CSHARP-4157: Tests.

Author: DmitryLukyanov

src/MongoDB.Driver/Encryption/EncryptOptions.cs

@@ -19,12 +19,12 @@
 namespace MongoDB.Driver.Encryption
 {
     /// <summary>
-    /// TODO
+    /// The QueryType to use for "Indexed" queries.
     /// </summary>
     public enum QueryType
     {
         /// <summary>
-        /// TODO
+        /// Equality query type.
         /// </summary>
         Equality = 1
     }
@@ -59,7 +59,7 @@ private static string ConvertEnumAlgorithmToString(EncryptionAlgorithm encryptio
         /// <param name="alternateKeyName">The alternate key name.</param>
         /// <param name="keyId">The key Id.</param>
         /// <param name="contentionFactor">The contention factor.</param>
-        /// <param name="queryType">TODO</param>
+        /// <param name="queryType">The query type.</param>
         public EncryptOptions(
             string algorithm,
             Optional<string> alternateKeyName = default,
@@ -141,10 +141,10 @@ public EncryptOptions(
         public Guid? KeyId => _keyId;
 
         /// <summary>
-        /// TODO
+        /// Gets the query type.
         /// </summary>
         /// <value>
-        /// TODO
+        /// The query type.
         /// </value>
         public QueryType? QueryType => _queryType;
 
@@ -155,25 +155,30 @@ public EncryptOptions(
         /// <param name="alternateKeyName">The alternate key name.</param>
         /// <param name="keyId">The keyId.</param>
         /// <param name="contentionFactor">The contention factor.</param>
+        /// <param name="queryType">The query type.</param>
         /// <returns>A new EncryptOptions instance.</returns>
         public EncryptOptions With(
             Optional<string> algorithm = default,
             Optional<string> alternateKeyName = default,
             Optional<Guid?> keyId = default,
-            Optional<long?> contentionFactor = default)
+            Optional<long?> contentionFactor = default,
+            Optional<QueryType?> queryType = default)
         {
             return new EncryptOptions(
                 algorithm: algorithm.WithDefault(_algorithm),
                 alternateKeyName: alternateKeyName.WithDefault(_alternateKeyName),
                 keyId: keyId.WithDefault(_keyId),
-                contentionFactor: contentionFactor.WithDefault(_contentionFactor));
+                contentionFactor: contentionFactor.WithDefault(_contentionFactor),
+                queryType: queryType.WithDefault(_queryType));
         }
 
         // private methods
         private void EnsureThatOptionsAreValid()
         {
             Ensure.That(!(!_keyId.HasValue && _alternateKeyName == null), "Key Id and AlternateKeyName may not both be null.");
             Ensure.That(!(_keyId.HasValue && _alternateKeyName != null), "Key Id and AlternateKeyName may not both be set.");
+            Ensure.That(!_contentionFactor.HasValue || _algorithm == EncryptionAlgorithm.Indexed.ToString(), "ContentionFactor only applies for Indexed algorithm.");
+            Ensure.That(!_queryType.HasValue || _algorithm == EncryptionAlgorithm.Indexed.ToString(), "QueryType only applies for Indexed algorithm.");
         }
     }
 }

src/MongoDB.Driver/Encryption/ExplicitEncryptionLibMongoCryptController.cs

@@ -132,92 +132,6 @@ public async Task<BsonValue> DecryptFieldAsync(BsonBinaryData wrappedBinaryValue
             }
         }
 
-        public BsonBinaryData EncryptField(
-            BsonValue value,
-            Guid? keyId,
-            string alternateKeyName,
-            string encryptionAlgorithm,
-            CancellationToken cancellationToken)
-        {
-            try
-            {
-                var wrappedValueBytes = GetWrappedValueBytes(value);
-
-                CryptContext context;
-                if (keyId.HasValue && alternateKeyName != null)
-                {
-                    throw new ArgumentException("keyId and alternateKeyName cannot both be provided.");
-                }
-                else if (keyId.HasValue)
-                {
-                    var keyBytes = GuidConverter.ToBytes(keyId.Value, GuidRepresentation.Standard);
-                    context = _cryptClient.StartExplicitEncryptionContextWithKeyId(keyBytes, encryptionAlgorithm, wrappedValueBytes);
-                }
-                else if (alternateKeyName != null)
-                {
-                    var wrappedAlternateKeyNameBytes = GetWrappedAlternateKeyNameBytes(alternateKeyName);
-                    context = _cryptClient.StartExplicitEncryptionContextWithKeyAltName(wrappedAlternateKeyNameBytes, encryptionAlgorithm, wrappedValueBytes);
-                }
-                else
-                {
-                    throw new ArgumentException("Either keyId or alternateKeyName must be provided.");
-                }
-
-                using (context)
-                {
-                    var wrappedBytes = ProcessStates(context, databaseName: null, cancellationToken);
-                    return UnwrapEncryptedValue(wrappedBytes);
-                }
-            }
-            catch (Exception ex)
-            {
-                throw new MongoEncryptionException(ex);
-            }
-        }
-
-        public async Task<BsonBinaryData> EncryptFieldAsync(
-            BsonValue value,
-            Guid? keyId,
-            string alternateKeyName,
-            string encryptionAlgorithm,
-            CancellationToken cancellationToken)
-        {
-            try
-            {
-                var wrappedValueBytes = GetWrappedValueBytes(value);
-
-                CryptContext context;
-                if (keyId.HasValue && alternateKeyName != null)
-                {
-                    throw new ArgumentException("keyId and alternateKeyName cannot both be provided.");
-                }
-                else if (keyId.HasValue)
-                {
-                    var bytes = GuidConverter.ToBytes(keyId.Value, GuidRepresentation.Standard);
-                    context = _cryptClient.StartExplicitEncryptionContextWithKeyId(bytes, encryptionAlgorithm, wrappedValueBytes);
-                }
-                else if (alternateKeyName != null)
-                {
-                    var wrappedAlternateKeyNameBytes = GetWrappedAlternateKeyNameBytes(alternateKeyName);
-                    context = _cryptClient.StartExplicitEncryptionContextWithKeyAltName(wrappedAlternateKeyNameBytes, encryptionAlgorithm, wrappedValueBytes);
-                }
-                else
-                {
-                    throw new ArgumentException("Either keyId or alternateKeyName must be provided.");
-                }
-
-                using (context)
-                {
-                    var wrappedBytes = await ProcessStatesAsync(context, databaseName: null, cancellationToken).ConfigureAwait(false);
-                    return UnwrapEncryptedValue(wrappedBytes);
-                }
-            }
-            catch (Exception ex)
-            {
-                throw new MongoEncryptionException(ex);
-            }
-        }
-
         public BsonBinaryData EncryptField(
             BsonValue value,
             EncryptOptions encryptOptions,

tests/MongoDB.Driver.Tests/EncryptOptionsTests.cs

@@ -29,6 +29,14 @@ public void Constructor_should_fail_when_algorithm_is_null()
             exception.Should().BeOfType<ArgumentNullException>();
         }
 
+        [Fact]
+        public void Constructor_should_fail_when_contentionFactor_and_algorithm_is_not_indexed()
+        {
+            var exception = Record.Exception(() => new EncryptOptions(algorithm: "test", contentionFactor: 1, keyId: Guid.NewGuid()));
+            var e = exception.Should().BeOfType<ArgumentException>().Subject;
+            e.Message.Should().Be("ContentionFactor only applies for Indexed algorithm.");
+        }
+
         [Fact]
         public void Constructor_should_fail_when_keyId_and_alternateKeyName_are_both_empty()
         {
@@ -45,6 +53,14 @@ public void Constructor_should_fail_when_keyId_and_alternateKeyName_are_both_spe
             e.Message.Should().Be("Key Id and AlternateKeyName may not both be set.");
         }
 
+        [Fact]
+        public void Constructor_should_fail_when_queryType_and_algorithm_is_not_indexed()
+        {
+            var exception = Record.Exception(() => new EncryptOptions(algorithm: "test", queryType: QueryType.Equality, keyId: Guid.NewGuid()));
+            var e = exception.Should().BeOfType<ArgumentException>().Subject;
+            e.Message.Should().Be("QueryType only applies for Indexed algorithm.");
+        }
+
         [Theory]
         [InlineData(EncryptionAlgorithm.AEAD_AES_256_CBC_HMAC_SHA_512_Deterministic, "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic")]
         [InlineData(EncryptionAlgorithm.AEAD_AES_256_CBC_HMAC_SHA_512_Random, "AEAD_AES_256_CBC_HMAC_SHA_512-Random")]
@@ -59,6 +75,10 @@ public void Constructor_should_fail_when_keyId_and_alternateKeyName_are_both_spe
         [InlineData("TEST_random", "TEST_random")]
         // just a random value in enum form
         [InlineData((EncryptionAlgorithm)99, "99")]
+        [InlineData(EncryptionAlgorithm.Indexed, "Indexed")]
+        [InlineData("Indexed", "Indexed")]
+        [InlineData(EncryptionAlgorithm.Unindexed, "Unindexed")]
+        [InlineData("Unindexed", "Unindexed")]
         public void Constructor_should_support_different_algorithm_representations(object algorithm, string expectedAlgorithmRepresentation)
         {
             var alternateKeyName = "test";
@@ -81,44 +101,60 @@ public void Constructor_should_support_different_algorithm_representations(objec
         [Fact]
         public void With_should_set_correct_values()
         {
-            var originalAlgorithm = "originalAlgorithm";
+            var originalAlgorithm = EncryptionAlgorithm.Indexed.ToString();
             var newAlgorithm = "newAlgorithm";
             var originalKeyId = Guid.Empty;
             var newKeyId = Guid.NewGuid();
             var originalAlternateKeyName = "test";
             var newAlternateKeyName = "new";
+            long? originalContention = null;
+            var newContention = 2;
+            QueryType? originalQueryType = null;
+            var newQueryType = QueryType.Equality;
 
-            var subject = CreateConfiguredSubject(withKeyId: true);
-            AssertValues(subject, originalAlgorithm, originalKeyId, null);
+            var fle1WithKeyIdState = 0;
+            var subject = CreateConfiguredSubject(state: fle1WithKeyIdState);
+            AssertValues(subject, originalAlgorithm, expectedKeyId: originalKeyId);
 
             subject = subject.With(algorithm: newAlgorithm);
-            AssertValues(subject, newAlgorithm, originalKeyId, null);
+            AssertValues(subject, newAlgorithm, expectedKeyId: originalKeyId);
 
             subject = subject.With(keyId: newKeyId);
-            AssertValues(subject, newAlgorithm, newKeyId, null);
+            AssertValues(subject, newAlgorithm, expectedKeyId:  newKeyId);
 
-            subject = CreateConfiguredSubject(withKeyId: false);
-            AssertValues(subject, originalAlgorithm, null, originalAlternateKeyName);
+            var fle1WithAlternateKeyNameState = 1;
+            subject = CreateConfiguredSubject(state: fle1WithAlternateKeyNameState);
+            AssertValues(subject, originalAlgorithm, expectedAlternateKeyName: originalAlternateKeyName);
 
             subject = subject.With(alternateKeyName: newAlternateKeyName);
-            AssertValues(subject, originalAlgorithm, null, newAlternateKeyName);
+            AssertValues(subject, originalAlgorithm, expectedAlternateKeyName: newAlternateKeyName);
+
+            var fle2State = 2;
+            subject = CreateConfiguredSubject(state: fle2State);
+            subject = subject.With(contentionFactor: newContention);
+            AssertValues(subject, EncryptionAlgorithm.Indexed.ToString(), expectedKeyId: originalKeyId, expectedContentionFactor: newContention);
 
-            static void AssertValues(EncryptOptions subject, string algorithm, Guid? keyId, string alternateKeyName)
+            subject = CreateConfiguredSubject(state: fle2State);
+            subject = subject.With(queryType: newQueryType);
+            AssertValues(subject, EncryptionAlgorithm.Indexed.ToString(), expectedKeyId: originalKeyId, expectedQueryType: newQueryType);
+
+            static void AssertValues(EncryptOptions subject, string expectedAlgorithm, Guid? expectedKeyId = null, string expectedAlternateKeyName = null, QueryType? expectedQueryType = null, long? expectedContentionFactor = null)
             {
-                subject.Algorithm.Should().Be(algorithm);
-                subject.KeyId.Should().Be(keyId);
-                subject.AlternateKeyName.Should().Be(alternateKeyName);
+                subject.Algorithm.Should().Be(expectedAlgorithm);
+                subject.KeyId.Should().Be(expectedKeyId);
+                subject.AlternateKeyName.Should().Be(expectedAlternateKeyName);
+                subject.QueryType.Should().Be(expectedQueryType);
+                subject.ContentionFactor.Should().Be(expectedContentionFactor);
             }
 
-            EncryptOptions CreateConfiguredSubject(bool withKeyId)
+            EncryptOptions CreateConfiguredSubject(int state)
             {
-                if (withKeyId)
-                {
-                    return new EncryptOptions(algorithm: originalAlgorithm, keyId: originalKeyId);
-                }
-                else
+                switch (state)
                 {
-                    return new EncryptOptions(algorithm: originalAlgorithm, alternateKeyName: originalAlternateKeyName);
+                    case 0: return new EncryptOptions(algorithm: originalAlgorithm, keyId: originalKeyId);
+                    case 1:  return new EncryptOptions(algorithm: originalAlgorithm, alternateKeyName: originalAlternateKeyName);
+                    case 2: return new EncryptOptions(algorithm: originalAlgorithm, keyId: originalKeyId, contentionFactor: originalContention, queryType: originalQueryType);
+                    default: throw new Exception($"Unexpected state: {state}.");
                 }
             }
         }