Win a copy of Rust Web Development this week in the Other Languages forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

Client side field encryption on array of object

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,
    My application runs on Java 11 and connects to MOngo entrprise DB 4.2.X and I am trying to encrypt an array that is part of my java DTO object that is persisted into a collection on the DB. The objects stored in the array are of a custom class that is part of my application and the structire of these is as follows:-

public class MyPersistedDTO{
private List<AttributeDto> attributes
}

public class AttributeDto {
 private String name;
 private int type;
 private String value;
}

I need to create the encryption schema map such that when the MyPersistedDTO.attributes is persisted, only the AttributeDto.value field is encrypted for each of the elements in the array as AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic so that it can be queried on from the application. Is there a way to do this. If so please share the schema map with me as I need it urgently. Thanks.
 
Saloon Keeper
Posts: 24826
172
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Welcome to the Ranch, Prashanth!

I'm not sure I'd call that a "DTO". A Data Transfer Object was originally part of the design pattern architecture for JEE EJBs. Since EJBs weren't POJOs and you couldn't use them in generic logic, you'd use a (POJO) DTO to transfer data to/from your non-EJB logic to your EJBs. So I think what you actually have here is an Entity object. It's quite possible that if you were using the Spring Data framework that you would even annotate them as @Entity, even though MongoDB is a noSQL DBMS. Spring Data likes to make similar things similar.

As for defining per-field encryption within a MongoDB entity, I'm not optimistic. Originally, MongoDB was designed as a dictionary system, so the concept of fixed schemas of any type was quite foreign to it. Someone who is more up to date might be able to help here.

 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic