Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
-
Release Note
-
1
Description
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one.
Suggested release note text:
The `@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with
@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED)
then either encrypted or unencrypted values will be accepted during deserialization.
Attachments
Issue Links
- relates to
-
DOC-8934 Java FLE: Document "migration" attribute of Encrypted annotation
-
- Resolved
-
- links to
Activity
Field | Original Value | New Value |
---|---|---|
Assignee | Michael Nitschinger [ daschl ] | David Nault [ david.nault ] |
Fix Version/s | 3.2.1 [ 17634 ] |
Remote Link | This issue links to "Forum post (Web Link)" [ 22807 ] |
Description |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. Suggested release note text: {quote} The `@Encrypted` {quote} |
Description |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. Suggested release note text: {quote} The `@Encrypted` {quote} |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. Suggested release note text: {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
Description |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Release note text TBD, as soon as we figure out how a user should enable the feature. Suggested release note text: {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Suggested release note text: {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
Description |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. Suggested release note text: {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
Let the @Encrypted annotation read from unencrypted fields, so users can add encryption incrementally. (Previously, the read would fail).
Make it optional because enabling this feature would let an adversary to forge a field value simply by replacing an encrypted value with an unencrypted one. *Suggested release note text:* {quote} The `\@Encrypted` annotation can now be used to migrate an existing field from unencrypted to encrypted. If you annotate a field with {noformat}@Encrypted(migration = Encrypted.Migration.FROM_UNENCRYPTED){noformat} then either encrypted or unencrypted values will be accepted during deserialization. {quote} |
Status | New [ 10003 ] | Open [ 1 ] |
Resolution | Fixed [ 1 ] | |
Status | Open [ 1 ] | Resolved [ 5 ] |
Workflow | Couchbase SDK Workflow [ 208337 ] | Couchbase SDK Workflow with Review [ 253957 ] |