Add post-encryption validation to TransformedRecordSerializer#4010
Add post-encryption validation to TransformedRecordSerializer#4010alecgrieser merged 3 commits intoFoundationDB:mainfrom
TransformedRecordSerializer#4010Conversation
alecgrieser
left a comment
alecgrieser
left a comment
There was a problem hiding this comment.
Overall, this looks good to me. Just a few minor things
|
|
||
| /** | ||
| * Allows the user to specify a portion of encryptions that will be validated. Every validated encryption will | ||
| * decrypt the result and verify it matches the original plaintext. If the ratio is less than or equal to 0.0, |
There was a problem hiding this comment.
It would probably be good to note the semantics of what happens if the decrypted result does not match the original plaintext here.
| * @return this <code>Builder</code> | ||
| */ | ||
| @Nonnull | ||
| public Builder<M> setWriteEncryptionValidationRatio(double writeEncryptionValidationRatio) { |
There was a problem hiding this comment.
Do we want a separate ratio for validating reads? Even if we do, I think it would be fine to do that in a separate PR
There was a problem hiding this comment.
It might be worth to have something similar for validating reads as well. However, note that the ratio for validating reads should be configured independently from that for validating writes - given the difference in the read/write workloads in the adopter. In either case, leaving it for a separate PR.
2 participants
Summary
writeEncryptionValidationRatiofield toTransformedRecordSerializerwriteValidationRatio: 0.0 disables, 1.0 validates all, anything in between samples randomly.