1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
load("jstests/client_encrypt/lib/mock_kms.js");
load('jstests/ssl/libs/ssl_helpers.js');
(function() {
"use strict";
const mock_kms = new MockKMSServer();
mock_kms.start();
const randomAlgorithm = "AEAD_AES_256_CBC_HMAC_SHA_512-Random";
const deterministicAlgorithm = "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic";
const x509_options = {
sslMode: "requireSSL",
sslPEMKeyFile: SERVER_CERT,
sslCAFile: CA_CERT,
vvvvv: ""
};
const conn = MongoRunner.runMongod(x509_options);
const unencryptedDatabase = conn.getDB("test");
const collection = unencryptedDatabase.keystore;
const awsKMS = {
accessKeyId: "access",
secretAccessKey: "secret",
url: mock_kms.getURL(),
};
const clientSideFLEOptionsFail = [
{
kmsProviders: {
aws: awsKMS,
},
schemaMap: {},
},
{
keyVaultNamespace: "test.keystore",
schemaMap: {},
},
];
clientSideFLEOptionsFail.forEach(element => {
assert.throws(Mongo, [conn.host, element]);
});
const clientSideFLEOptionsPass = [
{
kmsProviders: {
aws: awsKMS,
},
keyVaultNamespace: "test.keystore",
schemaMap: {},
},
];
clientSideFLEOptionsPass.forEach(element => {
assert.doesNotThrow(() => {
Mongo(conn.host, element);
});
});
MongoRunner.stopMongod(conn);
mock_kms.stop();
}());
|
