summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMark Benvenuto <mark.benvenuto@mongodb.com>2022-05-16 10:22:33 -0400
committerEvergreen Agent <no-reply@evergreen.mongodb.com>2022-05-17 03:25:41 +0000
commit33f01c2958726b51900c98b3976002f80c8907e6 (patch)
treeda7025b42b3c1ea256f8a1ca16982bb8e570e465
parent86483f603c2de7ee5ec5f013798d38c770e35859 (diff)
downloadmongo-33f01c2958726b51900c98b3976002f80c8907e6.tar.gz
SERVER-66120 Use consistent way to refer to FLE 2 encryption in user-facing messages
(cherry picked from commit ad2271e4c9dfeffd8a11b04a23da361483d695fb)
Diffstat
-rw-r--r--jstests/fle2/implicit_schema_validation.js6
-rw-r--r--src/mongo/crypto/encryption_fields.idl2
-rw-r--r--src/mongo/crypto/fle_crypto.cpp30
-rw-r--r--src/mongo/crypto/fle_field_schema.idl8
-rw-r--r--src/mongo/db/commands/fle2_compact_cmd.cpp2
-rw-r--r--src/mongo/db/fle_crud.cpp17
-rw-r--r--src/mongo/db/fle_crud_mongod.cpp8
-rw-r--r--src/mongo/db/matcher/doc_validation_error.cpp3
-rw-r--r--src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp2
-rw-r--r--src/mongo/s/commands/cluster_shard_collection_cmd.cpp2
10 files changed, 46 insertions, 34 deletions
diff --git a/jstests/fle2/implicit_schema_validation.js b/jstests/fle2/implicit_schema_validation.js
index 41eabb9a6e7..81098070d7d 100644
--- a/jstests/fle2/implicit_schema_validation.js
+++ b/jstests/fle2/implicit_schema_validation.js
@@ -30,7 +30,7 @@ const valueNotEncryptedError = {
};
const wrongEncryptedTypeError = {
operator: "fle2Encrypt",
- reason: "FLE2 encrypted value has wrong type"
+ reason: "Queryable Encryption encrypted value has wrong type"
};
const userMalformedSchema = {
@@ -242,7 +242,7 @@ function negativeTests(coll, hasUserValidator, invert = false) {
}),
{"a.b.c": valueNotEncryptedError});
- jsTestLog("test inserting encrypted field with incorrect FLE2 subtype");
+ jsTestLog("test inserting encrypted field with incorrect Queryable Encryption subtype");
assertExpectedResult(coll.insert({firstName: fle1RandomBinData}),
{firstName: wrongEncryptedTypeError});
assertExpectedResult(coll.insert({
@@ -451,7 +451,7 @@ dbTest.test.drop();
assert.commandFailed(dbTest.createCollection(
"test", {encryptedFields: sampleEncryptedFields, validator: userMalformedSchema}));
-jsTestLog("test FLE1 schema validator on FLE2 collection");
+jsTestLog("test FLE1 schema validator on Queryable Encryption collection");
dbTest.test.drop();
assert.commandFailedWithCode(
dbTest.createCollection("test",
diff --git a/src/mongo/crypto/encryption_fields.idl b/src/mongo/crypto/encryption_fields.idl
index 1a1090ab59d..fc8b243c908 100644
--- a/src/mongo/crypto/encryption_fields.idl
+++ b/src/mongo/crypto/encryption_fields.idl
@@ -40,7 +40,7 @@ enums:
feature_flags:
featureFlagFLE2:
- description: "Enable FLE2 support"
+ description: "Enable Queryable Encryption support"
cpp_varname: gFeatureFlagFLE2
default: true
version: 6.0
diff --git a/src/mongo/crypto/fle_crypto.cpp b/src/mongo/crypto/fle_crypto.cpp
index e870634cb48..38800792351 100644
--- a/src/mongo/crypto/fle_crypto.cpp
+++ b/src/mongo/crypto/fle_crypto.cpp
@@ -903,7 +903,7 @@ void convertToFLE2Payload(FLEKeyVault* keyVault,
if (ep.getAlgorithm() == Fle2AlgorithmInt::kEquality) {
uassert(6338602,
str::stream() << "Type '" << typeName(el.type())
- << "' is not a valid type for FLE 2 encryption",
+ << "' is not a valid type for Queryable Encryption",
isFLE2EqualityIndexedSupportedType(el.type()));
if (ep.getType() == Fle2PlaceholderType::kInsert) {
@@ -923,19 +923,21 @@ void convertToFLE2Payload(FLEKeyVault* keyVault,
findpayload,
builder);
} else {
- uasserted(6410100, "No other FLE2 placeholders supported at this time.");
+ uasserted(6410100,
+ "No other Queryable Encryption placeholders supported at this time.");
}
} else if (ep.getAlgorithm() == Fle2AlgorithmInt::kUnindexed) {
uassert(6379102,
str::stream() << "Type '" << typeName(el.type())
- << "' is not a valid type for FLE 2 encryption",
+ << "' is not a valid type for Queryable Encryption",
isFLE2UnindexedSupportedType(el.type()));
auto payload = FLE2UnindexedEncryptedValue::serialize(userKey, el);
builder->appendBinData(
fieldNameToSerialize, payload.size(), BinDataType::Encrypt, payload.data());
} else {
- uasserted(6338603, "Only FLE 2 style encryption placeholders are supported");
+ uasserted(6338603,
+ "Only Queryable Encryption style encryption placeholders are supported");
}
@@ -954,7 +956,7 @@ void parseAndVerifyInsertUpdatePayload(std::vector<EDCServerPayloadInfo>* pField
uassert(6373504,
str::stream() << "Type '" << typeName(static_cast<BSONType>(iupayload.getType()))
- << "' is not a valid type for FLE 2 encryption",
+ << "' is not a valid type for Queryable Encryption",
isValidBSONType(iupayload.getType()) &&
isFLE2EqualityIndexedSupportedType(static_cast<BSONType>(iupayload.getType())));
@@ -1023,7 +1025,7 @@ void convertServerPayload(ConstDataRange cdr,
uassert(6373506,
str::stream() << "Type '" << typeName(sp.bsonType)
- << "' is not a valid type for FLE 2 encryption",
+ << "' is not a valid type for Queryable Encryption",
isFLE2EqualityIndexedSupportedType(sp.bsonType));
auto swEncrypted =
@@ -1450,8 +1452,8 @@ void FLEClientCrypto::validateDocument(const BSONObj& doc,
BSONElement safeContent = doc[kSafeContent];
- // If there are no tags and no safeContent, then this document is not FLE 2 and is therefore
- // fine
+ // If there are no tags and no safeContent, then this document is not Queryable Encryption and
+ // is therefore fine
if (tags.size() == 0 && safeContent.eoo()) {
return;
}
@@ -1807,7 +1809,7 @@ FLE2IndexedEqualityEncryptedValue::FLE2IndexedEqualityEncryptedValue(
indexKeyId(payload.getIndexKeyId()),
clientEncryptedValue(vectorFromCDR(payload.getValue())) {
uassert(6373508,
- "Invalid BSON Type in FLE2InsertUpdatePayload",
+ "Invalid BSON Type in Queryable Encryption InsertUpdatePayload",
isValidBSONType(payload.getType()));
}
@@ -1856,7 +1858,7 @@ StatusWith<FLE2IndexedEqualityEncryptedValue> FLE2IndexedEqualityEncryptedValue:
}
uassert(6373509,
- "Invalid BSON Type in FLE2InsertUpdatePayload",
+ "Invalid BSON Type in Queryable Encryption InsertUpdatePayload",
isValidBSONType(swBsonType.getValue()));
auto type = static_cast<BSONType>(swBsonType.getValue());
@@ -1964,7 +1966,9 @@ StatusWith<std::vector<uint8_t>> FLE2IndexedEqualityEncryptedValue::serialize(
std::vector<uint8_t> FLE2UnindexedEncryptedValue::serialize(const FLEUserKeyAndId& userKey,
const BSONElement& element) {
BSONType bsonType = element.type();
- uassert(6379107, "Invalid BSON data type", isFLE2UnindexedSupportedType(bsonType));
+ uassert(6379107,
+ "Invalid BSON data type for Queryable Encryption",
+ isFLE2UnindexedSupportedType(bsonType));
auto value = ConstDataRange(element.value(), element.value() + element.valuesize());
auto cdrKeyId = userKey.keyId.toCDR();
@@ -2000,7 +2004,9 @@ std::pair<BSONType, std::vector<uint8_t>> FLE2UnindexedEncryptedValue::deseriali
auto userKey = keyVault->getUserKeyById(keyId);
BSONType bsonType = static_cast<BSONType>(adc.read<uint8_t>());
- uassert(6379111, "Invalid BSON data type", isFLE2UnindexedSupportedType(bsonType));
+ uassert(6379111,
+ "Invalid BSON data type for Queryable Encryption",
+ isFLE2UnindexedSupportedType(bsonType));
auto data = uassertStatusOK(
decryptDataWithAssociatedData(userKey.key.toCDR(), assocDataCdr, cipherTextCdr));
diff --git a/src/mongo/crypto/fle_field_schema.idl b/src/mongo/crypto/fle_field_schema.idl
index a1d3ef5394a..f1184621c85 100644
--- a/src/mongo/crypto/fle_field_schema.idl
+++ b/src/mongo/crypto/fle_field_schema.idl
@@ -134,7 +134,7 @@ structs:
type: IDLAnyType
cpp_name: value
cm:
- description: "FLE2 max contention counter"
+ description: "Queryable Encryption max contention counter"
type: long
cpp_name: maxContentionCounter
@@ -205,13 +205,13 @@ structs:
type: bindata_generic
cpp_name: eccDerivedToken
cm:
- description: "FLE2 max counter"
+ description: "Queryable Encryption max counter"
type: long
cpp_name: maxCounter
optional: true
EncryptionInformation:
- description: "Implements Encryption Information which includes the schema for FLE 2 that is consumed by query_analysis, queries and write_ops"
+ description: "Implements Encryption Information which includes the schema for Queryable Encryption that is consumed by query_analysis, queries and write_ops"
strict: true
fields:
type:
@@ -229,7 +229,7 @@ structs:
type: object_owned
unstable: true
crudProcessed:
- description: "A boolean to indicate whether the CRUD layer has already processed this FLE2 request. Used to prevent infinite recursion."
+ description: "A boolean to indicate whether the CRUD layer has already processed this Queryable Encryption request. Used to prevent infinite recursion."
type: bool
optional: true
unstable: true
diff --git a/src/mongo/db/commands/fle2_compact_cmd.cpp b/src/mongo/db/commands/fle2_compact_cmd.cpp
index 4d0e5bba6bb..d4e04c22db3 100644
--- a/src/mongo/db/commands/fle2_compact_cmd.cpp
+++ b/src/mongo/db/commands/fle2_compact_cmd.cpp
@@ -89,7 +89,7 @@ CompactStats compactEncryptedCompactionCollection(OperationContext* opCtx,
// TODO (SERVER-65077): Remove FCV check once 6.0 is released
uassert(6319903,
- "FLE 2 is only supported when FCV supports 6.0",
+ "Queryable Encryption is only supported when FCV supports 6.0",
gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility));
validateCompactRequest(request, *edc.get());
diff --git a/src/mongo/db/fle_crud.cpp b/src/mongo/db/fle_crud.cpp
index 1b2d86c0bff..cf1d991e151 100644
--- a/src/mongo/db/fle_crud.cpp
+++ b/src/mongo/db/fle_crud.cpp
@@ -190,7 +190,9 @@ std::pair<FLEBatchResult, write_ops::InsertCommandReply> processInsert(
auto documents = insertRequest.getDocuments();
// TODO - how to check if a document will be too large???
- uassert(6371202, "Only single insert batches are supported in FLE2", documents.size() == 1);
+ uassert(6371202,
+ "Only single insert batches are supported in Queryable Encryption",
+ documents.size() == 1);
auto document = documents[0];
EDCServerCollection::validateEncryptedFieldInfo(document, efc);
@@ -241,7 +243,8 @@ std::pair<FLEBatchResult, write_ops::InsertCommandReply> processInsert(
// does not try to commit the transaction.
if (reply->getWriteErrors().has_value() && !reply->getWriteErrors().value().empty()) {
return SemiFuture<void>::makeReady(
- Status(ErrorCodes::FLETransactionAbort, "FLE2 write errors on insert"));
+ Status(ErrorCodes::FLETransactionAbort,
+ "Queryable Encryption write errors on insert"));
}
return SemiFuture<void>::makeReady();
@@ -320,7 +323,8 @@ write_ops::DeleteCommandReply processDelete(OperationContext* opCtx,
// does not try to commit the transaction.
if (reply->getWriteErrors().has_value() && !reply->getWriteErrors().value().empty()) {
return SemiFuture<void>::makeReady(
- Status(ErrorCodes::FLETransactionAbort, "FLE2 write errors on delete"));
+ Status(ErrorCodes::FLETransactionAbort,
+ "Queryable Encryption write errors on delete"));
}
return SemiFuture<void>::makeReady();
@@ -404,7 +408,8 @@ write_ops::UpdateCommandReply processUpdate(OperationContext* opCtx,
// does not try to commit the transaction.
if (reply->getWriteErrors().has_value() && !reply->getWriteErrors().value().empty()) {
return SemiFuture<void>::makeReady(
- Status(ErrorCodes::FLETransactionAbort, "FLE2 write errors on delete"));
+ Status(ErrorCodes::FLETransactionAbort,
+ "Queryable Encryption write errors on delete"));
}
return SemiFuture<void>::makeReady();
@@ -885,7 +890,7 @@ FLEBatchResult processFLEBatch(OperationContext* opCtx,
// TODO (SERVER-65077): Remove FCV check once 6.0 is released
uassert(6371209,
- "FLE 2 is only supported when FCV supports 6.0",
+ "Queryable Encryption is only supported when FCV supports 6.0",
gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility));
if (request.getBatchType() == BatchedCommandRequest::BatchType_Insert) {
@@ -1143,7 +1148,7 @@ FLEBatchResult processFLEFindAndModify(OperationContext* opCtx,
// TODO (SERVER-65077): Remove FCV check once 6.0 is released
if (!gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility)) {
- uasserted(6371405, "FLE 2 is only supported when FCV supports 6.0");
+ uasserted(6371405, "Queryable Encryption is only supported when FCV supports 6.0");
}
// FLE2 Mongos CRUD operations loopback through MongoS with EncryptionInformation as
diff --git a/src/mongo/db/fle_crud_mongod.cpp b/src/mongo/db/fle_crud_mongod.cpp
index e8ac3a9b77b..ba0d98e69b4 100644
--- a/src/mongo/db/fle_crud_mongod.cpp
+++ b/src/mongo/db/fle_crud_mongod.cpp
@@ -180,7 +180,7 @@ FLEBatchResult processFLEInsert(OperationContext* opCtx,
repl::ReplicationCoordinator::modeReplSet);
uassert(5926101,
- "FLE 2 is only supported when FCV supports 6.0",
+ "Queryable Encryption is only supported when FCV supports 6.0",
gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility));
auto [batchResult, insertReplyReturn] =
@@ -206,7 +206,7 @@ write_ops::DeleteCommandReply processFLEDelete(
repl::ReplicationCoordinator::modeReplSet);
uassert(5926102,
- "FLE 2 is only supported when FCV supports 6.0",
+ "Queryable Encryption is only supported when FCV supports 6.0",
gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility));
auto deleteReply = processDelete(opCtx, deleteRequest, &getTransactionWithRetriesForMongoD);
@@ -225,7 +225,7 @@ write_ops::FindAndModifyCommandReply processFLEFindAndModify(
repl::ReplicationCoordinator::modeReplSet);
uassert(5926103,
- "FLE 2 is only supported when FCV supports 6.0",
+ "Queryable Encryption is only supported when FCV supports 6.0",
gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility));
auto reply = processFindAndModifyRequest<write_ops::FindAndModifyCommandReply>(
@@ -243,7 +243,7 @@ write_ops::UpdateCommandReply processFLEUpdate(
repl::ReplicationCoordinator::modeReplSet);
uassert(5926104,
- "FLE 2 is only supported when FCV supports 6.0",
+ "Queryable Encryption is only supported when FCV supports 6.0",
gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility));
auto updateReply = processUpdate(opCtx, updateRequest, &getTransactionWithRetriesForMongoD);
diff --git a/src/mongo/db/matcher/doc_validation_error.cpp b/src/mongo/db/matcher/doc_validation_error.cpp
index 69dd9c387d3..3810b190132 100644
--- a/src/mongo/db/matcher/doc_validation_error.cpp
+++ b/src/mongo/db/matcher/doc_validation_error.cpp
@@ -902,7 +902,8 @@ public:
}
void visit(const InternalSchemaBinDataFLE2EncryptedTypeExpression* expr) final {
static constexpr auto kNotEncryptedReason = "value was not encrypted";
- static constexpr auto kBadValueTypeReason = "FLE2 encrypted value has wrong type";
+ static constexpr auto kBadValueTypeReason =
+ "Queryable Encryption encrypted value has wrong type";
static constexpr auto kInvertedReason = "value was encrypted";
_context->pushNewFrame(*expr);
diff --git a/src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp b/src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp
index c4fd520e805..117e5f087f2 100644
--- a/src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp
+++ b/src/mongo/db/s/shardsvr_compact_structured_encryption_data_command.cpp
@@ -77,7 +77,7 @@ public:
Reply typedRun(OperationContext* opCtx) {
// TODO (SERVER-65077): Remove FCV check once 6.0 is released
uassert(6350499,
- "FLE 2 is only supported when FCV supports 6.0",
+ "Queryable Encryption is only supported when FCV supports 6.0",
gFeatureFlagFLE2.isEnabled(serverGlobalParams.featureCompatibility));
FixedFCVRegion fixedFcvRegion(opCtx);
diff --git a/src/mongo/s/commands/cluster_shard_collection_cmd.cpp b/src/mongo/s/commands/cluster_shard_collection_cmd.cpp
index 70fa815b574..3a925fd730a 100644
--- a/src/mongo/s/commands/cluster_shard_collection_cmd.cpp
+++ b/src/mongo/s/commands/cluster_shard_collection_cmd.cpp
@@ -91,7 +91,7 @@ public:
!nss.isTimeseriesBucketsCollection());
uassert(6464401,
- "Sharding a FLE 2 state collection is not allowed",
+ "Sharding a Queryable Encryption state collection is not allowed",
!nss.isFLE2StateCollection());
auto shardCollRequest =
View Lorry Controller Status