From a09630c0b9e78c16d06cbb55f170c2884d433bed Mon Sep 17 00:00:00 2001 From: Ricardo Mello Date: Thu, 5 Jun 2025 12:18:59 -0300 Subject: [PATCH 1/2] Resolve merge conflict in mongo-encryption.adoc. Signed-off-by: Ricardo Mello --- .../ROOT/pages/mongodb/mongo-encryption.adoc | 24 +++++++++---------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc b/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc index 5a92168c2c..9106cc469f 100644 --- a/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc +++ b/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc @@ -140,11 +140,17 @@ Manual Collection Setup:: ==== [source,java,indent=0,subs="verbatim,quotes",role="primary"] ---- + +BsonBinary pinDK = clientEncryption.createDataKey("local", new com.mongodb.client.model.vault.DataKeyOptions()); +BsonBinary ssnDK = clientEncryption.createDataKey("local", new com.mongodb.client.model.vault.DataKeyOptions()); +BsonBinary ageDK = clientEncryption.createDataKey("local", new com.mongodb.client.model.vault.DataKeyOptions()); +BsonBinary signDK = clientEncryption.createDataKey("local", new com.mongodb.client.model.vault.DataKeyOptions()); + CollectionOptions collectionOptions = CollectionOptions.encryptedCollection(options -> options - .queryable(encrypted(string("ssn")).algorithm("Indexed"), equality().contention(0)) - .queryable(encrypted(int32("age")).algorithm("Range"), range().contention(8).min(0).max(150)) - .encrypted(string("pin")) - .queryable(encrypted(int64("address.sign")).algorithm("Range"), range().contention(2).min(-10L).max(10L)) + .encrypted(int32("pin"), pinDK) + .queryable(encrypted(string("ssn")).algorithm("Indexed").keyId(ssnDK.asUuid()), equality().contention(0)) + .queryable(encrypted(int32("age")).algorithm("Range").keyId(ageDK.asUuid()), range().contention(8).min(0).max(150)) + .queryable(encrypted(int64("address.sign")).algorithm("Range").keyId(signDK.asUuid()), range().contention(2).min(-10L).max(10L)) ); mongoTemplate.createCollection(Patient.class, collectionOptions); <1> @@ -161,16 +167,13 @@ class Patient { @Id String id; - @Encrypted(algorithm = "Indexed") + @Encrypted(algorithm = "Indexed") // @Queryable(queryType = "equality", contentionFactor = 0) String ssn; @RangeEncrypted(contentionFactor = 8, rangeOptions = "{ 'min' : 0, 'max' : 150 }") Integer age; - @Encrypted(algorithm = "Unindexed") - String pin; - Address address; } @@ -214,11 +217,6 @@ MongoDB Collection Info:: bsonType: 'int', queries: [ { queryType: 'range', contention: Long('8'), min: 0, max: 150 } ] }, - { - keyId: ..., - path: 'pin', - bsonType: 'string' - }, { keyId: ..., path: 'address.sign', From 60107a8ee2fbc82f806058bad1b2c9773ea20011 Mon Sep 17 00:00:00 2001 From: Ricardo Mello Date: Thu, 5 Jun 2025 12:29:23 -0300 Subject: [PATCH 2/2] Resolve merge conflict in mongo-encryption.adoc. Reconciled changes from main with the updated code sample that includes the required `keyId(...)` configuration for Queryable Encryption using the Range algorithm. Signed-off-by: Ricardo Mello --- .../antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc b/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc index 9106cc469f..6e14887729 100644 --- a/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc +++ b/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc @@ -149,8 +149,8 @@ BsonBinary signDK = clientEncryption.createDataKey("local", new com.mongodb.clie CollectionOptions collectionOptions = CollectionOptions.encryptedCollection(options -> options .encrypted(int32("pin"), pinDK) .queryable(encrypted(string("ssn")).algorithm("Indexed").keyId(ssnDK.asUuid()), equality().contention(0)) - .queryable(encrypted(int32("age")).algorithm("Range").keyId(ageDK.asUuid()), range().contention(8).min(0).max(150)) - .queryable(encrypted(int64("address.sign")).algorithm("Range").keyId(signDK.asUuid()), range().contention(2).min(-10L).max(10L)) + .queryable(encrypted(int32("age")).algorithm("Range").keyId(ageDK.asUuid()), range().contention(8).min(0).max(150)) + .queryable(encrypted(int64("address.sign")).algorithm("Range").keyId(signDK.asUuid()), range().contention(2).min(-10L).max(10L)) ); mongoTemplate.createCollection(Patient.class, collectionOptions); <1>