add remaining test cases

kevinAlbs · kevinAlbs · commit 54051162d68f · 2022-05-17T09:44:20.000-04:00
diff --git a/src/libmongoc/tests/test-mongoc-client-side-encryption.c b/src/libmongoc/tests/test-mongoc-client-side-encryption.c
@@ -3569,6 +3569,168 @@ test_explicit_encryption_case2 (void *unused)
    explicit_encryption_destroy (eef);
 }
 
+static void
+test_explicit_encryption_case3 (void *unused)
+{
+   /* Case 3: can insert encrypted unindexed */
+   bson_error_t error;
+   bool ok;
+   mongoc_client_encryption_encrypt_opts_t *eopts;
+   bson_value_t plaintext = {0};
+
+   ee_fixture *eef = explicit_encryption_setup ();
+   plaintext.value_type = BSON_TYPE_UTF8;
+   plaintext.value.v_utf8.str = "encrypted unindexed value";
+   plaintext.value.v_utf8.len = (uint32_t) strlen (plaintext.value.v_utf8.str);
+
+   /* Use ``encryptedClient`` to insert the document ``{ "_id": 1,
+    * "encryptedUnindexed": <insertPayload> }``. */
+   {
+      bson_value_t insertPayload;
+      bson_t to_insert = BSON_INITIALIZER;
+
+      eopts = mongoc_client_encryption_encrypt_opts_new ();
+      mongoc_client_encryption_encrypt_opts_set_keyid (eopts, &eef->key1ID);
+      mongoc_client_encryption_encrypt_opts_set_algorithm (
+         eopts, MONGOC_ENCRYPT_ALGORITHM_UNINDEXED);
+
+      ok = mongoc_client_encryption_encrypt (
+         eef->clientEncryption, &plaintext, eopts, &insertPayload, &error);
+      ASSERT_OR_PRINT (ok, error);
+
+      ASSERT (BSON_APPEND_INT32 (&to_insert, "_id", 1));
+      ASSERT (
+         BSON_APPEND_VALUE (&to_insert, "encryptedUnindexed", &insertPayload));
+
+      ok = mongoc_collection_insert_one (eef->encryptedColl,
+                                         &to_insert,
+                                         NULL /* opts */,
+                                         NULL /* reply */,
+                                         &error);
+      ASSERT_OR_PRINT (ok, error);
+
+      bson_value_destroy (&insertPayload);
+      bson_destroy (&to_insert);
+      mongoc_client_encryption_encrypt_opts_destroy (eopts);
+   }
+
+   /* Use ``encryptedClient`` to run a "find" operation on the
+    * ``db.explicit_encryption`` collection with the filter ``{ "_id": 1 }``. */
+   {
+      mongoc_cursor_t *cursor;
+      bson_t filter = BSON_INITIALIZER;
+      const bson_t *got;
+
+      ASSERT (BSON_APPEND_INT32 (&filter, "_id", 1));
+
+      cursor = mongoc_collection_find_with_opts (
+         eef->encryptedColl, &filter, NULL /* opts */, NULL /* read_prefs */);
+      ASSERT (mongoc_cursor_next (cursor, &got));
+      ASSERT_OR_PRINT (!mongoc_cursor_error (cursor, &error), error);
+      ASSERT_MATCH (got,
+                    "{ 'encryptedUnindexed': 'encrypted unindexed value' }");
+      ASSERT (!mongoc_cursor_next (cursor, &got) &&
+              "expected one document to be returned, got more than one");
+
+      mongoc_cursor_destroy (cursor);
+      bson_destroy (&filter);
+   }
+
+   explicit_encryption_destroy (eef);
+}
+
+static void
+test_explicit_encryption_case4 (void *unused)
+{
+   /* Case 4: can roundtrip encrypted indexed */
+   bson_error_t error;
+   bool ok;
+   mongoc_client_encryption_encrypt_opts_t *eopts;
+   bson_value_t plaintext = {0};
+   bson_value_t payload;
+
+   ee_fixture *eef = explicit_encryption_setup ();
+   plaintext.value_type = BSON_TYPE_UTF8;
+   plaintext.value.v_utf8.str = "encrypted indexed value";
+   plaintext.value.v_utf8.len = (uint32_t) strlen (plaintext.value.v_utf8.str);
+
+   /* Use ``clientEncryption`` to encrypt the value "encrypted indexed value".
+    */
+   {
+      eopts = mongoc_client_encryption_encrypt_opts_new ();
+      mongoc_client_encryption_encrypt_opts_set_keyid (eopts, &eef->key1ID);
+      mongoc_client_encryption_encrypt_opts_set_algorithm (
+         eopts, MONGOC_ENCRYPT_ALGORITHM_INDEXED);
+
+      ok = mongoc_client_encryption_encrypt (
+         eef->clientEncryption, &plaintext, eopts, &payload, &error);
+      ASSERT_OR_PRINT (ok, error);
+
+      mongoc_client_encryption_encrypt_opts_destroy (eopts);
+   }
+
+   /* Use ``clientEncryption`` to decrypt ``payload`` */
+   {
+      bson_value_t got;
+
+      ok = mongoc_client_encryption_decrypt (
+         eef->clientEncryption, &payload, &got, &error);
+      ASSERT_OR_PRINT (ok, error);
+      ASSERT (got.value_type == BSON_TYPE_UTF8);
+      ASSERT_CMPSTR (got.value.v_utf8.str, "encrypted indexed value");
+      bson_value_destroy (&got);
+   }
+
+   bson_value_destroy (&payload);
+   explicit_encryption_destroy (eef);
+}
+
+static void
+test_explicit_encryption_case5 (void *unused)
+{
+   /* Case 5: can roundtrip encrypted unindexed */
+   bson_error_t error;
+   bool ok;
+   mongoc_client_encryption_encrypt_opts_t *eopts;
+   bson_value_t plaintext = {0};
+   bson_value_t payload;
+
+   ee_fixture *eef = explicit_encryption_setup ();
+   plaintext.value_type = BSON_TYPE_UTF8;
+   plaintext.value.v_utf8.str = "encrypted unindexed value";
+   plaintext.value.v_utf8.len = (uint32_t) strlen (plaintext.value.v_utf8.str);
+
+   /* Use ``clientEncryption`` to encrypt the value "encrypted unindexed value".
+    */
+   {
+      eopts = mongoc_client_encryption_encrypt_opts_new ();
+      mongoc_client_encryption_encrypt_opts_set_keyid (eopts, &eef->key1ID);
+      mongoc_client_encryption_encrypt_opts_set_algorithm (
+         eopts, MONGOC_ENCRYPT_ALGORITHM_UNINDEXED);
+
+      ok = mongoc_client_encryption_encrypt (
+         eef->clientEncryption, &plaintext, eopts, &payload, &error);
+      ASSERT_OR_PRINT (ok, error);
+
+      mongoc_client_encryption_encrypt_opts_destroy (eopts);
+   }
+
+   /* Use ``clientEncryption`` to decrypt ``payload`` */
+   {
+      bson_value_t got;
+
+      ok = mongoc_client_encryption_decrypt (
+         eef->clientEncryption, &payload, &got, &error);
+      ASSERT_OR_PRINT (ok, error);
+      ASSERT (got.value_type == BSON_TYPE_UTF8);
+      ASSERT_CMPSTR (got.value.v_utf8.str, "encrypted unindexed value");
+      bson_value_destroy (&got);
+   }
+
+   bson_value_destroy (&payload);
+   explicit_encryption_destroy (eef);
+}
+
 void
 test_client_side_encryption_install (TestSuite *suite)
 {
@@ -3733,4 +3895,31 @@ test_client_side_encryption_install (TestSuite *suite)
                       test_framework_skip_if_no_client_side_encryption,
                       test_framework_skip_if_max_wire_version_less_than_17,
                       test_framework_skip_if_single);
+
+   TestSuite_AddFull (suite,
+                      "/client_side_encryption/explicit_encryption/case3",
+                      test_explicit_encryption_case3,
+                      NULL /* dtor */,
+                      NULL /* ctx */,
+                      test_framework_skip_if_no_client_side_encryption,
+                      test_framework_skip_if_max_wire_version_less_than_17,
+                      test_framework_skip_if_single);
+
+   TestSuite_AddFull (suite,
+                      "/client_side_encryption/explicit_encryption/case4",
+                      test_explicit_encryption_case4,
+                      NULL /* dtor */,
+                      NULL /* ctx */,
+                      test_framework_skip_if_no_client_side_encryption,
+                      test_framework_skip_if_max_wire_version_less_than_17,
+                      test_framework_skip_if_single);
+
+   TestSuite_AddFull (suite,
+                      "/client_side_encryption/explicit_encryption/case5",
+                      test_explicit_encryption_case5,
+                      NULL /* dtor */,
+                      NULL /* ctx */,
+                      test_framework_skip_if_no_client_side_encryption,
+                      test_framework_skip_if_max_wire_version_less_than_17,
+                      test_framework_skip_if_single);
 }
