Skip to content

chore(NODE-5974): sync CSOT tests #4153

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jun 20, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,17 @@ describe('Client Side Encryption (Legacy)', function () {
if (SKIPPED_TESTS.has(description)) {
return false;
}

// TODO(NODE-5686): add CSOT support to FLE
if (
[
'timeoutMS applied to listCollections to get collection schema',
'remaining timeoutMS applied to find to get keyvault data'
].includes(description)
) {
return false;
}

if (isServerless) {
// TODO(NODE-4730): Fix failing csfle tests against serverless
const isSkippedTest = [
Expand Down
200 changes: 200 additions & 0 deletions test/spec/client-side-encryption/tests/legacy/timeoutMS.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,200 @@
{
"runOn": [
{
"minServerVersion": "4.4"
}
],
"database_name": "cse-timeouts-db",
"collection_name": "cse-timeouts-coll",
"data": [],
"json_schema": {
"properties": {
"encrypted_w_altname": {
"encrypt": {
"keyId": "/altname",
"bsonType": "string",
"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Random"
}
},
"encrypted_string": {
"encrypt": {
"keyId": [
{
"$binary": {
"base64": "AAAAAAAAAAAAAAAAAAAAAA==",
"subType": "04"
}
}
],
"bsonType": "string",
"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
}
},
"random": {
"encrypt": {
"keyId": [
{
"$binary": {
"base64": "AAAAAAAAAAAAAAAAAAAAAA==",
"subType": "04"
}
}
],
"bsonType": "string",
"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Random"
}
},
"encrypted_string_equivalent": {
"encrypt": {
"keyId": [
{
"$binary": {
"base64": "AAAAAAAAAAAAAAAAAAAAAA==",
"subType": "04"
}
}
],
"bsonType": "string",
"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
}
}
},
"bsonType": "object"
},
"key_vault_data": [
{
"status": 1,
"_id": {
"$binary": {
"base64": "AAAAAAAAAAAAAAAAAAAAAA==",
"subType": "04"
}
},
"masterKey": {
"provider": "aws",
"key": "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
"region": "us-east-1"
},
"updateDate": {
"$date": {
"$numberLong": "1552949630483"
}
},
"keyMaterial": {
"$binary": {
"base64": "AQICAHhQNmWG2CzOm1dq3kWLM+iDUZhEqnhJwH9wZVpuZ94A8gEqnsxXlR51T5EbEVezUqqKAAAAwjCBvwYJKoZIhvcNAQcGoIGxMIGuAgEAMIGoBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDHa4jo6yp0Z18KgbUgIBEIB74sKxWtV8/YHje5lv5THTl0HIbhSwM6EqRlmBiFFatmEWaeMk4tO4xBX65eq670I5TWPSLMzpp8ncGHMmvHqRajNBnmFtbYxN3E3/WjxmdbOOe+OXpnGJPcGsftc7cB2shRfA4lICPnE26+oVNXT6p0Lo20nY5XC7jyCO",
"subType": "00"
}
},
"creationDate": {
"$date": {
"$numberLong": "1552949630483"
}
},
"keyAltNames": [
"altname",
"another_altname"
]
}
],
"tests": [
{
"description": "timeoutMS applied to listCollections to get collection schema",
"failPoint": {
"configureFailPoint": "failCommand",
"mode": {
"times": 1
},
"data": {
"failCommands": [
"listCollections"
],
"blockConnection": true,
"blockTimeMS": 60
}
},
"clientOptions": {
"autoEncryptOpts": {
"kmsProviders": {
"aws": {}
}
},
"timeoutMS": 50
},
"operations": [
{
"name": "insertOne",
"arguments": {
"document": {
"_id": 1,
"encrypted_string": "string0",
"random": "abc"
}
},
"result": {
"isTimeoutError": true
}
}
],
"expectations": [
{
"command_started_event": {
"command": {
"listCollections": 1,
"filter": {
"name": "cse-timeouts-coll"
},
"maxTimeMS": {
"$$type": [
"int",
"long"
]
}
},
"command_name": "listCollections"
}
}
]
},
{
"description": "remaining timeoutMS applied to find to get keyvault data",
"failPoint": {
"configureFailPoint": "failCommand",
"mode": {
"times": 2
},
"data": {
"failCommands": [
"listCollections",
"find"
],
"blockConnection": true,
"blockTimeMS": 30
}
},
"clientOptions": {
"autoEncryptOpts": {
"kmsProviders": {
"aws": {}
}
},
"timeoutMS": 50
},
"operations": [
{
"name": "insertOne",
"arguments": {
"document": {
"_id": 1,
"encrypted_string": "string0",
"random": "abc"
}
},
"result": {
"isTimeoutError": true
}
}
]
}
]
}
67 changes: 67 additions & 0 deletions test/spec/client-side-encryption/tests/legacy/timeoutMS.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
runOn:
- minServerVersion: "4.4"
database_name: &database_name "cse-timeouts-db"
collection_name: &collection_name "cse-timeouts-coll"

data: []
json_schema: {'properties': {'encrypted_w_altname': {'encrypt': {'keyId': '/altname', 'bsonType': 'string', 'algorithm': 'AEAD_AES_256_CBC_HMAC_SHA_512-Random'}}, 'encrypted_string': {'encrypt': {'keyId': [{'$binary': {'base64': 'AAAAAAAAAAAAAAAAAAAAAA==', 'subType': '04'}}], 'bsonType': 'string', 'algorithm': 'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic'}}, 'random': {'encrypt': {'keyId': [{'$binary': {'base64': 'AAAAAAAAAAAAAAAAAAAAAA==', 'subType': '04'}}], 'bsonType': 'string', 'algorithm': 'AEAD_AES_256_CBC_HMAC_SHA_512-Random'}}, 'encrypted_string_equivalent': {'encrypt': {'keyId': [{'$binary': {'base64': 'AAAAAAAAAAAAAAAAAAAAAA==', 'subType': '04'}}], 'bsonType': 'string', 'algorithm': 'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic'}}}, 'bsonType': 'object'}
key_vault_data: [{'status': 1, '_id': {'$binary': {'base64': 'AAAAAAAAAAAAAAAAAAAAAA==', 'subType': '04'}}, 'masterKey': {'provider': 'aws', 'key': 'arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0', 'region': 'us-east-1'}, 'updateDate': {'$date': {'$numberLong': '1552949630483'}}, 'keyMaterial': {'$binary': {'base64': 'AQICAHhQNmWG2CzOm1dq3kWLM+iDUZhEqnhJwH9wZVpuZ94A8gEqnsxXlR51T5EbEVezUqqKAAAAwjCBvwYJKoZIhvcNAQcGoIGxMIGuAgEAMIGoBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDHa4jo6yp0Z18KgbUgIBEIB74sKxWtV8/YHje5lv5THTl0HIbhSwM6EqRlmBiFFatmEWaeMk4tO4xBX65eq670I5TWPSLMzpp8ncGHMmvHqRajNBnmFtbYxN3E3/WjxmdbOOe+OXpnGJPcGsftc7cB2shRfA4lICPnE26+oVNXT6p0Lo20nY5XC7jyCO', 'subType': '00'}}, 'creationDate': {'$date': {'$numberLong': '1552949630483'}}, 'keyAltNames': ['altname', 'another_altname']}]

tests:
- description: "timeoutMS applied to listCollections to get collection schema"
failPoint:
configureFailPoint: failCommand
mode: { times: 1 }
data:
failCommands: ["listCollections"]
blockConnection: true
blockTimeMS: 60
clientOptions:
autoEncryptOpts:
kmsProviders:
aws: {} # Credentials filled in from environment.
timeoutMS: 50
operations:
- name: insertOne
arguments:
document: &doc0 { _id: 1, encrypted_string: "string0", random: "abc" }
result:
isTimeoutError: true
expectations:
# Auto encryption will request the collection info.
- command_started_event:
command:
listCollections: 1
filter:
name: *collection_name
maxTimeMS: { $$type: ["int", "long"] }
command_name: listCollections

# Test that timeoutMS applies to the sum of all operations done for client-side encryption. This is done by blocking
# listCollections and find for 30ms each and running an insertOne with timeoutMS=50. There should be one
# listCollections command and one "find" command, so the sum should take more than timeoutMS. A second listCollections
# event doesn't occur due to the internal MongoClient lacking configured auto encryption, plus libmongocrypt holds the
# collection schema in cache for a minute.
#
# This test does not include command monitoring expectations because the exact command sequence is dependent on the
# amount of time taken by mongocryptd communication. In slow runs, mongocryptd communication can breach the timeout
# and result in the final "find" not being sent.
- description: "remaining timeoutMS applied to find to get keyvault data"
failPoint:
configureFailPoint: failCommand
mode: { times: 2 }
data:
failCommands: ["listCollections", "find"]
blockConnection: true
blockTimeMS: 30
clientOptions:
autoEncryptOpts:
kmsProviders:
aws: {} # Credentials filled in from environment.
timeoutMS: 50
operations:
- name: insertOne
arguments:
document: *doc0
result:
isTimeoutError: true