description: getKey

schemaVersion: "1.8"

runOnRequirements:
  - csfle: true

createEntities:
  - client:
      id: &client0 client0
      observeEvents:
        - commandStartedEvent
  - clientEncryption:
      id: &clientEncryption0 clientEncryption0
      clientEncryptionOpts:
        keyVaultClient: *client0
        keyVaultNamespace: keyvault.datakeys
        kmsProviders:
          local: { key: { $$placeholder: 1 } }
  - database:
      id: &database0 database0
      client: *client0
      databaseName: &database0Name keyvault
  - collection:
      id: &collection0 collection0
      database: *database0
      collectionName: &collection0Name datakeys

initialData:
  - databaseName: *database0Name
    collectionName: *collection0Name
    documents:
      - &aws_key_doc
        _id: &aws_key_id { $binary: { base64: YXdzYXdzYXdzYXdzYXdzYQ==, subType: "04" } }
        keyAltNames: ["aws_key"]
        keyMaterial: { $binary: { base64: AQICAHhQNmWG2CzOm1dq3kWLM+iDUZhEqnhJwH9wZVpuZ94A8gFXJqbF0Fy872MD7xl56D/2AAAAwjCBvwYJKoZIhvcNAQcGoIGxMIGuAgEAMIGoBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDO7HPisPUlGzaio9vgIBEIB7/Qow46PMh/8JbEUbdXgTGhLfXPE+KIVW7T8s6YEMlGiRvMu7TV0QCIUJlSHPKZxzlJ2iwuz5yXeOag+EdY+eIQ0RKrsJ3b8UTisZYzGjfzZnxUKLzLoeXremtRCm3x47wCuHKd1dhh6FBbYt5TL2tDaj+vL2GBrKat2L, subType: "00" } }
        creationDate: { $date: { $numberLong: "1641024000000" } }
        updateDate: { $date: { $numberLong: "1641024000000" } }
        status: 1
        masterKey:
          provider: aws
          key: arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0
          region: us-east-1
      - &local_key_doc
        _id: &local_key_id { $binary: { base64: bG9jYWxrZXlsb2NhbGtleQ==, subType: "04" } }
        keyAltNames: ["local_key"]
        keyMaterial: { $binary: { base64: ABKBldDEoDW323yejOnIRk6YQmlD9d3eQthd16scKL75nz2LjNL9fgPDZWrFFOlqlhMCFaSrNJfGrFUjYk5JFDO7soG5Syb50k1niJoKg4ilsj0L4mpimFUtTpOr2nzZOeQtvAksEXc7gsFgq8gV7t/U3lsaXPY7I0t42DfSE8EGlPdxRjFdHnxh+OR8h7U9b8Qs5K5UuhgyeyxaBZ1Hgw==, subType: "00" } }
        creationDate: { $date: { $numberLong: "1641024000000" } }
        updateDate: { $date: { $numberLong: "1641024000000" } }
        status: 1
        masterKey:
          provider: local

tests:
  - description: get non-existent data key
    operations:
      - name: getKey
        object: *clientEncryption0
        arguments:
          # *aws_key_id with first three letters replaced with 'A' (value: "3awsawsawsawsa").
          id: &non_existent_id { $binary: { base64: AAAzYXdzYXdzYXdzYXdzYQ==, subType: "04" } }
        expectResult: { $$unsetOrMatches: null }
    expectEvents:
      - client: *client0
        events:
          - commandStartedEvent:
              databaseName: *database0Name
              command:
                find: *collection0Name
                filter: { _id: *non_existent_id }
                readConcern: { level: majority }

  - description: get existing AWS data key
    operations:
      - name: getKey
        object: *clientEncryption0
        arguments:
          id: *aws_key_id
        expectResult: *aws_key_doc
    expectEvents:
      - client: *client0
        events:
          - commandStartedEvent:
              databaseName: *database0Name
              command:
                find: *collection0Name
                filter: { _id: *aws_key_id }
                readConcern: { level: majority }

  - description: get existing local data key
    operations:
      - name: getKey
        object: *clientEncryption0
        arguments:
          id: *local_key_id
        expectResult: *local_key_doc
    expectEvents:
      - client: *client0
        events:
          - commandStartedEvent:
              databaseName: *database0Name
              command:
                find: *collection0Name
                filter: { _id: *local_key_id }
                readConcern: { level: majority }