Uploaded image for project: 'Libmongocrypt'
  1. Libmongocrypt
  2. MONGOCRYPT-450

Remove unnecessary fields from rewrapManyDataKey result

    • Not Needed

      Summary

      libmongocrypt is arbitrarily (and misleadingly) making an effort to return all fields of the key document(s) being rewrapped by rewrapManyDataKey. Only _id, keyMaterial, and masterKey are required to construct the bulk write operations to update rewrapped key documents in the key vault collection.

      Motivation

      Who is the affected end user?

      Drivers implementing rewrapManyDataKey.

      How does this affect the end user?

      Avoids unnecessarily consuming memory for unused fields in the resulting documents.

      How likely is it that this problem or use case will occur?

      Unlikely; Drivers should not be using any of the extra fields in the key document(s). This is also asserted by the CSE unified spec tests.

      If the problem does occur, what are the consequences and how severe are they?

      Not severe. Returning a "full" key document gives the mistaken impression that a replaceOne operation may be appropriate to update the given key document in the key vault collection.

      Is this issue urgent?

      No.

      Is this ticket required by a downstream team?

      No.

      Is this ticket only for tests?

      No. It has functional impact, but the impact should be minimal/none.

            Assignee:
            ezra.chung@mongodb.com Ezra Chung
            Reporter:
            ezra.chung@mongodb.com Ezra Chung
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: