mongodb · abr-egn · Aug 13, 2024 · Aug 9, 2024 · Aug 9, 2024 · Aug 12, 2024
@@ -131,13 +131,14 @@ pub struct RangeOptions {
     /// The maximum value. This option must be set if `precision` is set.
     pub max: Option<Bson>,
 
-    /// The trim factor.
-    pub trim_factor: i32,
+    /// May be used to tune performance. When omitted, a default value is used.
+    pub trim_factor: Option<i32>,
 
-    /// The sparsity.
-    pub sparsity: i64,
+    /// May be used to tune performance. When omitted, a default value is used.
+    pub sparsity: Option<i64>,
 
-    /// The precision. This value must only be set for Double and Decimal128 fields.
+    /// Determines the number of significant digits after the decimal point. This value must only
+    /// be set for Double and Decimal128 fields.
     pub precision: Option<i32>,
 }
 

@@ -3436,6 +3436,69 @@ async fn bind(addr: &str) -> Result<TcpListener> {
     Ok(TcpListener::bind(addr.parse::<std::net::SocketAddr>()?).await?)
 }
 
+// Prose test 23. Range explicit encryption applies defaults
+#[tokio::test]
+async fn range_explicit_encryption_defaults() -> Result<()> {
+    let name = "range_explicit_encryption_defaults";
+    if !check_env(name, false) {
+        return Ok(());
+    }
+
+    dbg!(mongocrypt::version());
+
+    // Setup
+    let key_vault_client = Client::test_builder().build().await;
+    let client_encryption = ClientEncryption::new(
+        key_vault_client.into_client(),
+        KV_NAMESPACE.clone(),
+        vec![LOCAL_KMS.clone()],
+    )?;
+    let key_id = client_encryption
+        .create_data_key(LocalMasterKey::builder().build())
+        .await?;
+    let payload_defaults = client_encryption
+        .encrypt(123, key_id.clone(), Algorithm::Range)
+        .contention_factor(0)
+        .range_options(
+            RangeOptions::builder()
+                .min(Bson::from(0))
+                .max(Bson::from(1000))
+                .build(),
+        )
+        .await?;
+
+    // Case 1: Uses libmongocrypt defaults
+    let payload = client_encryption
+        .encrypt(123, key_id.clone(), Algorithm::Range)
+        .contention_factor(0)
+        .range_options(
+            RangeOptions::builder()
+                .min(Bson::from(0))
+                .max(Bson::from(1000))
+                .sparsity(2)
+                .trim_factor(6)
+                .build(),
+        )
+        .await?;
+    assert_eq!(payload_defaults.bytes.len(), payload.bytes.len());
+
+    // Case 2: Accepts trimFactor 0
+    let payload = client_encryption
+        .encrypt(123, key_id.clone(), Algorithm::Range)
+        .contention_factor(0)
+        .range_options(
+            RangeOptions::builder()
+                .min(Bson::from(0))
+                .max(Bson::from(1000))
+                .trim_factor(0)
+                .build(),
+        )
+        .await?;
+    assert!(payload.bytes.len() > payload_defaults.bytes.len());
+
+    Ok(())
+}
+
 // FLE 2.0 Documentation Example
 #[tokio::test]
 async fn fle2_example() -> Result<()> {

@@ -2815,11 +2815,12 @@ This test is continuation of the case 1 and provides a way to complete inserting
 
 ### 22. Range Explicit Encryption
 
-The Range Explicit Encryption tests require MongoDB server 8.0+.
+The Range Explicit Encryption tests require MongoDB server 8.0.0-rc14+ for SERVER-91889 and libmongocrypt containing
+MONGOCRYPT-705.
 
 > [!NOTE]
 > MongoDB Server 8.0 introduced a backwards breaking change to the Queryable Encryption (QE) range protocol: QE Range V2
-> libmongocrypt 1.10.0 is required to use the QE Range V2.
+> libmongocrypt 1.11.0 is required to use the QE Range V2.
 
 > [!NOTE]
 > MongoDB Server 7.0 introduced a backwards breaking change to the Queryable Encryption (QE) protocol: QEv2.
@@ -3210,3 +3211,88 @@ class EncryptOpts {
 ```
 
 Assert that an error was raised.
+
+### 23. Range Explicit Encryption applies defaults
+
+This test requires libmongocrypt with changes in
+[14ccd9ce](https://github.com/mongodb/libmongocrypt/commit/14ccd9ce8a030158aec07f63e8139d34b95d88e6)
+([MONGOCRYPT-698](https://jira.mongodb.org/browse/MONGOCRYPT-698)).
+
+#### Test Setup
+
+Create a MongoClient named `keyVaultClient`.
+
+Create a ClientEncryption object named `clientEncryption` with these options:
+
+```typescript
+class ClientEncryptionOpts {
+   keyVaultClient: keyVaultClient,
+   keyVaultNamespace: "keyvault.datakeys",
+   kmsProviders: { "local": { "key": "<base64 decoding of LOCAL_MASTERKEY>" } },
+}
+```
+
+Create a key with `clientEncryption.createDataKey`. Store the returned key ID in a variable named `keyId`.
+
+Call `clientEncryption.encrypt` to encrypt the int32 value `123` with these options:
+
+```typescript
+class EncryptOpts {
+   keyId : keyId,
+   algorithm: "Range",
+   contentionFactor: 0,
+   rangeOpts: RangeOpts {
+      min: 0,
+      max: 1000
+   }
+}
+```
+
+Store the result in a variable named `payload_defaults`.
+
+#### Case 1: Uses libmongocrypt defaults
+
+Call `clientEncryption.encrypt` to encrypt the int32 value `123` with these options:
+
+```typescript
+class EncryptOpts {
+   keyId : keyId,
+   algorithm: "Range",
+   contentionFactor: 0,
+   rangeOpts: RangeOpts {
+      min: 0,
+      max: 1000,
+      sparsity: 2,
+      trimFactor: 6
+   }
+}
+```
+
+Assert the returned payload size equals the size of `payload_defaults`.
+
+> [!NOTE]
+> Do not compare the payload contents. The payloads include random data. The `trimFactor` and `sparsity` directly affect
+> the payload size.
+
+#### Case 2: Accepts `trimFactor` 0
+
+Call `clientEncryption.encrypt` to encrypt the int32 value `123` with these options:
+
+```typescript
+class EncryptOpts {
+   keyId : keyId,
+   algorithm: "Range",
+   contentionFactor: 0,
+   rangeOpts: RangeOpts {
+      min: 0,
+      max: 1000,
+      trimFactor: 0
+   }
+}
+```
+
+Assert the returned payload size is greater than the size of `payload_defaults`.
+
+> [!NOTE]
+> Do not compare the payload contents. The payloads include random data. The `trimFactor` and `sparsity` directly affect
+> the payload size.
@@ -130,6 +130,9 @@
             "command": {
               "compactStructuredEncryptionData": "default"
             }
+          },
+          "result": {
+            "ok": 1
           }
         }
       ],

@@ -1,4 +1,4 @@
-# Requires libmongocrypt 1.8.0.
+# Requires libmongocrypt 1.8.0. libmongocrypt 1.10.0 has a bug (MONGOCRYPT-699) that may cause this test to fail on server version 7.
 runOn:
   - minServerVersion: "7.0.0"
     # Skip QEv2 (also referred to as FLE2v2) tests on Serverless. Unskip once Serverless enables the QEv2 protocol.
@@ -22,6 +22,8 @@ tests:
         arguments:
           command:
             compactStructuredEncryptionData: *collection_name
+        result:
+          ok: 1
     expectations:
       - command_started_event:
           command:
-Original file line number
+Diff line change
@@ Expand Up / @@ -130,6 +130,9 @@ @@
                 "command": {
                   "compactStructuredEncryptionData": "default"
                 }
+              },
+              "result": {
+                "ok": 1
               }
             }
           ],
@@ Expand Down @@