-
Type:
Task
-
Resolution: Won't Fix
-
Priority:
Unknown
-
None
-
Affects Version/s: None
-
Component/s: Client Side Encryption, CSOT
-
None
The test fails to timeout - showing there is an issue with the code or the test is incorrect.
Local prose test derrived from timeout.yml to help debug "timeoutMS applied to listCollections to get collection schema"
@Tag("setsFailPoint")
@Test
public void testCSFLE() {
// This would have to be the same master key as was used to create the encryption key
byte[] localMasterKey = new byte[96];
new SecureRandom().nextBytes(localMasterKey);
Map<String, Map<String, Object>> kmsProviders = new HashMap<String, Map<String, Object>>() {{
put("local", new HashMap<String, Object>() {{
put("key", localMasterKey);
}});
}};
MongoClientSettings commonClientSettings = getMongoClientSettings();
String keyVaultNamespace = "encryption.__keyVault";
ClientEncryptionSettings clientEncryptionSettings = ClientEncryptionSettings.builder()
.keyVaultMongoClientSettings(commonClientSettings)
.keyVaultNamespace(keyVaultNamespace)
.kmsProviders(kmsProviders)
.build();
ClientEncryption clientEncryption = ClientEncryptions.create(clientEncryptionSettings);
BsonBinary dataKeyId = clientEncryption.createDataKey("local", new DataKeyOptions());
String base64DataKeyId = Base64.getEncoder().encodeToString(dataKeyId.getData());
final String dbName = "test";
final String collName = "coll";
AutoEncryptionSettings autoEncryptionSettings = AutoEncryptionSettings.builder()
.keyVaultNamespace(keyVaultNamespace)
.kmsProviders(kmsProviders)
.schemaMap(new HashMap<String, BsonDocument>() {{
put(dbName + "." + collName,
// Need a schema that references the new data key
BsonDocument.parse("{"
+ " properties: {"
+ " encryptedField: {"
+ " encrypt: {"
+ " keyId: [{"
+ " \"$binary\": {"
+ " \"base64\": \"" + base64DataKeyId + "\","
+ " \"subType\": \"04\""
+ " }"
+ " }],"
+ " bsonType: \"string\","
+ " algorithm: \"AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic\""
+ " }"
+ " }"
+ " },"
+ " \"bsonType\": \"object\""
+ "}"));
}}).build();
collectionHelper.runAdminCommand("{" +
" \"configureFailPoint\": \"failCommand\"," +
" \"mode\": {" +
" \"times\": 3" +
" }," +
" \"data\": {" +
" \"failCommands\": [" +
" \"listCollections\"," +
" \"find\"" +
" ]," +
" \"blockConnection\": true," +
" \"blockTimeMS\": 200" +
" }" +
" }");
try (MongoClient mongoClient = createMongoClient(getMongoClientSettingsBuilder()
.autoEncryptionSettings(autoEncryptionSettings)
.timeout(500, TimeUnit.MILLISECONDS))) {
MongoCollection<Document> collection = mongoClient.getDatabase(namespace.getDatabaseName())
.getCollection(namespace.getCollectionName());
assertThrows(MongoOperationTimeoutException.class, () ->
collection.insertOne(new Document("encryptedField", "123456789"))
);
}
}