Field Level Encryption [DATACOUCH-455] #763

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Closed

spring-projects-issues opened this issue Jun 4, 2019 · 2 comments · Fixed by #1546, #1550 or #1554

Assignees

Labels

in: mapping type: enhancement

Milestone

5.0 M6 (2022.0.0)

spring-projects-issues commented Jun 4, 2019

Domenico Ursoleo opened DATACOUCH-455 and commented

Couchbase has a Field Level Encryption feature that encrypt field of a Document simply putting the @EncryptField annotation on a field of the document model and addind a CryptoManager to the environment,

With this configuration:

@Configuration
@EnableCouchbaseRepositories(basePackages = { "com.example.demo.db" })
public class MyCouchbaseConfig extends AbstractCouchbaseConfiguration {
 
@Override 
protected CouchbaseEnvironment getEnvironment() { 
try {
 JceksKeyStoreProvider kp = new JceksKeyStoreProvider("secret");
 kp.publicKeyName("mypublickey");
 kp.storeKey("mypublickey",
           "!mysecretkey#9^5usdk39d&dlf)03sL".getBytes(Charset.forName("UTF-8")));
 kp.signingKeyName("HMACsecret");
 kp.storeKey("HMACsecret", "myauthpassword".getBytes(Charset.forName("UTF-8")));
 AES256CryptoProvider aes256CryptoProvider = new AES256CryptoProvider(kp);
 CryptoManager cryptoManager = new CryptoManager();
 cryptoManager.registerProvider("MyAESProvider", aes256CryptoProvider);
 return 
    DefaultCouchbaseEnvironment.builder().cryptoManager(cryptoManager).build();
 } catch (Exception ex) { return null; } }
}

Given the model

@Document
public class User {
@Id
@GeneratedValue(strategy = GenerationStrategy.UNIQUE)
private String id;

@Field("user")
private String userName;

@EncryptedField(provider = "MyAESProvider") 
@Field("pwd") 
private String password;

// Setters & getters
}

Persisting it via a simple CrudRepository should encrypt the password like calling the native couchbase java client:

EntityDocument<User> document = EntityDocument.create(user);          bucket.repository().upsert(document);

Affects: 3.1.8 (Lovelace SR8)

1 votes, 2 watchers

The text was updated successfully, but these errors were encountered:

spring-projects-issues added type: enhancement in: mapping labels

spring-projects-issues assigned mikereiche

mikereiche added this to the 5.0 M6 (2022.0.0) milestone

Collaborator

mikereiche commented Aug 1, 2022

com.couchbase.client couchbase-encryption ${version}

Collaborator

mikereiche commented Aug 2, 2022 •

edited

Loading

referenced by https://issues.couchbase.com/browse/JVMCBC-1129

rfc - https://github.com/couchbaselabs/sdk-rfcs/blob/master/rfc/0064-sdk3-field-level-encryption.md

doc - https://docs.couchbase.com/java-sdk/current/howtos/encrypting-using-sdk.html

mikereiche added a commit that referenced this issue


          Field Level Encryption Support.

194a3c2

Note that an @Encrypted property object that contains an @Encrypted property is
not supported and will result in an exception.

Closes #763.

mikereiche added a commit that referenced this issue


          Field Level Encryption Support.

e953dd4

Note that an @Encrypted property object that contains an @Encrypted property is
not supported and will result in an exception.

Closes #763.

mikereiche mentioned this issue

Field Level Encryption Support. #1546

Merged

5 tasks

mikereiche added a commit that referenced this issue


          Field Level Encryption Support.

930c79c

Note that an @Encrypted property object that contains an @Encrypted property is
not supported and will result in an exception.

Closes #763.

mikereiche added a commit that referenced this issue


          Field Level Encryption Support.

9ac4347

Note that an @Encrypted property object that contains an @Encrypted property is
not supported and will result in an exception.

Closes #763.

mikereiche added a commit that referenced this issue


          Field Level Encryption Support.

0f02d5f

Note that an @Encrypted property object that contains an @Encrypted property is
not supported and will result in an exception.

Closes #763.

mikereiche added a commit that referenced this issue


          Field Level Encryption Support.

5490b21

Note that an @Encrypted property object that contains an @Encrypted property is
not supported and will result in an exception.

Closes #763.

mikereiche closed this as completed in #1546

mikereiche added a commit that referenced this issue


          Field Level Encryption Support. (#1546)

921b8c2

Note that an @Encrypted property object that contains an @Encrypted property is
not supported and will result in an exception.

Closes #763.

mikereiche added a commit that referenced this issue


          Revisions to FLE support.

d6129e9

Closes #763.

mikereiche added a commit that referenced this issue


          Fix up FLE support.

7570b96

Closes #763.

mikereiche mentioned this issue

Fix up FLE support. #1550

Merged

5 tasks

mikereiche added a commit that referenced this issue


          Fix up FLE support. (#1550)

5fcb8ed

Closes #763.

mikereiche added a commit that referenced this issue


          FLE Implemenation with Property Value Converter.

dea9b86

Closes #763.

mikereiche added a commit that referenced this issue


          Fix cast error in CryptoManager.

13f0e30

Closes #763.

mikereiche mentioned this issue

FLE implementation with property value converter. #1554

Merged

5 tasks

mikereiche added a commit that referenced this issue


          Fix cast error in CryptoManager.

270b720

Closes #763.

mikereiche added a commit that referenced this issue


          FLE implemenation for Spring Data Couchbase.

fe2eeae

Closes #763.

mikereiche added a commit that referenced this issue


          FLE implemenation for Spring Data Couchbase.

ea3e0b6

Closes #763.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment