From a1cd02b5ded6b26df393d28d5ad40a0590eefef6 Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Tue, 3 May 2022 18:45:23 +0200 Subject: [PATCH 1/3] DRIVERS-2310 Include encryptFields in expected FLE2 test command MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In the “CreateCollection from encryptedFieldsMap”, it makes sense to also assert on the encryptedFields option that ends up being passed to the server. --- .../tests/fle2-CreateCollection.json | 19 ++++++++++++++++++- .../tests/fle2-CreateCollection.yml | 12 ++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/source/client-side-encryption/tests/fle2-CreateCollection.json b/source/client-side-encryption/tests/fle2-CreateCollection.json index fb11660271..e6bfdaf57c 100644 --- a/source/client-side-encryption/tests/fle2-CreateCollection.json +++ b/source/client-side-encryption/tests/fle2-CreateCollection.json @@ -943,7 +943,24 @@ "name": "createCollection", "object": "database", "arguments": { - "collection": "encryptedCollection" + "collection": "encryptedCollection", + "encryptedFields": { + "escCollection": "encryptedCollection.esc", + "eccCollection": "encryptedCollection.ecc", + "ecocCollection": "encryptedCollection.ecoc", + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { + "$binary": { + "subType": "04", + "base64": "AAAAAAAAAAAAAAAAAAAAAA==" + } + } + } + ] + } } }, { diff --git a/source/client-side-encryption/tests/fle2-CreateCollection.yml b/source/client-side-encryption/tests/fle2-CreateCollection.yml index 5c75ef85c1..5d677c6803 100644 --- a/source/client-side-encryption/tests/fle2-CreateCollection.yml +++ b/source/client-side-encryption/tests/fle2-CreateCollection.yml @@ -602,6 +602,18 @@ tests: object: database arguments: collection: "encryptedCollection" + encryptedFields: { + "escCollection": "encryptedCollection.esc", + "eccCollection": "encryptedCollection.ecc", + "ecocCollection": "encryptedCollection.ecoc", + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { "$binary": { "subType": "04", "base64": "AAAAAAAAAAAAAAAAAAAAAA==" }} + } + ] + } - name: assertCollectionExists object: testRunner arguments: From 9f0d896efa774f05634d6eacd6303332de87c8fc Mon Sep 17 00:00:00 2001 From: Kevin Albertson Date: Tue, 3 May 2022 13:22:29 -0400 Subject: [PATCH 2/3] add encryptedFields to commandStarted expectations --- .../tests/fle2-CreateCollection.json | 158 +++++++++++++++++- .../tests/fle2-CreateCollection.yml | 24 ++- 2 files changed, 166 insertions(+), 16 deletions(-) diff --git a/source/client-side-encryption/tests/fle2-CreateCollection.json b/source/client-side-encryption/tests/fle2-CreateCollection.json index e6bfdaf57c..20ec556bfc 100644 --- a/source/client-side-encryption/tests/fle2-CreateCollection.json +++ b/source/client-side-encryption/tests/fle2-CreateCollection.json @@ -163,7 +163,24 @@ { "command_started_event": { "command": { - "create": "encryptedCollection" + "create": "encryptedCollection", + "encryptedFields": { + "escCollection": "encryptedCollection.esc", + "eccCollection": "encryptedCollection.ecc", + "ecocCollection": "encryptedCollection.ecoc", + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { + "$binary": { + "subType": "04", + "base64": "AAAAAAAAAAAAAAAAAAAAAA==" + } + } + } + ] + } }, "command_name": "create", "database_name": "default" @@ -343,7 +360,27 @@ { "command_started_event": { "command": { - "create": "encryptedCollection" + "create": "encryptedCollection", + "encryptedFields": { + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { + "$binary": { + "subType": "04", + "base64": "AAAAAAAAAAAAAAAAAAAAAA==" + } + }, + "queries": { + "queryType": "equality", + "contention": { + "$numberLong": "0" + } + } + } + ] + } }, "command_name": "create", "database_name": "default" @@ -563,7 +600,27 @@ { "command_started_event": { "command": { - "create": "encryptedCollection" + "create": "encryptedCollection", + "encryptedFields": { + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { + "$binary": { + "subType": "04", + "base64": "AAAAAAAAAAAAAAAAAAAAAA==" + } + }, + "queries": { + "queryType": "equality", + "contention": { + "$numberLong": "0" + } + } + } + ] + } }, "command_name": "create", "database_name": "default" @@ -793,7 +850,24 @@ { "command_started_event": { "command": { - "create": "encryptedCollection" + "create": "encryptedCollection", + "encryptedFields": { + "escCollection": "encryptedCollection.esc", + "eccCollection": "encryptedCollection.ecc", + "ecocCollection": "encryptedCollection.ecoc", + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { + "$binary": { + "subType": "04", + "base64": "AAAAAAAAAAAAAAAAAAAAAA==" + } + } + } + ] + } }, "command_name": "create", "database_name": "default" @@ -1072,7 +1146,24 @@ { "command_started_event": { "command": { - "create": "encryptedCollection" + "create": "encryptedCollection", + "encryptedFields": { + "escCollection": "encryptedCollection.esc", + "eccCollection": "encryptedCollection.ecc", + "ecocCollection": "encryptedCollection.ecoc", + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { + "$binary": { + "subType": "04", + "base64": "AAAAAAAAAAAAAAAAAAAAAA==" + } + } + } + ] + } }, "command_name": "create", "database_name": "default" @@ -1264,7 +1355,24 @@ { "command_started_event": { "command": { - "create": "encryptedCollection" + "create": "encryptedCollection", + "encryptedFields": { + "escCollection": "encryptedCollection.esc", + "eccCollection": "encryptedCollection.ecc", + "ecocCollection": "encryptedCollection.ecoc", + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { + "$binary": { + "subType": "04", + "base64": "AAAAAAAAAAAAAAAAAAAAAA==" + } + } + } + ] + } }, "command_name": "create", "database_name": "default" @@ -1589,7 +1697,24 @@ { "command_started_event": { "command": { - "create": "encryptedCollection" + "create": "encryptedCollection", + "encryptedFields": { + "escCollection": "encryptedCollection.esc", + "eccCollection": "encryptedCollection.ecc", + "ecocCollection": "encryptedCollection.ecoc", + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { + "$binary": { + "subType": "04", + "base64": "AAAAAAAAAAAAAAAAAAAAAA==" + } + } + } + ] + } }, "command_name": "create", "database_name": "default" @@ -1857,7 +1982,24 @@ { "command_started_event": { "command": { - "create": "encryptedCollection" + "create": "encryptedCollection", + "encryptedFields": { + "escCollection": "encryptedCollection.esc", + "eccCollection": "encryptedCollection.ecc", + "ecocCollection": "encryptedCollection.ecoc", + "fields": [ + { + "path": "firstName", + "bsonType": "string", + "keyId": { + "$binary": { + "subType": "04", + "base64": "AAAAAAAAAAAAAAAAAAAAAA==" + } + } + } + ] + } }, "command_name": "create", "database_name": "default" diff --git a/source/client-side-encryption/tests/fle2-CreateCollection.yml b/source/client-side-encryption/tests/fle2-CreateCollection.yml index 5d677c6803..e64fb983cc 100644 --- a/source/client-side-encryption/tests/fle2-CreateCollection.yml +++ b/source/client-side-encryption/tests/fle2-CreateCollection.yml @@ -13,7 +13,7 @@ tests: kmsProviders: aws: {} # Credentials filled in from environment. encryptedFieldsMap: - default.encryptedCollection: { + default.encryptedCollection: &encrypted_fields0 { "escCollection": "encryptedCollection.esc", "eccCollection": "encryptedCollection.ecc", "ecocCollection": "encryptedCollection.ecoc", @@ -107,6 +107,7 @@ tests: - command_started_event: command: create: "encryptedCollection" + encryptedFields: *encrypted_fields0 command_name: create database_name: *database_name # Index on __safeContents__ is then created. @@ -125,7 +126,7 @@ tests: kmsProviders: aws: {} # Credentials filled in from environment. encryptedFieldsMap: - default.encryptedCollection: { + default.encryptedCollection: &encrypted_fields1 { "fields": [ { "path": "firstName", @@ -222,6 +223,7 @@ tests: - command_started_event: command: create: "encryptedCollection" + encryptedFields: *encrypted_fields1 command_name: create database_name: *database_name # Index on __safeContents__ is then created. @@ -240,7 +242,7 @@ tests: kmsProviders: aws: {} # Credentials filled in from environment. encryptedFieldsMap: - default.encryptedCollection: { + default.encryptedCollection: &encrypted_fields2 { "fields": [ { "path": "firstName", @@ -362,6 +364,7 @@ tests: - command_started_event: command: create: "encryptedCollection" + encryptedFields: *encrypted_fields2 command_name: create database_name: *database_name # Index on __safeContents__ is then created. @@ -404,7 +407,7 @@ tests: encryptedFieldsMap: # encryptedCollection has encryptedCollection.esc as the escCollection. # encryptedCollection.esc has encryptedCollection as the escCollection. - default.encryptedCollection: { + default.encryptedCollection: &encrypted_fields3 { "escCollection": "encryptedCollection.esc", "eccCollection": "encryptedCollection.ecc", "ecocCollection": "encryptedCollection.ecoc", @@ -508,6 +511,7 @@ tests: - command_started_event: command: create: "encryptedCollection" + encryptedFields: *encrypted_fields3 command_name: create database_name: *database_name # Index on __safeContents__ is then created. @@ -580,7 +584,7 @@ tests: kmsProviders: aws: {} # Credentials filled in from environment. encryptedFieldsMap: - default.encryptedCollection: { + default.encryptedCollection: &encrypted_fields4 { "escCollection": "encryptedCollection.esc", "eccCollection": "encryptedCollection.ecc", "ecocCollection": "encryptedCollection.ecoc", @@ -685,6 +689,7 @@ tests: - command_started_event: command: create: "encryptedCollection" + encryptedFields: *encrypted_fields4 command_name: create database_name: *database_name # Index on __safeContents__ is then created. @@ -724,7 +729,7 @@ tests: object: database arguments: collection: "encryptedCollection" - encryptedFields: { + encryptedFields: &encrypted_fields5 { "escCollection": "encryptedCollection.esc", "eccCollection": "encryptedCollection.ecc", "ecocCollection": "encryptedCollection.ecoc", @@ -807,6 +812,7 @@ tests: - command_started_event: command: create: "encryptedCollection" + encryptedFields: *encrypted_fields5 command_name: create database_name: *database_name # Index on __safeContents__ is then created. @@ -936,7 +942,7 @@ tests: object: database arguments: collection: "encryptedCollection" - encryptedFields: { + encryptedFields: &encrypted_fields6 { "escCollection": "encryptedCollection.esc", "eccCollection": "encryptedCollection.ecc", "ecocCollection": "encryptedCollection.ecoc", @@ -1010,6 +1016,7 @@ tests: - command_started_event: command: create: "encryptedCollection" + encryptedFields: *encrypted_fields6 command_name: create database_name: *database_name # Index on __safeContents__ is then created. @@ -1074,7 +1081,7 @@ tests: object: database arguments: collection: "encryptedCollection" - encryptedFields: { + encryptedFields: &encrypted_fields7 { "escCollection": "encryptedCollection.esc", "eccCollection": "encryptedCollection.ecc", "ecocCollection": "encryptedCollection.ecoc", @@ -1179,6 +1186,7 @@ tests: - command_started_event: command: create: "encryptedCollection" + encryptedFields: *encrypted_fields7 command_name: create database_name: *database_name # Index on __safeContents__ is then created. From 2a007b6620c3fe0aa0ca61d82e4105efb8ed02a2 Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Tue, 3 May 2022 19:32:20 +0200 Subject: [PATCH 3/3] fixup: undo original change --- .../tests/fle2-CreateCollection.json | 19 +------------------ .../tests/fle2-CreateCollection.yml | 12 ------------ 2 files changed, 1 insertion(+), 30 deletions(-) diff --git a/source/client-side-encryption/tests/fle2-CreateCollection.json b/source/client-side-encryption/tests/fle2-CreateCollection.json index 20ec556bfc..4959d9f3bb 100644 --- a/source/client-side-encryption/tests/fle2-CreateCollection.json +++ b/source/client-side-encryption/tests/fle2-CreateCollection.json @@ -1017,24 +1017,7 @@ "name": "createCollection", "object": "database", "arguments": { - "collection": "encryptedCollection", - "encryptedFields": { - "escCollection": "encryptedCollection.esc", - "eccCollection": "encryptedCollection.ecc", - "ecocCollection": "encryptedCollection.ecoc", - "fields": [ - { - "path": "firstName", - "bsonType": "string", - "keyId": { - "$binary": { - "subType": "04", - "base64": "AAAAAAAAAAAAAAAAAAAAAA==" - } - } - } - ] - } + "collection": "encryptedCollection" } }, { diff --git a/source/client-side-encryption/tests/fle2-CreateCollection.yml b/source/client-side-encryption/tests/fle2-CreateCollection.yml index e64fb983cc..64a15667b2 100644 --- a/source/client-side-encryption/tests/fle2-CreateCollection.yml +++ b/source/client-side-encryption/tests/fle2-CreateCollection.yml @@ -606,18 +606,6 @@ tests: object: database arguments: collection: "encryptedCollection" - encryptedFields: { - "escCollection": "encryptedCollection.esc", - "eccCollection": "encryptedCollection.ecc", - "ecocCollection": "encryptedCollection.ecoc", - "fields": [ - { - "path": "firstName", - "bsonType": "string", - "keyId": { "$binary": { "subType": "04", "base64": "AAAAAAAAAAAAAAAAAAAAAA==" }} - } - ] - } - name: assertCollectionExists object: testRunner arguments: