1# Requires libmongocrypt 1.8.0.
2runOn:
3 - minServerVersion: "7.0.0"
4 # Skip QEv2 (also referred to as FLE2v2) tests on Serverless. Unskip once Serverless enables the QEv2 protocol.
5 # FLE 2 Encrypted collections are not supported on standalone.
6 topology: [ "replicaset", "sharded", "load-balanced" ]
7database_name: &database_name "default"
8collection_name: &collection_name "default"
9data: []
10json_schema: {
11 "properties": {},
12 "bsonType": "object"
13}
14encrypted_fields: &encrypted_fields {'fields': [{'keyId': {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'path': 'encryptedIndexed', 'bsonType': 'string', 'queries': {'queryType': 'equality', 'contention': {'$numberLong': '0'}}}, {'keyId': {'$binary': {'base64': 'q83vqxI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'path': 'encryptedUnindexed', 'bsonType': 'string'}]}
15key_vault_data: [ {'_id': {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'keyMaterial': {'$binary': {'base64': 'sHe0kz57YW7v8g9VP9sf/+K1ex4JqKc5rf/URX3n3p8XdZ6+15uXPaSayC6adWbNxkFskuMCOifDoTT+rkqMtFkDclOy884RuGGtUysq3X7zkAWYTKi8QAfKkajvVbZl2y23UqgVasdQu3OVBQCrH/xY00nNAs/52e958nVjBuzQkSb1T8pKJAyjZsHJ60+FtnfafDZSTAIBJYn7UWBCwQ==', 'subType': '00'}}, 'creationDate': {'$date': {'$numberLong': '1648914851981'}}, 'updateDate': {'$date': {'$numberLong': '1648914851981'}}, 'status': {'$numberInt': '0'}, 'masterKey': {'provider': 'local'}} ]
16tests:
17 - description: "encryptedFields is preferred over jsonSchema"
18 clientOptions:
19 autoEncryptOpts:
20 kmsProviders:
21 local: {'key': {'$binary': {'base64': 'Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk', 'subType': '00'}}}
22 operations:
23 - name: insertOne
24 arguments:
25 document: &doc0 { _id: 1, encryptedIndexed: "123" }
26 - name: find
27 arguments:
28 filter: { encryptedIndexed: "123" }
29 result: [*doc0]
30 expectations:
31 - command_started_event:
32 command:
33 listCollections: 1
34 filter:
35 name: *collection_name
36 command_name: listCollections
37 - command_started_event:
38 command:
39 find: datakeys
40 filter: {
41 "$or": [
42 {
43 "_id": {
44 "$in": [
45 {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}
46 ]
47 }
48 },
49 {
50 "keyAltNames": {
51 "$in": []
52 }
53 }
54 ]
55 }
56 $db: keyvault
57 readConcern: { level: "majority" }
58 command_name: find
59 - command_started_event:
60 command:
61 insert: *collection_name
62 documents:
63 - &doc0_encrypted { "_id": 1, "encryptedIndexed": { $$type: "binData" } }
64 ordered: true
65 encryptionInformation:
66 type: 1
67 schema:
68 "default.default":
69 # libmongocrypt applies escCollection and ecocCollection to outgoing command.
70 escCollection: "enxcol_.default.esc"
71 ecocCollection: "enxcol_.default.ecoc"
72 <<: *encrypted_fields
73
74 command_name: insert
75 - command_started_event:
76 command:
77 find: *collection_name
78 filter: {
79 "encryptedIndexed": {
80 "$eq": {
81 "$binary": {
82 "base64": "DIkAAAAFZAAgAAAAAPGmZcUzdE/FPILvRSyAScGvZparGI2y9rJ/vSBxgCujBXMAIAAAAACi1RjmndKqgnXy7xb22RzUbnZl1sOZRXPOC0KcJkAxmQVsACAAAAAApJtKPW4+o9B7gAynNLL26jtlB4+hq5TXResijcYet8USY20AAAAAAAAAAAAA",
83 "subType": "06"
84 }
85 }
86 }
87 }
88 encryptionInformation:
89 type: 1
90 schema:
91 "default.default":
92 # libmongocrypt applies escCollection and ecocCollection to outgoing command.
93 escCollection: "enxcol_.default.esc"
94 ecocCollection: "enxcol_.default.ecoc"
95 <<: *encrypted_fields
96
97 command_name: find
98 outcome:
99 collection:
100 # Outcome is checked using a separate MongoClient without auto encryption.
101 data:
102 - { "_id": 1, "encryptedIndexed": { $$type: "binData" }, "__safeContent__": [{ "$binary" : { "base64" : "31eCYlbQoVboc5zwC8IoyJVSkag9PxREka8dkmbXJeY=", "subType" : "00" } }] }View as plain text