diff options
Diffstat (limited to 'src/mongo/crypto/fle_crypto.cpp')
-rw-r--r-- | src/mongo/crypto/fle_crypto.cpp | 61 |
1 files changed, 33 insertions, 28 deletions
diff --git a/src/mongo/crypto/fle_crypto.cpp b/src/mongo/crypto/fle_crypto.cpp index 8a189c9a1c5..323df781f91 100644 --- a/src/mongo/crypto/fle_crypto.cpp +++ b/src/mongo/crypto/fle_crypto.cpp @@ -119,7 +119,6 @@ constexpr uint64_t kESCNonNullId = 1; constexpr uint64_t KESCInsertRecordValue = 0; constexpr uint64_t kESCompactionRecordValue = std::numeric_limits<uint64_t>::max(); -constexpr uint64_t kESCompactionRecordCountPlaceholder = 0; constexpr auto kId = "_id"; constexpr auto kValue = "value"; @@ -1512,37 +1511,13 @@ BSONObj ESCCollection::generateInsertDocument(ESCTwiceDerivedTagToken tagToken, return builder.obj(); } - -BSONObj ESCCollection::generatePositionalDocument(ESCTwiceDerivedTagToken tagToken, - ESCTwiceDerivedValueToken valueToken, - uint64_t index, - uint64_t pos, - uint64_t count) { - auto block = ESCCollection::generateId(tagToken, index); - - auto swCipherText = packAndEncrypt(std::tie(pos, count), valueToken); - uassertStatusOK(swCipherText); - - BSONObjBuilder builder; - toBinData(kId, block, &builder); - toBinData(kValue, swCipherText.getValue(), &builder); -#ifdef FLE2_DEBUG_STATE_COLLECTIONS - builder.append(kDebugId, static_cast<int64_t>(index)); - builder.append(kDebugValuePosition, static_cast<int64_t>(pos)); - builder.append(kDebugValueCount, static_cast<int64_t>(count)); -#endif - - return builder.obj(); -} - - BSONObj ESCCollection::generateCompactionPlaceholderDocument(ESCTwiceDerivedTagToken tagToken, ESCTwiceDerivedValueToken valueToken, - uint64_t index) { + uint64_t index, + uint64_t count) { auto block = ESCCollection::generateId(tagToken, index); - auto swCipherText = packAndEncrypt( - std::tie(kESCompactionRecordValue, kESCompactionRecordCountPlaceholder), valueToken); + auto swCipherText = packAndEncrypt(std::tie(kESCompactionRecordValue, count), valueToken); uassertStatusOK(swCipherText); BSONObjBuilder builder; @@ -2352,4 +2327,34 @@ ParsedFindPayload::ParsedFindPayload(BSONElement fleFindPayload) { maxCounter = payload.getMaxCounter(); } +std::vector<CompactionToken> CompactionHelpers::parseCompactionTokens(BSONObj compactionTokens) { + std::vector<CompactionToken> parsed; + + for (auto& elem : compactionTokens) { + uassert(6346801, + str::stream() << "Field '" << elem.fieldNameStringData() + << "' of compaction tokens must be a bindata and general subtype", + elem.isBinData(BinDataType::BinDataGeneral)); + + auto vec = elem._binDataVector(); + auto block = PrfBlockfromCDR(vec); + + parsed.push_back({elem.fieldNameStringData().toString(), ECOCToken(std::move(block))}); + } + return parsed; +} + +void CompactionHelpers::validateCompactionTokens(const EncryptedFieldConfig& efc, + BSONObj compactionTokens) { + for (const auto& field : efc.getFields()) { + const auto& tokenElement = compactionTokens.getField(field.getPath()); + uassert( + 6346806, + str::stream() + << "Compaction tokens object is missing compaction token for the encrypted path '" + << field.getPath() << "'", + !tokenElement.eoo()); + } +} + } // namespace mongo |