Uploaded image for project: 'Couchbase Java Client'
  1. Couchbase Java Client
  2. JCBC-1852

FLE: Optionally read @Encrypted POJO properties from unencrypted JSON fields.

    XMLWordPrintable

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.2.1
    • None
    • None
    • Release Note
    • 1

    Description

      Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).

      Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one.

      Suggested release note text:

      The `@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with

      @Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED)

      then either encrypted or unencrypted values will be accepted during deserialization.

      Attachments

        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            There are no comments yet on this issue.

            People

              david.nault David Nault
              david.nault David Nault
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty