Skip to content

Commit

Permalink
chore(NODE-5974): sync CSOT tests (#4153)
Browse files Browse the repository at this point in the history
  • Loading branch information
@baileympearson
baileympearson authored Jun 20, 2024
1 parent 8d5d984 commit 8fb43f8
Show file tree
Hide file tree
Showing 3 changed files with 278 additions and 0 deletions.
11 changes: 11 additions & 0 deletions test/integration/client-side-encryption/client_side_encryption.spec.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,17 @@ describe('Client Side Encryption (Legacy)', function () {
if (SKIPPED_TESTS.has(description)) {
return false;
}

// TODO(NODE-5686): add CSOT support to FLE
if (
[
'timeoutMS applied to listCollections to get collection schema',
'remaining timeoutMS applied to find to get keyvault data'
].includes(description)
) {
return false;
}

if (isServerless) {
// TODO(NODE-4730): Fix failing csfle tests against serverless
const isSkippedTest = [
Expand Down
200 changes: 200 additions & 0 deletions test/spec/client-side-encryption/tests/legacy/timeoutMS.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,200 @@
{
"runOn": [
{
"minServerVersion": "4.4"
}
],
"database_name": "cse-timeouts-db",
"collection_name": "cse-timeouts-coll",
"data": [],
"json_schema": {
"properties": {
"encrypted_w_altname": {
"encrypt": {
"keyId": "/altname",
"bsonType": "string",
"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Random"
}
},
"encrypted_string": {
"encrypt": {
"keyId": [
{
"$binary": {
"base64": "AAAAAAAAAAAAAAAAAAAAAA==",
"subType": "04"
}
}
],
"bsonType": "string",
"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
}
},
"random": {
"encrypt": {
"keyId": [
{
"$binary": {
"base64": "AAAAAAAAAAAAAAAAAAAAAA==",
"subType": "04"
}
}
],
"bsonType": "string",
"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Random"
}
},
"encrypted_string_equivalent": {
"encrypt": {
"keyId": [
{
"$binary": {
"base64": "AAAAAAAAAAAAAAAAAAAAAA==",
"subType": "04"
}
}
],
"bsonType": "string",
"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
}
}
},
"bsonType": "object"
},
"key_vault_data": [
{
"status": 1,
"_id": {
"$binary": {
"base64": "AAAAAAAAAAAAAAAAAAAAAA==",
"subType": "04"
}
},
"masterKey": {
"provider": "aws",
"key": "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
"region": "us-east-1"
},
"updateDate": {
"$date": {
"$numberLong": "1552949630483"
}
},
"keyMaterial": {
"$binary": {
"base64": "AQICAHhQNmWG2CzOm1dq3kWLM+iDUZhEqnhJwH9wZVpuZ94A8gEqnsxXlR51T5EbEVezUqqKAAAAwjCBvwYJKoZIhvcNAQcGoIGxMIGuAgEAMIGoBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDHa4jo6yp0Z18KgbUgIBEIB74sKxWtV8/YHje5lv5THTl0HIbhSwM6EqRlmBiFFatmEWaeMk4tO4xBX65eq670I5TWPSLMzpp8ncGHMmvHqRajNBnmFtbYxN3E3/WjxmdbOOe+OXpnGJPcGsftc7cB2shRfA4lICPnE26+oVNXT6p0Lo20nY5XC7jyCO",
"subType": "00"
}
},
"creationDate": {
"$date": {
"$numberLong": "1552949630483"
}
},
"keyAltNames": [
"altname",
"another_altname"
]
}
],
"tests": [
{
"description": "timeoutMS applied to listCollections to get collection schema",
"failPoint": {
"configureFailPoint": "failCommand",
"mode": {
"times": 1
},
"data": {
"failCommands": [
"listCollections"
],
"blockConnection": true,
"blockTimeMS": 60
}
},
"clientOptions": {
"autoEncryptOpts": {
"kmsProviders": {
"aws": {}
}
},
"timeoutMS": 50
},
"operations": [
{
"name": "insertOne",
"arguments": {
"document": {
"_id": 1,
"encrypted_string": "string0",
"random": "abc"
}
},
"result": {
"isTimeoutError": true
}
}
],
"expectations": [
{
"command_started_event": {
"command": {
"listCollections": 1,
"filter": {
"name": "cse-timeouts-coll"
},
"maxTimeMS": {
"$$type": [
"int",
"long"
]
}
},
"command_name": "listCollections"
}
}
]
},
{
"description": "remaining timeoutMS applied to find to get keyvault data",
"failPoint": {
"configureFailPoint": "failCommand",
"mode": {
"times": 2
},
"data": {
"failCommands": [
"listCollections",
"find"
],
"blockConnection": true,
"blockTimeMS": 30
}
},
"clientOptions": {
"autoEncryptOpts": {
"kmsProviders": {
"aws": {}
}
},
"timeoutMS": 50
},
"operations": [
{
"name": "insertOne",
"arguments": {
"document": {
"_id": 1,
"encrypted_string": "string0",
"random": "abc"
}
},
"result": {
"isTimeoutError": true
}
}
]
}
]
}
67 changes: 67 additions & 0 deletions test/spec/client-side-encryption/tests/legacy/timeoutMS.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
runOn:
- minServerVersion: "4.4"
database_name: &database_name "cse-timeouts-db"
collection_name: &collection_name "cse-timeouts-coll"

data: []
json_schema: {'properties': {'encrypted_w_altname': {'encrypt': {'keyId': '/altname', 'bsonType': 'string', 'algorithm': 'AEAD_AES_256_CBC_HMAC_SHA_512-Random'}}, 'encrypted_string': {'encrypt': {'keyId': [{'$binary': {'base64': 'AAAAAAAAAAAAAAAAAAAAAA==', 'subType': '04'}}], 'bsonType': 'string', 'algorithm': 'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic'}}, 'random': {'encrypt': {'keyId': [{'$binary': {'base64': 'AAAAAAAAAAAAAAAAAAAAAA==', 'subType': '04'}}], 'bsonType': 'string', 'algorithm': 'AEAD_AES_256_CBC_HMAC_SHA_512-Random'}}, 'encrypted_string_equivalent': {'encrypt': {'keyId': [{'$binary': {'base64': 'AAAAAAAAAAAAAAAAAAAAAA==', 'subType': '04'}}], 'bsonType': 'string', 'algorithm': 'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic'}}}, 'bsonType': 'object'}
key_vault_data: [{'status': 1, '_id': {'$binary': {'base64': 'AAAAAAAAAAAAAAAAAAAAAA==', 'subType': '04'}}, 'masterKey': {'provider': 'aws', 'key': 'arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0', 'region': 'us-east-1'}, 'updateDate': {'$date': {'$numberLong': '1552949630483'}}, 'keyMaterial': {'$binary': {'base64': 'AQICAHhQNmWG2CzOm1dq3kWLM+iDUZhEqnhJwH9wZVpuZ94A8gEqnsxXlR51T5EbEVezUqqKAAAAwjCBvwYJKoZIhvcNAQcGoIGxMIGuAgEAMIGoBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDHa4jo6yp0Z18KgbUgIBEIB74sKxWtV8/YHje5lv5THTl0HIbhSwM6EqRlmBiFFatmEWaeMk4tO4xBX65eq670I5TWPSLMzpp8ncGHMmvHqRajNBnmFtbYxN3E3/WjxmdbOOe+OXpnGJPcGsftc7cB2shRfA4lICPnE26+oVNXT6p0Lo20nY5XC7jyCO', 'subType': '00'}}, 'creationDate': {'$date': {'$numberLong': '1552949630483'}}, 'keyAltNames': ['altname', 'another_altname']}]

tests:
- description: "timeoutMS applied to listCollections to get collection schema"
failPoint:
configureFailPoint: failCommand
mode: { times: 1 }
data:
failCommands: ["listCollections"]
blockConnection: true
blockTimeMS: 60
clientOptions:
autoEncryptOpts:
kmsProviders:
aws: {} # Credentials filled in from environment.
timeoutMS: 50
operations:
- name: insertOne
arguments:
document: &doc0 { _id: 1, encrypted_string: "string0", random: "abc" }
result:
isTimeoutError: true
expectations:
# Auto encryption will request the collection info.
- command_started_event:
command:
listCollections: 1
filter:
name: *collection_name
maxTimeMS: { $$type: ["int", "long"] }
command_name: listCollections

# Test that timeoutMS applies to the sum of all operations done for client-side encryption. This is done by blocking
# listCollections and find for 30ms each and running an insertOne with timeoutMS=50. There should be one
# listCollections command and one "find" command, so the sum should take more than timeoutMS. A second listCollections
# event doesn't occur due to the internal MongoClient lacking configured auto encryption, plus libmongocrypt holds the
# collection schema in cache for a minute.
#
# This test does not include command monitoring expectations because the exact command sequence is dependent on the
# amount of time taken by mongocryptd communication. In slow runs, mongocryptd communication can breach the timeout
# and result in the final "find" not being sent.
- description: "remaining timeoutMS applied to find to get keyvault data"
failPoint:
configureFailPoint: failCommand
mode: { times: 2 }
data:
failCommands: ["listCollections", "find"]
blockConnection: true
blockTimeMS: 30
clientOptions:
autoEncryptOpts:
kmsProviders:
aws: {} # Credentials filled in from environment.
timeoutMS: 50
operations:
- name: insertOne
arguments:
document: *doc0
result:
isTimeoutError: true

0 comments on commit 8fb43f8

Please sign in to comment.