Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CSHARP-5453: Improve field encryption usability with attributes/API #1631

Draft
wants to merge 12 commits into
base: main
Choose a base branch
from
+1,026 −1
Draft

CSHARP-5453: Improve field encryption usability with attributes/API #1631

Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
c58ce8e
CSHARP-5453: Improve field encryption usability with attributes/API
papafe Mar 7, 2025
83f411c
Small corrections
papafe Mar 7, 2025
2d12643
Fixed stub
papafe Mar 11, 2025
ea79c91
Small fix
papafe Mar 11, 2025
58e34d3
Various improvements
papafe Mar 12, 2025
a2c6b66
Conversion to records
papafe Mar 12, 2025
d79cf8e
Various improvements
papafe Mar 12, 2025
62f9375
Fixed API
papafe Mar 12, 2025
64604a8
Small comment
papafe Mar 12, 2025
c400867
Fix to naming
papafe Mar 13, 2025
8f4104c
Several improvements
papafe Mar 19, 2025
aa9d0c4
Removed unused
papafe Mar 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Conversion to records
@papafe
papafe committed Mar 12, 2025
commit a2c6b6654eaeedd616483995d2607c29278d77b8
59 changes: 7 additions & 52 deletions src/MongoDB.Driver/Encryption/CsfleSchemaBuilder.cs
View file
Original file line number Diff line number Diff line change
@@ -263,21 +263,8 @@ private static string MapBsonTypeToString(BsonType type) //TODO Taken from AstT
}
}

private class SchemaField
private record SchemaField(FieldDefinition<TDocument> Path, Guid? KeyId, CsfleEncyptionAlgorithm? Algorithm, BsonType? BsonType)
{
private FieldDefinition<TDocument> Path { get; } //TODO These could all be private properties
private Guid? KeyId { get; }
private CsfleEncyptionAlgorithm? Algorithm { get; }
private BsonType? BsonType { get; }

public SchemaField(FieldDefinition<TDocument> path, Guid? keyId, CsfleEncyptionAlgorithm? algorithm, BsonType? bsonType)
{
Path = path;
KeyId = keyId;
Algorithm = algorithm;
BsonType = bsonType;
}

public BsonDocument Build(RenderArgs<TDocument> args)
{
return new BsonDocument
@@ -290,7 +277,7 @@ public BsonDocument Build(RenderArgs<TDocument> args)
{
{ "bsonType", () => MapBsonTypeToString(BsonType!.Value), BsonType is not null },
{ "algorithm", () => MapCsfleEncyptionAlgorithmToString(Algorithm!.Value), Algorithm is not null },
{ "keyId", () => new BsonArray( new [] {new BsonBinaryData(KeyId!.Value, GuidRepresentation.Standard) }), KeyId is not null },
{ "keyId", () => new BsonArray(new[] { new BsonBinaryData(KeyId!.Value, GuidRepresentation.Standard) }), KeyId is not null },
}
}
}
@@ -299,22 +286,13 @@ public BsonDocument Build(RenderArgs<TDocument> args)
}
}

private abstract class SchemaNestedField
private abstract record SchemaNestedField
{
public abstract BsonDocument Build(RenderArgs<TDocument> args);
}

private class SchemaNestedField<TField> : SchemaNestedField
private record SchemaNestedField<TField>(FieldDefinition<TDocument> Path, Action<CsfleTypeSchemaBuilder<TField>> Configure) : SchemaNestedField
{
public FieldDefinition<TDocument> Path { get; }
public Action<CsfleTypeSchemaBuilder<TField>> Configure { get; }

public SchemaNestedField(FieldDefinition<TDocument> path, Action<CsfleTypeSchemaBuilder<TField>> configure)
{
Path = path;
Configure = configure;
}

public override BsonDocument Build(RenderArgs<TDocument> args)
{
var fieldBuilder = new CsfleTypeSchemaBuilder<TField>();
@@ -328,33 +306,10 @@ public override BsonDocument Build(RenderArgs<TDocument> args)
}
}

private class SchemaPattern
{
public string Pattern { get; }
public Guid? KeyId { get; }
public CsfleEncyptionAlgorithm? Algorithm { get; }
public BsonType? BsonType { get; }
private record SchemaPattern(string Pattern, Guid? KeyId, CsfleEncyptionAlgorithm? Algorithm, BsonType? BsonType);

public SchemaPattern(string pattern, Guid? keyId, CsfleEncyptionAlgorithm? algorithm, BsonType? bsonType)
{
Pattern = pattern;
KeyId = keyId;
Algorithm = algorithm;
BsonType = bsonType;
}
}

private class SchemaMetadata
private record SchemaMetadata(Guid? KeyId, CsfleEncyptionAlgorithm? Algorithm)
{
public Guid? KeyId { get; }
public CsfleEncyptionAlgorithm? Algorithm { get; }

public SchemaMetadata(Guid? keyId, CsfleEncyptionAlgorithm? algorithm)
{
KeyId = keyId;
Algorithm = algorithm;
}

public BsonDocument Build(RenderArgs<TDocument> args)
{
return new BsonDocument
@@ -363,7 +318,7 @@ public BsonDocument Build(RenderArgs<TDocument> args)
"encryptMetadata", new BsonDocument
{
{ "algorithm", () => MapCsfleEncyptionAlgorithmToString(Algorithm!.Value), Algorithm is not null },
{ "keyId", () => new BsonArray( new [] {new BsonBinaryData(KeyId!.Value, GuidRepresentation.Standard) }), KeyId is not null },
{ "keyId", () => new BsonArray(new[] { new BsonBinaryData(KeyId!.Value, GuidRepresentation.Standard) }), KeyId is not null },
}
}
};
73 changes: 0 additions & 73 deletions tests/MongoDB.Driver.Tests/Encryption/CsfleSchemaBuilderTests.cs
View file
Original file line number Diff line number Diff line change
@@ -100,79 +100,6 @@ public void Test1()
}
}

[Fact]
public void TestBson()
{
const string v1 = """
{
"prop1": "test1"
"prop2": "test2"
}
""";
const string v2 = """
{
"prop2": "test2"
"prop1": "test1"
}
""";

var parsedV1 = BsonDocument.Parse(v1);
var parsedV2 = BsonDocument.Parse(v2);

Assert.Equal(parsedV1, parsedV2);

const string v1Nested = """
{
"prop1": "test1"
"prop2": "test2"
"inner": {
"propIn1": "testIn1",
"propIn2": "testIn2",
}
}
""";
const string v2Nested = """
{
"prop1": "test1"
"prop2": "test2"
"inner": {
"propIn2": "testIn2",
"propIn1": "testIn1",
}
}
""";

var parsedV1Nested = BsonDocument.Parse(v1Nested);
var parsedV2Nested = BsonDocument.Parse(v2Nested);

Assert.NotEqual(parsedV1Nested, parsedV2Nested);
}

internal static void Example()
{
var myKeyId = Guid.NewGuid();

var typedBuilder = CsfleSchemaBuilder.GetTypeBuilder<Patient>()
.EncryptMetadata(keyId: myKeyId)
.Encrypt("bloodType", bsonType: BsonType.String, algorithm: CsfleEncyptionAlgorithm.AEAD_AES_256_CBC_HMAC_SHA_512_Random) //string field
.Encrypt(p => p.Ssn, bsonType: BsonType.Int32, algorithm: CsfleEncyptionAlgorithm.AEAD_AES_256_CBC_HMAC_SHA_512_Deterministic) //expression field
.Encrypt(p => p.MedicalRecords, bsonType: BsonType.Int32, algorithm: CsfleEncyptionAlgorithm.AEAD_AES_256_CBC_HMAC_SHA_512_Deterministic) //expression field with array
.Encrypt(p => p.Insurance, insurance => insurance
.Encrypt(i => i.PolicyNumber)) //nested field
.Encrypt<Insurance>("insurance", insurance => insurance
.Encrypt(i => i.PolicyNumber)) //nested field with string
.PatternProperties("ins*", algorithm: CsfleEncyptionAlgorithm.AEAD_AES_256_CBC_HMAC_SHA_512_Random); //with pattern

var encryptionSchemaBuilder = new CsfleSchemaBuilder()
.WithType(CollectionNamespace.FromFullName("db.coll1"), typedBuilder) //with builder
.WithType<Patient>(CollectionNamespace.FromFullName("db.coll2"), builder => builder //with configure
.Encrypt("bloodType", bsonType: BsonType.String,
algorithm: CsfleEncyptionAlgorithm.AEAD_AES_256_CBC_HMAC_SHA_512_Random)
);

var schema = encryptionSchemaBuilder.Build(); //This can be passed to AutoEncryptionOptions
}

// Taken from the docs, just to have an example case
internal class Patient
{