1{ 2 "runOn": [ 3 { 4 "minServerVersion": "4.1.10" 5 } 6 ], 7 "database_name": "default", 8 "collection_name": "default", 9 "data": [], 10 "json_schema": { 11 "properties": { 12 "encrypted_w_altname": { 13 "encrypt": { 14 "keyId": "/altname", 15 "bsonType": "string", 16 "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Random" 17 } 18 }, 19 "encrypted_string": { 20 "encrypt": { 21 "keyId": [ 22 { 23 "$binary": { 24 "base64": "AAAAAAAAAAAAAAAAAAAAAA==", 25 "subType": "04" 26 } 27 } 28 ], 29 "bsonType": "string", 30 "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic" 31 } 32 }, 33 "random": { 34 "encrypt": { 35 "keyId": [ 36 { 37 "$binary": { 38 "base64": "AAAAAAAAAAAAAAAAAAAAAA==", 39 "subType": "04" 40 } 41 } 42 ], 43 "bsonType": "string", 44 "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Random" 45 } 46 }, 47 "encrypted_string_equivalent": { 48 "encrypt": { 49 "keyId": [ 50 { 51 "$binary": { 52 "base64": "AAAAAAAAAAAAAAAAAAAAAA==", 53 "subType": "04" 54 } 55 } 56 ], 57 "bsonType": "string", 58 "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic" 59 } 60 } 61 }, 62 "bsonType": "object" 63 }, 64 "key_vault_data": [ 65 { 66 "status": 1, 67 "_id": { 68 "$binary": { 69 "base64": "AAAAAAAAAAAAAAAAAAAAAA==", 70 "subType": "04" 71 } 72 }, 73 "masterKey": { 74 "provider": "aws", 75 "key": "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0", 76 "region": "us-east-1" 77 }, 78 "updateDate": { 79 "$date": { 80 "$numberLong": "1552949630483" 81 } 82 }, 83 "keyMaterial": { 84 "$binary": { 85 "base64": "AQICAHhQNmWG2CzOm1dq3kWLM+iDUZhEqnhJwH9wZVpuZ94A8gEqnsxXlR51T5EbEVezUqqKAAAAwjCBvwYJKoZIhvcNAQcGoIGxMIGuAgEAMIGoBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDHa4jo6yp0Z18KgbUgIBEIB74sKxWtV8/YHje5lv5THTl0HIbhSwM6EqRlmBiFFatmEWaeMk4tO4xBX65eq670I5TWPSLMzpp8ncGHMmvHqRajNBnmFtbYxN3E3/WjxmdbOOe+OXpnGJPcGsftc7cB2shRfA4lICPnE26+oVNXT6p0Lo20nY5XC7jyCO", 86 "subType": "00" 87 } 88 }, 89 "creationDate": { 90 "$date": { 91 "$numberLong": "1552949630483" 92 } 93 }, 94 "keyAltNames": [ 95 "altname", 96 "another_altname" 97 ] 98 } 99 ], 100 "tests": [ 101 { 102 "description": "Insert a document with auto encryption using the AWS provider with temporary credentials", 103 "clientOptions": { 104 "autoEncryptOpts": { 105 "kmsProviders": { 106 "awsTemporary": {} 107 } 108 } 109 }, 110 "operations": [ 111 { 112 "name": "insertOne", 113 "arguments": { 114 "document": { 115 "_id": 1, 116 "encrypted_string": "string0" 117 } 118 } 119 } 120 ], 121 "expectations": [ 122 { 123 "command_started_event": { 124 "command": { 125 "listCollections": 1, 126 "filter": { 127 "name": "default" 128 } 129 }, 130 "command_name": "listCollections" 131 } 132 }, 133 { 134 "command_started_event": { 135 "command": { 136 "find": "datakeys", 137 "filter": { 138 "$or": [ 139 { 140 "_id": { 141 "$in": [ 142 { 143 "$binary": { 144 "base64": "AAAAAAAAAAAAAAAAAAAAAA==", 145 "subType": "04" 146 } 147 } 148 ] 149 } 150 }, 151 { 152 "keyAltNames": { 153 "$in": [] 154 } 155 } 156 ] 157 }, 158 "$db": "keyvault" 159 }, 160 "command_name": "find" 161 } 162 }, 163 { 164 "command_started_event": { 165 "command": { 166 "insert": "default", 167 "documents": [ 168 { 169 "_id": 1, 170 "encrypted_string": { 171 "$binary": { 172 "base64": "AQAAAAAAAAAAAAAAAAAAAAACwj+3zkv2VM+aTfk60RqhXq6a/77WlLwu/BxXFkL7EppGsju/m8f0x5kBDD3EZTtGALGXlym5jnpZAoSIkswHoA==", 173 "subType": "06" 174 } 175 } 176 } 177 ], 178 "ordered": true 179 }, 180 "command_name": "insert" 181 } 182 } 183 ], 184 "outcome": { 185 "collection": { 186 "data": [ 187 { 188 "_id": 1, 189 "encrypted_string": { 190 "$binary": { 191 "base64": "AQAAAAAAAAAAAAAAAAAAAAACwj+3zkv2VM+aTfk60RqhXq6a/77WlLwu/BxXFkL7EppGsju/m8f0x5kBDD3EZTtGALGXlym5jnpZAoSIkswHoA==", 192 "subType": "06" 193 } 194 } 195 } 196 ] 197 } 198 } 199 }, 200 { 201 "description": "Insert with invalid temporary credentials", 202 "clientOptions": { 203 "autoEncryptOpts": { 204 "kmsProviders": { 205 "awsTemporaryNoSessionToken": {} 206 } 207 } 208 }, 209 "operations": [ 210 { 211 "name": "insertOne", 212 "arguments": { 213 "document": { 214 "_id": 1, 215 "encrypted_string": "string0" 216 } 217 }, 218 "result": { 219 "errorContains": "security token" 220 } 221 } 222 ] 223 } 224 ] 225 } 226