Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
-
Release Note
-
1
Description
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one.
Suggested release note text:
The `@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with
@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED)then either encrypted or unencrypted values will be accepted during deserialization.
Attachments
Issue Links
- relates to
-
-
- Resolved
-
- links to
Activity
| Field | Original Value | New Value |
|---|---|---|
| Assignee | Michael Nitschinger [ daschl ] | David Nault [ david.nault ] |
| Fix Version/s | 3.2.1 [ 17634 ] |
| Remote Link | This issue links to "Forum post (Web Link)" [ 22807 ] |
| Description |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. Suggested release note text: {quote} The `@Encrypted` {quote} |
| Description |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. Suggested release note text: {quote} The `@Encrypted` {quote} |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. Suggested release note text: {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
| Description |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. Suggested release note text: {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Suggested release note text: {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
| Description |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Suggested release note text: {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. *Suggested release note text:* {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
| Status | New [ 10003 ] | Open [ 1 ] |
| Resolution | Fixed [ 1 ] | |
| Status | Open [ 1 ] | Resolved [ 5 ] |