libmongocrypt-helper 1.11.0.0.1001 → 1.13.2.0.1001
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +27 -1
- data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +13 -2
- data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -7
- data/ext/libmongocrypt/libmongocrypt/CONTRIBUTING.md +14 -0
- data/ext/libmongocrypt/libmongocrypt/Earthfile +49 -50
- data/ext/libmongocrypt/libmongocrypt/README.md +39 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/README.md +4 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +14 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/state_machine.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +39 -7
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +32 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pyproject.toml +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +0 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +13 -12
- data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +4 -2
- data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +1 -1
- data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +37 -40
- data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/etc/format.sh +0 -2
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-in-functions.patch +158 -0
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +3 -3
- data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/integrating.md +51 -13
- data/ext/libmongocrypt/libmongocrypt/kms-message/README.md +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_windows.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_response_parser.h +3 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_response_parser.c +8 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +25 -8
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +12 -10
- data/ext/libmongocrypt/libmongocrypt/src/mc-cmp-private.h +137 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +35 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +5 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +99 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +226 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private-v2.h +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +39 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +165 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private-v2.h +183 -60
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +498 -115
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds-private.h +10 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block-private.h +49 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +98 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +1 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +6 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +126 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +1075 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +95 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +304 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +45 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +248 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +112 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +166 -2
- data/ext/libmongocrypt/libmongocrypt/src/mlib/windows-lean.h +2 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +11 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +36 -3
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-private.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +8 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +429 -858
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +55 -19
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +13 -10
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +15 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-private.h +9 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key.c +6 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx-private.h +6 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +174 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-log.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +4 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +518 -524
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +8 -12
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +25 -9
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +65 -6
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1434 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +2884 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +139 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.h +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/missing-key-id/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-extraField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-missingKeyId.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-badVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-goodVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-badVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-goodVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-twoFields.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-field-config-map.json +1 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1DeterministicEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1RandomEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2FindEqualityPayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges-V2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/insert-indexed.json → explicit-decrypt/FLE2InsertUpdatePayload.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/find-with-encryptionInformation.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-collinfo.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/int32/encrypted-field-map.json → fle2-bad-str-encode-version/bad-encrypted-field-config-map.json} +7 -12
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-bad-str-encode-version}/encrypted-payload.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-field-config-map.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd-to-mongocryptd.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-equality/encrypted-field-map.json → fle2-create-encrypted-collection/encrypted-field-config-map.json} +9 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/encrypted-payload.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/mongocryptd-reply.json +50 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload-v2.json +57 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/mongocryptd-reply.json +63 -64
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload-v2.json +64 -66
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/mongocryptd-reply.json +69 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongod.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/reply-from-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-field-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/double → fle2-insert-text-search}/encrypted-field-map.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/date → fle2-insert-text-search-with-str-encode-version}/encrypted-field-map.json +12 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/encrypted-field-map.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/mongocryptd-reply.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd-to-mongocryptd.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd.json +22 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-field-config-map.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/mongocryptd-reply.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +62 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneRangeV2.json +9 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneText.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneTextLarge.json +930 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneV2.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/kms-tests.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-facet/cmd.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/cs/MongoDB.Libmongocrypt.Test/test/example/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c1.json} +12 -10
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c3.json} +13 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-nested/cmd.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/schemaMap.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd-to-mongocryptd.json +34 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd-to-mongocryptd.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c2.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/reply-from-mongocryptd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-unionWith/cmd.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-v1.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/keys/ABCDEFAB123498761234123456789012-local-document.json → test/data/lookup/mixed/csfle/csfle/key-doc.json} +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongocryptd.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongod.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/reply-from-mongocryptd.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongod.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/reply-from-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongod.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/reply-from-mongocryptd.json +63 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongocryptd.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongod.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/reply-from-mongocryptd.json +68 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert-unindexed/encrypted-field-map.json → lookup/qe-encryptedFieldsMap/encryptedFieldsMap.json} +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongod.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/reply-from-mongocryptd.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongod.json +75 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-create/mongocryptd-ismaster.json → mongocryptd-ismaster-17.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-ismaster-26.json +12 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/command.json +7 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/key-document.json → test/data/multikey/key-document-a.json} +18 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/key-document-b.json +37 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/mongocryptd_reply.json +34 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/schema_map.json +35 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/kms-reply.txt → test/data/rmd/kms-decrypt-reply-429.txt} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-jsonSchema.json +43 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-noSchema.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/create-with-jsonSchema.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields2.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFieldsMap.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema2.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-cmp.c +304 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +468 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +20 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev-v2.c +370 -22
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +25 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +24 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-tag-and-encrypted-metadata-block.c +91 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +32 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +68 -75
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-schema-broker.c +1124 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +1207 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +144 -37
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +13 -14
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +21 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +3 -20
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +57 -46
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +37 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +226 -146
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +1529 -1197
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +79 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +160 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +7 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +6 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +750 -110
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +143 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +39 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +97 -0
- data/lib/libmongocrypt_helper/version.rb +2 -2
- metadata +233 -225
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/CMakeLists.txt +0 -17
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Driver.snk +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/AssemblyInfo.cs +0 -4
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Binary.cs +0 -145
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/BinarySafeHandle.cs +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CheckableSafeHandle.cs +0 -46
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CipherCallbacks.cs +0 -168
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/ContextSafeHandle.cs +0 -48
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClient.cs +0 -257
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClientFactory.cs +0 -138
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptContext.cs +0 -214
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptException.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptOptions.cs +0 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HashCallback.cs +0 -59
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HmacShaCallbacks.cs +0 -96
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/IStatus.cs +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsCredentials.cs +0 -53
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsKeyId.cs +0 -91
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequest.cs +0 -125
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequestCollection.cs +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Library.cs +0 -684
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoader.cs +0 -289
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoadingException.cs +0 -34
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/License.txt +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LogLevel.cs +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoCryptSafeHandle.cs +0 -48
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.csproj +0 -107
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.ruleset +0 -85
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.targets +0 -21
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/OperatingSystemHelper.cs +0 -59
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Package.include.template.csproj +0 -38
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/PinnedBinary.cs +0 -49
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SecureRandomCallback.cs +0 -51
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SigningRSAESPKCSCallback.cs +0 -74
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Status.cs +0 -94
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StatusSafeHandle.cs +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StyleCop.ruleset +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/stylecop.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/MongoDB.Libmongocrypt.Example.csproj +0 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Package.include.template.csproj +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Program.cs +0 -442
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BasicTests.cs +0 -748
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BsonUtil.cs +0 -82
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CallbackUtils.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CipherCallbacksTests.cs +0 -46
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HashCallbackTests.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HmacShaCallbacksTests.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/MongoDB.Libmongocrypt.Test.csproj +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/Package.include.template.csproj +0 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/SigningRSAESPKCSCallbackTests.cs +0 -64
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/command-reply.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command-reply.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-value.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-document.json +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/list-collections-filter.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/mongocryptd-command.json +0 -22
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/xunit.runner.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/BasicTests.cs +0 -54
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/MongoDB.Libmongocrypt.Test32.csproj +0 -44
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/Package.include.template.csproj +0 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.cake +0 -215
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.config +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.ps1 +0 -275
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.sh +0 -77
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/README.md +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +0 -28
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +0 -217
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +0 -24
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +0 -354
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +0 -5
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +0 -234
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +0 -89
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/BinaryHolder.java +0 -45
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +0 -1165
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +0 -96
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +0 -92
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/DisposableMemory.java +0 -31
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/JULLogger.java +0 -130
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Logger.java +0 -144
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Loggers.java +0 -50
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MacCallback.java +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MessageDigestCallback.java +0 -55
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoAwsKmsProviderOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypt.java +0 -100
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContext.java +0 -137
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContextImpl.java +0 -164
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptException.java +0 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +0 -423
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptOptions.java +0 -284
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypts.java +0 -38
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoDataKeyOptions.java +0 -125
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +0 -227
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptor.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptorImpl.java +0 -105
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoLocalKmsProviderOptions.java +0 -83
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoRewrapManyDataKeyOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SLF4JLogger.java +0 -110
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SecureRandomCallback.java +0 -51
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SigningRSAESPKCSCallback.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/package-info.java +0 -18
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +0 -180
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +0 -134
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +0 -389
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command-reply.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command-reply.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-value.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/rangeopts.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/value-to-encrypt.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/json-schema.json +0 -15
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter-keyAltName.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/list-collections-filter.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-command.json +0 -22
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-reply.json +0 -18
- data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +0 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-schema.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +0 -47
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/collinfo.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/ismaster-to-mongocryptd.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload.json +0 -91
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload.json +0 -98
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-payload.json +0 -41
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/mongocryptd-reply.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/cmd.json +0 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-payload.json +0 -51
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/mongocryptd-reply.json +0 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/cmd.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-payload.json +0 -54
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/mongocryptd-reply.json +0 -62
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-payload.json +0 -48
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/mongocryptd-reply.json +0 -56
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-payload.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/mongocryptd-reply.json +0 -46
- data/ext/libmongocrypt/libmongocrypt/test/data/schema.json +0 -19
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/find-indexed.json → explicit-decrypt/FLE2FindEqualityPayload.json} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-text-search-with-str-encode-version}/cmd.json +0 -0
@@ -14,6 +14,7 @@
|
|
14
14
|
* limitations under the License.
|
15
15
|
*/
|
16
16
|
|
17
|
+
#include "bson/bson.h"
|
17
18
|
#include "mc-fle-blob-subtype-private.h"
|
18
19
|
#include "mc-fle2-encryption-placeholder-private.h"
|
19
20
|
#include "mc-fle2-find-equality-payload-private-v2.h"
|
@@ -28,6 +29,8 @@
|
|
28
29
|
#include "mc-range-edge-generation-private.h"
|
29
30
|
#include "mc-range-encoding-private.h"
|
30
31
|
#include "mc-range-mincover-private.h"
|
32
|
+
#include "mc-str-encode-string-sets-private.h"
|
33
|
+
#include "mc-text-search-str-encode-private.h"
|
31
34
|
#include "mc-tokens-private.h"
|
32
35
|
#include "mongocrypt-buffer-private.h"
|
33
36
|
#include "mongocrypt-ciphertext-private.h"
|
@@ -268,10 +271,121 @@ void _mongocrypt_marking_cleanup(_mongocrypt_marking_t *marking) {
|
|
268
271
|
|
269
272
|
DERIVE_TOKEN_IMPL(EDC)
|
270
273
|
DERIVE_TOKEN_IMPL(ESC)
|
271
|
-
DERIVE_TOKEN_IMPL(ECC)
|
272
274
|
|
273
275
|
#undef DERIVE_TOKEN_IMPL
|
274
276
|
|
277
|
+
/**
|
278
|
+
* Calculates:
|
279
|
+
* E?CToken = HMAC(collectionLevel1Token, n)
|
280
|
+
* E?CText<T>Token = HMAC(E?CToken, t)
|
281
|
+
* E?CText<T>DerivedFromDataTokenAndContentionFactorToken = HMAC(HMAC(E?CText<T>Token, v) cf)
|
282
|
+
*
|
283
|
+
* E?C = EDC|ESC
|
284
|
+
* n = 1 for EDC, 2 for ESC
|
285
|
+
* <T> = Exact|Substring|Suffix|Prefix
|
286
|
+
* t = 1 for Exact, 2 for Substring, 3 for Suffix, 4 for Prefix
|
287
|
+
* cf = contentionFactor
|
288
|
+
*
|
289
|
+
* E?CText<T>DerivedFromDataTokenAndContentionFactorToken is saved to out.
|
290
|
+
* Note that {out} is initialized even on failure.
|
291
|
+
*/
|
292
|
+
#define DERIVE_TEXT_SEARCH_TOKEN_IMPL(Name, Type) \
|
293
|
+
static bool _fle2_derive_##Name##Text##Type##_token(_mongocrypt_crypto_t *crypto, \
|
294
|
+
_mongocrypt_buffer_t *out, \
|
295
|
+
const mc_CollectionsLevel1Token_t *level1Token, \
|
296
|
+
const _mongocrypt_buffer_t *value, \
|
297
|
+
int64_t contentionFactor, \
|
298
|
+
mongocrypt_status_t *status) { \
|
299
|
+
BSON_ASSERT_PARAM(crypto); \
|
300
|
+
BSON_ASSERT_PARAM(out); \
|
301
|
+
BSON_ASSERT_PARAM(level1Token); \
|
302
|
+
BSON_ASSERT_PARAM(value); \
|
303
|
+
BSON_ASSERT(contentionFactor >= 0); \
|
304
|
+
\
|
305
|
+
_mongocrypt_buffer_init(out); \
|
306
|
+
\
|
307
|
+
mc_##Name##Token_t *token = mc_##Name##Token_new(crypto, level1Token, status); \
|
308
|
+
if (!token) { \
|
309
|
+
return false; \
|
310
|
+
} \
|
311
|
+
mc_##Name##Text##Type##Token_t *textToken = mc_##Name##Text##Type##Token_new(crypto, token, status); \
|
312
|
+
mc_##Name##Token_destroy(token); \
|
313
|
+
if (!textToken) { \
|
314
|
+
return false; \
|
315
|
+
} \
|
316
|
+
mc_##Name##Text##Type##DerivedFromDataTokenAndContentionFactorToken_t *fromDataAndContentionFactor = \
|
317
|
+
mc_##Name##Text##Type##DerivedFromDataTokenAndContentionFactorToken_new(crypto, \
|
318
|
+
textToken, \
|
319
|
+
value, \
|
320
|
+
(uint64_t)contentionFactor, \
|
321
|
+
status); \
|
322
|
+
mc_##Name##Text##Type##Token_destroy(textToken); \
|
323
|
+
if (!fromDataAndContentionFactor) { \
|
324
|
+
return false; \
|
325
|
+
} \
|
326
|
+
_mongocrypt_buffer_copy_to( \
|
327
|
+
mc_##Name##Text##Type##DerivedFromDataTokenAndContentionFactorToken_get(fromDataAndContentionFactor), \
|
328
|
+
out); \
|
329
|
+
mc_##Name##Text##Type##DerivedFromDataTokenAndContentionFactorToken_destroy(fromDataAndContentionFactor); \
|
330
|
+
return true; \
|
331
|
+
}
|
332
|
+
|
333
|
+
DERIVE_TEXT_SEARCH_TOKEN_IMPL(EDC, Exact)
|
334
|
+
DERIVE_TEXT_SEARCH_TOKEN_IMPL(ESC, Exact)
|
335
|
+
DERIVE_TEXT_SEARCH_TOKEN_IMPL(EDC, Substring)
|
336
|
+
DERIVE_TEXT_SEARCH_TOKEN_IMPL(ESC, Substring)
|
337
|
+
DERIVE_TEXT_SEARCH_TOKEN_IMPL(EDC, Suffix)
|
338
|
+
DERIVE_TEXT_SEARCH_TOKEN_IMPL(ESC, Suffix)
|
339
|
+
DERIVE_TEXT_SEARCH_TOKEN_IMPL(EDC, Prefix)
|
340
|
+
DERIVE_TEXT_SEARCH_TOKEN_IMPL(ESC, Prefix)
|
341
|
+
#undef DERIVE_TEXT_SEARCH_TOKEN_IMPL
|
342
|
+
|
343
|
+
/**
|
344
|
+
* Calculates:
|
345
|
+
* ServerText<T>Token = HMAC(collectionLevel1Token, t)
|
346
|
+
* ServerText<T>DerivedFromDataToken = HMAC(ServerText<T>Token, v)
|
347
|
+
*
|
348
|
+
* <T> = Exact|Substring|Suffix|Prefix
|
349
|
+
* t = 1 for Exact, 2 for Substring, 3 for Suffix, 4 for Prefix
|
350
|
+
*
|
351
|
+
* ServerText<T>DerivedFromDataToken is saved to out.
|
352
|
+
* Note that {out} is initialized even on failure.
|
353
|
+
*/
|
354
|
+
#define DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Type) \
|
355
|
+
static bool _fle2_derive_serverText##Type##DerivedFromDataToken( \
|
356
|
+
_mongocrypt_crypto_t *crypto, \
|
357
|
+
_mongocrypt_buffer_t *out, \
|
358
|
+
const mc_ServerTokenDerivationLevel1Token_t *level1Token, \
|
359
|
+
const _mongocrypt_buffer_t *value, \
|
360
|
+
mongocrypt_status_t *status) { \
|
361
|
+
BSON_ASSERT_PARAM(crypto); \
|
362
|
+
BSON_ASSERT_PARAM(out); \
|
363
|
+
BSON_ASSERT_PARAM(level1Token); \
|
364
|
+
BSON_ASSERT_PARAM(value); \
|
365
|
+
BSON_ASSERT_PARAM(status); \
|
366
|
+
\
|
367
|
+
_mongocrypt_buffer_init(out); \
|
368
|
+
mc_ServerText##Type##Token_t *token = mc_ServerText##Type##Token_new(crypto, level1Token, status); \
|
369
|
+
if (!token) { \
|
370
|
+
return false; \
|
371
|
+
} \
|
372
|
+
mc_ServerText##Type##DerivedFromDataToken_t *dataToken = \
|
373
|
+
mc_ServerText##Type##DerivedFromDataToken_new(crypto, token, value, status); \
|
374
|
+
mc_ServerText##Type##Token_destroy(token); \
|
375
|
+
if (!dataToken) { \
|
376
|
+
return false; \
|
377
|
+
} \
|
378
|
+
_mongocrypt_buffer_copy_to(mc_ServerText##Type##DerivedFromDataToken_get(dataToken), out); \
|
379
|
+
mc_ServerText##Type##DerivedFromDataToken_destroy(dataToken); \
|
380
|
+
return true; \
|
381
|
+
}
|
382
|
+
|
383
|
+
DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Exact)
|
384
|
+
DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Substring)
|
385
|
+
DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Suffix)
|
386
|
+
DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL(Prefix)
|
387
|
+
#undef DERIVE_TEXT_SEARCH_SERVER_DERIVED_FROM_DATA_TOKEN_IMPL
|
388
|
+
|
275
389
|
static bool _fle2_derive_serverDerivedFromDataToken(_mongocrypt_crypto_t *crypto,
|
276
390
|
_mongocrypt_buffer_t *out,
|
277
391
|
const mc_ServerTokenDerivationLevel1Token_t *level1Token,
|
@@ -460,7 +574,8 @@ static void _FLE2EncryptedPayloadCommon_cleanup(_FLE2EncryptedPayloadCommon_t *c
|
|
460
574
|
_mongocrypt_buffer_cleanup(&common->escDerivedToken);
|
461
575
|
_mongocrypt_buffer_cleanup(&common->eccDerivedToken);
|
462
576
|
_mongocrypt_buffer_cleanup(&common->serverDerivedFromDataToken);
|
463
|
-
|
577
|
+
// Zero out memory so `_FLE2EncryptedPayloadCommon_cleanup` is safe to call twice.
|
578
|
+
*common = (_FLE2EncryptedPayloadCommon_t){{0}};
|
464
579
|
}
|
465
580
|
|
466
581
|
// _get_tokenKey returns the tokenKey identified by indexKeyId.
|
@@ -513,7 +628,6 @@ static bool _mongocrypt_fle2_placeholder_common(_mongocrypt_key_broker_t *kb,
|
|
513
628
|
BSON_ASSERT_PARAM(value);
|
514
629
|
|
515
630
|
_mongocrypt_crypto_t *crypto = kb->crypt->crypto;
|
516
|
-
_mongocrypt_buffer_t indexKey = {0};
|
517
631
|
*ret = (_FLE2EncryptedPayloadCommon_t){{0}};
|
518
632
|
|
519
633
|
if (!_get_tokenKey(kb, indexKeyId, &ret->tokenKey, status)) {
|
@@ -552,191 +666,25 @@ static bool _mongocrypt_fle2_placeholder_common(_mongocrypt_key_broker_t *kb,
|
|
552
666
|
goto fail;
|
553
667
|
}
|
554
668
|
|
555
|
-
|
556
|
-
|
557
|
-
|
558
|
-
if (!ret->serverTokenDerivationLevel1Token) {
|
559
|
-
CLIENT_ERR("unable to derive serverTokenDerivationLevel1Token");
|
560
|
-
goto fail;
|
561
|
-
}
|
562
|
-
|
563
|
-
if (!_fle2_derive_serverDerivedFromDataToken(crypto,
|
564
|
-
&ret->serverDerivedFromDataToken,
|
565
|
-
ret->serverTokenDerivationLevel1Token,
|
566
|
-
value,
|
567
|
-
status)) {
|
568
|
-
goto fail;
|
569
|
-
}
|
570
|
-
} else {
|
571
|
-
/* FLE2v1 */
|
572
|
-
if (!_fle2_derive_ECC_token(crypto,
|
573
|
-
&ret->eccDerivedToken,
|
574
|
-
ret->collectionsLevel1Token,
|
575
|
-
value,
|
576
|
-
useContentionFactor,
|
577
|
-
contentionFactor,
|
578
|
-
status)) {
|
579
|
-
goto fail;
|
580
|
-
}
|
581
|
-
}
|
582
|
-
|
583
|
-
_mongocrypt_buffer_cleanup(&indexKey);
|
584
|
-
return true;
|
585
|
-
|
586
|
-
fail:
|
587
|
-
_FLE2EncryptedPayloadCommon_cleanup(ret);
|
588
|
-
_mongocrypt_buffer_cleanup(&indexKey);
|
589
|
-
return false;
|
590
|
-
}
|
591
|
-
|
592
|
-
// Shared implementation for insert/update and insert/update ForRange (v1)
|
593
|
-
static bool _mongocrypt_fle2_placeholder_to_insert_update_common_v1(_mongocrypt_key_broker_t *kb,
|
594
|
-
mc_FLE2InsertUpdatePayload_t *out,
|
595
|
-
int64_t *contentionFactor,
|
596
|
-
_FLE2EncryptedPayloadCommon_t *common,
|
597
|
-
const mc_FLE2EncryptionPlaceholder_t *placeholder,
|
598
|
-
bson_iter_t *value_iter,
|
599
|
-
mongocrypt_status_t *status) {
|
600
|
-
BSON_ASSERT_PARAM(kb);
|
601
|
-
BSON_ASSERT_PARAM(out);
|
602
|
-
BSON_ASSERT_PARAM(common);
|
603
|
-
BSON_ASSERT_PARAM(placeholder);
|
604
|
-
BSON_ASSERT_PARAM(value_iter);
|
605
|
-
BSON_ASSERT(kb->crypt);
|
606
|
-
BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == false);
|
607
|
-
BSON_ASSERT(kb->crypt->opts.use_range_v2 == false);
|
608
|
-
BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
|
609
|
-
|
610
|
-
_mongocrypt_crypto_t *crypto = kb->crypt->crypto;
|
611
|
-
_mongocrypt_buffer_t value = {0};
|
612
|
-
bool res = false;
|
613
|
-
|
614
|
-
*contentionFactor = 0;
|
615
|
-
if (placeholder->maxContentionFactor > 0) {
|
616
|
-
/* Choose a random contentionFactor in the inclusive range [0,
|
617
|
-
* placeholder->maxContentionFactor] */
|
618
|
-
if (!_mongocrypt_random_int64(crypto, placeholder->maxContentionFactor + 1, contentionFactor, status)) {
|
619
|
-
goto fail;
|
620
|
-
}
|
621
|
-
}
|
622
|
-
|
623
|
-
_mongocrypt_buffer_from_iter(&value, value_iter);
|
624
|
-
if (!_mongocrypt_fle2_placeholder_common(kb,
|
625
|
-
common,
|
626
|
-
&placeholder->index_key_id,
|
627
|
-
&value,
|
628
|
-
true, /* derive tokens using contentionFactor */
|
629
|
-
*contentionFactor,
|
630
|
-
status)) {
|
669
|
+
ret->serverTokenDerivationLevel1Token = mc_ServerTokenDerivationLevel1Token_new(crypto, &ret->tokenKey, status);
|
670
|
+
if (!ret->serverTokenDerivationLevel1Token) {
|
671
|
+
CLIENT_ERR("unable to derive serverTokenDerivationLevel1Token");
|
631
672
|
goto fail;
|
632
673
|
}
|
633
674
|
|
634
|
-
|
635
|
-
|
636
|
-
|
637
|
-
|
638
|
-
|
639
|
-
_mongocrypt_buffer_steal(&out->eccDerivedToken, &common->eccDerivedToken);
|
640
|
-
|
641
|
-
// p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor ||
|
642
|
-
// ECCDerivedFromDataTokenAndContentionFactor)
|
643
|
-
if (!_fle2_derive_encrypted_token(crypto,
|
644
|
-
&out->encryptedTokens,
|
645
|
-
false, // Can't use range V2 with FLE V1
|
646
|
-
common->collectionsLevel1Token,
|
647
|
-
&out->escDerivedToken,
|
648
|
-
&out->eccDerivedToken,
|
649
|
-
(mc_optional_bool_t){0}, // Unset is_leaf as it's not used in V1
|
650
|
-
status)) {
|
675
|
+
if (!_fle2_derive_serverDerivedFromDataToken(crypto,
|
676
|
+
&ret->serverDerivedFromDataToken,
|
677
|
+
ret->serverTokenDerivationLevel1Token,
|
678
|
+
value,
|
679
|
+
status)) {
|
651
680
|
goto fail;
|
652
681
|
}
|
653
682
|
|
654
|
-
|
655
|
-
&out->indexKeyId); // u
|
656
|
-
out->valueType = bson_iter_type(value_iter); // t
|
657
|
-
|
658
|
-
// v := UserKeyId + EncryptCTRAEAD(UserKey, value)
|
659
|
-
{
|
660
|
-
_mongocrypt_buffer_t ciphertext = {0};
|
661
|
-
if (!_fle2_placeholder_aes_aead_encrypt(kb,
|
662
|
-
_mcFLE2AEADAlgorithm(),
|
663
|
-
&ciphertext,
|
664
|
-
&placeholder->user_key_id,
|
665
|
-
&value,
|
666
|
-
status)) {
|
667
|
-
goto fail;
|
668
|
-
}
|
669
|
-
const _mongocrypt_buffer_t v[2] = {placeholder->user_key_id, ciphertext};
|
670
|
-
const bool ok = _mongocrypt_buffer_concat(&out->value, v, 2);
|
671
|
-
_mongocrypt_buffer_cleanup(&ciphertext);
|
672
|
-
if (!ok) {
|
673
|
-
goto fail;
|
674
|
-
}
|
675
|
-
}
|
676
|
-
|
677
|
-
// e := ServerDataEncryptionLevel1Token
|
678
|
-
_mongocrypt_buffer_copy_to(mc_ServerDataEncryptionLevel1Token_get(common->serverDataEncryptionLevel1Token),
|
679
|
-
&out->serverEncryptionToken);
|
680
|
-
|
681
|
-
res = true;
|
682
|
-
fail:
|
683
|
-
_mongocrypt_buffer_cleanup(&value);
|
684
|
-
return res;
|
685
|
-
}
|
686
|
-
|
687
|
-
/**
|
688
|
-
* Payload subtype 4: FLE2InsertUpdatePayload
|
689
|
-
*
|
690
|
-
* {d: EDC, s: ESC, c: ECC,
|
691
|
-
* p: encToken, u: indexKeyId, t: type,
|
692
|
-
* v: value, e: serverToken}
|
693
|
-
*/
|
694
|
-
static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertext_v1(_mongocrypt_key_broker_t *kb,
|
695
|
-
_mongocrypt_marking_t *marking,
|
696
|
-
_mongocrypt_ciphertext_t *ciphertext,
|
697
|
-
mongocrypt_status_t *status) {
|
698
|
-
BSON_ASSERT_PARAM(kb);
|
699
|
-
BSON_ASSERT_PARAM(marking);
|
700
|
-
BSON_ASSERT_PARAM(ciphertext);
|
701
|
-
BSON_ASSERT_PARAM(status);
|
702
|
-
BSON_ASSERT(kb->crypt);
|
703
|
-
BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == false);
|
704
|
-
BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
|
705
|
-
BSON_ASSERT(marking->fle2.algorithm == MONGOCRYPT_FLE2_ALGORITHM_EQUALITY);
|
706
|
-
|
707
|
-
mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
|
708
|
-
_FLE2EncryptedPayloadCommon_t common = {{0}};
|
709
|
-
mc_FLE2InsertUpdatePayload_t payload;
|
710
|
-
mc_FLE2InsertUpdatePayload_init(&payload);
|
711
|
-
bool res = false;
|
712
|
-
|
713
|
-
int64_t contentionFactor = 0; /* ignored */
|
714
|
-
if (!_mongocrypt_fle2_placeholder_to_insert_update_common_v1(kb,
|
715
|
-
&payload,
|
716
|
-
&contentionFactor,
|
717
|
-
&common,
|
718
|
-
placeholder,
|
719
|
-
&placeholder->v_iter,
|
720
|
-
status)) {
|
721
|
-
goto fail;
|
722
|
-
}
|
723
|
-
|
724
|
-
{
|
725
|
-
bson_t out;
|
726
|
-
bson_init(&out);
|
727
|
-
mc_FLE2InsertUpdatePayload_serialize(&payload, &out);
|
728
|
-
_mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
|
729
|
-
}
|
730
|
-
// Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
|
731
|
-
// not used for FLE2InsertUpdatePayload.
|
732
|
-
ciphertext->blob_subtype = MC_SUBTYPE_FLE2InsertUpdatePayload;
|
683
|
+
return true;
|
733
684
|
|
734
|
-
res = true;
|
735
685
|
fail:
|
736
|
-
|
737
|
-
|
738
|
-
|
739
|
-
return res;
|
686
|
+
_FLE2EncryptedPayloadCommon_cleanup(ret);
|
687
|
+
return false;
|
740
688
|
}
|
741
689
|
|
742
690
|
// Shared implementation for insert/update and insert/update ForRange (v2)
|
@@ -752,7 +700,6 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_common(_mongocrypt_key
|
|
752
700
|
BSON_ASSERT_PARAM(placeholder);
|
753
701
|
BSON_ASSERT_PARAM(value_iter);
|
754
702
|
BSON_ASSERT(kb->crypt);
|
755
|
-
BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == true);
|
756
703
|
BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
|
757
704
|
|
758
705
|
_mongocrypt_crypto_t *crypto = kb->crypt->crypto;
|
@@ -838,8 +785,6 @@ fail:
|
|
838
785
|
|
839
786
|
/**
|
840
787
|
* Payload subtype 11: FLE2InsertUpdatePayloadV2
|
841
|
-
* Delegates to ..._insert_update_ciphertext_v1 for subtype 4
|
842
|
-
* when crypt.opts.use_fle2_v2 == false
|
843
788
|
*
|
844
789
|
* {d: EDC, s: ESC, p: encToken,
|
845
790
|
* u: indexKeyId, t: valueType, v: value,
|
@@ -856,10 +801,6 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertext(_mongocrypt
|
|
856
801
|
BSON_ASSERT(kb->crypt);
|
857
802
|
BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
|
858
803
|
|
859
|
-
if (!kb->crypt->opts.use_fle2_v2) {
|
860
|
-
return _mongocrypt_fle2_placeholder_to_insert_update_ciphertext_v1(kb, marking, ciphertext, status);
|
861
|
-
}
|
862
|
-
|
863
804
|
mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
|
864
805
|
_FLE2EncryptedPayloadCommon_t common = {{0}};
|
865
806
|
mc_FLE2InsertUpdatePayloadV2_t payload;
|
@@ -976,55 +917,51 @@ get_edges(mc_FLE2RangeInsertSpec_t *insertSpec, size_t sparsity, mongocrypt_stat
|
|
976
917
|
}
|
977
918
|
|
978
919
|
/**
|
979
|
-
* Payload subtype
|
920
|
+
* Payload subtype 11: FLE2InsertUpdatePayloadV2 for range updates
|
980
921
|
*
|
981
|
-
* {d: EDC, s: ESC,
|
982
|
-
*
|
983
|
-
*
|
984
|
-
*
|
985
|
-
*
|
922
|
+
* {d: EDC, s: ESC, p: encToken,
|
923
|
+
* u: indexKeyId, t: valueType, v: value,
|
924
|
+
* e: serverToken, l: serverDerivedFromDataToken,
|
925
|
+
* k: contentionFactor,
|
926
|
+
* g: [{d: EDC, s: ESC, l: serverDerivedFromDataToken, p: encToken},
|
927
|
+
* {d: EDC, s: ESC, l: serverDerivedFromDataToken, p: encToken},
|
986
928
|
* ...]}
|
987
929
|
*/
|
988
|
-
static bool
|
989
|
-
|
990
|
-
|
991
|
-
|
930
|
+
static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange(_mongocrypt_key_broker_t *kb,
|
931
|
+
_mongocrypt_marking_t *marking,
|
932
|
+
_mongocrypt_ciphertext_t *ciphertext,
|
933
|
+
mongocrypt_status_t *status) {
|
992
934
|
BSON_ASSERT_PARAM(kb);
|
993
935
|
BSON_ASSERT_PARAM(marking);
|
994
936
|
BSON_ASSERT_PARAM(ciphertext);
|
995
|
-
BSON_ASSERT_PARAM(status);
|
996
937
|
BSON_ASSERT(kb->crypt);
|
997
|
-
BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == false);
|
998
|
-
BSON_ASSERT(kb->crypt->opts.use_range_v2 == false);
|
999
938
|
BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
|
1000
|
-
|
939
|
+
const bool use_range_v2 = kb->crypt->opts.use_range_v2;
|
1001
940
|
|
1002
941
|
mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
|
1003
942
|
_FLE2EncryptedPayloadCommon_t common = {{0}};
|
1004
|
-
|
1005
|
-
|
943
|
+
mc_FLE2InsertUpdatePayloadV2_t payload;
|
944
|
+
mc_FLE2InsertUpdatePayloadV2_init(&payload);
|
1006
945
|
bool res = false;
|
1007
946
|
mc_edges_t *edges = NULL;
|
1008
947
|
|
1009
948
|
// Parse the value ("v"), min ("min"), and max ("max") from
|
1010
949
|
// FLE2EncryptionPlaceholder for range insert.
|
1011
950
|
mc_FLE2RangeInsertSpec_t insertSpec;
|
1012
|
-
if (!mc_FLE2RangeInsertSpec_parse(&insertSpec, &placeholder->v_iter,
|
951
|
+
if (!mc_FLE2RangeInsertSpec_parse(&insertSpec, &placeholder->v_iter, use_range_v2, status)) {
|
1013
952
|
goto fail;
|
1014
953
|
}
|
1015
954
|
|
1016
|
-
|
1017
|
-
|
1018
|
-
|
1019
|
-
|
1020
|
-
|
1021
|
-
|
1022
|
-
&insertSpec.v,
|
1023
|
-
status)) {
|
955
|
+
if (!_mongocrypt_fle2_placeholder_to_insert_update_common(kb,
|
956
|
+
&payload,
|
957
|
+
&common,
|
958
|
+
&marking->fle2,
|
959
|
+
&insertSpec.v,
|
960
|
+
status)) {
|
1024
961
|
goto fail;
|
1025
962
|
}
|
1026
963
|
|
1027
|
-
// g:= array<
|
964
|
+
// g:= array<EdgeTokenSetV2>
|
1028
965
|
{
|
1029
966
|
BSON_ASSERT(placeholder->sparsity >= 0 && (uint64_t)placeholder->sparsity <= (uint64_t)SIZE_MAX);
|
1030
967
|
edges = get_edges(&insertSpec, (size_t)placeholder->sparsity, status, kb->crypt->opts.use_range_v2);
|
@@ -1036,10 +973,11 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange_v1(
|
|
1036
973
|
// Create an EdgeTokenSet from each edge.
|
1037
974
|
bool loop_ok = false;
|
1038
975
|
const char *edge = mc_edges_get(edges, i);
|
976
|
+
bool is_leaf = mc_edges_is_leaf(edges, edge);
|
1039
977
|
_mongocrypt_buffer_t edge_buf = {0};
|
1040
978
|
_FLE2EncryptedPayloadCommon_t edge_tokens = {{0}};
|
1041
979
|
_mongocrypt_buffer_t encryptedTokens = {0};
|
1042
|
-
|
980
|
+
mc_EdgeTokenSetV2_t etc = {{0}};
|
1043
981
|
|
1044
982
|
if (!_mongocrypt_buffer_from_string(&edge_buf, edge)) {
|
1045
983
|
CLIENT_ERR("failed to copy edge to buffer");
|
@@ -1051,27 +989,29 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange_v1(
|
|
1051
989
|
&placeholder->index_key_id,
|
1052
990
|
&edge_buf,
|
1053
991
|
true, /* derive tokens using contentionFactor */
|
1054
|
-
contentionFactor,
|
992
|
+
payload.contentionFactor,
|
1055
993
|
status)) {
|
1056
994
|
goto fail_loop;
|
1057
995
|
}
|
996
|
+
BSON_ASSERT(edge_tokens.eccDerivedToken.data == NULL);
|
1058
997
|
|
1059
998
|
// d := EDCDerivedToken
|
1060
999
|
_mongocrypt_buffer_steal(&etc.edcDerivedToken, &edge_tokens.edcDerivedToken);
|
1061
1000
|
// s := ESCDerivedToken
|
1062
1001
|
_mongocrypt_buffer_steal(&etc.escDerivedToken, &edge_tokens.escDerivedToken);
|
1063
|
-
// c := ECCDerivedToken
|
1064
|
-
_mongocrypt_buffer_steal(&etc.eccDerivedToken, &edge_tokens.eccDerivedToken);
|
1065
1002
|
|
1066
|
-
//
|
1067
|
-
|
1003
|
+
// l := serverDerivedFromDataToken
|
1004
|
+
_mongocrypt_buffer_steal(&etc.serverDerivedFromDataToken, &edge_tokens.serverDerivedFromDataToken);
|
1005
|
+
|
1006
|
+
// p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor)
|
1007
|
+
// Or in Range V2: p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor || isLeaf)
|
1068
1008
|
if (!_fle2_derive_encrypted_token(kb->crypt->crypto,
|
1069
1009
|
&etc.encryptedTokens,
|
1070
|
-
|
1010
|
+
kb->crypt->opts.use_range_v2,
|
1071
1011
|
edge_tokens.collectionsLevel1Token,
|
1072
1012
|
&etc.escDerivedToken,
|
1073
|
-
|
1074
|
-
(
|
1013
|
+
NULL, // ecc unsed in FLE2v2
|
1014
|
+
OPT_BOOL(is_leaf),
|
1075
1015
|
status)) {
|
1076
1016
|
goto fail_loop;
|
1077
1017
|
}
|
@@ -1089,242 +1029,432 @@ static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForRange_v1(
|
|
1089
1029
|
}
|
1090
1030
|
}
|
1091
1031
|
|
1032
|
+
// Include "range" payload fields introduced in SERVER-91889.
|
1033
|
+
payload.sparsity = OPT_I64(placeholder->sparsity);
|
1034
|
+
payload.precision = insertSpec.precision;
|
1035
|
+
payload.trimFactor = OPT_I32(mc_edges_get_used_trimFactor(edges));
|
1036
|
+
bson_value_copy(bson_iter_value(&insertSpec.min), &payload.indexMin);
|
1037
|
+
bson_value_copy(bson_iter_value(&insertSpec.max), &payload.indexMax);
|
1038
|
+
|
1092
1039
|
{
|
1093
1040
|
bson_t out;
|
1094
1041
|
bson_init(&out);
|
1095
|
-
|
1042
|
+
mc_FLE2InsertUpdatePayloadV2_serializeForRange(&payload, &out, use_range_v2);
|
1096
1043
|
_mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
|
1097
1044
|
}
|
1098
1045
|
// Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
|
1099
|
-
// not used for
|
1100
|
-
ciphertext->blob_subtype =
|
1046
|
+
// not used for FLE2InsertUpdatePayloadV2.
|
1047
|
+
ciphertext->blob_subtype = MC_SUBTYPE_FLE2InsertUpdatePayloadV2;
|
1101
1048
|
|
1102
1049
|
res = true;
|
1103
1050
|
fail:
|
1104
1051
|
mc_edges_destroy(edges);
|
1105
|
-
|
1052
|
+
mc_FLE2InsertUpdatePayloadV2_cleanup(&payload);
|
1106
1053
|
_FLE2EncryptedPayloadCommon_cleanup(&common);
|
1107
1054
|
|
1108
1055
|
return res;
|
1109
1056
|
}
|
1110
1057
|
|
1111
1058
|
/**
|
1112
|
-
*
|
1113
|
-
*
|
1114
|
-
*
|
1059
|
+
* Sets up a mc_Text<T>TokenSet_t type by generating its member tokens:
|
1060
|
+
* - edcDerivedToken = HMAC(HMAC(HMAC(EDCToken, t), v), cf)
|
1061
|
+
* - escDerivedToken = HMAC(HMAC(HMAC(ESCToken, t), v), cf)
|
1062
|
+
* - serverDerivedFromDataToken = HMAC(HMAC(ServerLevel1Token, t), v)
|
1063
|
+
* and the encrypted token:
|
1064
|
+
* - encryptedTokens = EncryptCTR(ECOCToken, escDerivedToken)
|
1115
1065
|
*
|
1116
|
-
*
|
1117
|
-
*
|
1118
|
-
*
|
1119
|
-
*
|
1120
|
-
* g: [{d: EDC, s: ESC, l: serverDerivedFromDataToken, p: encToken},
|
1121
|
-
* {d: EDC, s: ESC, l: serverDerivedFromDataToken, p: encToken},
|
1122
|
-
* ...]}
|
1066
|
+
* <T> = Exact|Substring|Suffix|Prefix
|
1067
|
+
* t = 1 for Exact, 2 for Substring, 3 for Suffix, 4 for Prefix
|
1068
|
+
* cf = contentionFactor
|
1069
|
+
* EDC/ESC/ECOCToken are derived from {collLevel1Token}
|
1123
1070
|
*/
|
1124
|
-
|
1125
|
-
|
1126
|
-
|
1127
|
-
|
1128
|
-
|
1129
|
-
|
1130
|
-
|
1131
|
-
|
1132
|
-
|
1133
|
-
|
1134
|
-
|
1135
|
-
|
1136
|
-
|
1071
|
+
#define GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Type) \
|
1072
|
+
static bool _fle2_generate_Text##Type##TokenSet(_mongocrypt_key_broker_t *kb, \
|
1073
|
+
mc_Text##Type##TokenSet_t *out, \
|
1074
|
+
const _mongocrypt_buffer_t *value, \
|
1075
|
+
int64_t contentionFactor, \
|
1076
|
+
const mc_CollectionsLevel1Token_t *collLevel1Token, \
|
1077
|
+
const mc_ServerTokenDerivationLevel1Token_t *serverLevel1Token, \
|
1078
|
+
mongocrypt_status_t *status) { \
|
1079
|
+
BSON_ASSERT_PARAM(kb); \
|
1080
|
+
BSON_ASSERT_PARAM(kb->crypt); \
|
1081
|
+
BSON_ASSERT_PARAM(out); \
|
1082
|
+
BSON_ASSERT_PARAM(value); \
|
1083
|
+
BSON_ASSERT_PARAM(collLevel1Token); \
|
1084
|
+
BSON_ASSERT_PARAM(serverLevel1Token); \
|
1085
|
+
\
|
1086
|
+
if (!_fle2_derive_EDCText##Type##_token(kb->crypt->crypto, \
|
1087
|
+
&out->edcDerivedToken, \
|
1088
|
+
collLevel1Token, \
|
1089
|
+
value, \
|
1090
|
+
contentionFactor, \
|
1091
|
+
status)) { \
|
1092
|
+
return false; \
|
1093
|
+
} \
|
1094
|
+
if (!_fle2_derive_ESCText##Type##_token(kb->crypt->crypto, \
|
1095
|
+
&out->escDerivedToken, \
|
1096
|
+
collLevel1Token, \
|
1097
|
+
value, \
|
1098
|
+
contentionFactor, \
|
1099
|
+
status)) { \
|
1100
|
+
return false; \
|
1101
|
+
} \
|
1102
|
+
if (!_fle2_derive_serverText##Type##DerivedFromDataToken(kb->crypt->crypto, \
|
1103
|
+
&out->serverDerivedFromDataToken, \
|
1104
|
+
serverLevel1Token, \
|
1105
|
+
value, \
|
1106
|
+
status)) { \
|
1107
|
+
return false; \
|
1108
|
+
} \
|
1109
|
+
if (!_fle2_derive_encrypted_token(kb->crypt->crypto, \
|
1110
|
+
&out->encryptedTokens, \
|
1111
|
+
false, \
|
1112
|
+
collLevel1Token, \
|
1113
|
+
&out->escDerivedToken, \
|
1114
|
+
NULL, \
|
1115
|
+
(mc_optional_bool_t){0}, \
|
1116
|
+
status)) { \
|
1117
|
+
return false; \
|
1118
|
+
} \
|
1119
|
+
return true; \
|
1137
1120
|
}
|
1121
|
+
GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Exact);
|
1122
|
+
GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Substring)
|
1123
|
+
GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Suffix)
|
1124
|
+
GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL(Prefix)
|
1125
|
+
#undef GENERATE_TEXT_SEARCH_TOKEN_SET_FOR_TYPE_IMPL
|
1126
|
+
|
1127
|
+
static bool _fle2_generate_TextSearchTokenSets(_mongocrypt_key_broker_t *kb,
|
1128
|
+
mc_FLE2InsertUpdatePayloadV2_t *payload,
|
1129
|
+
const _mongocrypt_buffer_t *indexKeyId,
|
1130
|
+
const mc_FLE2TextSearchInsertSpec_t *spec,
|
1131
|
+
int64_t contentionFactor,
|
1132
|
+
mongocrypt_status_t *status) {
|
1133
|
+
BSON_ASSERT_PARAM(kb);
|
1134
|
+
BSON_ASSERT_PARAM(payload);
|
1135
|
+
BSON_ASSERT_PARAM(indexKeyId);
|
1136
|
+
BSON_ASSERT_PARAM(spec);
|
1138
1137
|
|
1139
|
-
|
1138
|
+
_mongocrypt_crypto_t *crypto = kb->crypt->crypto;
|
1139
|
+
mc_TextSearchTokenSets_t *tsts = &payload->textSearchTokenSets.tsts;
|
1140
1140
|
_FLE2EncryptedPayloadCommon_t common = {{0}};
|
1141
|
-
mc_FLE2InsertUpdatePayloadV2_t payload;
|
1142
|
-
mc_FLE2InsertUpdatePayloadV2_init(&payload);
|
1143
1141
|
bool res = false;
|
1144
|
-
mc_edges_t *edges = NULL;
|
1145
1142
|
|
1146
|
-
|
1147
|
-
|
1148
|
-
mc_FLE2RangeInsertSpec_t insertSpec;
|
1149
|
-
if (!mc_FLE2RangeInsertSpec_parse(&insertSpec, &placeholder->v_iter, use_range_v2, status)) {
|
1143
|
+
mc_str_encode_sets_t *encodeSets = mc_text_search_str_encode(spec, status);
|
1144
|
+
if (!encodeSets) {
|
1150
1145
|
goto fail;
|
1151
1146
|
}
|
1152
1147
|
|
1153
|
-
|
1154
|
-
|
1155
|
-
&common,
|
1156
|
-
&marking->fle2,
|
1157
|
-
&insertSpec.v,
|
1158
|
-
status)) {
|
1148
|
+
// Start the token derivations
|
1149
|
+
if (!_get_tokenKey(kb, indexKeyId, &common.tokenKey, status)) {
|
1159
1150
|
goto fail;
|
1160
1151
|
}
|
1161
1152
|
|
1162
|
-
|
1153
|
+
common.collectionsLevel1Token = mc_CollectionsLevel1Token_new(crypto, &common.tokenKey, status);
|
1154
|
+
if (!common.collectionsLevel1Token) {
|
1155
|
+
CLIENT_ERR("unable to derive collectionLevel1Token");
|
1156
|
+
goto fail;
|
1157
|
+
}
|
1158
|
+
|
1159
|
+
common.serverTokenDerivationLevel1Token = mc_ServerTokenDerivationLevel1Token_new(crypto, &common.tokenKey, status);
|
1160
|
+
if (!common.serverTokenDerivationLevel1Token) {
|
1161
|
+
CLIENT_ERR("unable to derive serverTokenDerivationLevel1Token");
|
1162
|
+
goto fail;
|
1163
|
+
}
|
1164
|
+
|
1165
|
+
// Generate exact token set singleton
|
1163
1166
|
{
|
1164
|
-
|
1165
|
-
|
1166
|
-
|
1167
|
+
_mongocrypt_buffer_t asBsonValue;
|
1168
|
+
_mongocrypt_buffer_init(&asBsonValue);
|
1169
|
+
BSON_ASSERT(encodeSets->exact.len < INT_MAX);
|
1170
|
+
_mongocrypt_buffer_copy_from_string_as_bson_value(&asBsonValue,
|
1171
|
+
(const char *)encodeSets->exact.data,
|
1172
|
+
(int)encodeSets->exact.len);
|
1173
|
+
if (!_fle2_generate_TextExactTokenSet(kb,
|
1174
|
+
&tsts->exact,
|
1175
|
+
&asBsonValue,
|
1176
|
+
contentionFactor,
|
1177
|
+
common.collectionsLevel1Token,
|
1178
|
+
common.serverTokenDerivationLevel1Token,
|
1179
|
+
status)) {
|
1180
|
+
_mongocrypt_buffer_cleanup(&asBsonValue);
|
1167
1181
|
goto fail;
|
1168
1182
|
}
|
1183
|
+
_mongocrypt_buffer_cleanup(&asBsonValue);
|
1184
|
+
}
|
1169
1185
|
|
1170
|
-
|
1171
|
-
|
1172
|
-
|
1173
|
-
|
1174
|
-
|
1175
|
-
|
1176
|
-
|
1177
|
-
|
1178
|
-
|
1186
|
+
const char *substring;
|
1187
|
+
uint32_t bytelen;
|
1188
|
+
uint32_t appendCount;
|
1189
|
+
|
1190
|
+
// Generate array of substring token sets
|
1191
|
+
if (encodeSets->substring_set) {
|
1192
|
+
mc_substring_set_iter_t set_itr;
|
1193
|
+
mc_substring_set_iter_init(&set_itr, encodeSets->substring_set);
|
1194
|
+
|
1195
|
+
while (mc_substring_set_iter_next(&set_itr, &substring, &bytelen, &appendCount)) {
|
1196
|
+
BSON_ASSERT(appendCount > 0);
|
1197
|
+
BSON_ASSERT(bytelen < INT_MAX);
|
1198
|
+
|
1199
|
+
mc_TextSubstringTokenSet_t tset = {{0}};
|
1200
|
+
|
1201
|
+
_mongocrypt_buffer_t asBsonValue;
|
1202
|
+
_mongocrypt_buffer_init(&asBsonValue);
|
1203
|
+
_mongocrypt_buffer_copy_from_string_as_bson_value(&asBsonValue, substring, (int)bytelen);
|
1179
1204
|
|
1180
|
-
if (!
|
1181
|
-
|
1182
|
-
|
1205
|
+
if (!_fle2_generate_TextSubstringTokenSet(kb,
|
1206
|
+
&tset,
|
1207
|
+
&asBsonValue,
|
1208
|
+
contentionFactor,
|
1209
|
+
common.collectionsLevel1Token,
|
1210
|
+
common.serverTokenDerivationLevel1Token,
|
1211
|
+
status)) {
|
1212
|
+
_mongocrypt_buffer_cleanup(&asBsonValue);
|
1213
|
+
mc_TextSubstringTokenSet_cleanup(&tset);
|
1214
|
+
goto fail;
|
1183
1215
|
}
|
1216
|
+
_mongocrypt_buffer_cleanup(&asBsonValue);
|
1184
1217
|
|
1185
|
-
if (
|
1186
|
-
|
1187
|
-
|
1188
|
-
|
1189
|
-
|
1190
|
-
|
1191
|
-
status)) {
|
1192
|
-
goto fail_loop;
|
1218
|
+
if (appendCount > 1) {
|
1219
|
+
mc_TextSubstringTokenSet_t tset_copy;
|
1220
|
+
mc_TextSubstringTokenSet_shallow_copy(&tset, &tset_copy);
|
1221
|
+
for (; appendCount > 1; appendCount--) {
|
1222
|
+
_mc_array_append_val(&tsts->substringArray, tset_copy);
|
1223
|
+
}
|
1193
1224
|
}
|
1194
|
-
|
1225
|
+
_mc_array_append_val(&tsts->substringArray, tset); // array now owns tset
|
1226
|
+
}
|
1227
|
+
}
|
1195
1228
|
|
1196
|
-
|
1197
|
-
|
1198
|
-
|
1199
|
-
|
1229
|
+
// Generate array of suffix token sets
|
1230
|
+
if (encodeSets->suffix_set) {
|
1231
|
+
mc_affix_set_iter_t set_itr;
|
1232
|
+
mc_affix_set_iter_init(&set_itr, encodeSets->suffix_set);
|
1200
1233
|
|
1201
|
-
|
1202
|
-
|
1234
|
+
while (mc_affix_set_iter_next(&set_itr, &substring, &bytelen, &appendCount)) {
|
1235
|
+
BSON_ASSERT(appendCount > 0);
|
1236
|
+
BSON_ASSERT(bytelen < INT_MAX);
|
1203
1237
|
|
1204
|
-
|
1205
|
-
|
1206
|
-
if (!_fle2_derive_encrypted_token(kb->crypt->crypto,
|
1207
|
-
&etc.encryptedTokens,
|
1208
|
-
kb->crypt->opts.use_range_v2,
|
1209
|
-
edge_tokens.collectionsLevel1Token,
|
1210
|
-
&etc.escDerivedToken,
|
1211
|
-
NULL, // ecc unsed in FLE2v2
|
1212
|
-
OPT_BOOL(is_leaf),
|
1213
|
-
status)) {
|
1214
|
-
goto fail_loop;
|
1215
|
-
}
|
1238
|
+
mc_TextSuffixTokenSet_t tset = {{0}};
|
1239
|
+
mc_TextSuffixTokenSet_init(&tset);
|
1216
1240
|
|
1217
|
-
|
1241
|
+
_mongocrypt_buffer_t asBsonValue;
|
1242
|
+
_mongocrypt_buffer_init(&asBsonValue);
|
1243
|
+
_mongocrypt_buffer_copy_from_string_as_bson_value(&asBsonValue, substring, (int)bytelen);
|
1218
1244
|
|
1219
|
-
|
1220
|
-
|
1221
|
-
|
1222
|
-
|
1223
|
-
|
1224
|
-
|
1245
|
+
if (!_fle2_generate_TextSuffixTokenSet(kb,
|
1246
|
+
&tset,
|
1247
|
+
&asBsonValue,
|
1248
|
+
contentionFactor,
|
1249
|
+
common.collectionsLevel1Token,
|
1250
|
+
common.serverTokenDerivationLevel1Token,
|
1251
|
+
status)) {
|
1252
|
+
_mongocrypt_buffer_cleanup(&asBsonValue);
|
1253
|
+
mc_TextSuffixTokenSet_cleanup(&tset);
|
1225
1254
|
goto fail;
|
1226
1255
|
}
|
1256
|
+
_mongocrypt_buffer_cleanup(&asBsonValue);
|
1257
|
+
|
1258
|
+
if (appendCount > 1) {
|
1259
|
+
mc_TextSuffixTokenSet_t tset_copy;
|
1260
|
+
mc_TextSuffixTokenSet_shallow_copy(&tset, &tset_copy);
|
1261
|
+
for (; appendCount > 1; appendCount--) {
|
1262
|
+
_mc_array_append_val(&tsts->suffixArray, tset_copy);
|
1263
|
+
}
|
1264
|
+
}
|
1265
|
+
_mc_array_append_val(&tsts->suffixArray, tset); // array now owns tset
|
1227
1266
|
}
|
1228
1267
|
}
|
1229
1268
|
|
1230
|
-
//
|
1231
|
-
|
1232
|
-
|
1233
|
-
|
1234
|
-
bson_value_copy(bson_iter_value(&insertSpec.min), &payload.indexMin);
|
1235
|
-
bson_value_copy(bson_iter_value(&insertSpec.max), &payload.indexMax);
|
1269
|
+
// Generate array of prefix token sets
|
1270
|
+
if (encodeSets->prefix_set) {
|
1271
|
+
mc_affix_set_iter_t set_itr;
|
1272
|
+
mc_affix_set_iter_init(&set_itr, encodeSets->prefix_set);
|
1236
1273
|
|
1237
|
-
|
1238
|
-
|
1239
|
-
|
1240
|
-
|
1241
|
-
|
1242
|
-
|
1243
|
-
|
1244
|
-
|
1245
|
-
|
1274
|
+
while (mc_affix_set_iter_next(&set_itr, &substring, &bytelen, &appendCount)) {
|
1275
|
+
BSON_ASSERT(appendCount > 0);
|
1276
|
+
BSON_ASSERT(bytelen < INT_MAX);
|
1277
|
+
|
1278
|
+
mc_TextPrefixTokenSet_t tset = {{0}};
|
1279
|
+
mc_TextPrefixTokenSet_init(&tset);
|
1280
|
+
|
1281
|
+
_mongocrypt_buffer_t asBsonValue;
|
1282
|
+
_mongocrypt_buffer_init(&asBsonValue);
|
1283
|
+
_mongocrypt_buffer_copy_from_string_as_bson_value(&asBsonValue, substring, (int)bytelen);
|
1284
|
+
|
1285
|
+
if (!_fle2_generate_TextPrefixTokenSet(kb,
|
1286
|
+
&tset,
|
1287
|
+
&asBsonValue,
|
1288
|
+
contentionFactor,
|
1289
|
+
common.collectionsLevel1Token,
|
1290
|
+
common.serverTokenDerivationLevel1Token,
|
1291
|
+
status)) {
|
1292
|
+
_mongocrypt_buffer_cleanup(&asBsonValue);
|
1293
|
+
mc_TextPrefixTokenSet_cleanup(&tset);
|
1294
|
+
goto fail;
|
1295
|
+
}
|
1296
|
+
_mongocrypt_buffer_cleanup(&asBsonValue);
|
1246
1297
|
|
1298
|
+
if (appendCount > 1) {
|
1299
|
+
mc_TextPrefixTokenSet_t tset_copy;
|
1300
|
+
mc_TextPrefixTokenSet_shallow_copy(&tset, &tset_copy);
|
1301
|
+
for (; appendCount > 1; appendCount--) {
|
1302
|
+
_mc_array_append_val(&tsts->prefixArray, tset_copy); // array now owns tset_copy
|
1303
|
+
}
|
1304
|
+
}
|
1305
|
+
_mc_array_append_val(&tsts->prefixArray, tset); // moves ownership of tset
|
1306
|
+
}
|
1307
|
+
}
|
1308
|
+
payload->textSearchTokenSets.set = true;
|
1247
1309
|
res = true;
|
1248
1310
|
fail:
|
1249
|
-
mc_edges_destroy(edges);
|
1250
|
-
mc_FLE2InsertUpdatePayloadV2_cleanup(&payload);
|
1251
1311
|
_FLE2EncryptedPayloadCommon_cleanup(&common);
|
1252
|
-
|
1312
|
+
mc_str_encode_sets_destroy(encodeSets);
|
1253
1313
|
return res;
|
1254
1314
|
}
|
1255
1315
|
|
1256
1316
|
/**
|
1257
|
-
* Payload subtype
|
1317
|
+
* Payload subtype 11: FLE2InsertUpdatePayloadV2 for text search inserts/updates
|
1258
1318
|
*
|
1259
|
-
* {
|
1319
|
+
* {v: value, u: indexKeyId, t: valueType, k: contentionFactor, e: serverToken,
|
1320
|
+
* b: { e: {d: EDC_exact, s: ESC_exact, l: svrDFDToken_exact, p: encToken_exact},
|
1321
|
+
* s: [{d: EDC_substr, s: ESC_substr, l: svrDFDToken_substr, p: encToken_substr}, ...]
|
1322
|
+
* u: [{d: EDC_suffix, s: ESC_suffix, l: svrDFDToken_suffix, p: encToken_suffix}, ...]
|
1323
|
+
* p: [{d: EDC_prefix, s: ESC_prefix, l: svrDFDToken_prefix, p: encToken_prefix}, ...]
|
1324
|
+
* },
|
1325
|
+
* d: bogusToken, s: bogusToken, l: bogusToken, p: bogusCiphertext
|
1326
|
+
* }
|
1260
1327
|
*/
|
1261
|
-
static bool
|
1262
|
-
|
1263
|
-
|
1264
|
-
|
1328
|
+
static bool _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForTextSearch(_mongocrypt_key_broker_t *kb,
|
1329
|
+
_mongocrypt_marking_t *marking,
|
1330
|
+
_mongocrypt_ciphertext_t *ciphertext,
|
1331
|
+
mongocrypt_status_t *status) {
|
1265
1332
|
BSON_ASSERT_PARAM(kb);
|
1266
1333
|
BSON_ASSERT_PARAM(marking);
|
1267
1334
|
BSON_ASSERT_PARAM(ciphertext);
|
1335
|
+
BSON_ASSERT(kb->crypt);
|
1336
|
+
BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
|
1337
|
+
|
1338
|
+
mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
|
1339
|
+
BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
|
1340
|
+
BSON_ASSERT(placeholder->algorithm == MONGOCRYPT_FLE2_ALGORITHM_TEXT_SEARCH);
|
1268
1341
|
|
1269
1342
|
_FLE2EncryptedPayloadCommon_t common = {{0}};
|
1343
|
+
mc_FLE2InsertUpdatePayloadV2_t payload;
|
1344
|
+
mc_FLE2InsertUpdatePayloadV2_init(&payload);
|
1345
|
+
|
1270
1346
|
_mongocrypt_buffer_t value = {0};
|
1271
|
-
mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
|
1272
|
-
mc_FLE2FindEqualityPayload_t payload;
|
1273
1347
|
bool res = false;
|
1274
1348
|
|
1275
|
-
|
1276
|
-
|
1277
|
-
|
1278
|
-
|
1279
|
-
mc_FLE2FindEqualityPayload_init(&payload);
|
1349
|
+
mc_FLE2TextSearchInsertSpec_t insertSpec;
|
1350
|
+
if (!mc_FLE2TextSearchInsertSpec_parse(&insertSpec, &placeholder->v_iter, status)) {
|
1351
|
+
goto fail;
|
1352
|
+
}
|
1280
1353
|
|
1281
|
-
|
1354
|
+
// t
|
1355
|
+
payload.valueType = BSON_TYPE_UTF8;
|
1356
|
+
|
1357
|
+
// k
|
1358
|
+
payload.contentionFactor = 0;
|
1359
|
+
if (placeholder->maxContentionFactor > 0) {
|
1360
|
+
/* Choose a random contentionFactor in the inclusive range [0,
|
1361
|
+
* placeholder->maxContentionFactor] */
|
1362
|
+
if (!_mongocrypt_random_int64(kb->crypt->crypto,
|
1363
|
+
placeholder->maxContentionFactor + 1,
|
1364
|
+
&payload.contentionFactor,
|
1365
|
+
status)) {
|
1366
|
+
goto fail;
|
1367
|
+
}
|
1368
|
+
}
|
1282
1369
|
|
1370
|
+
// u
|
1371
|
+
_mongocrypt_buffer_copy_to(&placeholder->index_key_id, &payload.indexKeyId);
|
1372
|
+
|
1373
|
+
_mongocrypt_buffer_from_iter(&value, &insertSpec.v_iter);
|
1283
1374
|
if (!_mongocrypt_fle2_placeholder_common(kb,
|
1284
1375
|
&common,
|
1285
1376
|
&placeholder->index_key_id,
|
1286
1377
|
&value,
|
1287
|
-
|
1288
|
-
|
1378
|
+
true, /* derive tokens using contentionFactor */
|
1379
|
+
payload.contentionFactor,
|
1289
1380
|
status)) {
|
1290
1381
|
goto fail;
|
1291
1382
|
}
|
1292
1383
|
|
1293
|
-
// d
|
1294
|
-
|
1295
|
-
|
1296
|
-
|
1297
|
-
|
1298
|
-
|
1384
|
+
// (d, s, l) are never used for text search, so just set these to bogus buffers of
|
1385
|
+
// correct length.
|
1386
|
+
BSON_ASSERT(_mongocrypt_buffer_steal_from_data_and_size(&payload.edcDerivedToken,
|
1387
|
+
bson_malloc0(MONGOCRYPT_HMAC_SHA256_LEN),
|
1388
|
+
MONGOCRYPT_HMAC_SHA256_LEN));
|
1389
|
+
_mongocrypt_buffer_copy_to(&payload.edcDerivedToken, &payload.escDerivedToken);
|
1390
|
+
_mongocrypt_buffer_copy_to(&payload.edcDerivedToken, &payload.serverDerivedFromDataToken);
|
1391
|
+
|
1392
|
+
// p := EncryptCTR(ECOCToken, ESCDerivedFromDataTokenAndContentionFactor)
|
1393
|
+
// Since p is never used for text search, this just sets p to a bogus ciphertext of
|
1394
|
+
// the correct length.
|
1395
|
+
if (!_fle2_derive_encrypted_token(kb->crypt->crypto,
|
1396
|
+
&payload.encryptedTokens,
|
1397
|
+
false,
|
1398
|
+
common.collectionsLevel1Token,
|
1399
|
+
&payload.escDerivedToken, // bogus
|
1400
|
+
NULL, // unused in FLE2v2
|
1401
|
+
(mc_optional_bool_t){0},
|
1402
|
+
status)) {
|
1403
|
+
goto fail;
|
1404
|
+
}
|
1299
1405
|
|
1406
|
+
// v := UserKeyId + EncryptCBCAEAD(UserKey, value)
|
1407
|
+
{
|
1408
|
+
_mongocrypt_buffer_t ciphertext = {0};
|
1409
|
+
if (!_fle2_placeholder_aes_aead_encrypt(kb,
|
1410
|
+
_mcFLE2v2AEADAlgorithm(),
|
1411
|
+
&ciphertext,
|
1412
|
+
&placeholder->user_key_id,
|
1413
|
+
&value,
|
1414
|
+
status)) {
|
1415
|
+
goto fail;
|
1416
|
+
}
|
1417
|
+
const _mongocrypt_buffer_t v[2] = {placeholder->user_key_id, ciphertext};
|
1418
|
+
const bool ok = _mongocrypt_buffer_concat(&payload.value, v, 2);
|
1419
|
+
_mongocrypt_buffer_cleanup(&ciphertext);
|
1420
|
+
if (!ok) {
|
1421
|
+
goto fail;
|
1422
|
+
}
|
1423
|
+
}
|
1300
1424
|
// e := ServerDataEncryptionLevel1Token
|
1301
1425
|
_mongocrypt_buffer_copy_to(mc_ServerDataEncryptionLevel1Token_get(common.serverDataEncryptionLevel1Token),
|
1302
1426
|
&payload.serverEncryptionToken);
|
1303
1427
|
|
1304
|
-
|
1428
|
+
// b
|
1429
|
+
if (!_fle2_generate_TextSearchTokenSets(kb,
|
1430
|
+
&payload,
|
1431
|
+
&placeholder->index_key_id,
|
1432
|
+
&insertSpec,
|
1433
|
+
payload.contentionFactor,
|
1434
|
+
status)) {
|
1435
|
+
goto fail;
|
1436
|
+
}
|
1305
1437
|
|
1306
1438
|
{
|
1307
1439
|
bson_t out;
|
1308
1440
|
bson_init(&out);
|
1309
|
-
|
1441
|
+
mc_FLE2InsertUpdatePayloadV2_serializeForTextSearch(&payload, &out);
|
1310
1442
|
_mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
|
1311
1443
|
}
|
1312
1444
|
// Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
|
1313
|
-
// not used for
|
1314
|
-
ciphertext->blob_subtype =
|
1445
|
+
// not used for FLE2InsertUpdatePayloadV2.
|
1446
|
+
ciphertext->blob_subtype = MC_SUBTYPE_FLE2InsertUpdatePayloadV2;
|
1315
1447
|
|
1316
1448
|
res = true;
|
1317
1449
|
fail:
|
1318
|
-
|
1450
|
+
mc_FLE2InsertUpdatePayloadV2_cleanup(&payload);
|
1319
1451
|
_mongocrypt_buffer_cleanup(&value);
|
1320
1452
|
_FLE2EncryptedPayloadCommon_cleanup(&common);
|
1321
|
-
|
1322
1453
|
return res;
|
1323
1454
|
}
|
1324
1455
|
|
1325
1456
|
/**
|
1326
1457
|
* Payload subtype 12: FLE2FindEqualityPayloadV2
|
1327
|
-
* Delegates to ..._find_ciphertext_v1 when crypt->opts.use_fle2_v2 == false.
|
1328
1458
|
*
|
1329
1459
|
* {d: EDC, s: ESC, l: serverDerivedFromDataToken, cm: maxContentionFactor}
|
1330
1460
|
*/
|
@@ -1336,10 +1466,6 @@ static bool _mongocrypt_fle2_placeholder_to_find_ciphertext(_mongocrypt_key_brok
|
|
1336
1466
|
BSON_ASSERT_PARAM(marking);
|
1337
1467
|
BSON_ASSERT_PARAM(ciphertext);
|
1338
1468
|
|
1339
|
-
if (kb->crypt->opts.use_fle2_v2 == false) {
|
1340
|
-
return _mongocrypt_fle2_placeholder_to_find_ciphertext_v1(kb, marking, ciphertext, status);
|
1341
|
-
}
|
1342
|
-
|
1343
1469
|
_FLE2EncryptedPayloadCommon_t common = {{0}};
|
1344
1470
|
_mongocrypt_buffer_t value = {0};
|
1345
1471
|
mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
|
@@ -1568,145 +1694,8 @@ mc_mincover_t *mc_get_mincover_from_FLE2RangeFindSpec(mc_FLE2RangeFindSpec_t *fi
|
|
1568
1694
|
}
|
1569
1695
|
}
|
1570
1696
|
|
1571
|
-
/**
|
1572
|
-
* Payload subtype 10: FLE2FindRangePayload
|
1573
|
-
*
|
1574
|
-
* {e: serverToken, cm: maxContentionFactor,
|
1575
|
-
* g: [{d: EDC, s: ESC, c: ECC}, ...]}
|
1576
|
-
*/
|
1577
|
-
static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(_mongocrypt_key_broker_t *kb,
|
1578
|
-
_mongocrypt_marking_t *marking,
|
1579
|
-
_mongocrypt_ciphertext_t *ciphertext,
|
1580
|
-
mongocrypt_status_t *status) {
|
1581
|
-
BSON_ASSERT_PARAM(kb);
|
1582
|
-
BSON_ASSERT_PARAM(marking);
|
1583
|
-
BSON_ASSERT_PARAM(ciphertext);
|
1584
|
-
BSON_ASSERT(kb->crypt);
|
1585
|
-
|
1586
|
-
const bool use_range_v2 = kb->crypt->opts.use_range_v2;
|
1587
|
-
_mongocrypt_crypto_t *crypto = kb->crypt->crypto;
|
1588
|
-
mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
|
1589
|
-
mc_FLE2FindRangePayload_t payload;
|
1590
|
-
bool res = false;
|
1591
|
-
mc_mincover_t *mincover = NULL;
|
1592
|
-
_mongocrypt_buffer_t tokenKey = {0};
|
1593
|
-
|
1594
|
-
BSON_ASSERT(kb->crypt->opts.use_fle2_v2 == false);
|
1595
|
-
BSON_ASSERT(marking->type == MONGOCRYPT_MARKING_FLE2_ENCRYPTION);
|
1596
|
-
BSON_ASSERT(placeholder);
|
1597
|
-
BSON_ASSERT(placeholder->type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
|
1598
|
-
BSON_ASSERT(placeholder->algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
|
1599
|
-
mc_FLE2FindRangePayload_init(&payload);
|
1600
|
-
|
1601
|
-
// Parse the query bounds and index bounds from FLE2EncryptionPlaceholder for
|
1602
|
-
// range find.
|
1603
|
-
mc_FLE2RangeFindSpec_t findSpec;
|
1604
|
-
if (!mc_FLE2RangeFindSpec_parse(&findSpec, &placeholder->v_iter, use_range_v2, status)) {
|
1605
|
-
goto fail;
|
1606
|
-
}
|
1607
|
-
|
1608
|
-
if (findSpec.edgesInfo.set) {
|
1609
|
-
// cm := Queryable Encryption max contentionFactor
|
1610
|
-
payload.payload.value.maxContentionFactor = placeholder->maxContentionFactor;
|
1611
|
-
|
1612
|
-
// e := ServerDataEncryptionLevel1Token
|
1613
|
-
{
|
1614
|
-
if (!_get_tokenKey(kb, &placeholder->index_key_id, &tokenKey, status)) {
|
1615
|
-
goto fail;
|
1616
|
-
}
|
1617
|
-
|
1618
|
-
mc_ServerDataEncryptionLevel1Token_t *serverToken =
|
1619
|
-
mc_ServerDataEncryptionLevel1Token_new(crypto, &tokenKey, status);
|
1620
|
-
if (!serverToken) {
|
1621
|
-
goto fail;
|
1622
|
-
}
|
1623
|
-
_mongocrypt_buffer_copy_to(mc_ServerDataEncryptionLevel1Token_get(serverToken),
|
1624
|
-
&payload.payload.value.serverEncryptionToken);
|
1625
|
-
mc_ServerDataEncryptionLevel1Token_destroy(serverToken);
|
1626
|
-
}
|
1627
|
-
|
1628
|
-
// g:= array<EdgeFindTokenSet>
|
1629
|
-
{
|
1630
|
-
BSON_ASSERT(placeholder->sparsity >= 0 && (uint64_t)placeholder->sparsity <= (uint64_t)SIZE_MAX);
|
1631
|
-
mincover =
|
1632
|
-
mc_get_mincover_from_FLE2RangeFindSpec(&findSpec, (size_t)placeholder->sparsity, status, use_range_v2);
|
1633
|
-
if (!mincover) {
|
1634
|
-
goto fail;
|
1635
|
-
}
|
1636
|
-
|
1637
|
-
for (size_t i = 0; i < mc_mincover_len(mincover); i++) {
|
1638
|
-
// Create a EdgeFindTokenSet from each edge.
|
1639
|
-
bool loop_ok = false;
|
1640
|
-
const char *edge = mc_mincover_get(mincover, i);
|
1641
|
-
_mongocrypt_buffer_t edge_buf = {0};
|
1642
|
-
_FLE2EncryptedPayloadCommon_t edge_tokens = {{0}};
|
1643
|
-
mc_EdgeFindTokenSet_t eftc = {{0}};
|
1644
|
-
|
1645
|
-
if (!_mongocrypt_buffer_from_string(&edge_buf, edge)) {
|
1646
|
-
CLIENT_ERR("failed to copy edge to buffer");
|
1647
|
-
goto fail_loop;
|
1648
|
-
}
|
1649
|
-
|
1650
|
-
if (!_mongocrypt_fle2_placeholder_common(kb,
|
1651
|
-
&edge_tokens,
|
1652
|
-
&placeholder->index_key_id,
|
1653
|
-
&edge_buf,
|
1654
|
-
false, /* derive tokens using contentionFactor */
|
1655
|
-
placeholder->maxContentionFactor, /* ignored */
|
1656
|
-
status)) {
|
1657
|
-
goto fail_loop;
|
1658
|
-
}
|
1659
|
-
|
1660
|
-
// d := EDCDerivedToken
|
1661
|
-
_mongocrypt_buffer_steal(&eftc.edcDerivedToken, &edge_tokens.edcDerivedToken);
|
1662
|
-
// s := ESCDerivedToken
|
1663
|
-
_mongocrypt_buffer_steal(&eftc.escDerivedToken, &edge_tokens.escDerivedToken);
|
1664
|
-
// c := ECCDerivedToken
|
1665
|
-
_mongocrypt_buffer_steal(&eftc.eccDerivedToken, &edge_tokens.eccDerivedToken);
|
1666
|
-
|
1667
|
-
_mc_array_append_val(&payload.payload.value.edgeFindTokenSetArray, eftc);
|
1668
|
-
|
1669
|
-
loop_ok = true;
|
1670
|
-
fail_loop:
|
1671
|
-
_FLE2EncryptedPayloadCommon_cleanup(&edge_tokens);
|
1672
|
-
_mongocrypt_buffer_cleanup(&edge_buf);
|
1673
|
-
if (!loop_ok) {
|
1674
|
-
goto fail;
|
1675
|
-
}
|
1676
|
-
}
|
1677
|
-
}
|
1678
|
-
payload.payload.set = true;
|
1679
|
-
}
|
1680
|
-
|
1681
|
-
payload.payloadId = findSpec.payloadId;
|
1682
|
-
payload.firstOperator = findSpec.firstOperator;
|
1683
|
-
payload.secondOperator = findSpec.secondOperator;
|
1684
|
-
|
1685
|
-
// Serialize.
|
1686
|
-
{
|
1687
|
-
bson_t out = BSON_INITIALIZER;
|
1688
|
-
mc_FLE2FindRangePayload_serialize(&payload, &out);
|
1689
|
-
_mongocrypt_buffer_steal_from_bson(&ciphertext->data, &out);
|
1690
|
-
}
|
1691
|
-
_mongocrypt_buffer_steal(&ciphertext->key_id, &placeholder->index_key_id);
|
1692
|
-
|
1693
|
-
// Do not set ciphertext->original_bson_type and ciphertext->key_id. They are
|
1694
|
-
// not used for FLE2FindRangePayload.
|
1695
|
-
ciphertext->blob_subtype = MC_SUBTYPE_FLE2FindRangePayload;
|
1696
|
-
|
1697
|
-
res = true;
|
1698
|
-
fail:
|
1699
|
-
mc_mincover_destroy(mincover);
|
1700
|
-
mc_FLE2FindRangePayload_cleanup(&payload);
|
1701
|
-
_mongocrypt_buffer_cleanup(&tokenKey);
|
1702
|
-
|
1703
|
-
return res;
|
1704
|
-
}
|
1705
|
-
|
1706
1697
|
/**
|
1707
1698
|
* Payload subtype 13: FLE2FindRangePayloadV2
|
1708
|
-
* Delegates to ..._find_ciphertextForRange_v1
|
1709
|
-
* when crypt->opts.use_fle2_v2 is false
|
1710
1699
|
*
|
1711
1700
|
* {cm: maxContentionFactor,
|
1712
1701
|
* g: [{d: EDC, s: ESC, l: serverDerivedFromDataToken}, ...]}
|
@@ -1719,10 +1708,6 @@ static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForRange(_mongocrypt_
|
|
1719
1708
|
BSON_ASSERT_PARAM(marking);
|
1720
1709
|
BSON_ASSERT_PARAM(ciphertext);
|
1721
1710
|
|
1722
|
-
if (kb->crypt->opts.use_fle2_v2 == false) {
|
1723
|
-
return _mongocrypt_fle2_placeholder_to_find_ciphertextForRange_v1(kb, marking, ciphertext, status);
|
1724
|
-
}
|
1725
|
-
|
1726
1711
|
const bool use_range_v2 = kb->crypt->opts.use_range_v2;
|
1727
1712
|
mc_FLE2EncryptionPlaceholder_t *placeholder = &marking->fle2;
|
1728
1713
|
mc_FLE2FindRangePayloadV2_t payload;
|
@@ -1835,6 +1820,15 @@ fail:
|
|
1835
1820
|
return res;
|
1836
1821
|
}
|
1837
1822
|
|
1823
|
+
static bool _mongocrypt_fle2_placeholder_to_find_ciphertextForTextSearch(_mongocrypt_key_broker_t *kb,
|
1824
|
+
_mongocrypt_marking_t *marking,
|
1825
|
+
_mongocrypt_ciphertext_t *ciphertext,
|
1826
|
+
mongocrypt_status_t *status) {
|
1827
|
+
// TODO MONGOCRYPT-761 implement find support for text search fields
|
1828
|
+
CLIENT_ERR("Text search find is not yet supported");
|
1829
|
+
return false;
|
1830
|
+
}
|
1831
|
+
|
1838
1832
|
static bool _mongocrypt_fle2_placeholder_to_FLE2UnindexedEncryptedValue(_mongocrypt_key_broker_t *kb,
|
1839
1833
|
_mongocrypt_marking_t *marking,
|
1840
1834
|
_mongocrypt_ciphertext_t *ciphertext,
|
@@ -1859,25 +1853,14 @@ static bool _mongocrypt_fle2_placeholder_to_FLE2UnindexedEncryptedValue(_mongocr
|
|
1859
1853
|
}
|
1860
1854
|
|
1861
1855
|
BSON_ASSERT(kb->crypt);
|
1862
|
-
|
1863
|
-
|
1864
|
-
|
1865
|
-
|
1866
|
-
|
1867
|
-
|
1868
|
-
|
1869
|
-
|
1870
|
-
ciphertext->blob_subtype = MC_SUBTYPE_FLE2UnindexedEncryptedValueV2;
|
1871
|
-
} else {
|
1872
|
-
res = mc_FLE2UnindexedEncryptedValue_encrypt(kb->crypt->crypto,
|
1873
|
-
&placeholder->user_key_id,
|
1874
|
-
bson_iter_type(&placeholder->v_iter),
|
1875
|
-
&plaintext,
|
1876
|
-
&user_key,
|
1877
|
-
&ciphertext->data,
|
1878
|
-
status);
|
1879
|
-
ciphertext->blob_subtype = MC_SUBTYPE_FLE2UnindexedEncryptedValue;
|
1880
|
-
}
|
1856
|
+
res = mc_FLE2UnindexedEncryptedValueV2_encrypt(kb->crypt->crypto,
|
1857
|
+
&placeholder->user_key_id,
|
1858
|
+
bson_iter_type(&placeholder->v_iter),
|
1859
|
+
&plaintext,
|
1860
|
+
&user_key,
|
1861
|
+
&ciphertext->data,
|
1862
|
+
status);
|
1863
|
+
ciphertext->blob_subtype = MC_SUBTYPE_FLE2UnindexedEncryptedValueV2;
|
1881
1864
|
|
1882
1865
|
if (!res) {
|
1883
1866
|
goto fail;
|
@@ -2058,6 +2041,17 @@ bool _mongocrypt_marking_to_ciphertext(void *ctx,
|
|
2058
2041
|
return _mongocrypt_fle2_placeholder_to_find_ciphertext(kb, marking, ciphertext, status);
|
2059
2042
|
default: CLIENT_ERR("unexpected fle2 type: %d", (int)marking->fle2.type); return false;
|
2060
2043
|
}
|
2044
|
+
case MONGOCRYPT_FLE2_ALGORITHM_TEXT_SEARCH:
|
2045
|
+
switch (marking->fle2.type) {
|
2046
|
+
case MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT:
|
2047
|
+
return _mongocrypt_fle2_placeholder_to_insert_update_ciphertextForTextSearch(kb,
|
2048
|
+
marking,
|
2049
|
+
ciphertext,
|
2050
|
+
status);
|
2051
|
+
case MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND:
|
2052
|
+
return _mongocrypt_fle2_placeholder_to_find_ciphertextForTextSearch(kb, marking, ciphertext, status);
|
2053
|
+
default: CLIENT_ERR("unexpected fle2 type: %d", (int)marking->fle2.type); return false;
|
2054
|
+
}
|
2061
2055
|
default: CLIENT_ERR("unexpected algorithm: %d", (int)marking->algorithm); return false;
|
2062
2056
|
}
|
2063
2057
|
case MONGOCRYPT_MARKING_FLE1_BY_ID:
|