MongoServerError: Expected a value for eccCollection in Node.js

Ronak_Patel1 · June 28, 2023, 5:57am

While working with queryable encryption i am facing with this issue:

MongoServerError: Expected a value for eccCollection
    at CryptoConnection.onMessage (C:\Users\Desktop\docs-in-use-encryption-examples\queryable-encryption\node\local\reader\node_modules\mongodb\lib\cmap\connection.js:231:30)
    at MessageStream.<anonymous> (C:\Users\Desktop\docs-in-use-encryption-examples\queryable-encryption\node\local\reader\node_modules\mongodb\lib\cmap\connection.js:61:60)
    at MessageStream.emit (node:events:513:28)
    at processIncomingData (C:\Users\Desktop\docs-in-use-encryption-examples\queryable-encryption\node\local\reader\node_modules\mongodb\lib\cmap\message_stream.js:125:16)
    at MessageStream._write (C:\Users\Desktop\docs-in-use-encryption-examples\queryable-encryption\node\local\reader\node_modules\mongodb\lib\cmap\message_stream.js:33:9)
    at writeOrBuffer (node:internal/streams/writable:391:12)
    at _write (node:internal/streams/writable:332:10)
    at MessageStream.Writable.write (node:internal/streams/writable:336:10)
    at TLSSocket.ondata (node:internal/streams/readable:754:22)
    at TLSSocket.emit (node:events:513:28) {
  ok: 0,
  code: 6371206,
  codeName: 'Location6371206',
  '$clusterTime': {
    clusterTime: Timestamp { low: 5, high: 1687931276, unsigned: true },
    signature: { hash: [Binary], keyId: [Long] }
  },
  operationTime: Timestamp { low: 5, high: 1687931276, unsigned: true },
  [Symbol(errorLabels)]: Set(0) {}
}

Kushagra_Kesav · June 28, 2023, 10:18am

Hey @Ronak_Patel1,

Welcome to the MongoDB Community!

The eccCollection is a metadata collection that is created when you create an encrypted collection using Queryable Encryption. To read more, please refer to Encrypted Collection Management documentation.

However, could you share the code snippet you are executing and the versions of MongoDB and Node.js? Additionally, can you confirm if you are following any specific documentation or article to implement this?

Also, was it working previously? If yes, could you share if anything has changed recently?

Looking forward to hearing from you.

Regards,
Kushagra

Ronak_Patel1 · June 28, 2023, 10:21am

@Kushagra_Kesav Thanks for the reply!

const { MongoClient, Binary } = require("mongodb");

const { getCredentials } = require("./your_credentials");
const credentials = getCredentials();

// start-key-vault
const eDB = "encryption";
const eKV = "__keyVault";
const keyVaultNamespace = `${eDB}.${eKV}`;
// end-key-vault

// start-kmsproviders
const fs = require("fs");
const provider = "local";
const path = "./master-key.txt";
// WARNING: Do not use a local key file in a production application
const localMasterKey = fs.readFileSync(path);
const kmsProviders = {
  local: {
    key: localMasterKey,
  },
};
// end-kmsproviders

async function run() {
  // start-schema
  const uri = credentials.MONGODB_URI;
  const unencryptedClient = new MongoClient(uri);
  await unencryptedClient.connect();
  const keyVaultClient = unencryptedClient.db(eDB).collection(eKV);

  const dek1 = await keyVaultClient.findOne({ keyAltNames: "dataKey1" });
  const dek2 = await keyVaultClient.findOne({ keyAltNames: "dataKey2" });
  const dek3 = await keyVaultClient.findOne({ keyAltNames: "dataKey3" });
  const dek4 = await keyVaultClient.findOne({ keyAltNames: "dataKey4" });
  const secretDB = "medicalRecords";
  const secretCollection = "patients";

  const encryptedFieldsMap = {
    [`${secretDB}.${secretCollection}`]: {
      fields: [
        {
          keyId: dek1._id,
          path: "patientId",
          bsonType: "int",
          queries: { queryType: "equality" },
        },
        {
          keyId: dek2._id,
          path: "medications",
          bsonType: "array",
        },
        {
          keyId: dek3._id,
          path: "patientRecord.ssn",
          bsonType: "string",
          queries: { queryType: "equality" },
        },
        {
          keyId: dek4._id,
          path: "patientRecord.billing",
          bsonType: "object",
        },
      ],
    },
  };
  // end-schema
  console.log("dekq",encryptedFieldsMap)

  // start-extra-options
  const extraOptions = {
    cryptSharedLibPath: credentials["SHARED_LIB_PATH"],
  };
  // end-extra-options

  // start-client
  const encryptedClient = new MongoClient(uri, {
    autoEncryption: {
      keyVaultNamespace:keyVaultNamespace ,
      kmsProviders :kmsProviders,
      extraOptions : extraOptions,
      encryptedFieldsMap:encryptedFieldsMap,
    },
  });
  await encryptedClient.connect().then(async()=>{
    try {
      const unencryptedColl = unencryptedClient
        .db(secretDB)
        .collection(secretCollection);
      // start-insert
      const encryptedColl = await encryptedClient.db(secretDB).collection(secretCollection);
   
      console.log("encryptedColl",encryptedColl)
      await encryptedColl.insertOne({
        firstName: "Jon",
        lastName: "Doe",
        patientId: 12345678,
        address: "157 Electric Ave.",
        patientRecord: {
          ssn: "987-65-4320",
          billing: {
            type: "Visa",
            number: "4111111111111111",
          },
        },
        // medications: ["Atorvastatin", "Levothyroxine"],
      },
      );
      // end-insert
      // start-find
      console.log("Finding a document with regular (non-encrypted) client.");
      // console.log(await unencryptedColl.findOne({ firstName: /Jon/ }));
      console.log(
        "Finding a document with encrypted client, searching on an encrypted field"
      );
      // console.log(
      //   await encryptedColl.findOne({ "patientRecord.ssn": "987-65-4320" })
      // );
      // end-find
    } finally {
      await unencryptedClient.close();
      await encryptedClient.close();
    }
  })
  // end-client
 
}

run().catch(console.dir)

I am using MongoDB enterprise 6.0.6 and Node v16.17.1

Yes, I am following Quick Start — MongoDB Manual to implement this.

I am attempting it for first time.

Pranav_Tiwari · June 28, 2023, 10:53am

Hello, @Kushagra_Kesav! We are currently in the early stages of implementing this feature, and we greatly value your assistance and time. We are diligently working to navigate through this process and make necessary adjustments. Your support is sincerely appreciated as we strive to optimize and refine this feature at our end. Thank you!

Kushagra_Kesav · June 29, 2023, 10:23am

Hey @Pranav_Tiwari/@Ronak_Patel1,

Thanks for sharing the code snippet, and I’d be glad to help.

Could you please confirm that you have installed all the required packages listed in the Installation Requirements including the mongodb-client-encryption - npm package?

Also, have you checked the GitHub repository for the Node.js Queryable Encryption? It provides a helpful resource for setting up and testing your requirements.

Regards,
Kushagra

Cynthia_Braund · June 29, 2023, 2:12pm

Hello @Ronak_Patel1 and @Pranav_Tiwari,

We’re excited that you are going to be implementing Queryable Encryption. As our docs say, the 6.0 server version is Preview only and not to be used in Production deployments. When the 7.0 version GA’s later this summer it will be production ready. Please note that we have made breaking changes between 6.0 and 7.0, which is why you are getting the error you see, and 6.0 should not be used. There is currently a 7.0 rc release available for testing only (this should also not be used for production but is great for testing), on Atlas Dedicated or Enterprise Advanced deployments if you have either of those.

Thank you,

Cynthia

Ronak_Patel1 · June 30, 2023, 9:54am

Hey @Cynthia_Braund and @Kushagra_Kesav ,

We are extremely grateful for your time and support in guiding us on our queryable encryption journey. We are delighted to share that we have successfully implemented this feature at the local level, and it is functioning seamlessly with Enterprise Advanced (7.0 rc) and the crypt_shared library (7.0). Your assistance has been invaluable, and we truly appreciate your efforts.

Thank You,
Ronak