Add prose test to ensure error is returned when calling rewrapManyDataKey with a set masterKey without a provider.
Background & Motivation
The specified API for rewrapManyDataKey does not permit calling with a set masterKey without a provider.
class ClientEncryption {
rewrapManyDataKey(filter: Document, opts: RewrapManyDataKeyOpts | null): RewrapManyDataKeyResult;
}
class RewrapManyDataKeyOpts {
provider: String
masterKey: Optional<Document>
}
Some driver implementations do not represent RewrapManyDataKeyOpts as a separate type. Instead, the provider and masterKey are both optional arguments to RewrapManyDataKey.
The C driver API permits setting masterKey without provider:
The current behavior of mongoc_client_encryption_rewrap_many_datakey silently ignores the master_key option if provider is NULL.
This may result in unexpected behavior. A user may be attempting to rewrap keys with a new master_key and mistakenly passed a NULL provider. A NULL provider results in rewrapping with the same master_key.
The Java driver had similar behavior, which was fixed in JAVA-4717.
Please complete the following before merging:
[ ] Update changelog.
[ ] Make sure there are generated JSON files from the YAML test files.
[x] Test changes in at least one language driver. Tested in C here
[ ] Test these changes against all server versions and topologies (including standalone, replica set, sharded clusters, and serverless).C does not currently run CSFLE tests against sharded clusters
Summary
rewrapManyDataKey
with a setmasterKey
without aprovider
.Background & Motivation
The specified API for
rewrapManyDataKey
does not permit calling with a setmasterKey
without aprovider
.Some driver implementations do not represent
RewrapManyDataKeyOpts
as a separate type. Instead, theprovider
andmasterKey
are both optional arguments toRewrapManyDataKey
.The C driver API permits setting
masterKey
withoutprovider
:The current behavior of
mongoc_client_encryption_rewrap_many_datakey
silently ignores themaster_key
option ifprovider
is NULL.This may result in unexpected behavior. A user may be attempting to rewrap keys with a new
master_key
and mistakenly passed a NULLprovider
. A NULLprovider
results in rewrapping with the samemaster_key
.The Java driver had similar behavior, which was fixed in JAVA-4717.
Please complete the following before merging:
[ ] Update changelog.[ ] Make sure there are generated JSON files from the YAML test files.[ ] Test these changes against all server versions and topologies (including standalone, replica set, sharded clusters, and serverless).C does not currently run CSFLE tests against sharded clusters