1description: deleteKey
2
3schemaVersion: "1.8"
4
5runOnRequirements:
6 - csfle: true
7
8createEntities:
9 - client:
10 id: &client0 client0
11 observeEvents:
12 - commandStartedEvent
13 - clientEncryption:
14 id: &clientEncryption0 clientEncryption0
15 clientEncryptionOpts:
16 keyVaultClient: *client0
17 keyVaultNamespace: keyvault.datakeys
18 kmsProviders:
19 local: { key: { $$placeholder: 1 } }
20 - database:
21 id: &database0 database0
22 client: *client0
23 databaseName: &database0Name keyvault
24 - collection:
25 id: &collection0 collection0
26 database: *database0
27 collectionName: &collection0Name datakeys
28
29initialData:
30 - databaseName: *database0Name
31 collectionName: *collection0Name
32 documents:
33 - &aws_key_doc
34 _id: &aws_key_id { $binary: { base64: YXdzYXdzYXdzYXdzYXdzYQ==, subType: "04" } }
35 keyAltNames: ["aws_key"]
36 keyMaterial: { $binary: { base64: AQICAHhQNmWG2CzOm1dq3kWLM+iDUZhEqnhJwH9wZVpuZ94A8gFXJqbF0Fy872MD7xl56D/2AAAAwjCBvwYJKoZIhvcNAQcGoIGxMIGuAgEAMIGoBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDO7HPisPUlGzaio9vgIBEIB7/Qow46PMh/8JbEUbdXgTGhLfXPE+KIVW7T8s6YEMlGiRvMu7TV0QCIUJlSHPKZxzlJ2iwuz5yXeOag+EdY+eIQ0RKrsJ3b8UTisZYzGjfzZnxUKLzLoeXremtRCm3x47wCuHKd1dhh6FBbYt5TL2tDaj+vL2GBrKat2L, subType: "00" } }
37 creationDate: { $date: { $numberLong: "1641024000000" } }
38 updateDate: { $date: { $numberLong: "1641024000000" } }
39 status: 1
40 masterKey:
41 provider: aws
42 key: arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0
43 region: us-east-1
44 - &local_key_doc
45 _id: &local_key_id { $binary: { base64: bG9jYWxrZXlsb2NhbGtleQ==, subType: "04" } }
46 keyAltNames: ["local_key"]
47 keyMaterial: { $binary: { base64: ABKBldDEoDW323yejOnIRk6YQmlD9d3eQthd16scKL75nz2LjNL9fgPDZWrFFOlqlhMCFaSrNJfGrFUjYk5JFDO7soG5Syb50k1niJoKg4ilsj0L4mpimFUtTpOr2nzZOeQtvAksEXc7gsFgq8gV7t/U3lsaXPY7I0t42DfSE8EGlPdxRjFdHnxh+OR8h7U9b8Qs5K5UuhgyeyxaBZ1Hgw==, subType: "00" } }
48 creationDate: { $date: { $numberLong: "1641024000000" } }
49 updateDate: { $date: { $numberLong: "1641024000000" } }
50 status: 1
51 masterKey:
52 provider: local
53
54tests:
55 - description: delete non-existent data key
56 operations:
57 - name: deleteKey
58 object: *clientEncryption0
59 arguments:
60 # *aws_key_id with first three letters replaced with 'A' (value: "3awsawsawsawsa").
61 id: &non_existent_id { $binary: { base64: AAAzYXdzYXdzYXdzYXdzYQ==, subType: "04" } }
62 expectResult:
63 deletedCount: 0
64 expectEvents:
65 - client: *client0
66 events:
67 - commandStartedEvent:
68 databaseName: *database0Name
69 command:
70 delete: *collection0Name
71 deletes: [{ q: { _id: *non_existent_id }, limit: 1 }]
72 writeConcern: { w: majority }
73 outcome:
74 - collectionName: *collection0Name
75 databaseName: *database0Name
76 documents:
77 - *aws_key_doc
78 - *local_key_doc
79
80 - description: delete existing AWS data key
81 operations:
82 - name: deleteKey
83 object: *clientEncryption0
84 arguments:
85 id: *aws_key_id
86 expectResult:
87 deletedCount: 1
88 expectEvents:
89 - client: *client0
90 events:
91 - commandStartedEvent:
92 databaseName: *database0Name
93 command:
94 delete: *collection0Name
95 deletes: [{ q: { _id: *aws_key_id }, limit: 1 }]
96 writeConcern: { w: majority }
97 outcome:
98 - collectionName: *collection0Name
99 databaseName: *database0Name
100 documents:
101 - *local_key_doc
102
103 - description: delete existing local data key
104 operations:
105 - name: deleteKey
106 object: *clientEncryption0
107 arguments:
108 id: *local_key_id
109 expectResult:
110 deletedCount: 1
111 expectEvents:
112 - client: *client0
113 events:
114 - commandStartedEvent:
115 databaseName: *database0Name
116 command:
117 delete: *collection0Name
118 deletes: [{ q: { _id: *local_key_id }, limit: 1 }]
119 writeConcern: { w: majority }
120 outcome:
121 - collectionName: *collection0Name
122 databaseName: *database0Name
123 documents:
124 - *aws_key_doc
125
126 - description: delete existing data key twice
127 operations:
128 - name: deleteKey
129 object: *clientEncryption0
130 arguments:
131 id: *aws_key_id
132 expectResult:
133 deletedCount: 1
134 - name: deleteKey
135 object: *clientEncryption0
136 arguments:
137 id: *aws_key_id
138 expectResult:
139 deletedCount: 0
140 expectEvents:
141 - client: *client0
142 events:
143 - commandStartedEvent:
144 databaseName: *database0Name
145 command:
146 delete: *collection0Name
147 deletes: [{ q: { _id: *aws_key_id }, limit: 1 }]
148 writeConcern: { w: majority }
149 - commandStartedEvent:
150 databaseName: *database0Name
151 command:
152 delete: *collection0Name
153 deletes: [{ q: { _id: *aws_key_id }, limit: 1 }]
154 writeConcern: { w: majority }
155 outcome:
156 - collectionName: *collection0Name
157 databaseName: *database0Name
158 documents:
159 - *local_key_doc
View as plain text