1+ # Requires libmongocrypt 1.8.0.
2+ runOn :
3+ - minServerVersion : " 7.0.0"
4+ # Skip QEv2 (also referred to as FLE2v2) tests on Serverless. Unskip once Serverless enables the QEv2 protocol.
5+ # FLE 2 Encrypted collections are not supported on standalone.
6+ topology : [ "replicaset", "sharded", "load-balanced" ]
7+ database_name : &database_name "default"
8+ collection_name : &collection_name "default"
9+ data : []
10+ encrypted_fields : &encrypted_fields {'fields': [{'keyId': {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'path': 'encryptedIndexed', 'bsonType': 'string', 'queries': {'queryType': 'equality', 'contention': {'$numberLong': '0'}}}, {'keyId': {'$binary': {'base64': 'q83vqxI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'path': 'encryptedUnindexed', 'bsonType': 'string'}]}
11+ key_vault_data : [{'_id': {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}, 'keyMaterial': {'$binary': {'base64': 'sHe0kz57YW7v8g9VP9sf/+K1ex4JqKc5rf/URX3n3p8XdZ6+15uXPaSayC6adWbNxkFskuMCOifDoTT+rkqMtFkDclOy884RuGGtUysq3X7zkAWYTKi8QAfKkajvVbZl2y23UqgVasdQu3OVBQCrH/xY00nNAs/52e958nVjBuzQkSb1T8pKJAyjZsHJ60+FtnfafDZSTAIBJYn7UWBCwQ==', 'subType': '00'}}, 'creationDate': {'$date': {'$numberLong': '1648914851981'}}, 'updateDate': {'$date': {'$numberLong': '1648914851981'}}, 'status': {'$numberInt': '0'}, 'masterKey': {'provider': 'local'}} ]
12+
13+ tests :
14+ - description : " BypassQueryAnalysis decrypts"
15+ clientOptions :
16+ autoEncryptOpts :
17+ kmsProviders :
18+ local : {'key': {'$binary': {'base64': 'Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk', 'subType': '00'}}}
19+ bypassQueryAnalysis : true
20+ operations :
21+ - name : insertOne
22+ arguments :
23+ document : &doc0_encrypted {
24+ " _id " 1,
25+ " encryptedIndexed " {
26+ " $binary " {
27+ # Payload has an IndexKey of key1 and UserKey of key1.
28+ " base64 " " C18BAAAFZAAgAAAAANnt+eLTkv4GdDPl8IAfJOvTzArOgFJQ2S/DcLza4W0DBXMAIAAAAAD2u+omZme3P2gBPehMQyQHQ153tPN1+z7bksYA9jKTpAVwADAAAAAAUnCOQqIvmR65YKyYnsiVfVrg9hwUVO3RhhKExo3RWOzgaS0QdsBL5xKFS0JhZSoWBXUAEAAAAAQSNFZ4EjSYdhI0EjRWeJASEHQAAgAAAAV2AFAAAAAAEjRWeBI0mHYSNBI0VniQEpQbp/ZJpWBKeDtKLiXb0P2E9wvc0g3f373jnYQYlJquOrlPOoEy3ngsHPJuSUijvWDsrQzqYa349K7G/66qaXEFZQAgAAAAAOuac/eRLYakKX6B0vZ1r3QodOQFfjqJD+xlGiPu4/PsBWwAIAAAAACkm0o9bj6j0HuADKc0svbqO2UHj6GrlNdF6yKNxh63xRJrAAAAAAAAAAAAAA==" ,
29+ " subType " " 06"
30+ }
31+ }
32+ }
33+ - name : find
34+ arguments :
35+ filter : { "_id": 1 }
36+ result : [{"_id": 1, "encryptedIndexed": "123" }]
37+ expectations :
38+ - command_started_event :
39+ command :
40+ listCollections : 1
41+ filter :
42+ name : *collection_name
43+ command_name : listCollections
44+ - command_started_event :
45+ command :
46+ insert : *collection_name
47+ documents :
48+ - *doc0_encrypted
49+ ordered : true
50+ encryptionInformation :
51+ type : 1
52+ schema :
53+ " default.default "
54+ # libmongocrypt applies escCollection and ecocCollection to outgoing command.
55+ escCollection : " enxcol_.default.esc"
56+ ecocCollection : " enxcol_.default.ecoc"
57+ << : *encrypted_fields
58+ command_name : insert
59+ - command_started_event :
60+ command :
61+ find : *collection_name
62+ filter : { "_id": 1 }
63+ command_name : find
64+ - command_started_event :
65+ command :
66+ find : datakeys
67+ filter : {
68+ " $or " [
69+ {
70+ " _id " {
71+ " $in " [
72+ {'$binary': {'base64': 'EjRWeBI0mHYSNBI0VniQEg==', 'subType': '04'}}
73+ ]
74+ }
75+ },
76+ {
77+ " keyAltNames " {
78+ " $in " []
79+ }
80+ }
81+ ]
82+ }
83+ $db : keyvault
84+ readConcern : { level: "majority" }
85+ command_name : find
86+ outcome :
87+ collection :
88+ data :
89+ - {"_id": 1, "encryptedIndexed": { "$$type": "binData" }, "__safeContent__": [{ "$binary" : { "base64" : "31eCYlbQoVboc5zwC8IoyJVSkag9PxREka8dkmbXJeY=", "subType" : "00" } }] }
0 commit comments