FLE: Optionally read @Encrypted POJO properties from unencrypted JSON fields.

Description

Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).

Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one.

Suggested release note text:

The `@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with

@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED)

then either encrypted or unencrypted values will be accepted during deserialization.

Environment

None

Gerrit Reviews

None

Release Notes Description

None

Linked issues

relates to

DOC-8934

Java FLE: Document "migration" attribute of Encrypted annotation

Activity

Show:

Flagged

Fixed

Pinned fields

Click on the next to a field label to start pinning.

Details
Assignee
David Nault
Reporter
David Nault
Story Points
1
Fix versions
3.2.1
Priority
Major
Instabug
Open Instabug

PagerDuty

Sentry

Zendesk Support

Created July 28, 2021 at 12:20 AM

Updated August 4, 2021 at 4:22 PM

Resolved August 2, 2021 at 3:20 PM

Configure

Instabug

FLE: Optionally read @Encrypted POJO properties from unencrypted JSON fields.

Description

Environment

Gerrit Reviews

Release Notes Description

Linked issues

relates to

Activity

DetailsAssigneeDavid NaultDavid NaultReporterDavid NaultDavid NaultStory Points1Fix versions3.2.1PriorityMajorInstabugOpen Instabug

Details

Assignee

Reporter

Story Points

Fix versions

Priority

Instabug

PagerDutyPagerDuty Incident

PagerDuty

Sentry Linked Issues

Sentry

Zendesk SupportLinked Tickets

Zendesk Support

Details
Assignee
David Nault
Reporter
David Nault
Story Points
1
Fix versions
3.2.1
Priority
Major
Instabug
Open Instabug

PagerDuty

Sentry

Zendesk Support