Adding queryable encryption range support#4885
Closed
rozza wants to merge 3 commits intospring-projects:mainfrom
Closed
Adding queryable encryption range support#4885rozza wants to merge 3 commits intospring-projects:mainfrom
rozza wants to merge 3 commits intospring-projects:mainfrom
Conversation
Supports range style queries for encrypted fields
rozza
commented
Jan 24, 2025
| * | ||
| * @param encryptedFields can be null | ||
| * @return new instance of {@link CollectionOptions}. | ||
| * @since 4.5.0 |
Contributor
Author
There was a problem hiding this comment.
Not sure if this is the correct version?
rozza
commented
Jan 24, 2025
| * @param options | ||
| * @return | ||
| */ | ||
| public static RangeOptionsAdapter rangeOptionsAdapter(RangeOptions options) { |
Contributor
Author
There was a problem hiding this comment.
Only available in the 5.x driver
rozza
commented
Jan 24, 2025
| database.getCollection("test").drop(); | ||
|
|
||
| ClientEncryption clientEncryption = mongoClientEncryption.getClientEncryption(); | ||
| BsonDocument encryptedFields = new BsonDocument().append("fields", |
Contributor
Author
There was a problem hiding this comment.
Added multiple fields as:
a) its non trivial / not obvious how to do so.
b) needed to ensure testing worked as expected
rozza
commented
Jan 24, 2025
|
|
||
| private static final String LOCAL_KMS_PROVIDER = "local"; | ||
|
|
||
| private static final Lazy<Map<String, Map<String, Object>>> LAZY_KMS_PROVIDERS = Lazy.of(() -> { |
Contributor
Author
There was a problem hiding this comment.
Lazily constructed the master key - so does this only once.
rozza
commented
Jan 24, 2025
| builder.autoEncryptionSettings(AutoEncryptionSettings.builder() // | ||
| .kmsProviders(clientEncryptionSettings.getKmsProviders()) // | ||
| .keyVaultNamespace(clientEncryptionSettings.getKeyVaultNamespace()) // | ||
| .bypassQueryAnalysis(true).build()); |
Contributor
Author
There was a problem hiding this comment.
bypassQueryAnalysis is required to be true.
spring-projects-issues
added
the
status: waiting-for-triage
Contributor
Author
|
@christophstrobl apologies I closed #4879 while I was still working through it and couldn't reopen it - so created a new PR. |
rozza
commented
Jan 24, 2025
| Assert.isInstanceOf(Integer.class, trimFactor, () -> String | ||
| .format("Expected to find a %s but it turned out to be %s.", Integer.class, trimFactor.getClass())); | ||
|
|
||
| rangeOptionsAdapter(encryptionRangeOptions).trimFactor((Integer) trimFactor); |
Contributor
Author
There was a problem hiding this comment.
Not sure what the best approach is for handling Mongo driver 4 user. This adapter is needed to compile - but should there be another check to prevent them using range options at all?
Member
There was a problem hiding this comment.
we're going to remove the 4.x driver backwards compatibility for the next release, so don't worry about that one.
Contributor
Author
There was a problem hiding this comment.
No problems - have removed.
mp911de
added
type: enhancement
Contributor
Author
|
Note: The Also I haven't added |
christophstrobl
added a commit
that referenced
this pull request
Apr 14, 2025
This commit decouples queryable encryption from explicit encryption and introduces the Queryable annotation to represent different query types like range and equality. Additionally it removes value conversion from range encryption and fixes update mapping of range encrypted fields. Original Pull Request: #4885
christophstrobl
pushed a commit
that referenced
this pull request
Apr 14, 2025
Original Pull Request: #4885
christophstrobl
added a commit
that referenced
this pull request
Apr 14, 2025
Original Pull Request: #4885
Member
|
Thank you @rozza - merged to 4.5 development line. |
mp911de
added a commit
that referenced
this pull request
Apr 14, 2025
Guard tests for encryption functionality. Original Pull Request: #4885
christophstrobl
pushed a commit
that referenced
this pull request
Apr 14, 2025
Guard tests for encryption functionality. Original Pull Request: #4885
christophstrobl
added a commit
that referenced
this pull request
Apr 22, 2025
This commit decouples queryable encryption from explicit encryption and introduces the Queryable annotation to represent different query types like range and equality. Additionally it removes value conversion from range encryption and fixes update mapping of range encrypted fields. Original Pull Request: #4885
christophstrobl
pushed a commit
that referenced
this pull request
Apr 22, 2025
Original Pull Request: #4885
christophstrobl
added a commit
that referenced
this pull request
Apr 22, 2025
Original Pull Request: #4885
christophstrobl
pushed a commit
that referenced
this pull request
Apr 22, 2025
Guard tests for encryption functionality. Original Pull Request: #4885
christophstrobl
added a commit
that referenced
this pull request
Apr 22, 2025
This commit decouples queryable encryption from explicit encryption and introduces the Queryable annotation to represent different query types like range and equality. Additionally it removes value conversion from range encryption and fixes update mapping of range encrypted fields. Original Pull Request: #4885
christophstrobl
pushed a commit
that referenced
this pull request
Apr 22, 2025
Original Pull Request: #4885
christophstrobl
added a commit
that referenced
this pull request
Apr 22, 2025
Original Pull Request: #4885
christophstrobl
pushed a commit
that referenced
this pull request
Apr 22, 2025
Guard tests for encryption functionality. Original Pull Request: #4885
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Supports range style queries for encrypted fields.
Note: This feature requires MongoDB 8.0 and a Mongo Client 5.x
Closes: #4185