Skip to content

Added range index support for queryable encryption #1069

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Feb 1, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ ext {
zstdVersion = '1.5.2-5'
awsSdkV2Version = '2.18.9'
awsSdkV1Version = '1.12.337'
mongoCryptVersion = '1.6.1'
mongoCryptVersion = '1.7.1'
projectReactorVersion = '2022.0.0'
junitBomVersion = '5.8.2'
gitVersion = getGitVersion()
Expand Down Expand Up @@ -244,6 +244,7 @@ configure(javaCodeCheckedProjects) {
testImplementation(platform("org.junit:junit-bom:$junitBomVersion"))
testImplementation('org.junit.jupiter:junit-jupiter')
testImplementation('org.junit.jupiter:junit-jupiter-params')
testImplementation('org.junit.jupiter:junit-jupiter-engine')
testImplementation('org.junit.vintage:junit-vintage-engine')

testImplementation platform('org.spockframework:spock-bom:2.1-groovy-3.0')
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ public class EncryptOptions {
private final String algorithm;
private Long contentionFactor;
private String queryType;
private RangeOptions rangeOptions;

/**
* Construct an instance with the given algorithm.
Expand All @@ -50,6 +51,7 @@ public EncryptOptions(final String algorithm) {
* <li>AEAD_AES_256_CBC_HMAC_SHA_512-Random</li>
* <li>Indexed</li>
* <li>Unindexed</li>
* <li>RangePreview</li>
* </ul>
*
* @return the encryption algorithm
Expand Down Expand Up @@ -113,7 +115,8 @@ public EncryptOptions keyAltName(final String keyAltName) {
/**
* The contention factor.
*
* <p>It is an error to set contentionFactor when algorithm is not "Indexed".
* <p>It is an error to set contentionFactor when algorithm is not "Indexed" or "RangePreview".
* <p>Note: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes.</p>
* @param contentionFactor the contention factor, which must be {@code >= 0} or null.
* @return this
* @since 4.7
Expand All @@ -140,9 +143,9 @@ public Long getContentionFactor() {
/**
* The QueryType.
*
* <p>Currently, we support only "equality" queryType.</p>
* <p>It is an error to set queryType when the algorithm is not "Indexed".</p>
*
* <p>Currently, we support only "equality" or "RangePreview" queryType.</p>
* <p>It is an error to set queryType when the algorithm is not "Indexed" or "RangePreview".</p>
* <p>Note: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes.</p>
* @param queryType the query type
* @return this
* @since 4.7
Expand All @@ -156,7 +159,7 @@ public EncryptOptions queryType(@Nullable final String queryType) {
/**
* Gets the QueryType.
*
* <p>Currently, we support only "equality" queryType.</p>
* <p>Currently, we support only "equality" or "RangePreview" queryType.</p>
* @see #queryType(String)
* @return the queryType or null
* @since 4.7
Expand All @@ -167,14 +170,45 @@ public String getQueryType() {
return queryType;
}

/**
* The RangeOptions
*
* <p>It is an error to set RangeOptions when the algorithm is not "RangePreview".
* <p>Note: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes.
* @param rangeOptions the range options
* @return this
* @since 4.9
* @mongodb.server.release 6.2
* @mongodb.driver.manual /core/queryable-encryption/ queryable encryption
*/
@Beta(Beta.Reason.SERVER)
public EncryptOptions rangeOptions(@Nullable final RangeOptions rangeOptions) {
this.rangeOptions = rangeOptions;
return this;
}

/**
* Gets the RangeOptions
* @return the range options or null if not set
* @since 4.9
* @mongodb.server.release 6.2
* @mongodb.driver.manual /core/queryable-encryption/ queryable encryption
*/
@Nullable
@Beta(Beta.Reason.SERVER)
public RangeOptions getRangeOptions() {
return rangeOptions;
}

@Override
public String toString() {
return "EncryptOptions{"
+ "keyId=" + keyId
+ ", keyAltName='" + keyAltName + '\''
+ ", algorithm='" + algorithm + '\''
+ ", contentionFactor=" + contentionFactor
+ ", queryType=" + queryType
+ ", queryType='" + queryType + '\''
+ ", rangeOptions=" + rangeOptions
+ '}';
}
}
131 changes: 131 additions & 0 deletions driver-core/src/main/com/mongodb/client/model/vault/RangeOptions.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,131 @@
/*
* Copyright 2008-present MongoDB, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.mongodb.client.model.vault;

import com.mongodb.annotations.Beta;
import com.mongodb.lang.Nullable;
import org.bson.BsonValue;

/**
* Range options specifies index options for a Queryable Encryption field supporting "rangePreview" queries.
*
* <p>{@code min}, {@code max}, {@code sparsity}, and {@code precision} must match the values set in the {@code encryptedFields}
* of the destination collection.
*
* <p>For {@code double} and {@code decimal128}, {@code min}/{@code max}/{@code precision} must all be set, or all be unset.
*
* <p>Note: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes.
* @since 4.9
* @mongodb.server.release 6.2
* @mongodb.driver.manual /core/queryable-encryption/ queryable encryption
*/
@Beta(Beta.Reason.SERVER)
public class RangeOptions {

private BsonValue min;
private BsonValue max;
private Long sparsity;
private Integer precision;

/**
* Construct a new instance
*/
public RangeOptions() {
}

/**
* Set the minimum value set in the encryptedFields of the destination collection.
* @param min the minimum value
* @return this
*/
public RangeOptions min(@Nullable final BsonValue min) {
this.min = min;
return this;
}

/**
* @return the minimum value if set
*/
@Nullable
public BsonValue getMin() {
return min;
}

/**
* Set the maximum value set in the encryptedFields of the destination collection.
* @param max the maximum value
* @return this
*/
public RangeOptions max(@Nullable final BsonValue max) {
this.max = max;
return this;
}

/**
* @return the maximum value if set
*/
@Nullable
public BsonValue getMax() {
return max;
}

/**
* Set the Queryable Encryption range hypergraph sparsity factor
* @param sparsity the sparsity
* @return this
*/
public RangeOptions sparsity(@Nullable final Long sparsity) {
this.sparsity = sparsity;
return this;
}

/**
* @return the sparsity value if set
*/
@Nullable
public Long getSparsity() {
return sparsity;
}

/**
* Set the precision of double or decimal128 values in the encryptedFields of the destination collection.
* @param precision the precision
* @return this
*/
public RangeOptions precision(@Nullable final Integer precision) {
this.precision = precision;
return this;
}

/**
* @return the precision value if set
*/
@Nullable
public Integer getPrecision() {
return precision;
}

@Override
public String toString() {
return "RangeOptions{"
+ "min=" + min
+ ", max=" + max
+ ", sparsity=" + sparsity
+ ", precision=" + precision
+ '}';
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
/*
* Copyright 2008-present MongoDB, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.mongodb.internal.client.vault;

import com.mongodb.client.model.vault.EncryptOptions;
import com.mongodb.client.model.vault.RangeOptions;
import com.mongodb.crypt.capi.MongoExplicitEncryptOptions;
import org.bson.BsonDocument;
import org.bson.BsonInt32;
import org.bson.BsonInt64;
import org.bson.BsonValue;

public final class EncryptOptionsHelper {

public static MongoExplicitEncryptOptions asMongoExplicitEncryptOptions(final EncryptOptions options) {
MongoExplicitEncryptOptions.Builder encryptOptionsBuilder = MongoExplicitEncryptOptions.builder()
.algorithm(options.getAlgorithm());

if (options.getKeyId() != null) {
encryptOptionsBuilder.keyId(options.getKeyId());
}

if (options.getKeyAltName() != null) {
encryptOptionsBuilder.keyAltName(options.getKeyAltName());
}

if (options.getContentionFactor() != null) {
encryptOptionsBuilder.contentionFactor(options.getContentionFactor());
}

if (options.getQueryType() != null) {
encryptOptionsBuilder.queryType(options.getQueryType());
}

RangeOptions rangeOptions = options.getRangeOptions();
if (rangeOptions != null) {
BsonDocument rangeOptionsBsonDocument = new BsonDocument();
BsonValue min = rangeOptions.getMin();
if (min != null) {
rangeOptionsBsonDocument.put("min", min);
}
BsonValue max = rangeOptions.getMax();
if (max != null) {
rangeOptionsBsonDocument.put("max", max);
}
Long sparsity = rangeOptions.getSparsity();
if (sparsity != null) {
rangeOptionsBsonDocument.put("sparsity", new BsonInt64(sparsity));
}
Integer precision = rangeOptions.getPrecision();
if (precision != null) {
rangeOptionsBsonDocument.put("precision", new BsonInt32(precision));
}
encryptOptionsBuilder.rangeOptions(rangeOptionsBsonDocument);
}
return encryptOptionsBuilder.build();
}
private EncryptOptionsHelper() {
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
/*
* Copyright 2008-present MongoDB, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

/**
* This package contains classes that manage binding to MongoDB servers for various operations.
*/

@NonNullApi
package com.mongodb.internal.client.vault;

import com.mongodb.lang.NonNullApi;
Loading