1{
2 "description": "createDataKey",
3 "schemaVersion": "1.8",
4 "runOnRequirements": [
5 {
6 "csfle": true
7 }
8 ],
9 "createEntities": [
10 {
11 "client": {
12 "id": "client0",
13 "observeEvents": [
14 "commandStartedEvent"
15 ]
16 }
17 },
18 {
19 "clientEncryption": {
20 "id": "clientEncryption0",
21 "clientEncryptionOpts": {
22 "keyVaultClient": "client0",
23 "keyVaultNamespace": "keyvault.datakeys",
24 "kmsProviders": {
25 "aws": {
26 "accessKeyId": {
27 "$$placeholder": 1
28 },
29 "secretAccessKey": {
30 "$$placeholder": 1
31 }
32 },
33 "azure": {
34 "tenantId": {
35 "$$placeholder": 1
36 },
37 "clientId": {
38 "$$placeholder": 1
39 },
40 "clientSecret": {
41 "$$placeholder": 1
42 }
43 },
44 "gcp": {
45 "email": {
46 "$$placeholder": 1
47 },
48 "privateKey": {
49 "$$placeholder": 1
50 }
51 },
52 "kmip": {
53 "endpoint": {
54 "$$placeholder": 1
55 }
56 },
57 "local": {
58 "key": {
59 "$$placeholder": 1
60 }
61 }
62 }
63 }
64 }
65 },
66 {
67 "database": {
68 "id": "database0",
69 "client": "client0",
70 "databaseName": "keyvault"
71 }
72 },
73 {
74 "collection": {
75 "id": "collection0",
76 "database": "database0",
77 "collectionName": "datakeys"
78 }
79 }
80 ],
81 "initialData": [
82 {
83 "databaseName": "keyvault",
84 "collectionName": "datakeys",
85 "documents": []
86 }
87 ],
88 "tests": [
89 {
90 "description": "create data key with AWS KMS provider",
91 "operations": [
92 {
93 "name": "createDataKey",
94 "object": "clientEncryption0",
95 "arguments": {
96 "kmsProvider": "aws",
97 "opts": {
98 "masterKey": {
99 "key": "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
100 "region": "us-east-1"
101 }
102 }
103 },
104 "expectResult": {
105 "$$type": "binData"
106 }
107 }
108 ],
109 "expectEvents": [
110 {
111 "client": "client0",
112 "events": [
113 {
114 "commandStartedEvent": {
115 "databaseName": "keyvault",
116 "command": {
117 "insert": "datakeys",
118 "documents": [
119 {
120 "_id": {
121 "$$type": "binData"
122 },
123 "keyMaterial": {
124 "$$type": "binData"
125 },
126 "creationDate": {
127 "$$type": "date"
128 },
129 "updateDate": {
130 "$$type": "date"
131 },
132 "status": {
133 "$$exists": true
134 },
135 "masterKey": {
136 "provider": "aws",
137 "key": "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
138 "region": "us-east-1"
139 }
140 }
141 ],
142 "writeConcern": {
143 "w": "majority"
144 }
145 }
146 }
147 }
148 ]
149 }
150 ]
151 },
152 {
153 "description": "create datakey with Azure KMS provider",
154 "operations": [
155 {
156 "name": "createDataKey",
157 "object": "clientEncryption0",
158 "arguments": {
159 "kmsProvider": "azure",
160 "opts": {
161 "masterKey": {
162 "keyVaultEndpoint": "key-vault-csfle.vault.azure.net",
163 "keyName": "key-name-csfle"
164 }
165 }
166 },
167 "expectResult": {
168 "$$type": "binData"
169 }
170 }
171 ],
172 "expectEvents": [
173 {
174 "client": "client0",
175 "events": [
176 {
177 "commandStartedEvent": {
178 "databaseName": "keyvault",
179 "command": {
180 "insert": "datakeys",
181 "documents": [
182 {
183 "_id": {
184 "$$type": "binData"
185 },
186 "keyMaterial": {
187 "$$type": "binData"
188 },
189 "creationDate": {
190 "$$type": "date"
191 },
192 "updateDate": {
193 "$$type": "date"
194 },
195 "status": {
196 "$$exists": true
197 },
198 "masterKey": {
199 "provider": "azure",
200 "keyVaultEndpoint": "key-vault-csfle.vault.azure.net",
201 "keyName": "key-name-csfle"
202 }
203 }
204 ],
205 "writeConcern": {
206 "w": "majority"
207 }
208 }
209 }
210 }
211 ]
212 }
213 ]
214 },
215 {
216 "description": "create datakey with GCP KMS provider",
217 "operations": [
218 {
219 "name": "createDataKey",
220 "object": "clientEncryption0",
221 "arguments": {
222 "kmsProvider": "gcp",
223 "opts": {
224 "masterKey": {
225 "projectId": "devprod-drivers",
226 "location": "global",
227 "keyRing": "key-ring-csfle",
228 "keyName": "key-name-csfle"
229 }
230 }
231 },
232 "expectResult": {
233 "$$type": "binData"
234 }
235 }
236 ],
237 "expectEvents": [
238 {
239 "client": "client0",
240 "events": [
241 {
242 "commandStartedEvent": {
243 "databaseName": "keyvault",
244 "command": {
245 "insert": "datakeys",
246 "documents": [
247 {
248 "_id": {
249 "$$type": "binData"
250 },
251 "keyMaterial": {
252 "$$type": "binData"
253 },
254 "creationDate": {
255 "$$type": "date"
256 },
257 "updateDate": {
258 "$$type": "date"
259 },
260 "status": {
261 "$$exists": true
262 },
263 "masterKey": {
264 "provider": "gcp",
265 "projectId": "devprod-drivers",
266 "location": "global",
267 "keyRing": "key-ring-csfle",
268 "keyName": "key-name-csfle"
269 }
270 }
271 ],
272 "writeConcern": {
273 "w": "majority"
274 }
275 }
276 }
277 }
278 ]
279 }
280 ]
281 },
282 {
283 "description": "create datakey with KMIP KMS provider",
284 "operations": [
285 {
286 "name": "createDataKey",
287 "object": "clientEncryption0",
288 "arguments": {
289 "kmsProvider": "kmip"
290 },
291 "expectResult": {
292 "$$type": "binData"
293 }
294 }
295 ],
296 "expectEvents": [
297 {
298 "client": "client0",
299 "events": [
300 {
301 "commandStartedEvent": {
302 "databaseName": "keyvault",
303 "command": {
304 "insert": "datakeys",
305 "documents": [
306 {
307 "_id": {
308 "$$type": "binData"
309 },
310 "keyMaterial": {
311 "$$type": "binData"
312 },
313 "creationDate": {
314 "$$type": "date"
315 },
316 "updateDate": {
317 "$$type": "date"
318 },
319 "status": {
320 "$$exists": true
321 },
322 "masterKey": {
323 "provider": "kmip",
324 "keyId": {
325 "$$type": "string"
326 }
327 }
328 }
329 ],
330 "writeConcern": {
331 "w": "majority"
332 }
333 }
334 }
335 }
336 ]
337 }
338 ]
339 },
340 {
341 "description": "create datakey with local KMS provider",
342 "operations": [
343 {
344 "name": "createDataKey",
345 "object": "clientEncryption0",
346 "arguments": {
347 "kmsProvider": "local"
348 },
349 "expectResult": {
350 "$$type": "binData"
351 }
352 }
353 ],
354 "expectEvents": [
355 {
356 "client": "client0",
357 "events": [
358 {
359 "commandStartedEvent": {
360 "databaseName": "keyvault",
361 "command": {
362 "insert": "datakeys",
363 "documents": [
364 {
365 "_id": {
366 "$$type": "binData"
367 },
368 "keyMaterial": {
369 "$$type": "binData"
370 },
371 "creationDate": {
372 "$$type": "date"
373 },
374 "updateDate": {
375 "$$type": "date"
376 },
377 "status": {
378 "$$exists": true
379 },
380 "masterKey": {
381 "provider": "local"
382 }
383 }
384 ],
385 "writeConcern": {
386 "w": "majority"
387 }
388 }
389 }
390 }
391 ]
392 }
393 ]
394 },
395 {
396 "description": "create datakey with no keyAltName",
397 "operations": [
398 {
399 "name": "createDataKey",
400 "object": "clientEncryption0",
401 "arguments": {
402 "kmsProvider": "local",
403 "opts": {
404 "keyAltNames": []
405 }
406 },
407 "expectResult": {
408 "$$type": "binData"
409 }
410 }
411 ],
412 "expectEvents": [
413 {
414 "client": "client0",
415 "events": [
416 {
417 "commandStartedEvent": {
418 "databaseName": "keyvault",
419 "command": {
420 "insert": "datakeys",
421 "documents": [
422 {
423 "_id": {
424 "$$type": "binData"
425 },
426 "keyAltNames": {
427 "$$exists": false
428 },
429 "keyMaterial": {
430 "$$type": "binData"
431 },
432 "creationDate": {
433 "$$type": "date"
434 },
435 "updateDate": {
436 "$$type": "date"
437 },
438 "status": {
439 "$$type": "int"
440 },
441 "masterKey": {
442 "$$type": "object"
443 }
444 }
445 ],
446 "writeConcern": {
447 "w": "majority"
448 }
449 }
450 }
451 }
452 ]
453 }
454 ]
455 },
456 {
457 "description": "create datakey with single keyAltName",
458 "operations": [
459 {
460 "name": "createDataKey",
461 "object": "clientEncryption0",
462 "arguments": {
463 "kmsProvider": "local",
464 "opts": {
465 "keyAltNames": [
466 "local_key"
467 ]
468 }
469 },
470 "expectResult": {
471 "$$type": "binData"
472 }
473 }
474 ],
475 "expectEvents": [
476 {
477 "client": "client0",
478 "events": [
479 {
480 "commandStartedEvent": {
481 "databaseName": "keyvault",
482 "command": {
483 "insert": "datakeys",
484 "documents": [
485 {
486 "_id": {
487 "$$type": "binData"
488 },
489 "keyAltNames": [
490 "local_key"
491 ],
492 "keyMaterial": {
493 "$$type": "binData"
494 },
495 "creationDate": {
496 "$$type": "date"
497 },
498 "updateDate": {
499 "$$type": "date"
500 },
501 "status": {
502 "$$type": "int"
503 },
504 "masterKey": {
505 "$$type": "object"
506 }
507 }
508 ],
509 "writeConcern": {
510 "w": "majority"
511 }
512 }
513 }
514 }
515 ]
516 }
517 ]
518 },
519 {
520 "description": "create datakey with multiple keyAltNames",
521 "operations": [
522 {
523 "name": "createDataKey",
524 "object": "clientEncryption0",
525 "arguments": {
526 "kmsProvider": "local",
527 "opts": {
528 "keyAltNames": [
529 "abc",
530 "def"
531 ]
532 }
533 },
534 "expectResult": {
535 "$$type": "binData"
536 }
537 },
538 {
539 "name": "aggregate",
540 "object": "collection0",
541 "arguments": {
542 "pipeline": [
543 {
544 "$project": {
545 "_id": 0,
546 "keyAltNames": 1
547 }
548 },
549 {
550 "$unwind": "$keyAltNames"
551 },
552 {
553 "$sort": {
554 "keyAltNames": 1
555 }
556 }
557 ]
558 },
559 "expectResult": [
560 {
561 "keyAltNames": "abc"
562 },
563 {
564 "keyAltNames": "def"
565 }
566 ]
567 }
568 ],
569 "expectEvents": [
570 {
571 "client": "client0",
572 "events": [
573 {
574 "commandStartedEvent": {
575 "databaseName": "keyvault",
576 "command": {
577 "insert": "datakeys",
578 "documents": [
579 {
580 "_id": {
581 "$$type": "binData"
582 },
583 "keyAltNames": {
584 "$$type": "array"
585 },
586 "keyMaterial": {
587 "$$type": "binData"
588 },
589 "creationDate": {
590 "$$type": "date"
591 },
592 "updateDate": {
593 "$$type": "date"
594 },
595 "status": {
596 "$$type": "int"
597 },
598 "masterKey": {
599 "$$type": "object"
600 }
601 }
602 ],
603 "writeConcern": {
604 "w": "majority"
605 }
606 }
607 }
608 },
609 {
610 "commandStartedEvent": {
611 "commandName": "aggregate"
612 }
613 }
614 ]
615 }
616 ]
617 },
618 {
619 "description": "create datakey with custom key material",
620 "operations": [
621 {
622 "name": "createDataKey",
623 "object": "clientEncryption0",
624 "arguments": {
625 "kmsProvider": "local",
626 "opts": {
627 "keyMaterial": {
628 "$binary": {
629 "base64": "a2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFs",
630 "subType": "00"
631 }
632 }
633 }
634 },
635 "expectResult": {
636 "$$type": "binData"
637 }
638 }
639 ],
640 "expectEvents": [
641 {
642 "client": "client0",
643 "events": [
644 {
645 "commandStartedEvent": {
646 "databaseName": "keyvault",
647 "command": {
648 "insert": "datakeys",
649 "documents": [
650 {
651 "_id": {
652 "$$type": "binData"
653 },
654 "keyMaterial": {
655 "$$type": "binData"
656 },
657 "creationDate": {
658 "$$type": "date"
659 },
660 "updateDate": {
661 "$$type": "date"
662 },
663 "status": {
664 "$$type": "int"
665 },
666 "masterKey": {
667 "$$type": "object"
668 }
669 }
670 ],
671 "writeConcern": {
672 "w": "majority"
673 }
674 }
675 }
676 }
677 ]
678 }
679 ]
680 },
681 {
682 "description": "create datakey with invalid custom key material (too short)",
683 "operations": [
684 {
685 "name": "createDataKey",
686 "object": "clientEncryption0",
687 "arguments": {
688 "kmsProvider": "local",
689 "opts": {
690 "keyMaterial": {
691 "$binary": {
692 "base64": "a2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFsa2V5X21hdGVyaWFs",
693 "subType": "00"
694 }
695 }
696 }
697 },
698 "expectError": {
699 "isClientError": true
700 }
701 }
702 ],
703 "expectEvents": [
704 {
705 "client": "client0",
706 "events": []
707 }
708 ]
709 }
710 ]
711}
View as plain text