diff options
Diffstat (limited to 'src/mongo/bson/bson_validate_test.cpp')
-rw-r--r-- | src/mongo/bson/bson_validate_test.cpp | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/src/mongo/bson/bson_validate_test.cpp b/src/mongo/bson/bson_validate_test.cpp index 8f4176bddc2..47c1486ff36 100644 --- a/src/mongo/bson/bson_validate_test.cpp +++ b/src/mongo/bson/bson_validate_test.cpp @@ -34,7 +34,9 @@ #include "mongo/bson/bson_depth.h" #include "mongo/bson/bson_validate.h" #include "mongo/bson/util/bsoncolumnbuilder.h" +#include "mongo/crypto/fle_field_schema_gen.h" #include "mongo/db/jsobj.h" +#include "mongo/db/matcher/expression_type.h" #include "mongo/logv2/log.h" #include "mongo/platform/random.h" #include "mongo/unittest/unittest.h" @@ -757,4 +759,57 @@ TEST(BSONValidateExtended, BSONColumn) { ASSERT_EQ(status.code(), ErrorCodes::NonConformantBSON); } +TEST(BSONValidateExtended, BSONEncryptedValue) { + FleBlobHeader blob; + memset(blob.keyUUID, 0, sizeof(blob.keyUUID)); + blob.originalBsonType = BSONType::String; + blob.fleBlobSubtype = static_cast<int8_t>(EncryptedBinDataType::kFLE2UnindexedEncryptedValue); + auto fle = BSONBinData( + reinterpret_cast<const void*>(&blob), sizeof(FleBlobHeader), BinDataType::Encrypt); + BSONObj obj = BSON("a" << fle); + Status status = validateBSON(obj, BSONValidateMode::kExtended); + ASSERT_OK(status); + + // Empty Encrypted BSON Value. + auto emptyBinData = ""; + obj = BSON("a" << BSONBinData(emptyBinData, 0, Encrypt)); + status = validateBSON(obj, mongo::BSONValidateMode::kExtended); + ASSERT_EQ(status.code(), ErrorCodes::NonConformantBSON); + status = validateBSON(obj, mongo::BSONValidateMode::kFull); + ASSERT_EQ(status.code(), ErrorCodes::NonConformantBSON); + + // Encrypted BSON value subtype not supposed to persist. + blob.originalBsonType = BSONType::String; + blob.fleBlobSubtype = static_cast<int8_t>(EncryptedBinDataType::kFLE2Placeholder); + fle = BSONBinData( + reinterpret_cast<const void*>(&blob), sizeof(FleBlobHeader), BinDataType::Encrypt); + obj = BSON("a" << fle); + status = validateBSON(obj, mongo::BSONValidateMode::kExtended); + ASSERT_EQ(status.code(), ErrorCodes::NonConformantBSON); + status = validateBSON(obj, mongo::BSONValidateMode::kFull); + ASSERT_EQ(status.code(), ErrorCodes::NonConformantBSON); + + // Short Encrypted BSON Value. + blob.originalBsonType = BSONType::String; + blob.fleBlobSubtype = static_cast<int8_t>(EncryptedBinDataType::kFLE2UnindexedEncryptedValue); + fle = BSONBinData( + reinterpret_cast<const void*>(&blob), sizeof(FleBlobHeader) - 1, BinDataType::Encrypt); + obj = BSON("a" << fle); + status = validateBSON(obj, mongo::BSONValidateMode::kExtended); + ASSERT_EQ(status.code(), ErrorCodes::NonConformantBSON); + status = validateBSON(obj, mongo::BSONValidateMode::kFull); + ASSERT_EQ(status.code(), ErrorCodes::NonConformantBSON); + + // Unsupported original BSON subtype. + blob.originalBsonType = BSONType::MaxKey; + blob.fleBlobSubtype = static_cast<int8_t>(EncryptedBinDataType::kFLE2UnindexedEncryptedValue); + fle = BSONBinData( + reinterpret_cast<const void*>(&blob), sizeof(FleBlobHeader), BinDataType::Encrypt); + obj = BSON("a" << fle); + status = validateBSON(obj, mongo::BSONValidateMode::kExtended); + ASSERT_EQ(status.code(), ErrorCodes::NonConformantBSON); + status = validateBSON(obj, mongo::BSONValidateMode::kFull); + ASSERT_EQ(status.code(), ErrorCodes::NonConformantBSON); +} + } // namespace |