ce416a0944
Co-authored-by: Cloud User <ec2-user@ip-10-128-20-15.ec2.internal> Co-authored-by: Iris Ho <iris.ho@mongodb.com>
461 lines
12 KiB
Diff
461 lines
12 KiB
Diff
diff --git a/test/client-side-encryption/spec/unified/accessToken-azure.json b/test/client-side-encryption/spec/unified/accessToken-azure.json
|
|
new file mode 100644
|
|
index 00000000..510d8795
|
|
--- /dev/null
|
|
+++ b/test/client-side-encryption/spec/unified/accessToken-azure.json
|
|
@@ -0,0 +1,186 @@
|
|
+{
|
|
+ "description": "accessToken-azure",
|
|
+ "schemaVersion": "1.28",
|
|
+ "runOnRequirements": [
|
|
+ {
|
|
+ "minServerVersion": "4.1.10",
|
|
+ "csfle": {
|
|
+ "minLibmongocryptVersion": "1.6.0"
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "createEntities": [
|
|
+ {
|
|
+ "client": {
|
|
+ "id": "client",
|
|
+ "autoEncryptOpts": {
|
|
+ "keyVaultNamespace": "keyvault.datakeys",
|
|
+ "kmsProviders": {
|
|
+ "azure": {
|
|
+ "accessToken": {
|
|
+ "$$placeholder": 1
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "database": {
|
|
+ "id": "db",
|
|
+ "client": "client",
|
|
+ "databaseName": "db"
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "collection": {
|
|
+ "id": "coll",
|
|
+ "database": "db",
|
|
+ "collectionName": "coll"
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "clientEncryption": {
|
|
+ "id": "clientEncryption",
|
|
+ "clientEncryptionOpts": {
|
|
+ "keyVaultClient": "client",
|
|
+ "keyVaultNamespace": "keyvault.datakeys",
|
|
+ "kmsProviders": {
|
|
+ "azure": {
|
|
+ "accessToken": {
|
|
+ "$$placeholder": 1
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "initialData": [
|
|
+ {
|
|
+ "databaseName": "db",
|
|
+ "collectionName": "coll",
|
|
+ "documents": [],
|
|
+ "createOptions": {
|
|
+ "validator": {
|
|
+ "$jsonSchema": {
|
|
+ "properties": {
|
|
+ "secret": {
|
|
+ "encrypt": {
|
|
+ "keyId": [
|
|
+ {
|
|
+ "$binary": {
|
|
+ "base64": "AZURE+AAAAAAAAAAAAAAAA==",
|
|
+ "subType": "04"
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "bsonType": "string",
|
|
+ "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
|
|
+ }
|
|
+ }
|
|
+ },
|
|
+ "bsonType": "object"
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "databaseName": "keyvault",
|
|
+ "collectionName": "datakeys",
|
|
+ "documents": [
|
|
+ {
|
|
+ "_id": {
|
|
+ "$binary": {
|
|
+ "base64": "AZURE+AAAAAAAAAAAAAAAA==",
|
|
+ "subType": "04"
|
|
+ }
|
|
+ },
|
|
+ "keyAltNames": [
|
|
+ "my-key"
|
|
+ ],
|
|
+ "keyMaterial": {
|
|
+ "$binary": {
|
|
+ "base64": "n+HWZ0ZSVOYA3cvQgP7inN4JSXfOH85IngmeQxRpQHjCCcqT3IFqEWNlrsVHiz3AELimHhX4HKqOLWMUeSIT6emUDDoQX9BAv8DR1+E1w4nGs/NyEneac78EYFkK3JysrFDOgl2ypCCTKAypkn9CkAx1if4cfgQE93LW4kczcyHdGiH36CIxrCDGv1UzAvERN5Qa47DVwsM6a+hWsF2AAAJVnF0wYLLJU07TuRHdMrrphPWXZsFgyV+lRqJ7DDpReKNO8nMPLV/mHqHBHGPGQiRdb9NoJo8CvokGz4+KE8oLwzKf6V24dtwZmRkrsDV4iOhvROAzz+Euo1ypSkL3mw==",
|
|
+ "subType": "00"
|
|
+ }
|
|
+ },
|
|
+ "creationDate": {
|
|
+ "$date": {
|
|
+ "$numberLong": "1552949630483"
|
|
+ }
|
|
+ },
|
|
+ "updateDate": {
|
|
+ "$date": {
|
|
+ "$numberLong": "1552949630483"
|
|
+ }
|
|
+ },
|
|
+ "status": {
|
|
+ "$numberInt": "0"
|
|
+ },
|
|
+ "masterKey": {
|
|
+ "provider": "azure",
|
|
+ "keyVaultEndpoint": "key-vault-csfle.vault.azure.net",
|
|
+ "keyName": "key-name-csfle"
|
|
+ }
|
|
+ }
|
|
+ ]
|
|
+ }
|
|
+ ],
|
|
+ "tests": [
|
|
+ {
|
|
+ "description": "Auto encrypt using access token Azure credentials",
|
|
+ "operations": [
|
|
+ {
|
|
+ "name": "insertOne",
|
|
+ "arguments": {
|
|
+ "document": {
|
|
+ "_id": 1,
|
|
+ "secret": "string0"
|
|
+ }
|
|
+ },
|
|
+ "object": "coll"
|
|
+ }
|
|
+ ],
|
|
+ "outcome": [
|
|
+ {
|
|
+ "documents": [
|
|
+ {
|
|
+ "_id": 1,
|
|
+ "secret": {
|
|
+ "$binary": {
|
|
+ "base64": "AQGVERPgAAAAAAAAAAAAAAAC5DbBSwPwfSlBrDtRuglvNvCXD1KzDuCKY2P+4bRFtHDjpTOE2XuytPAUaAbXf1orsPq59PVZmsbTZbt2CB8qaQ==",
|
|
+ "subType": "06"
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "collectionName": "coll",
|
|
+ "databaseName": "db"
|
|
+ }
|
|
+ ]
|
|
+ },
|
|
+ {
|
|
+ "description": "Explicit encrypt using access token Azure credentials",
|
|
+ "operations": [
|
|
+ {
|
|
+ "name": "encrypt",
|
|
+ "object": "clientEncryption",
|
|
+ "arguments": {
|
|
+ "value": "string0",
|
|
+ "opts": {
|
|
+ "keyAltName": "my-key",
|
|
+ "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
|
|
+ }
|
|
+ },
|
|
+ "expectResult": {
|
|
+ "$binary": {
|
|
+ "base64": "AQGVERPgAAAAAAAAAAAAAAAC5DbBSwPwfSlBrDtRuglvNvCXD1KzDuCKY2P+4bRFtHDjpTOE2XuytPAUaAbXf1orsPq59PVZmsbTZbt2CB8qaQ==",
|
|
+ "subType": "06"
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ ]
|
|
+ }
|
|
+ ]
|
|
+}
|
|
diff --git a/test/client-side-encryption/spec/unified/accessToken-gcp.json b/test/client-side-encryption/spec/unified/accessToken-gcp.json
|
|
new file mode 100644
|
|
index 00000000..f5cf8914
|
|
--- /dev/null
|
|
+++ b/test/client-side-encryption/spec/unified/accessToken-gcp.json
|
|
@@ -0,0 +1,188 @@
|
|
+{
|
|
+ "description": "accessToken-gcp",
|
|
+ "schemaVersion": "1.28",
|
|
+ "runOnRequirements": [
|
|
+ {
|
|
+ "minServerVersion": "4.1.10",
|
|
+ "csfle": {
|
|
+ "minLibmongocryptVersion": "1.6.0"
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "createEntities": [
|
|
+ {
|
|
+ "client": {
|
|
+ "id": "client",
|
|
+ "autoEncryptOpts": {
|
|
+ "keyVaultNamespace": "keyvault.datakeys",
|
|
+ "kmsProviders": {
|
|
+ "gcp": {
|
|
+ "accessToken": {
|
|
+ "$$placeholder": 1
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "database": {
|
|
+ "id": "db",
|
|
+ "client": "client",
|
|
+ "databaseName": "db"
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "collection": {
|
|
+ "id": "coll",
|
|
+ "database": "db",
|
|
+ "collectionName": "coll"
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "clientEncryption": {
|
|
+ "id": "clientEncryption",
|
|
+ "clientEncryptionOpts": {
|
|
+ "keyVaultClient": "client",
|
|
+ "keyVaultNamespace": "keyvault.datakeys",
|
|
+ "kmsProviders": {
|
|
+ "gcp": {
|
|
+ "accessToken": {
|
|
+ "$$placeholder": 1
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "initialData": [
|
|
+ {
|
|
+ "databaseName": "db",
|
|
+ "collectionName": "coll",
|
|
+ "documents": [],
|
|
+ "createOptions": {
|
|
+ "validator": {
|
|
+ "$jsonSchema": {
|
|
+ "properties": {
|
|
+ "secret": {
|
|
+ "encrypt": {
|
|
+ "keyId": [
|
|
+ {
|
|
+ "$binary": {
|
|
+ "base64": "GCP+AAAAAAAAAAAAAAAAAA==",
|
|
+ "subType": "04"
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "bsonType": "string",
|
|
+ "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
|
|
+ }
|
|
+ }
|
|
+ },
|
|
+ "bsonType": "object"
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "databaseName": "keyvault",
|
|
+ "collectionName": "datakeys",
|
|
+ "documents": [
|
|
+ {
|
|
+ "_id": {
|
|
+ "$binary": {
|
|
+ "base64": "GCP+AAAAAAAAAAAAAAAAAA==",
|
|
+ "subType": "04"
|
|
+ }
|
|
+ },
|
|
+ "keyAltNames": [
|
|
+ "my-key"
|
|
+ ],
|
|
+ "keyMaterial": {
|
|
+ "$binary": {
|
|
+ "base64": "CiQAIgLj0WyktnB4dfYHo5SLZ41K4ASQrjJUaSzl5vvVH0G12G0SiQEAjlV8XPlbnHDEDFbdTO4QIe8ER2/172U1ouLazG0ysDtFFIlSvWX5ZnZUrRMmp/R2aJkzLXEt/zf8Mn4Lfm+itnjgo5R9K4pmPNvvPKNZX5C16lrPT+aA+rd+zXFSmlMg3i5jnxvTdLHhg3G7Q/Uv1ZIJskKt95bzLoe0tUVzRWMYXLIEcohnQg==",
|
|
+ "subType": "00"
|
|
+ }
|
|
+ },
|
|
+ "creationDate": {
|
|
+ "$date": {
|
|
+ "$numberLong": "1552949630483"
|
|
+ }
|
|
+ },
|
|
+ "updateDate": {
|
|
+ "$date": {
|
|
+ "$numberLong": "1552949630483"
|
|
+ }
|
|
+ },
|
|
+ "status": {
|
|
+ "$numberInt": "0"
|
|
+ },
|
|
+ "masterKey": {
|
|
+ "provider": "gcp",
|
|
+ "projectId": "devprod-drivers",
|
|
+ "location": "global",
|
|
+ "keyRing": "key-ring-csfle",
|
|
+ "keyName": "key-name-csfle"
|
|
+ }
|
|
+ }
|
|
+ ]
|
|
+ }
|
|
+ ],
|
|
+ "tests": [
|
|
+ {
|
|
+ "description": "Auto encrypt using access token GCP credentials",
|
|
+ "operations": [
|
|
+ {
|
|
+ "name": "insertOne",
|
|
+ "arguments": {
|
|
+ "document": {
|
|
+ "_id": 1,
|
|
+ "secret": "string0"
|
|
+ }
|
|
+ },
|
|
+ "object": "coll"
|
|
+ }
|
|
+ ],
|
|
+ "outcome": [
|
|
+ {
|
|
+ "documents": [
|
|
+ {
|
|
+ "_id": 1,
|
|
+ "secret": {
|
|
+ "$binary": {
|
|
+ "base64": "ARgj/gAAAAAAAAAAAAAAAAACwFd+Y5Ojw45GUXNvbcIpN9YkRdoHDHkR4kssdn0tIMKlDQOLFkWFY9X07IRlXsxPD8DcTiKnl6XINK28vhcGlg==",
|
|
+ "subType": "06"
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "collectionName": "coll",
|
|
+ "databaseName": "db"
|
|
+ }
|
|
+ ]
|
|
+ },
|
|
+ {
|
|
+ "description": "Explicit encrypt using access token GCP credentials",
|
|
+ "operations": [
|
|
+ {
|
|
+ "name": "encrypt",
|
|
+ "object": "clientEncryption",
|
|
+ "arguments": {
|
|
+ "value": "string0",
|
|
+ "opts": {
|
|
+ "keyAltName": "my-key",
|
|
+ "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
|
|
+ }
|
|
+ },
|
|
+ "expectResult": {
|
|
+ "$binary": {
|
|
+ "base64": "ARgj/gAAAAAAAAAAAAAAAAACwFd+Y5Ojw45GUXNvbcIpN9YkRdoHDHkR4kssdn0tIMKlDQOLFkWFY9X07IRlXsxPD8DcTiKnl6XINK28vhcGlg==",
|
|
+ "subType": "06"
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ ]
|
|
+ }
|
|
+ ]
|
|
+}
|
|
diff --git a/test/unified-test-format/invalid/clientEncryptionOpts-kmsProviders-azure-accessToken-type.json b/test/unified-test-format/invalid/clientEncryptionOpts-kmsProviders-azure-accessToken-type.json
|
|
new file mode 100644
|
|
index 00000000..8fe5c150
|
|
--- /dev/null
|
|
+++ b/test/unified-test-format/invalid/clientEncryptionOpts-kmsProviders-azure-accessToken-type.json
|
|
@@ -0,0 +1,31 @@
|
|
+{
|
|
+ "description": "clientEncryptionOpts-kmsProviders-azure-accessToken-type",
|
|
+ "schemaVersion": "1.28",
|
|
+ "createEntities": [
|
|
+ {
|
|
+ "client": {
|
|
+ "id": "client0"
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "clientEncryption": {
|
|
+ "id": "clientEncryption0",
|
|
+ "clientEncryptionOpts": {
|
|
+ "keyVaultClient": "client0",
|
|
+ "keyVaultNamespace": "keyvault.datakeys",
|
|
+ "kmsProviders": {
|
|
+ "azure": {
|
|
+ "accessToken": 0
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "tests": [
|
|
+ {
|
|
+ "description": "",
|
|
+ "operations": []
|
|
+ }
|
|
+ ]
|
|
+}
|
|
diff --git a/test/unified-test-format/invalid/clientEncryptionOpts-kmsProviders-gcp-accessToken-type.json b/test/unified-test-format/invalid/clientEncryptionOpts-kmsProviders-gcp-accessToken-type.json
|
|
new file mode 100644
|
|
index 00000000..2284e26c
|
|
--- /dev/null
|
|
+++ b/test/unified-test-format/invalid/clientEncryptionOpts-kmsProviders-gcp-accessToken-type.json
|
|
@@ -0,0 +1,31 @@
|
|
+{
|
|
+ "description": "clientEncryptionOpts-kmsProviders-gcp-accessToken-type",
|
|
+ "schemaVersion": "1.28",
|
|
+ "createEntities": [
|
|
+ {
|
|
+ "client": {
|
|
+ "id": "client0"
|
|
+ }
|
|
+ },
|
|
+ {
|
|
+ "clientEncryption": {
|
|
+ "id": "clientEncryption0",
|
|
+ "clientEncryptionOpts": {
|
|
+ "keyVaultClient": "client0",
|
|
+ "keyVaultNamespace": "keyvault.datakeys",
|
|
+ "kmsProviders": {
|
|
+ "gcp": {
|
|
+ "accessToken": 0
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+ ],
|
|
+ "tests": [
|
|
+ {
|
|
+ "description": "",
|
|
+ "operations": []
|
|
+ }
|
|
+ ]
|
|
+}
|