts kFLE2EqualityIndexedValueV2 and kFLE2RangeIndexedValueV2. Also, a new unindexed encrypted value type will be needed that uses CBC.&lt;/p&gt;

&lt;p&gt;In the server code, only the QE code that calls _mongocrypt_fle2aead_do_encryption is affected by this change.&lt;/p&gt;</description>
                <environment></environment>
        <key id="2265666">MONGOCRYPT-537</key>
            <summary>Switch QE to CBC for user data</summary>
                <type id="3" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14718&amp;avatarType=issuetype">Task</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="sara.golemon@mongodb.com">Sara Golemon</assignee>
                                    <reporter username="mark.benvenuto@mongodb.com">Mark Benvenuto</reporter>
                        <labels>
                    </labels>
                <created>Wed, 15 Feb 2023 17:40:49 +0000</created>
                <updated>Sat, 28 Oct 2023 10:25:56 +0000</updated>
                            <resolved>Tue, 28 Feb 2023 18:14:56 +0000</resolved>
                                                    <fixVersion>1.8.0</fixVersion>
                    <fixVersion>1.8.0-alpha0</fixVersion>
                                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                <comments>
                            <comment id="5237491" author="xgen-internal-githook" created="Tue, 28 Feb 2023 18:14:02 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/MONGOCRYPT-537&quot; title=&quot;Switch QE to CBC for user data&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MONGOCRYPT-537&quot;&gt;&lt;del&gt;MONGOCRYPT-537&lt;/del&gt;&lt;/a&gt; Use AES-256-CBC/SHA-256 with FLE2v2&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/libmongocrypt/commit/e656245b7ebc742df210c8156b9aac41bdd5d113&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libmongocrypt/commit/e656245b7ebc742df210c8156b9aac41bdd5d113&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5230158" author="xgen-internal-githook" created="Fri, 24 Feb 2023 21:37:03 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Sara Golemon&apos;, &apos;email&apos;: &apos;sara.golemon@mongodb.com&apos;, &apos;username&apos;: &apos;sgolemon&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/MONGOCRYPT-537&quot; title=&quot;Switch QE to CBC for user data&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MONGOCRYPT-537&quot;&gt;&lt;del&gt;MONGOCRYPT-537&lt;/del&gt;&lt;/a&gt; Use AES-256-CBC/SHA-256 with FLE2v2&lt;br/&gt;
Branch: &lt;a href=&quot;https://jira.mongodb.org/browse/MONGOCRYPT-537&quot; title=&quot;Switch QE to CBC for user data&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MONGOCRYPT-537&quot;&gt;&lt;del&gt;MONGOCRYPT-537&lt;/del&gt;&lt;/a&gt;&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/libmongocrypt/commit/7c99a864f2165d77e1467d1d96a2b341bf6bf287&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libmongocrypt/commit/7c99a864f2165d77e1467d1d96a2b341bf6bf287&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5226522" author="sara.golemon" created="Thu, 23 Feb 2023 20:09:44 +0000"  >&lt;p&gt;&lt;a href=&quot;https://github.com/mongodb/libmongocrypt/pull/582&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libmongocrypt/pull/582&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="2271689">MONGOCRYPT-546</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                <customfield id="customfield_21957" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Binding Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="22966"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>PM-2972</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i1ftbr:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="6920">Security 2023-03-06</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                </customfields>
    </item>
</channel>
</rss>