I am using Mongo Client Side Field Level Encryption for storing data. I am maintaining my master key as a “local” master key, and I have a Credential Manager on my side where I am storing this key.
I am trying to rewrap the Data Encryption Key using a new Customer Master Key.
I am using python motor library’s AsyncIOMotorClientEncryption class and using the rewrap_many_data_key method to rewrap the key.
I am getting errors from mongocryptd library that it’s not able to recognise the key dict that I am passing.
Any one who has used local key rotation in python?
Thank you for the quick reply Cynthia. May I ask which Mongo version would this the change be released for and will it be backwards compatible with MongoDB 4.2+ versions?
The change will be implemented in the MongoDB drivers, since CSFLE is a client-side feature and no cryptographic operations are done on the server side. This means that it will be compatible with all supported server versions (4.4+). When available, all you’ll need to do is update your driver to the latest version.