libmongocrypt-helper 1.11.0.0.1001 → 1.13.2.0.1001

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (598) hide show
  1. checksums.yaml +4 -4
  2. data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +27 -1
  3. data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +13 -2
  4. data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -7
  5. data/ext/libmongocrypt/libmongocrypt/CONTRIBUTING.md +14 -0
  6. data/ext/libmongocrypt/libmongocrypt/Earthfile +49 -50
  7. data/ext/libmongocrypt/libmongocrypt/README.md +39 -23
  8. data/ext/libmongocrypt/libmongocrypt/bindings/cs/README.md +4 -67
  9. data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +14 -1
  10. data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +1 -1
  11. data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -1
  12. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/state_machine.py +1 -1
  13. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +39 -7
  14. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +32 -0
  15. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
  16. data/ext/libmongocrypt/libmongocrypt/bindings/python/pyproject.toml +1 -0
  17. data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +1 -1
  18. data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +10 -9
  19. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-field-config-map.json +0 -1
  20. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +0 -2
  21. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +13 -12
  22. data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +4 -2
  23. data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +1 -1
  24. data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +37 -40
  25. data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +10 -9
  26. data/ext/libmongocrypt/libmongocrypt/etc/format.sh +0 -2
  27. data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-in-functions.patch +158 -0
  28. data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +3 -3
  29. data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +1 -1
  30. data/ext/libmongocrypt/libmongocrypt/integrating.md +51 -13
  31. data/ext/libmongocrypt/libmongocrypt/kms-message/README.md +1 -1
  32. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_windows.c +2 -2
  33. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_response_parser.h +3 -0
  34. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message.c +1 -1
  35. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +2 -2
  36. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +3 -3
  37. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_response_parser.c +8 -0
  38. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +5 -5
  39. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +25 -8
  40. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +2 -2
  41. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +3 -3
  42. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +12 -10
  43. data/ext/libmongocrypt/libmongocrypt/src/mc-cmp-private.h +137 -0
  44. data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +5 -0
  45. data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +35 -1
  46. data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +5 -2
  47. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +99 -0
  48. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +226 -2
  49. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +0 -1
  50. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +0 -1
  51. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private-v2.h +5 -0
  52. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +39 -0
  53. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +165 -1
  54. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +0 -1
  55. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private-v2.h +183 -60
  56. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +498 -115
  57. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds-private.h +10 -0
  58. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block-private.h +49 -0
  59. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +98 -0
  60. data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +3 -2
  61. data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +2 -1
  62. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +2 -2
  63. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +1 -0
  64. data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +6 -1
  65. data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +2 -1
  66. data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +126 -0
  67. data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +1075 -0
  68. data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +95 -0
  69. data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +304 -0
  70. data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +45 -0
  71. data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +248 -0
  72. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +112 -2
  73. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +166 -2
  74. data/ext/libmongocrypt/libmongocrypt/src/mlib/windows-lean.h +2 -0
  75. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +11 -0
  76. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +36 -3
  77. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c +1 -1
  78. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key.c +1 -1
  79. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-private.h +2 -2
  80. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache.c +1 -1
  81. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext.c +1 -1
  82. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +2 -1
  83. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +8 -4
  84. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +429 -858
  85. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +55 -19
  86. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +13 -10
  87. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +15 -0
  88. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-private.h +9 -0
  89. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key.c +6 -2
  90. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx-private.h +6 -0
  91. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +174 -0
  92. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-log.c +0 -1
  93. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +4 -0
  94. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +518 -524
  95. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -4
  96. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +1 -1
  97. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +8 -12
  98. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +1 -1
  99. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +3 -1
  100. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +25 -9
  101. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +65 -6
  102. data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +3 -1
  103. data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1434 -0
  104. data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +2884 -0
  105. data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +139 -0
  106. data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.h +58 -0
  107. data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +2 -2
  108. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +1 -0
  109. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +1 -0
  110. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +1 -0
  111. data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +1 -1
  112. data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +20 -21
  113. data/ext/libmongocrypt/libmongocrypt/test/data/compact/missing-key-id/collinfo.json +2 -2
  114. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/collinfo.json +1 -1
  115. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +1 -1
  116. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +1 -1
  117. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +0 -1
  118. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +20 -21
  119. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd-to-mongocryptd.json +1 -2
  120. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/collinfo.json +2 -2
  121. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/encrypted-payload.json +2 -3
  122. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/mongocryptd-reply.json +1 -2
  123. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd-to-mongocryptd.json +1 -2
  124. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/collinfo.json +2 -2
  125. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/encrypted-payload.json +2 -3
  126. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/mongocryptd-reply.json +1 -2
  127. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd-to-mongocryptd.json +1 -2
  128. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/collinfo.json +2 -2
  129. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/mongocryptd-reply.json +1 -2
  130. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/collinfo.json +2 -1
  131. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-extraField.json +0 -1
  132. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-missingKeyId.json +0 -1
  133. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-badVersionSet.json +23 -0
  134. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-goodVersionSet.json +23 -0
  135. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField.json +0 -1
  136. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-badVersionSet.json +48 -0
  137. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-goodVersionSet.json +48 -0
  138. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields.json +47 -0
  139. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-twoFields.json +0 -1
  140. data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-field-config-map.json +1 -3
  141. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1DeterministicEncryptedValue.json +8 -0
  142. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1EncryptionPlaceholder.json +8 -0
  143. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1RandomEncryptedValue.json +8 -0
  144. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EncryptionPlaceholder.json +8 -0
  145. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +8 -0
  146. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2FindEqualityPayloadV2.json +8 -0
  147. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValue.json +8 -0
  148. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValueV2.json +8 -0
  149. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValue.json +8 -0
  150. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValueV2.json +8 -0
  151. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges-V2.json +8 -0
  152. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges.json +8 -0
  153. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/insert-indexed.json → explicit-decrypt/FLE2InsertUpdatePayload.json} +1 -1
  154. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2.json +8 -0
  155. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +8 -0
  156. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValue.json +8 -0
  157. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValueV2.json +8 -0
  158. data/ext/libmongocrypt/libmongocrypt/test/data/find-with-encryptionInformation.json +0 -1
  159. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/collinfo.json +2 -1
  160. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/collinfo.json +2 -1
  161. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-collinfo.json +26 -0
  162. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json +51 -0
  163. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json +45 -0
  164. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd.json +18 -0
  165. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/int32/encrypted-field-map.json → fle2-bad-str-encode-version/bad-encrypted-field-config-map.json} +7 -12
  166. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-bad-str-encode-version}/encrypted-payload.json +4 -4
  167. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd-to-mongocryptd.json +1 -2
  168. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-field-config-map.json +1 -2
  169. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd-to-mongocryptd.json +44 -0
  170. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd.json +17 -0
  171. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-equality/encrypted-field-map.json → fle2-create-encrypted-collection/encrypted-field-config-map.json} +9 -8
  172. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/encrypted-payload.json +17 -0
  173. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/mongocryptd-reply.json +50 -0
  174. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/cmd-to-mongocryptd.json +45 -0
  175. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/mongocryptd-reply.json +51 -0
  176. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +46 -0
  177. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json +18 -0
  178. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +25 -0
  179. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +18 -0
  180. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +52 -0
  181. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/collinfo.json +1 -1
  182. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-field-config-map.json +0 -1
  183. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload-v2.json +57 -59
  184. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/mongocryptd-reply.json +63 -64
  185. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/collinfo.json +1 -1
  186. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-field-config-map.json +0 -1
  187. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload-v2.json +64 -66
  188. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/mongocryptd-reply.json +69 -70
  189. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +1 -1
  190. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +1 -2
  191. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd-to-mongocryptd.json +1 -2
  192. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/collinfo.json +2 -2
  193. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/encrypted-payload.json +2 -3
  194. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/mongocryptd-reply.json +1 -2
  195. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongocryptd.json +0 -1
  196. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongod.json +0 -1
  197. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/reply-from-mongocryptd.json +0 -1
  198. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-field-map.json +0 -1
  199. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/cmd.json +9 -0
  200. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/double → fle2-insert-text-search}/encrypted-field-map.json +10 -9
  201. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/encrypted-payload.json +47 -0
  202. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/mongocryptd-reply.json +55 -0
  203. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/date → fle2-insert-text-search-with-str-encode-version}/encrypted-field-map.json +12 -10
  204. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/encrypted-payload.json +47 -0
  205. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/mongocryptd-reply.json +55 -0
  206. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/cmd.json +9 -0
  207. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/encrypted-field-map.json +2 -2
  208. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/encrypted-payload.json +40 -0
  209. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/mongocryptd-reply.json +2 -2
  210. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd-to-mongocryptd.json +55 -0
  211. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd.json +22 -0
  212. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-field-config-map.json +29 -0
  213. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-payload.json +23 -0
  214. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/mongocryptd-reply.json +61 -0
  215. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +56 -0
  216. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd.json +23 -0
  217. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +30 -0
  218. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +23 -0
  219. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +62 -0
  220. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneRangeV2.json +9 -1
  221. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneText.json +20 -0
  222. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneTextLarge.json +930 -0
  223. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneV2.json +1 -0
  224. data/ext/libmongocrypt/libmongocrypt/test/data/kms-tests.json +4 -4
  225. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd-to-mongocryptd.json +60 -0
  226. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd.json +14 -0
  227. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c1.json +39 -0
  228. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c2.json +39 -0
  229. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-facet/cmd.json +20 -0
  230. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/cmd.json +14 -0
  231. data/ext/libmongocrypt/libmongocrypt/{bindings/cs/MongoDB.Libmongocrypt.Test/test/example/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c1.json} +12 -10
  232. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c3.json} +13 -11
  233. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-nested/cmd.json +24 -0
  234. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd-to-mongocryptd.json +60 -0
  235. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd.json +14 -0
  236. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/schemaMap.json +40 -0
  237. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd-to-mongocryptd.json +60 -0
  238. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd.json +14 -0
  239. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/collInfo-c1.json +39 -0
  240. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/schemaMap.json +21 -0
  241. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd-to-mongocryptd.json +34 -0
  242. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd.json +14 -0
  243. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/collInfo-c1.json +39 -0
  244. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd-to-mongocryptd.json +49 -0
  245. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd.json +14 -0
  246. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c1.json +39 -0
  247. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c2.json +29 -0
  248. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/reply-from-mongocryptd.json +18 -0
  249. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-unionWith/cmd.json +21 -0
  250. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/cmd.json +14 -0
  251. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-c1.json +39 -0
  252. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-v1.json +11 -0
  253. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongocryptd.json +65 -0
  254. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongod.json +26 -0
  255. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd.json +19 -0
  256. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c1.json +39 -0
  257. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c2.json +39 -0
  258. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/keys/ABCDEFAB123498761234123456789012-local-document.json → test/data/lookup/mixed/csfle/csfle/key-doc.json} +4 -4
  259. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/reply-from-mongocryptd.json +33 -0
  260. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongocryptd.json +47 -0
  261. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongod.json +26 -0
  262. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd.json +19 -0
  263. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c1.json +39 -0
  264. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c2.json +17 -0
  265. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/key-doc.json +30 -0
  266. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/reply-from-mongocryptd.json +33 -0
  267. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd-to-mongocryptd.json +70 -0
  268. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd.json +19 -0
  269. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c1.json +39 -0
  270. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c2.json +42 -0
  271. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongocryptd.json +47 -0
  272. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongod.json +26 -0
  273. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd.json +19 -0
  274. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c1.json +17 -0
  275. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c2.json +39 -0
  276. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/key-doc.json +30 -0
  277. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/reply-from-mongocryptd.json +33 -0
  278. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongocryptd.json +29 -0
  279. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongod.json +19 -0
  280. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd.json +19 -0
  281. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c1.json +17 -0
  282. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c2.json +17 -0
  283. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/reply-from-mongocryptd.json +26 -0
  284. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongocryptd.json +53 -0
  285. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongod.json +58 -0
  286. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd.json +19 -0
  287. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c1.json +17 -0
  288. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c2.json +42 -0
  289. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/key-doc.json +30 -0
  290. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/reply-from-mongocryptd.json +65 -0
  291. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd-to-mongocryptd.json +70 -0
  292. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd.json +19 -0
  293. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c1.json +42 -0
  294. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c2.json +39 -0
  295. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongocryptd.json +53 -0
  296. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongod.json +56 -0
  297. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd.json +19 -0
  298. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c1.json +42 -0
  299. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c2.json +17 -0
  300. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/key-doc.json +30 -0
  301. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/reply-from-mongocryptd.json +63 -0
  302. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongocryptd.json +66 -0
  303. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongod.json +71 -0
  304. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd.json +19 -0
  305. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c1.json +42 -0
  306. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c2.json +42 -0
  307. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/key-doc.json +30 -0
  308. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/reply-from-mongocryptd.json +78 -0
  309. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongocryptd.json +61 -0
  310. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongod.json +14 -0
  311. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd.json +14 -0
  312. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c1.json +42 -0
  313. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c2.json +42 -0
  314. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/reply-from-mongocryptd.json +68 -0
  315. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongocryptd.json +66 -0
  316. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongod.json +71 -0
  317. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd.json +19 -0
  318. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/collInfo-c1.json +42 -0
  319. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert-unindexed/encrypted-field-map.json → lookup/qe-encryptedFieldsMap/encryptedFieldsMap.json} +6 -7
  320. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/key-doc.json +30 -0
  321. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/reply-from-mongocryptd.json +78 -0
  322. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongocryptd.json +46 -0
  323. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongod.json +53 -0
  324. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd.json +19 -0
  325. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/collInfo-c1.json +42 -0
  326. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/key-doc.json +30 -0
  327. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/reply-from-mongocryptd.json +58 -0
  328. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongocryptd.json +66 -0
  329. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongod.json +75 -0
  330. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd.json +19 -0
  331. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c1.json +42 -0
  332. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c2.json +42 -0
  333. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/key-doc.json +30 -0
  334. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/reply-from-mongocryptd.json +78 -0
  335. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-create/mongocryptd-ismaster.json → mongocryptd-ismaster-17.json} +1 -1
  336. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-ismaster-26.json +12 -0
  337. data/ext/libmongocrypt/libmongocrypt/test/data/multikey/command.json +7 -0
  338. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/key-document.json → test/data/multikey/key-document-a.json} +18 -19
  339. data/ext/libmongocrypt/libmongocrypt/test/data/multikey/key-document-b.json +37 -0
  340. data/ext/libmongocrypt/libmongocrypt/test/data/multikey/mongocryptd_reply.json +34 -0
  341. data/ext/libmongocrypt/libmongocrypt/test/data/multikey/schema_map.json +35 -0
  342. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/kms-reply.txt → test/data/rmd/kms-decrypt-reply-429.txt} +1 -1
  343. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields.json +42 -0
  344. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields2.json +42 -0
  345. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-jsonSchema.json +43 -0
  346. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-noSchema.json +21 -0
  347. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/create-with-jsonSchema.json +24 -0
  348. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields.json +20 -0
  349. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields2.json +20 -0
  350. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFieldsMap.json +42 -0
  351. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema.json +19 -0
  352. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema2.json +19 -0
  353. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/schemaMap.json +40 -0
  354. data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +28 -2
  355. data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +28 -2
  356. data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +1 -1
  357. data/ext/libmongocrypt/libmongocrypt/test/test-mc-cmp.c +304 -0
  358. data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +70 -0
  359. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +468 -0
  360. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +20 -1
  361. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev-v2.c +370 -22
  362. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +1 -1
  363. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +25 -1
  364. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +24 -1
  365. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +2 -2
  366. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +2 -2
  367. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-tag-and-encrypted-metadata-block.c +91 -0
  368. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -7
  369. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +32 -33
  370. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +68 -75
  371. data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +2 -2
  372. data/ext/libmongocrypt/libmongocrypt/test/test-mc-schema-broker.c +1124 -0
  373. data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +1207 -0
  374. data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +144 -37
  375. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +13 -14
  376. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.h +2 -2
  377. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +21 -4
  378. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +25 -0
  379. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +3 -20
  380. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +57 -46
  381. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +37 -7
  382. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +21 -0
  383. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +226 -146
  384. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +1529 -1197
  385. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +79 -0
  386. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +160 -0
  387. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +3 -3
  388. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +7 -7
  389. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +6 -5
  390. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +750 -110
  391. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +143 -33
  392. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +39 -4
  393. data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +97 -0
  394. data/lib/libmongocrypt_helper/version.rb +2 -2
  395. metadata +233 -225
  396. data/ext/libmongocrypt/libmongocrypt/bindings/cs/CMakeLists.txt +0 -17
  397. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Driver.snk +0 -0
  398. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/AssemblyInfo.cs +0 -4
  399. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Binary.cs +0 -145
  400. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/BinarySafeHandle.cs +0 -60
  401. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CheckableSafeHandle.cs +0 -46
  402. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CipherCallbacks.cs +0 -168
  403. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/ContextSafeHandle.cs +0 -48
  404. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClient.cs +0 -257
  405. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClientFactory.cs +0 -138
  406. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptContext.cs +0 -214
  407. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptException.cs +0 -37
  408. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptOptions.cs +0 -67
  409. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HashCallback.cs +0 -59
  410. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HmacShaCallbacks.cs +0 -96
  411. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/IStatus.cs +0 -26
  412. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsCredentials.cs +0 -53
  413. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsKeyId.cs +0 -91
  414. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequest.cs +0 -125
  415. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequestCollection.cs +0 -60
  416. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Library.cs +0 -684
  417. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoader.cs +0 -289
  418. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoadingException.cs +0 -34
  419. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/License.txt +0 -14
  420. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LogLevel.cs +0 -26
  421. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoCryptSafeHandle.cs +0 -48
  422. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.csproj +0 -107
  423. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.ruleset +0 -85
  424. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.targets +0 -21
  425. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/OperatingSystemHelper.cs +0 -59
  426. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Package.include.template.csproj +0 -38
  427. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/PinnedBinary.cs +0 -49
  428. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SecureRandomCallback.cs +0 -51
  429. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SigningRSAESPKCSCallback.cs +0 -74
  430. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Status.cs +0 -94
  431. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StatusSafeHandle.cs +0 -60
  432. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StyleCop.ruleset +0 -11
  433. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/stylecop.json +0 -8
  434. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/MongoDB.Libmongocrypt.Example.csproj +0 -23
  435. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Package.include.template.csproj +0 -11
  436. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Program.cs +0 -442
  437. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BasicTests.cs +0 -748
  438. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BsonUtil.cs +0 -82
  439. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CallbackUtils.cs +0 -37
  440. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CipherCallbacksTests.cs +0 -46
  441. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HashCallbackTests.cs +0 -37
  442. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HmacShaCallbacksTests.cs +0 -37
  443. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/MongoDB.Libmongocrypt.Test.csproj +0 -37
  444. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/Package.include.template.csproj +0 -23
  445. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/SigningRSAESPKCSCallbackTests.cs +0 -64
  446. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/command-reply.json +0 -13
  447. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command-reply.json +0 -16
  448. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command.json +0 -11
  449. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-value.json +0 -6
  450. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-document.json +0 -36
  451. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-filter.json +0 -19
  452. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/list-collections-filter.json +0 -3
  453. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/mongocryptd-command.json +0 -22
  454. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/xunit.runner.json +0 -6
  455. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/BasicTests.cs +0 -54
  456. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/MongoDB.Libmongocrypt.Test32.csproj +0 -44
  457. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/Package.include.template.csproj +0 -23
  458. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.cake +0 -215
  459. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.config +0 -3
  460. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.ps1 +0 -275
  461. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.sh +0 -77
  462. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/README.md +0 -36
  463. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +0 -28
  464. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +0 -217
  465. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +0 -24
  466. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +0 -354
  467. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
  468. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +0 -5
  469. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +0 -234
  470. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +0 -89
  471. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +0 -1
  472. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/BinaryHolder.java +0 -45
  473. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +0 -1165
  474. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +0 -96
  475. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +0 -92
  476. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/DisposableMemory.java +0 -31
  477. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/JULLogger.java +0 -130
  478. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Logger.java +0 -144
  479. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Loggers.java +0 -50
  480. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MacCallback.java +0 -60
  481. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MessageDigestCallback.java +0 -55
  482. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoAwsKmsProviderOptions.java +0 -104
  483. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypt.java +0 -100
  484. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContext.java +0 -137
  485. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContextImpl.java +0 -164
  486. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptException.java +0 -67
  487. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +0 -423
  488. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptOptions.java +0 -284
  489. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypts.java +0 -38
  490. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoDataKeyOptions.java +0 -125
  491. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +0 -227
  492. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptor.java +0 -76
  493. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptorImpl.java +0 -105
  494. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoLocalKmsProviderOptions.java +0 -83
  495. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoRewrapManyDataKeyOptions.java +0 -104
  496. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SLF4JLogger.java +0 -110
  497. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SecureRandomCallback.java +0 -51
  498. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SigningRSAESPKCSCallback.java +0 -76
  499. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/package-info.java +0 -18
  500. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +0 -180
  501. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +0 -134
  502. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +0 -389
  503. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command-reply.json +0 -13
  504. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command.json +0 -6
  505. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command-reply.json +0 -16
  506. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command.json +0 -11
  507. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-value.json +0 -6
  508. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +0 -26
  509. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/key-filter.json +0 -19
  510. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/rangeopts.json +0 -14
  511. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/value-to-encrypt.json +0 -20
  512. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/json-schema.json +0 -15
  513. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter-keyAltName.json +0 -14
  514. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter.json +0 -19
  515. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/list-collections-filter.json +0 -3
  516. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-command.json +0 -22
  517. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-reply.json +0 -18
  518. data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +0 -70
  519. data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +0 -20
  520. data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-schema.json +0 -19
  521. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +0 -47
  522. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/cmd.json +0 -8
  523. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/collinfo.json +0 -9
  524. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/ismaster-to-mongocryptd.json +0 -3
  525. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload.json +0 -91
  526. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload.json +0 -98
  527. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1.json +0 -8
  528. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1.json +0 -8
  529. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key.json +0 -8
  530. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/cmd.json +0 -6
  531. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-payload.json +0 -41
  532. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/mongocryptd-reply.json +0 -19
  533. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/cmd.json +0 -10
  534. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-payload.json +0 -42
  535. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/mongocryptd-reply.json +0 -50
  536. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/cmd.json +0 -6
  537. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-field-map.json +0 -28
  538. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-payload.json +0 -42
  539. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/mongocryptd-reply.json +0 -50
  540. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/cmd.json +0 -6
  541. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-field-map.json +0 -31
  542. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-payload.json +0 -51
  543. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/mongocryptd-reply.json +0 -59
  544. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/cmd.json +0 -8
  545. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-payload.json +0 -42
  546. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/mongocryptd-reply.json +0 -50
  547. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/cmd.json +0 -8
  548. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-field-map.json +0 -31
  549. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-payload.json +0 -45
  550. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/mongocryptd-reply.json +0 -53
  551. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/cmd.json +0 -8
  552. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-payload.json +0 -42
  553. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/mongocryptd-reply.json +0 -50
  554. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/cmd.json +0 -8
  555. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-field-map.json +0 -28
  556. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-payload.json +0 -42
  557. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/mongocryptd-reply.json +0 -50
  558. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload.json +0 -26
  559. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload.json +0 -26
  560. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
  561. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -26
  562. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload.json +0 -16
  563. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/cmd.json +0 -13
  564. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-field-map.json +0 -28
  565. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-payload.json +0 -45
  566. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/mongocryptd-reply.json +0 -53
  567. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/cmd.json +0 -9
  568. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-field-map.json +0 -28
  569. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-payload.json +0 -45
  570. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/mongocryptd-reply.json +0 -53
  571. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/cmd.json +0 -9
  572. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-field-map.json +0 -31
  573. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-payload.json +0 -54
  574. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/mongocryptd-reply.json +0 -62
  575. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/cmd.json +0 -11
  576. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-field-map.json +0 -28
  577. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-payload.json +0 -45
  578. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/mongocryptd-reply.json +0 -53
  579. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/cmd.json +0 -11
  580. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-field-map.json +0 -31
  581. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-payload.json +0 -48
  582. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/mongocryptd-reply.json +0 -56
  583. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-payload.json +0 -45
  584. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/mongocryptd-reply.json +0 -53
  585. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/cmd.json +0 -11
  586. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-field-map.json +0 -28
  587. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-payload.json +0 -45
  588. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/mongocryptd-reply.json +0 -53
  589. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload.json +0 -8
  590. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload.json +0 -8
  591. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -8
  592. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload.json +0 -8
  593. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/cmd.json +0 -9
  594. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-payload.json +0 -14
  595. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/mongocryptd-reply.json +0 -46
  596. data/ext/libmongocrypt/libmongocrypt/test/data/schema.json +0 -19
  597. /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/find-indexed.json → explicit-decrypt/FLE2FindEqualityPayload.json} +0 -0
  598. /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-text-search-with-str-encode-version}/cmd.json +0 -0
@@ -18,7 +18,9 @@
18
18
 
19
19
  #include "kms_message/kms_b64.h"
20
20
  #include "mongocrypt-crypto-private.h" // MONGOCRYPT_KEY_LEN
21
+ #include "mongocrypt.h"
21
22
  #include "test-mongocrypt-assert-match-bson.h"
23
+ #include "test-mongocrypt-assert.h"
22
24
  #include "test-mongocrypt-crypto-std-hooks.h"
23
25
  #include "test-mongocrypt.h"
24
26
 
@@ -507,9 +509,7 @@ static void _test_encrypt_need_markings(_mongocrypt_tester_t *tester) {
507
509
 
508
510
  static void _test_encrypt_csfle_no_needs_markings(_mongocrypt_tester_t *tester) {
509
511
  if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
510
- fputs("No 'real' csfle library is available. The "
511
- "_test_encrypt_csfle_no_needs_markings test is a no-op.",
512
- stderr);
512
+ TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
513
513
  return;
514
514
  }
515
515
 
@@ -616,7 +616,7 @@ static void _test_view(_mongocrypt_tester_t *tester) {
616
616
 
617
617
  crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
618
618
  ctx = mongocrypt_ctx_new(crypt);
619
- ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
619
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_BSON(BSON_STR({"find" : "v", "filter" : {}}))), ctx);
620
620
  _mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
621
621
  ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/collection-info-view.json")),
622
622
  ctx,
@@ -755,6 +755,32 @@ static void _test_encrypt_caches_keys(_mongocrypt_tester_t *tester) {
755
755
  mongocrypt_destroy(crypt);
756
756
  }
757
757
 
758
+ static void _test_encrypt_cache_expiration(_mongocrypt_tester_t *tester) {
759
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_SHORT_CACHE);
760
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
761
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
762
+ _mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_DONE);
763
+ mongocrypt_ctx_destroy(ctx);
764
+
765
+ // Sleep to trigger cache expiration.
766
+ // Cache entries expire after 1ms, but use 20ms to avoid timing errors observed on Windows distros: CDRIVER-4526
767
+ _usleep(20 * 1000);
768
+ /* The next context requests keys again
769
+ */
770
+ ctx = mongocrypt_ctx_new(crypt);
771
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
772
+ _mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
773
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/example/mongocryptd-reply.json")), ctx);
774
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
775
+ BSON_ASSERT(mongocrypt_ctx_state(ctx) == MONGOCRYPT_CTX_NEED_MONGO_KEYS);
776
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/example/key-document.json")), ctx);
777
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
778
+ _mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_DONE);
779
+
780
+ mongocrypt_ctx_destroy(ctx);
781
+ mongocrypt_destroy(crypt);
782
+ }
783
+
758
784
  static void _test_encrypt_caches_keys_by_alt_name(_mongocrypt_tester_t *tester) {
759
785
  mongocrypt_t *crypt;
760
786
  mongocrypt_ctx_t *ctx;
@@ -979,28 +1005,8 @@ static void _test_encrypt_invalid_siblings(_mongocrypt_tester_t *tester) {
979
1005
  ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
980
1006
 
981
1007
  BSON_ASSERT(MONGOCRYPT_CTX_NEED_MONGO_MARKINGS == mongocrypt_ctx_state(ctx));
982
- ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/example/mongocryptd-reply.json")),
983
- ctx,
984
- "JSON schema validator has siblings");
985
-
986
- mongocrypt_ctx_destroy(ctx);
987
- mongocrypt_destroy(crypt);
988
- }
989
-
990
- static void _test_encrypt_dupe_jsonschema(_mongocrypt_tester_t *tester) {
991
- mongocrypt_t *crypt;
992
- mongocrypt_ctx_t *ctx;
993
-
994
- crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
995
- ctx = mongocrypt_ctx_new(crypt);
996
- ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
997
-
998
- BSON_ASSERT(MONGOCRYPT_CTX_NEED_MONGO_COLLINFO == mongocrypt_ctx_state(ctx));
999
- ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx,
1000
- TEST_BSON("{'options': {'validator': { '$jsonSchema': {}, "
1001
- "'$jsonSchema': {} } } }")),
1002
- ctx,
1003
- "duplicate $jsonSchema");
1008
+ // MONGOCRYPT-771 removes checks for sibling validators.
1009
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/example/mongocryptd-reply.json")), ctx);
1004
1010
 
1005
1011
  mongocrypt_ctx_destroy(ctx);
1006
1012
  mongocrypt_destroy(crypt);
@@ -1302,9 +1308,6 @@ static void _test_encrypt_with_encrypted_field_config_map(_mongocrypt_tester_t *
1302
1308
  mongocrypt_setopt_kms_providers(crypt, TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
1303
1309
  crypt);
1304
1310
  ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_BSON("{'db.coll': {'fields': []}}")), crypt);
1305
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
1306
- // QEv1 is still supported.
1307
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
1308
1311
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
1309
1312
 
1310
1313
  /* Test encrypting a command on a collection present in the encrypted field
@@ -1412,9 +1415,6 @@ static void _test_encrypt_remote_encryptedfields(_mongocrypt_tester_t *tester) {
1412
1415
  ASSERT_OK(
1413
1416
  mongocrypt_setopt_kms_providers(crypt, TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
1414
1417
  crypt);
1415
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
1416
- // QEv1 is still supported.
1417
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
1418
1418
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
1419
1419
  /* Test success. */
1420
1420
  {
@@ -1477,9 +1477,6 @@ static void _test_encrypt_remote_encryptedfields(_mongocrypt_tester_t *tester) {
1477
1477
  mongocrypt_setopt_kms_providers(crypt,
1478
1478
  TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
1479
1479
  crypt);
1480
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
1481
- // QEv1 is still supported.
1482
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
1483
1480
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
1484
1481
  ctx = mongocrypt_ctx_new(crypt);
1485
1482
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-find-explicit/cmd.json")),
@@ -1527,9 +1524,6 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
1527
1524
  crypt);
1528
1525
  ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_BSON("{'db.coll': {'fields': []}}")), crypt);
1529
1526
  mongocrypt_setopt_bypass_query_analysis(crypt);
1530
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
1531
- // QEv1 is still supported.
1532
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
1533
1527
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
1534
1528
 
1535
1529
  ctx = mongocrypt_ctx_new(crypt);
@@ -1559,9 +1553,6 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
1559
1553
  TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
1560
1554
  crypt);
1561
1555
  mongocrypt_setopt_bypass_query_analysis(crypt);
1562
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
1563
- // QEv1 is still supported.
1564
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
1565
1556
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
1566
1557
 
1567
1558
  ctx = mongocrypt_ctx_new(crypt);
@@ -1570,7 +1561,9 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
1570
1561
 
1571
1562
  ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
1572
1563
  {
1573
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_BSON("{'options': {'encryptedFields': {'fields': []}}}")),
1564
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(
1565
+ ctx,
1566
+ TEST_BSON("{'name': 'coll', 'options': {'encryptedFields': {'fields': []}}}")),
1574
1567
  ctx);
1575
1568
  ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
1576
1569
  }
@@ -1590,301 +1583,6 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
1590
1583
  }
1591
1584
  }
1592
1585
 
1593
- static void _test_FLE2EncryptionPlaceholder_parse(_mongocrypt_tester_t *tester) {
1594
- mc_FLE2EncryptionPlaceholder_t placeholder;
1595
- bson_t as_bson;
1596
- mongocrypt_status_t *status;
1597
- _mongocrypt_buffer_t buf;
1598
-
1599
- status = mongocrypt_status_new();
1600
- _mongocrypt_buffer_copy_from_hex(&buf,
1601
- "03610000001074000100000010610002000000056b690010000000041234567812349876"
1602
- "1234123456789012056b75001000000004abcdefab123498761234123456789012027600"
1603
- "0900000076616c75653132330012636d00000000000000000000");
1604
- ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
1605
- mc_FLE2EncryptionPlaceholder_init(&placeholder);
1606
- ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
1607
-
1608
- ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
1609
- ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_EQUALITY);
1610
- ASSERT(BSON_ITER_HOLDS_UTF8(&placeholder.v_iter));
1611
- ASSERT_STREQUAL(bson_iter_utf8(&placeholder.v_iter, NULL), "value123");
1612
-
1613
- _mongocrypt_buffer_t expect_index_key_id;
1614
- _mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
1615
- ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
1616
- _mongocrypt_buffer_cleanup(&expect_index_key_id);
1617
-
1618
- _mongocrypt_buffer_t expect_user_key_id;
1619
- _mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
1620
- ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
1621
- _mongocrypt_buffer_cleanup(&expect_user_key_id);
1622
-
1623
- ASSERT(placeholder.maxContentionFactor == 0);
1624
-
1625
- mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
1626
- _mongocrypt_buffer_cleanup(&buf);
1627
- mongocrypt_status_destroy(status);
1628
- }
1629
-
1630
- static void _test_FLE2EncryptionPlaceholder_range_parse(_mongocrypt_tester_t *tester) {
1631
- // Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT.
1632
- {
1633
- mc_FLE2EncryptionPlaceholder_t placeholder;
1634
- bson_t as_bson;
1635
- mongocrypt_status_t *status;
1636
- _mongocrypt_buffer_t buf;
1637
-
1638
- status = mongocrypt_status_new();
1639
- _mongocrypt_buffer_copy_from_hex(&buf,
1640
- "037d0000001074000100000010610003000000056b690010000000041234567812349"
1641
- "8761234123456789012056b75001000000004abcdefab123498761234123456789012"
1642
- "0376001e00000010760040e20100106d696e0000000000106d61780087d6120000126"
1643
- "36d000000000000000000127300010000000000000000");
1644
- ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
1645
- mc_FLE2EncryptionPlaceholder_init(&placeholder);
1646
- ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
1647
-
1648
- ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
1649
- ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
1650
-
1651
- _mongocrypt_buffer_t expect_index_key_id;
1652
- _mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
1653
- ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
1654
- _mongocrypt_buffer_cleanup(&expect_index_key_id);
1655
-
1656
- _mongocrypt_buffer_t expect_user_key_id;
1657
- _mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
1658
- ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
1659
- _mongocrypt_buffer_cleanup(&expect_user_key_id);
1660
-
1661
- ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
1662
-
1663
- // Parse FLE2RangeInsertSpec.
1664
- {
1665
- mc_FLE2RangeInsertSpec_t spec;
1666
-
1667
- ASSERT_OK_STATUS(mc_FLE2RangeInsertSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
1668
- status);
1669
-
1670
- ASSERT(BSON_ITER_HOLDS_INT32(&spec.v));
1671
- ASSERT_CMPINT32(bson_iter_int32(&spec.v), ==, 123456);
1672
-
1673
- ASSERT(BSON_ITER_HOLDS_INT32(&spec.min));
1674
- ASSERT_CMPINT32(bson_iter_int32(&spec.min), ==, 0);
1675
-
1676
- ASSERT(BSON_ITER_HOLDS_INT32(&spec.max));
1677
- ASSERT_CMPINT32(bson_iter_int32(&spec.max), ==, 1234567);
1678
- }
1679
-
1680
- mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
1681
- _mongocrypt_buffer_cleanup(&buf);
1682
- mongocrypt_status_destroy(status);
1683
- }
1684
-
1685
- // Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND.
1686
- {
1687
- mc_FLE2EncryptionPlaceholder_t placeholder;
1688
- bson_t as_bson;
1689
- mongocrypt_status_t *status;
1690
- _mongocrypt_buffer_t buf;
1691
-
1692
- status = mongocrypt_status_new();
1693
- _mongocrypt_buffer_copy_from_hex(&buf,
1694
- "03ec0000001074000200000010610003000000056b690010000000041234567812349"
1695
- "8761234123456789012056b75001000000004abcdefab123498761234123456789012"
1696
- "0376008d000000036564676573496e666f005b000000106c6f776572426f756e64000"
1697
- "0000000086c62496e636c756465640001107570706572426f756e640087d612000875"
1698
- "62496e636c75646564000110696e6465784d696e000000000010696e6465784d61780"
1699
- "087d6120000107061796c6f6164496400d20400001066697273744f70657261746f72"
1700
- "00010000000012636d000000000000000000127300010000000000000000");
1701
- ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
1702
- mc_FLE2EncryptionPlaceholder_init(&placeholder);
1703
- ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
1704
-
1705
- ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
1706
- ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
1707
-
1708
- _mongocrypt_buffer_t expect_index_key_id;
1709
- _mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
1710
- ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
1711
- _mongocrypt_buffer_cleanup(&expect_index_key_id);
1712
-
1713
- _mongocrypt_buffer_t expect_user_key_id;
1714
- _mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
1715
- ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
1716
- _mongocrypt_buffer_cleanup(&expect_user_key_id);
1717
-
1718
- ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
1719
-
1720
- // Parse FLE2RangeFindSpec.
1721
- {
1722
- mc_FLE2RangeFindSpec_t spec;
1723
-
1724
- ASSERT_OK_STATUS(mc_FLE2RangeFindSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
1725
- status);
1726
-
1727
- ASSERT(spec.edgesInfo.set);
1728
-
1729
- ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.lowerBound));
1730
- ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.lowerBound), ==, 0);
1731
- ASSERT(spec.edgesInfo.value.lbIncluded);
1732
-
1733
- ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.upperBound));
1734
- ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.upperBound), ==, 1234567);
1735
- ASSERT(spec.edgesInfo.value.ubIncluded);
1736
-
1737
- ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.indexMin));
1738
- ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.indexMin), ==, 0);
1739
- ASSERT(spec.edgesInfo.value.ubIncluded);
1740
-
1741
- ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.indexMax));
1742
- ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.indexMax), ==, 1234567);
1743
- ASSERT(spec.edgesInfo.value.ubIncluded);
1744
-
1745
- ASSERT_CMPINT32(spec.payloadId, ==, 1234);
1746
-
1747
- ASSERT_CMPINT(spec.firstOperator, ==, FLE2RangeOperator_kGt);
1748
- ASSERT_CMPINT(spec.secondOperator, ==, FLE2RangeOperator_kNone);
1749
- }
1750
-
1751
- mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
1752
- _mongocrypt_buffer_cleanup(&buf);
1753
- mongocrypt_status_destroy(status);
1754
- }
1755
-
1756
- // Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND with precision.
1757
- {
1758
- mc_FLE2EncryptionPlaceholder_t placeholder;
1759
- bson_t as_bson;
1760
- mongocrypt_status_t *status;
1761
- _mongocrypt_buffer_t buf;
1762
-
1763
- status = mongocrypt_status_new();
1764
- _mongocrypt_buffer_copy_from_hex(&buf,
1765
- "030b0100001074000200000010610003000000056b690010000000041234567812349"
1766
- "8761234123456789012056b75001000000004abcdefab123498761234123456789012"
1767
- "037600ac000000036564676573496e666f007a000000016c6f776572426f756e64000"
1768
- "000000000000000086c62496e636c756465640001017570706572426f756e64000000"
1769
- "000000006940087562496e636c75646564000110707265636973696f6e00020000000"
1770
- "1696e6465784d696e00000000000000000001696e6465784d61780000000000000069"
1771
- "4000107061796c6f6164496400d20400001066697273744f70657261746f720001000"
1772
- "0000012636d000000000000000000127300010000000000000000");
1773
- ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
1774
- mc_FLE2EncryptionPlaceholder_init(&placeholder);
1775
- ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
1776
-
1777
- ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
1778
- ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
1779
-
1780
- _mongocrypt_buffer_t expect_index_key_id;
1781
- _mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
1782
- ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
1783
- _mongocrypt_buffer_cleanup(&expect_index_key_id);
1784
-
1785
- _mongocrypt_buffer_t expect_user_key_id;
1786
- _mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
1787
- ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
1788
- _mongocrypt_buffer_cleanup(&expect_user_key_id);
1789
-
1790
- ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
1791
-
1792
- // Parse FLE2RangeFindSpec.
1793
- {
1794
- mc_FLE2RangeFindSpec_t spec;
1795
-
1796
- ASSERT_OK_STATUS(mc_FLE2RangeFindSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
1797
- status);
1798
-
1799
- ASSERT(spec.edgesInfo.set);
1800
-
1801
- ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.lowerBound));
1802
- ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.lowerBound), ==, 0.0);
1803
- ASSERT(spec.edgesInfo.value.lbIncluded);
1804
-
1805
- ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.upperBound));
1806
- ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.upperBound), ==, 200.0);
1807
- ASSERT(spec.edgesInfo.value.ubIncluded);
1808
-
1809
- ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.indexMin));
1810
- ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.indexMin), ==, 0);
1811
- ASSERT(spec.edgesInfo.value.ubIncluded);
1812
-
1813
- ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.indexMax));
1814
- ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.indexMax), ==, 200.0);
1815
- ASSERT(spec.edgesInfo.value.ubIncluded);
1816
-
1817
- ASSERT_CMPDOUBLE(spec.payloadId, ==, 1234);
1818
-
1819
- ASSERT_CMPINT(spec.firstOperator, ==, FLE2RangeOperator_kGt);
1820
- ASSERT(spec.edgesInfo.value.precision.set);
1821
- ASSERT_CMPUINT32(spec.edgesInfo.value.precision.value, ==, 2);
1822
- }
1823
-
1824
- mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
1825
- _mongocrypt_buffer_cleanup(&buf);
1826
- mongocrypt_status_destroy(status);
1827
- }
1828
-
1829
- // Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT with precision.
1830
- {
1831
- mc_FLE2EncryptionPlaceholder_t placeholder;
1832
- bson_t as_bson;
1833
- mongocrypt_status_t *status;
1834
- _mongocrypt_buffer_t buf;
1835
-
1836
- status = mongocrypt_status_new();
1837
- _mongocrypt_buffer_copy_from_hex(&buf,
1838
- "03980000001074000100000010610003000000056b690010000000041234567812349"
1839
- "8761234123456789012056b75001000000004abcdefab123498761234123456789012"
1840
- "0376003900000001760077be9f1a2fdd5e40016d696e000000000000000000016d617"
1841
- "800000000000000694010707265636973696f6e00020000000012636d000000000000"
1842
- "000000127300010000000000000000");
1843
- ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
1844
- mc_FLE2EncryptionPlaceholder_init(&placeholder);
1845
- ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
1846
-
1847
- ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
1848
- ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
1849
-
1850
- _mongocrypt_buffer_t expect_index_key_id;
1851
- _mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
1852
- ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
1853
- _mongocrypt_buffer_cleanup(&expect_index_key_id);
1854
-
1855
- _mongocrypt_buffer_t expect_user_key_id;
1856
- _mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
1857
- ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
1858
- _mongocrypt_buffer_cleanup(&expect_user_key_id);
1859
-
1860
- ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
1861
-
1862
- // Parse FLE2RangeInsertSpec.
1863
- {
1864
- mc_FLE2RangeInsertSpec_t spec;
1865
-
1866
- ASSERT_OK_STATUS(mc_FLE2RangeInsertSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
1867
- status);
1868
-
1869
- ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.v));
1870
- ASSERT_CMPDOUBLE(bson_iter_double(&spec.v), ==, 123.456);
1871
-
1872
- ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.min));
1873
- ASSERT_CMPDOUBLE(bson_iter_double(&spec.min), ==, 0.0);
1874
-
1875
- ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.max));
1876
- ASSERT_CMPDOUBLE(bson_iter_double(&spec.max), ==, 200.0);
1877
-
1878
- ASSERT(spec.precision.set);
1879
- ASSERT_CMPUINT32(spec.precision.value, ==, 2);
1880
- }
1881
-
1882
- mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
1883
- _mongocrypt_buffer_cleanup(&buf);
1884
- mongocrypt_status_destroy(status);
1885
- }
1886
- }
1887
-
1888
1586
  // Shared implementation for insert and find tests
1889
1587
  typedef struct {
1890
1588
  _mongocrypt_buffer_t buf;
@@ -1906,27 +1604,18 @@ static bool _test_rng_source(void *ctx, mongocrypt_binary_t *out, uint32_t count
1906
1604
 
1907
1605
  typedef enum {
1908
1606
  kFLE2v2Default,
1909
- kFLE2v2Disable,
1910
1607
  kFLE2v2Enable,
1911
1608
  } _test_fle2v2_option;
1912
1609
 
1913
1610
  #define TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, data_path, rng_source, v2_failure) \
1914
1611
  { \
1915
1612
  (rng_source)->pos = 0; \
1916
- _test_encrypt_fle2_encryption_placeholder(tester, data_path, rng_source, kFLE2v2Disable, NULL); \
1917
- char v2path[4096]; \
1918
- /* transitional: Use v1 data path if expecting failure */ \
1919
- ASSERT(snprintf(v2path, sizeof(v2path), "%s%s", data_path, v2_failure ? "" : "-v2")); \
1920
- (rng_source)->pos = 0; \
1921
- _test_encrypt_fle2_encryption_placeholder(tester, v2path, rng_source, kFLE2v2Default, NULL); \
1922
- (rng_source)->pos = 0; \
1923
- _test_encrypt_fle2_encryption_placeholder(tester, v2path, rng_source, kFLE2v2Enable, v2_failure); \
1613
+ _test_encrypt_fle2_encryption_placeholder(tester, data_path, rng_source, NULL); \
1924
1614
  }
1925
1615
 
1926
1616
  static void _test_encrypt_fle2_encryption_placeholder(_mongocrypt_tester_t *tester,
1927
1617
  const char *data_path,
1928
1618
  _test_rng_data_source *rng_source,
1929
- _test_fle2v2_option test_fle2v2_option,
1930
1619
  const char *finalize_failure) {
1931
1620
  mongocrypt_t *crypt;
1932
1621
  char pathbuf[2048];
@@ -1939,7 +1628,7 @@ static void _test_encrypt_fle2_encryption_placeholder(_mongocrypt_tester_t *test
1939
1628
  ((void)0)
1940
1629
 
1941
1630
  if (!_aes_ctr_is_supported_by_os) {
1942
- printf("Common Crypto with no CTR support detected. Skipping.");
1631
+ TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
1943
1632
  return;
1944
1633
  }
1945
1634
 
@@ -1951,9 +1640,6 @@ static void _test_encrypt_fle2_encryption_placeholder(_mongocrypt_tester_t *test
1951
1640
  mongocrypt_binary_t *localkey;
1952
1641
 
1953
1642
  crypt = mongocrypt_new();
1954
- if (test_fle2v2_option == kFLE2v2Disable) {
1955
- ASSERT(mongocrypt_setopt_fle2v2(crypt, false));
1956
- }
1957
1643
  mongocrypt_setopt_log_handler(crypt, _mongocrypt_stdout_log_fn, NULL);
1958
1644
  localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
1959
1645
  ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
@@ -2030,7 +1716,28 @@ static void _test_encrypt_fle2_insert_payload(_mongocrypt_tester_t *tester) {
2030
1716
  uint8_t rng_data[] = RNG_DATA;
2031
1717
 
2032
1718
  _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2033
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert", &source, NULL)
1719
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-v2", &source, NULL)
1720
+ }
1721
+
1722
+ static void _test_encrypt_fle2_insert_payload_with_str_encode_version(_mongocrypt_tester_t *tester) {
1723
+ uint8_t rng_data[] = RNG_DATA;
1724
+
1725
+ _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
1726
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-v2-with-str-encode-version", &source, NULL)
1727
+ }
1728
+
1729
+ static void _test_encrypt_fle2_insert_text_search_payload(_mongocrypt_tester_t *tester) {
1730
+ uint8_t rng_data[] = RNG_DATA;
1731
+
1732
+ _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
1733
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-text-search", &source, NULL)
1734
+ }
1735
+
1736
+ static void _test_encrypt_fle2_insert_text_search_payload_with_str_encode_version(_mongocrypt_tester_t *tester) {
1737
+ uint8_t rng_data[] = RNG_DATA;
1738
+
1739
+ _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
1740
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-text-search-with-str-encode-version", &source, NULL)
2034
1741
  }
2035
1742
 
2036
1743
  #undef RNG_DATA
@@ -2038,7 +1745,7 @@ static void _test_encrypt_fle2_insert_payload(_mongocrypt_tester_t *tester) {
2038
1745
  // FLE2FindEqualityPayload only uses deterministic token generation.
2039
1746
  static void _test_encrypt_fle2_find_payload(_mongocrypt_tester_t *tester) {
2040
1747
  _test_rng_data_source source = {{0}};
2041
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-equality", &source, NULL)
1748
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-equality-v2", &source, NULL)
2042
1749
  }
2043
1750
 
2044
1751
  /* 16 bytes of random data are used for IV. This IV produces the expected test
@@ -2048,7 +1755,7 @@ static void _test_encrypt_fle2_find_payload(_mongocrypt_tester_t *tester) {
2048
1755
  static void _test_encrypt_fle2_unindexed_encrypted_payload(_mongocrypt_tester_t *tester) {
2049
1756
  uint8_t rng_data[] = RNG_DATA;
2050
1757
  _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2051
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-unindexed", &source, NULL);
1758
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-unindexed-v2", &source, NULL);
2052
1759
  }
2053
1760
 
2054
1761
  #undef RNG_DATA
@@ -2058,7 +1765,7 @@ static void _test_encrypt_fle2_unindexed_encrypted_payload(_mongocrypt_tester_t
2058
1765
  static void _test_encrypt_fle2_insert_range_payload_int32(_mongocrypt_tester_t *tester) {
2059
1766
  uint8_t rng_data[] = RNG_DATA;
2060
1767
  _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2061
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int32", &source, NULL)
1768
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int32-v2", &source, NULL)
2062
1769
  }
2063
1770
 
2064
1771
  #undef RNG_DATA
@@ -2068,7 +1775,7 @@ static void _test_encrypt_fle2_insert_range_payload_int32(_mongocrypt_tester_t *
2068
1775
  static void _test_encrypt_fle2_insert_range_payload_int64(_mongocrypt_tester_t *tester) {
2069
1776
  uint8_t rng_data[] = RNG_DATA;
2070
1777
  _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2071
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int64", &source, NULL)
1778
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int64-v2", &source, NULL)
2072
1779
  }
2073
1780
 
2074
1781
  #undef RNG_DATA
@@ -2078,7 +1785,7 @@ static void _test_encrypt_fle2_insert_range_payload_int64(_mongocrypt_tester_t *
2078
1785
  static void _test_encrypt_fle2_insert_range_payload_date(_mongocrypt_tester_t *tester) {
2079
1786
  uint8_t rng_data[] = RNG_DATA;
2080
1787
  _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2081
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/date", &source, NULL)
1788
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/date-v2", &source, NULL)
2082
1789
  }
2083
1790
 
2084
1791
  #undef RNG_DATA
@@ -2088,7 +1795,7 @@ static void _test_encrypt_fle2_insert_range_payload_date(_mongocrypt_tester_t *t
2088
1795
  static void _test_encrypt_fle2_insert_range_payload_double(_mongocrypt_tester_t *tester) {
2089
1796
  uint8_t rng_data[] = RNG_DATA;
2090
1797
  _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2091
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double", &source, NULL)
1798
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double-v2", &source, NULL)
2092
1799
  }
2093
1800
 
2094
1801
  #undef RNG_DATA
@@ -2098,7 +1805,7 @@ static void _test_encrypt_fle2_insert_range_payload_double(_mongocrypt_tester_t
2098
1805
  static void _test_encrypt_fle2_insert_range_payload_double_precision(_mongocrypt_tester_t *tester) {
2099
1806
  uint8_t rng_data[] = RNG_DATA;
2100
1807
  _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2101
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double-precision", &source, NULL)
1808
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double-precision-v2", &source, NULL)
2102
1809
  }
2103
1810
 
2104
1811
  #undef RNG_DATA
@@ -2109,7 +1816,7 @@ static void _test_encrypt_fle2_insert_range_payload_double_precision(_mongocrypt
2109
1816
  static void _test_encrypt_fle2_insert_range_payload_decimal128(_mongocrypt_tester_t *tester) {
2110
1817
  uint8_t rng_data[] = RNG_DATA;
2111
1818
  _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2112
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128", &source, NULL)
1819
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128-v2", &source, NULL)
2113
1820
  }
2114
1821
 
2115
1822
  #undef RNG_DATA
@@ -2119,7 +1826,7 @@ static void _test_encrypt_fle2_insert_range_payload_decimal128(_mongocrypt_teste
2119
1826
  static void _test_encrypt_fle2_insert_range_payload_decimal128_precision(_mongocrypt_tester_t *tester) {
2120
1827
  uint8_t rng_data[] = RNG_DATA;
2121
1828
  _test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2122
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128-precision", &source, NULL)
1829
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128-precision-v2", &source, NULL)
2123
1830
  }
2124
1831
 
2125
1832
  #undef RNG_DATA
@@ -2128,48 +1835,48 @@ static void _test_encrypt_fle2_insert_range_payload_decimal128_precision(_mongoc
2128
1835
  // FLE2FindRangePayload only uses deterministic token generation.
2129
1836
  static void _test_encrypt_fle2_find_range_payload_int32(_mongocrypt_tester_t *tester) {
2130
1837
  _test_rng_data_source source = {{0}};
2131
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int32", &source, NULL)
1838
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int32-v2", &source, NULL)
2132
1839
  }
2133
1840
 
2134
1841
  // FLE2FindRangePayload only uses deterministic token generation.
2135
1842
  static void _test_encrypt_fle2_find_range_payload_int64(_mongocrypt_tester_t *tester) {
2136
1843
  _test_rng_data_source source = {{0}};
2137
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int64", &source, NULL)
1844
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int64-v2", &source, NULL)
2138
1845
  }
2139
1846
 
2140
1847
  // FLE2FindRangePayload only uses deterministic token generation.
2141
1848
  static void _test_encrypt_fle2_find_range_payload_date(_mongocrypt_tester_t *tester) {
2142
1849
  _test_rng_data_source source = {{0}};
2143
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/date", &source, NULL)
1850
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/date-v2", &source, NULL)
2144
1851
  }
2145
1852
 
2146
1853
  // FLE2FindRangePayload only uses deterministic token generation.
2147
1854
  static void _test_encrypt_fle2_find_range_payload_double(_mongocrypt_tester_t *tester) {
2148
1855
  _test_rng_data_source source = {{0}};
2149
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double", &source, NULL)
1856
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double-v2", &source, NULL)
2150
1857
  }
2151
1858
 
2152
1859
  // FLE2FindRangePayload only uses deterministic token generation.
2153
1860
  static void _test_encrypt_fle2_find_range_payload_double_precision(_mongocrypt_tester_t *tester) {
2154
1861
  _test_rng_data_source source = {{0}};
2155
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double-precision", &source, NULL)
1862
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double-precision-v2", &source, NULL)
2156
1863
  }
2157
1864
 
2158
1865
  #if MONGOCRYPT_HAVE_DECIMAL128_SUPPORT
2159
1866
  // FLE2FindRangePayload only uses deterministic token generation.
2160
1867
  static void _test_encrypt_fle2_find_range_payload_decimal128(_mongocrypt_tester_t *tester) {
2161
1868
  _test_rng_data_source source = {{0}};
2162
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128", &source, NULL)
1869
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128-v2", &source, NULL)
2163
1870
  }
2164
1871
 
2165
1872
  // FLE2FindRangePayload only uses deterministic token generation.
2166
1873
  static void _test_encrypt_fle2_find_range_payload_decimal128_precision(_mongocrypt_tester_t *tester) {
2167
1874
  _test_rng_data_source source = {{0}};
2168
- TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128-precision", &source, NULL)
1875
+ TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128-precision-v2", &source, NULL)
2169
1876
  }
2170
1877
  #endif // MONGOCRYPT_HAVE_DECIMAL128_SUPPORT
2171
1878
 
2172
- static mongocrypt_t *_crypt_with_rng(_test_rng_data_source *rng_source, bool use_v2, bool use_range_v2) {
1879
+ static mongocrypt_t *_crypt_with_rng(_test_rng_data_source *rng_source, bool use_range_v2) {
2173
1880
  mongocrypt_t *crypt;
2174
1881
  mongocrypt_binary_t *localkey;
2175
1882
  /* localkey_data is the KEK used to encrypt the keyMaterial
@@ -2191,9 +1898,6 @@ static mongocrypt_t *_crypt_with_rng(_test_rng_data_source *rng_source, bool use
2191
1898
  crypt);
2192
1899
 
2193
1900
  mongocrypt_binary_destroy(localkey);
2194
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
2195
- // QEv1 is still supported.
2196
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, use_v2), crypt);
2197
1901
  if (use_range_v2) {
2198
1902
  ASSERT_OK(mongocrypt_setopt_use_range_v2(crypt), crypt);
2199
1903
  ASSERT_OK(mongocrypt_init(crypt), crypt);
@@ -2218,25 +1922,20 @@ typedef struct {
2218
1922
  const char *expect_finalize_error;
2219
1923
  const char *expect_init_error;
2220
1924
  bool is_expression;
2221
- bool use_v2;
2222
1925
  bool use_range_v2;
2223
1926
  } ee_testcase;
2224
1927
 
2225
1928
  static void ee_testcase_run(ee_testcase *tc) {
2226
- printf(" explicit_encryption_finalize test case: %s ... begin\n", tc->desc);
1929
+ TEST_PRINTF(" explicit_encryption_finalize test case: %s ... begin\n", tc->desc);
2227
1930
  extern void mc_reset_payloadId_for_testing(void);
2228
1931
  mc_reset_payloadId_for_testing();
2229
1932
  mongocrypt_t *crypt;
2230
1933
  if (tc->rng_data.buf.len > 0) {
2231
1934
  // Use fixed data for random number generation to produce deterministic
2232
1935
  // results.
2233
- crypt = _crypt_with_rng(&tc->rng_data, tc->use_v2, tc->use_range_v2);
1936
+ crypt = _crypt_with_rng(&tc->rng_data, tc->use_range_v2);
2234
1937
  } else {
2235
1938
  tester_mongocrypt_flags flags = TESTER_MONGOCRYPT_DEFAULT;
2236
- // TODO(MONGOCRYPT-572): Remove tests cases for QEv1.
2237
- if (!tc->use_v2) {
2238
- flags |= TESTER_MONGOCRYPT_WITH_CRYPT_V1;
2239
- }
2240
1939
  if (tc->use_range_v2) {
2241
1940
  flags |= TESTER_MONGOCRYPT_WITH_RANGE_V2;
2242
1941
  }
@@ -2305,7 +2004,7 @@ static void ee_testcase_run(ee_testcase *tc) {
2305
2004
  }
2306
2005
 
2307
2006
  cleanup:
2308
- printf(" explicit_encryption_finalize test case: %s ... end\n", tc->desc);
2007
+ TEST_PRINTF(" explicit_encryption_finalize test case: %s ... end\n", tc->desc);
2309
2008
  mongocrypt_ctx_destroy(ctx);
2310
2009
  mongocrypt_destroy(crypt);
2311
2010
  }
@@ -2316,7 +2015,7 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2316
2015
  _mongocrypt_buffer_t key123_id;
2317
2016
 
2318
2017
  if (!_aes_ctr_is_supported_by_os) {
2319
- printf("Common Crypto with no CTR support detected. Skipping.");
2018
+ TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
2320
2019
  return;
2321
2020
  }
2322
2021
 
@@ -2330,26 +2029,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2330
2029
  "12345678123498761234123456789012-local-"
2331
2030
  "document.json");
2332
2031
 
2333
- {
2334
- ee_testcase tc = {0};
2335
- tc.desc = "Unindexed";
2336
- #define RNG_DATA "\x4d\x06\x95\x64\xf5\xa0\x5e\x9e\x35\x23\xb9\x8f\x57\x5a\xcb\x15"
2337
- uint8_t rng_data[] = RNG_DATA;
2338
- tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2339
- #undef RNG_DATA
2340
- tc.algorithm = MONGOCRYPT_ALGORITHM_UNINDEXED_STR;
2341
- tc.user_key_id = &keyABC_id;
2342
- tc.index_key_id = &key123_id;
2343
- tc.msg = TEST_BSON("{'v': 'value123'}");
2344
- tc.keys_to_feed[0] = keyABC;
2345
- tc.keys_to_feed[1] = key123;
2346
- tc.expect = TEST_BSON("{'v': { '$binary': { 'base64': "
2347
- "'BqvN76sSNJh2EjQSNFZ4kBICTQaVZPWgXp41I7mPV1rLFTtw1tXzjc"
2348
- "dSEyxpKKqujlko5TeizkB9hHQ009dVY1+fgIiDcefh+eQrm3CkhQ=='"
2349
- ", 'subType': '06' } }}");
2350
- ee_testcase_run(&tc);
2351
- }
2352
-
2353
2032
  {
2354
2033
  ee_testcase tc = {0};
2355
2034
  tc.desc = "Unindexed (v2)";
@@ -2366,27 +2045,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2366
2045
  tc.expect = TEST_BSON("{'v' : {'$binary' : {'base64': "
2367
2046
  "'EKvN76sSNJh2EjQSNFZ4kBICTQaVZPWgXp41I7mPV1rLFVl3jjP90PgD4T+Mtubn/"
2368
2047
  "mm4CKsKGaV1yxlic9Dty1Adef4Y+bsLGKhBbCa5eojM/A==','subType' : '06'}}}");
2369
- tc.use_v2 = true;
2370
- ee_testcase_run(&tc);
2371
- }
2372
-
2373
- {
2374
- ee_testcase tc = {0};
2375
- tc.desc = "Indexed";
2376
- #define RNG_DATA \
2377
- "\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
2378
- "\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
2379
- uint8_t rng_data[] = RNG_DATA;
2380
- tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2381
- #undef RNG_DATA
2382
- tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2383
- tc.user_key_id = &keyABC_id;
2384
- tc.index_key_id = &key123_id;
2385
- tc.contention_factor = OPT_I64(0);
2386
- tc.msg = TEST_BSON("{'v': 'value123'}");
2387
- tc.keys_to_feed[0] = keyABC;
2388
- tc.keys_to_feed[1] = key123;
2389
- tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed.json");
2390
2048
  ee_testcase_run(&tc);
2391
2049
  }
2392
2050
 
@@ -2407,32 +2065,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2407
2065
  tc.keys_to_feed[0] = keyABC;
2408
2066
  tc.keys_to_feed[1] = key123;
2409
2067
  tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed-v2.json");
2410
- tc.use_v2 = true;
2411
- ee_testcase_run(&tc);
2412
- }
2413
-
2414
- {
2415
- ee_testcase tc = {0};
2416
- tc.desc = "Indexed with non-zero ContentionFactor. Random number chosen is 0";
2417
- /* First 8 bytes are for random ContentionFactor.
2418
- * Second 16 bytes are IV for 'p' field in FLE2InsertUpdatePayload
2419
- * Third 16 bytes are IV for 'v' field in FLE2InsertUpdatePayload
2420
- */
2421
- #define RNG_DATA \
2422
- "\x00\x00\x00\x00\x00\x00\x00\x00" \
2423
- "\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
2424
- "\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
2425
- uint8_t rng_data[] = RNG_DATA;
2426
- tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2427
- #undef RNG_DATA
2428
- tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2429
- tc.user_key_id = &keyABC_id;
2430
- tc.index_key_id = &key123_id;
2431
- tc.contention_factor = OPT_I64(1);
2432
- tc.msg = TEST_BSON("{'v': 'value123'}");
2433
- tc.keys_to_feed[0] = keyABC;
2434
- tc.keys_to_feed[1] = key123;
2435
- tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed.json");
2436
2068
  ee_testcase_run(&tc);
2437
2069
  }
2438
2070
 
@@ -2458,33 +2090,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2458
2090
  tc.keys_to_feed[0] = keyABC;
2459
2091
  tc.keys_to_feed[1] = key123;
2460
2092
  tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed-v2.json");
2461
- tc.use_v2 = true;
2462
- ee_testcase_run(&tc);
2463
- }
2464
-
2465
- {
2466
- ee_testcase tc = {0};
2467
- tc.desc = "Indexed with non-zero ContentionFactor. Random number chosen is 1";
2468
- /* First 8 bytes are for random ContentionFactor.
2469
- * Second 16 bytes are IV for 'p' field in FLE2InsertUpdatePayload
2470
- * Third 16 bytes are IV for 'v' field in FLE2InsertUpdatePayload
2471
- */
2472
- #define RNG_DATA \
2473
- "\x01\x00\x00\x00\x00\x00\x00\x00" \
2474
- "\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
2475
- "\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
2476
- uint8_t rng_data[] = RNG_DATA;
2477
- tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2478
- #undef RNG_DATA
2479
- tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2480
- tc.user_key_id = &keyABC_id;
2481
- tc.index_key_id = &key123_id;
2482
- tc.contention_factor = OPT_I64(1);
2483
- tc.msg = TEST_BSON("{'v': 'value123'}");
2484
- tc.keys_to_feed[0] = keyABC;
2485
- tc.keys_to_feed[1] = key123;
2486
- tc.expect = TEST_FILE("./test/data/fle2-explicit/"
2487
- "insert-indexed-contentionFactor1.json");
2488
2093
  ee_testcase_run(&tc);
2489
2094
  }
2490
2095
 
@@ -2511,26 +2116,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2511
2116
  tc.keys_to_feed[1] = key123;
2512
2117
  tc.expect = TEST_FILE("./test/data/fle2-explicit/"
2513
2118
  "insert-indexed-contentionFactor1-v2.json");
2514
- tc.use_v2 = true;
2515
- ee_testcase_run(&tc);
2516
- }
2517
-
2518
- {
2519
- ee_testcase tc = {0};
2520
- tc.desc = "omitted index_key_id defaults to using user_key_id";
2521
- #define RNG_DATA \
2522
- "\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
2523
- "\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
2524
- uint8_t rng_data[] = RNG_DATA;
2525
- tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
2526
- #undef RNG_DATA
2527
- tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2528
- tc.user_key_id = &keyABC_id;
2529
- tc.contention_factor = OPT_I64(0);
2530
- tc.msg = TEST_BSON("{'v': 'value123'}");
2531
- tc.keys_to_feed[0] = keyABC;
2532
- tc.expect = TEST_FILE("./test/data/fle2-explicit/"
2533
- "insert-indexed-same-user-and-index-key.json");
2534
2119
  ee_testcase_run(&tc);
2535
2120
  }
2536
2121
 
@@ -2550,13 +2135,12 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2550
2135
  tc.keys_to_feed[0] = keyABC;
2551
2136
  tc.expect = TEST_FILE("./test/data/fle2-explicit/"
2552
2137
  "insert-indexed-same-user-and-index-key-v2.json");
2553
- tc.use_v2 = true;
2554
2138
  ee_testcase_run(&tc);
2555
2139
  }
2556
2140
 
2557
2141
  {
2558
2142
  ee_testcase tc = {0};
2559
- tc.desc = "algorithm='Indexed' with query type";
2143
+ tc.desc = "algorithm='Indexed' with query type (v2)";
2560
2144
  tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2561
2145
  tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
2562
2146
  tc.user_key_id = &keyABC_id;
@@ -2565,121 +2149,44 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2565
2149
  tc.msg = TEST_BSON("{'v': 123456}");
2566
2150
  tc.keys_to_feed[0] = keyABC;
2567
2151
  tc.keys_to_feed[1] = key123;
2568
- tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed.json");
2152
+ tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-v2.json");
2569
2153
  ee_testcase_run(&tc);
2570
2154
  }
2571
2155
 
2572
2156
  {
2573
2157
  ee_testcase tc = {0};
2574
- tc.desc = "algorithm='Indexed' with query type (v2)";
2158
+ tc.desc = "algorithm='Indexed' with query type and non-zero contention factor (v2)";
2575
2159
  tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2576
2160
  tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
2577
2161
  tc.user_key_id = &keyABC_id;
2578
2162
  tc.index_key_id = &key123_id;
2579
- tc.contention_factor = OPT_I64(0);
2163
+ tc.contention_factor = OPT_I64(1);
2580
2164
  tc.msg = TEST_BSON("{'v': 123456}");
2581
2165
  tc.keys_to_feed[0] = keyABC;
2582
2166
  tc.keys_to_feed[1] = key123;
2583
- tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-v2.json");
2584
- tc.use_v2 = true;
2167
+ tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-contentionFactor1-v2.json");
2585
2168
  ee_testcase_run(&tc);
2586
2169
  }
2587
2170
 
2588
2171
  {
2589
2172
  ee_testcase tc = {0};
2590
- tc.desc = "algorithm='Indexed' with query type and non-zero contention factor";
2173
+ tc.desc = "Negative contention factor is an error on insert (v2)";
2591
2174
  tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2592
- tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
2593
2175
  tc.user_key_id = &keyABC_id;
2594
- tc.index_key_id = &key123_id;
2595
- tc.contention_factor = OPT_I64(1);
2176
+ tc.contention_factor = OPT_I64(-1);
2596
2177
  tc.msg = TEST_BSON("{'v': 123456}");
2597
- tc.keys_to_feed[0] = keyABC;
2598
- tc.keys_to_feed[1] = key123;
2599
- tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-contentionFactor1.json");
2178
+ tc.expect_init_error = "contention must be non-negative";
2600
2179
  ee_testcase_run(&tc);
2601
2180
  }
2602
2181
 
2603
2182
  {
2604
2183
  ee_testcase tc = {0};
2605
- tc.desc = "algorithm='Indexed' with query type and non-zero contention factor (v2)";
2606
- tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2607
- tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
2608
- tc.user_key_id = &keyABC_id;
2609
- tc.index_key_id = &key123_id;
2610
- tc.contention_factor = OPT_I64(1);
2611
- tc.msg = TEST_BSON("{'v': 123456}");
2612
- tc.keys_to_feed[0] = keyABC;
2613
- tc.keys_to_feed[1] = key123;
2614
- tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-contentionFactor1-v2.json");
2615
- tc.use_v2 = true;
2616
- ee_testcase_run(&tc);
2617
- }
2618
-
2619
- {
2620
- ee_testcase tc = {0};
2621
- tc.desc = "Negative contention factor is an error on insert";
2622
- tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2623
- tc.user_key_id = &keyABC_id;
2624
- tc.contention_factor = OPT_I64(-1);
2625
- tc.msg = TEST_BSON("{'v': 123456}");
2626
- tc.expect_init_error = "contention must be non-negative";
2627
- ee_testcase_run(&tc);
2628
- }
2629
-
2630
- {
2631
- ee_testcase tc = {0};
2632
- tc.desc = "Negative contention factor is an error on insert (v2)";
2633
- tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2634
- tc.user_key_id = &keyABC_id;
2635
- tc.contention_factor = OPT_I64(-1);
2636
- tc.msg = TEST_BSON("{'v': 123456}");
2637
- tc.expect_init_error = "contention must be non-negative";
2638
- tc.use_v2 = true;
2639
- ee_testcase_run(&tc);
2640
- }
2641
-
2642
- {
2643
- ee_testcase tc = {0};
2644
- tc.desc = "INT64_MAX contention factor is an error on insert";
2645
- tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2646
- tc.user_key_id = &keyABC_id;
2647
- tc.contention_factor = OPT_I64(INT64_MAX);
2648
- tc.msg = TEST_BSON("{'v': 123456}");
2649
- tc.expect_init_error = "contention must be < INT64_MAX";
2650
- ee_testcase_run(&tc);
2651
- }
2652
-
2653
- {
2654
- ee_testcase tc = {0};
2655
- tc.desc = "INT64_MAX contention factor is an error on insert (v2)";
2184
+ tc.desc = "INT64_MAX contention factor is an error on insert (v2)";
2656
2185
  tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
2657
2186
  tc.user_key_id = &keyABC_id;
2658
2187
  tc.contention_factor = OPT_I64(INT64_MAX);
2659
2188
  tc.msg = TEST_BSON("{'v': 123456}");
2660
2189
  tc.expect_init_error = "contention must be < INT64_MAX";
2661
- tc.use_v2 = true;
2662
- ee_testcase_run(&tc);
2663
- }
2664
-
2665
- {
2666
- ee_testcase tc = {0};
2667
- tc.desc = "algorithm='Range' with int32";
2668
- #include "./data/fle2-insert-range-explicit/int32/RNG_DATA.h"
2669
- tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
2670
- #undef RNG_DATA
2671
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
2672
- tc.user_key_id = &keyABC_id;
2673
- tc.index_key_id = &key123_id;
2674
- tc.contention_factor = OPT_I64(0);
2675
- tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/"
2676
- "int32/rangeopts.json");
2677
- tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/"
2678
- "value-to-encrypt.json");
2679
- tc.keys_to_feed[0] = keyABC;
2680
- tc.keys_to_feed[1] = key123;
2681
- tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/"
2682
- "encrypted-payload.json");
2683
2190
  ee_testcase_run(&tc);
2684
2191
  }
2685
2192
 
@@ -2701,28 +2208,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2701
2208
  tc.keys_to_feed[1] = key123;
2702
2209
  tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/"
2703
2210
  "encrypted-payload-v2.json");
2704
- tc.use_v2 = true;
2705
- ee_testcase_run(&tc);
2706
- }
2707
-
2708
- {
2709
- ee_testcase tc = {0};
2710
- tc.desc = "algorithm='Range' with sparsity=2 with int32";
2711
- #include "./data/fle2-insert-range-explicit/sparsity-2/RNG_DATA.h"
2712
- tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
2713
- #undef RNG_DATA
2714
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
2715
- tc.user_key_id = &keyABC_id;
2716
- tc.index_key_id = &key123_id;
2717
- tc.contention_factor = OPT_I64(0);
2718
- tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/"
2719
- "sparsity-2/rangeopts.json");
2720
- tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/sparsity-2/"
2721
- "value-to-encrypt.json");
2722
- tc.keys_to_feed[0] = keyABC;
2723
- tc.keys_to_feed[1] = key123;
2724
- tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/sparsity-2/"
2725
- "encrypted-payload.json");
2726
2211
  ee_testcase_run(&tc);
2727
2212
  }
2728
2213
 
@@ -2744,26 +2229,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2744
2229
  tc.keys_to_feed[1] = key123;
2745
2230
  tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/sparsity-2/"
2746
2231
  "encrypted-payload-v2.json");
2747
- tc.use_v2 = true;
2748
- ee_testcase_run(&tc);
2749
- }
2750
-
2751
- {
2752
- ee_testcase tc = {0};
2753
- tc.desc = "algorithm='Range' with query_type='range' with int32";
2754
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
2755
- tc.user_key_id = &keyABC_id;
2756
- tc.index_key_id = &keyABC_id;
2757
- tc.contention_factor = OPT_I64(4);
2758
- tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
2759
- tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/"
2760
- "int32/rangeopts.json");
2761
- tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/int32/"
2762
- "value-to-encrypt.json");
2763
- tc.keys_to_feed[0] = keyABC;
2764
- tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/int32/"
2765
- "encrypted-payload.json");
2766
- tc.is_expression = true;
2767
2232
  ee_testcase_run(&tc);
2768
2233
  }
2769
2234
 
@@ -2783,20 +2248,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2783
2248
  tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/int32/"
2784
2249
  "encrypted-payload-v2.json");
2785
2250
  tc.is_expression = true;
2786
- tc.use_v2 = true;
2787
- ee_testcase_run(&tc);
2788
- }
2789
-
2790
- {
2791
- ee_testcase tc = {0};
2792
- tc.desc = "An unsupported range BSON type is an error";
2793
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
2794
- tc.user_key_id = &keyABC_id;
2795
- tc.contention_factor = OPT_I64(0);
2796
- tc.range_opts = TEST_BSON("{'min': 0, 'max': 1, 'sparsity': {'$numberLong': '1'}}");
2797
- tc.msg = TEST_BSON("{'v': 'abc'}");
2798
- tc.keys_to_feed[0] = keyABC;
2799
- tc.expect_finalize_error = "expected matching 'min' and value type";
2800
2251
  ee_testcase_run(&tc);
2801
2252
  }
2802
2253
 
@@ -2810,28 +2261,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2810
2261
  tc.msg = TEST_BSON("{'v': 'abc'}");
2811
2262
  tc.keys_to_feed[0] = keyABC;
2812
2263
  tc.expect_finalize_error = "expected matching 'min' and value type";
2813
- tc.use_v2 = true;
2814
- ee_testcase_run(&tc);
2815
- }
2816
-
2817
- {
2818
- ee_testcase tc = {0};
2819
- tc.desc = "algorithm='Range' with query_type='range' with double with "
2820
- "precision";
2821
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
2822
- tc.user_key_id = &keyABC_id;
2823
- tc.index_key_id = &key123_id;
2824
- tc.contention_factor = OPT_I64(0);
2825
- tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
2826
- tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/double-precision/"
2827
- "rangeopts.json");
2828
- tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/"
2829
- "double-precision/value-to-encrypt.json");
2830
- tc.keys_to_feed[0] = keyABC;
2831
- tc.keys_to_feed[1] = key123;
2832
- tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
2833
- "double-precision/encrypted-payload.json");
2834
- tc.is_expression = true;
2835
2264
  ee_testcase_run(&tc);
2836
2265
  }
2837
2266
 
@@ -2853,28 +2282,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2853
2282
  tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
2854
2283
  "double-precision/encrypted-payload-v2.json");
2855
2284
  tc.is_expression = true;
2856
- tc.use_v2 = true;
2857
- ee_testcase_run(&tc);
2858
- }
2859
-
2860
- {
2861
- ee_testcase tc = {0};
2862
- tc.desc = "algorithm='Range' with double precision with precision";
2863
- #include "./data/fle2-insert-range-explicit/double-precision/RNG_DATA.h"
2864
- tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
2865
- #undef RNG_DATA
2866
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
2867
- tc.user_key_id = &keyABC_id;
2868
- tc.index_key_id = &key123_id;
2869
- tc.contention_factor = OPT_I64(0);
2870
- tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/double-precision/"
2871
- "rangeopts.json");
2872
- tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/"
2873
- "double-precision/value-to-encrypt.json");
2874
- tc.keys_to_feed[0] = keyABC;
2875
- tc.keys_to_feed[1] = key123;
2876
- tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double-precision/"
2877
- "encrypted-payload.json");
2878
2285
  ee_testcase_run(&tc);
2879
2286
  }
2880
2287
 
@@ -2896,26 +2303,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2896
2303
  tc.keys_to_feed[1] = key123;
2897
2304
  tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double-precision/"
2898
2305
  "encrypted-payload-v2.json");
2899
- tc.use_v2 = true;
2900
- ee_testcase_run(&tc);
2901
- }
2902
-
2903
- {
2904
- ee_testcase tc = {0};
2905
- tc.desc = "algorithm='Range' with query_type='range' with double without "
2906
- "precision";
2907
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
2908
- tc.user_key_id = &keyABC_id;
2909
- tc.index_key_id = &key123_id;
2910
- tc.contention_factor = OPT_I64(0);
2911
- tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
2912
- tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/double/"
2913
- "rangeopts.json");
2914
- tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/double/value-to-encrypt.json");
2915
- tc.keys_to_feed[0] = keyABC;
2916
- tc.keys_to_feed[1] = key123;
2917
- tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/double/encrypted-payload.json");
2918
- tc.is_expression = true;
2919
2306
  ee_testcase_run(&tc);
2920
2307
  }
2921
2308
 
@@ -2935,27 +2322,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2935
2322
  tc.keys_to_feed[1] = key123;
2936
2323
  tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/double/encrypted-payload-v2.json");
2937
2324
  tc.is_expression = true;
2938
- tc.use_v2 = true;
2939
- ee_testcase_run(&tc);
2940
- }
2941
-
2942
- {
2943
- ee_testcase tc = {0};
2944
- tc.desc = "algorithm='Range' with double without precision";
2945
- #include "./data/fle2-insert-range-explicit/double/RNG_DATA.h"
2946
- tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
2947
- #undef RNG_DATA
2948
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
2949
- tc.user_key_id = &keyABC_id;
2950
- tc.index_key_id = &key123_id;
2951
- tc.contention_factor = OPT_I64(0);
2952
- tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/double/"
2953
- "rangeopts.json");
2954
- tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/double/value-to-encrypt.json");
2955
- tc.keys_to_feed[0] = keyABC;
2956
- tc.keys_to_feed[1] = key123;
2957
- tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double/"
2958
- "encrypted-payload.json");
2959
2325
  ee_testcase_run(&tc);
2960
2326
  }
2961
2327
 
@@ -2976,20 +2342,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
2976
2342
  tc.keys_to_feed[1] = key123;
2977
2343
  tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double/"
2978
2344
  "encrypted-payload-v2.json");
2979
- tc.use_v2 = true;
2980
- ee_testcase_run(&tc);
2981
- }
2982
-
2983
- {
2984
- ee_testcase tc = {0};
2985
- tc.desc = "min > max for insert";
2986
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
2987
- tc.user_key_id = &keyABC_id;
2988
- tc.contention_factor = OPT_I64(0);
2989
- tc.range_opts = TEST_BSON("{'min': 1, 'max': 0, 'sparsity': {'$numberLong': '1'}}");
2990
- tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/value-to-encrypt.json");
2991
- tc.keys_to_feed[0] = keyABC;
2992
- tc.expect_finalize_error = "minimum value must be less than the maximum value";
2993
2345
  ee_testcase_run(&tc);
2994
2346
  }
2995
2347
 
@@ -3003,22 +2355,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
3003
2355
  tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/value-to-encrypt.json");
3004
2356
  tc.keys_to_feed[0] = keyABC;
3005
2357
  tc.expect_finalize_error = "minimum value must be less than the maximum value";
3006
- tc.use_v2 = true;
3007
- ee_testcase_run(&tc);
3008
- }
3009
-
3010
- {
3011
- ee_testcase tc = {0};
3012
- tc.desc = "min > max for find";
3013
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
3014
- tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
3015
- tc.user_key_id = &keyABC_id;
3016
- tc.contention_factor = OPT_I64(0);
3017
- tc.range_opts = TEST_BSON("{'min': 25, 'max': 24, 'sparsity': {'$numberLong': '1'}}");
3018
- tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/int32/value-to-encrypt.json");
3019
- tc.keys_to_feed[0] = keyABC;
3020
- tc.expect_finalize_error = "minimum value must be less than the maximum value";
3021
- tc.is_expression = true;
3022
2358
  ee_testcase_run(&tc);
3023
2359
  }
3024
2360
 
@@ -3037,24 +2373,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
3037
2373
  ee_testcase_run(&tc);
3038
2374
  }
3039
2375
 
3040
- {
3041
- ee_testcase tc = {0};
3042
- tc.desc = "open interval";
3043
- tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
3044
- tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
3045
- tc.user_key_id = &keyABC_id;
3046
- tc.contention_factor = OPT_I64(0);
3047
- tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/"
3048
- "int32-openinterval/rangeopts.json");
3049
- tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/"
3050
- "int32-openinterval/value-to-encrypt.json");
3051
- tc.keys_to_feed[0] = keyABC;
3052
- tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
3053
- "int32-openinterval/encrypted-payload.json");
3054
- tc.is_expression = true;
3055
- ee_testcase_run(&tc);
3056
- }
3057
-
3058
2376
  {
3059
2377
  ee_testcase tc = {0};
3060
2378
  tc.desc = "open interval (v2)";
@@ -3070,7 +2388,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
3070
2388
  tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
3071
2389
  "int32-openinterval/encrypted-payload-v2.json");
3072
2390
  tc.is_expression = true;
3073
- tc.use_v2 = true;
3074
2391
  ee_testcase_run(&tc);
3075
2392
  }
3076
2393
 
@@ -3154,17 +2471,13 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
3154
2471
  TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
3155
2472
  crypt);
3156
2473
  ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_BSON("{'db.coll': {'fields': []}}")), crypt);
3157
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
3158
- // QEv1 is still supported.
3159
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
3160
2474
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
3161
2475
  ctx = mongocrypt_ctx_new(crypt);
3162
2476
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON("{'find': 'coll'}")), ctx);
3163
2477
  ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
3164
2478
  {
3165
2479
  const char *expect_schema = "{ 'fields': [], 'escCollection': "
3166
- "'enxcol_.coll.esc', 'eccCollection': "
3167
- "'enxcol_.coll.ecc', 'ecocCollection': "
2480
+ "'enxcol_.coll.esc', 'ecocCollection': "
3168
2481
  "'enxcol_.coll.ecoc' }";
3169
2482
  mongocrypt_binary_t *cmd_to_mongocryptd;
3170
2483
 
@@ -3189,17 +2502,14 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
3189
2502
  crypt);
3190
2503
  ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(
3191
2504
  crypt,
3192
- TEST_BSON("{'db.coll': { 'fields': [], 'escCollection': 'esc', "
3193
- "'eccCollection': 'ecc', 'ecocCollection': 'ecoc'}}")),
2505
+ TEST_BSON("{'db.coll': { 'fields': [], 'escCollection': 'esc', 'ecocCollection': 'ecoc'}}")),
3194
2506
  crypt);
3195
2507
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
3196
2508
  ctx = mongocrypt_ctx_new(crypt);
3197
2509
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON("{'find': 'coll'}")), ctx);
3198
2510
  ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
3199
2511
  {
3200
- const char *expect_schema = "{'fields': [], 'escCollection': 'esc', "
3201
- "'eccCollection': 'ecc', "
3202
- "'ecocCollection': 'ecoc' }";
2512
+ const char *expect_schema = "{'fields': [], 'escCollection': 'esc', 'ecocCollection': 'ecoc' }";
3203
2513
  mongocrypt_binary_t *cmd_to_mongocryptd;
3204
2514
 
3205
2515
  cmd_to_mongocryptd = mongocrypt_binary_new();
@@ -3221,19 +2531,17 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
3221
2531
  mongocrypt_setopt_kms_providers(crypt,
3222
2532
  TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
3223
2533
  crypt);
3224
- ASSERT_OK(
3225
- mongocrypt_setopt_encrypted_field_config_map(crypt,
3226
- TEST_BSON("{'fields': [], 'db.coll': {'escCollection': "
3227
- "'esc', 'eccCollection': 'ecc', 'fields': []}}")),
3228
- crypt);
2534
+ ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
2535
+ TEST_BSON("{'fields': [], 'db.coll': {'escCollection': "
2536
+ "'esc', 'fields': []}}")),
2537
+ crypt);
3229
2538
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
3230
2539
  ctx = mongocrypt_ctx_new(crypt);
3231
2540
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON("{'find': 'coll'}")), ctx);
3232
2541
  ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
3233
2542
  {
3234
- const char *expect_schema = "{'escCollection': 'esc', "
3235
- "'eccCollection': 'ecc', 'fields': [], "
3236
- "'ecocCollection': 'enxcol_.coll.ecoc' }";
2543
+ const char *expect_schema =
2544
+ "{'escCollection': 'esc', 'fields': [], 'ecocCollection': 'enxcol_.coll.ecoc' }";
3237
2545
  mongocrypt_binary_t *cmd_to_mongocryptd;
3238
2546
 
3239
2547
  cmd_to_mongocryptd = mongocrypt_binary_new();
@@ -3251,13 +2559,13 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
3251
2559
  }
3252
2560
 
3253
2561
  /* Test encrypting an empty 'delete' command without values to be encrypted.
3254
- * Expect deleteTokens to be applied. */
3255
- static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
2562
+ * Expect deleteTokens to not be applied. */
2563
+ static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
2564
+ tester_mongocrypt_flags flags = TESTER_MONGOCRYPT_DEFAULT;
2565
+
3256
2566
  /* Test success. */
3257
2567
  {
3258
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
3259
- // QEv1 is still supported.
3260
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
2568
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
3261
2569
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3262
2570
 
3263
2571
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/success/cmd.json")),
@@ -3287,10 +2595,6 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
3287
2595
  TEST_FILE("./test/data/keys/"
3288
2596
  "12345678123498761234123456789012-local-document.json")),
3289
2597
  ctx);
3290
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3291
- TEST_FILE("./test/data/keys/"
3292
- "12345678123498761234123456789013-local-document.json")),
3293
- ctx);
3294
2598
  ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3295
2599
  }
3296
2600
 
@@ -3298,7 +2602,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
3298
2602
  {
3299
2603
  mongocrypt_binary_t *out = mongocrypt_binary_new();
3300
2604
  ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
3301
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload.json"),
2605
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload-v2.json"),
3302
2606
  out);
3303
2607
  mongocrypt_binary_destroy(out);
3304
2608
  }
@@ -3308,9 +2612,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
3308
2612
  }
3309
2613
  /* Test with no encrypted values. */
3310
2614
  {
3311
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
3312
- // QEv1 is still supported.
3313
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
2615
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
3314
2616
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3315
2617
 
3316
2618
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
@@ -3328,24 +2630,13 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
3328
2630
  ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3329
2631
  }
3330
2632
 
3331
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
3332
- {
3333
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3334
- TEST_FILE("./test/data/keys/"
3335
- "12345678123498761234123456789012-local-document.json")),
3336
- ctx);
3337
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3338
- TEST_FILE("./test/data/keys/"
3339
- "12345678123498761234123456789013-local-document.json")),
3340
- ctx);
3341
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3342
- }
3343
-
2633
+ /* We do not need delete tokens in v2 so we skip need keys state. */
3344
2634
  ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
3345
2635
  {
3346
2636
  mongocrypt_binary_t *out = mongocrypt_binary_new();
3347
2637
  ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
3348
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload.json"), out);
2638
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
2639
+ out);
3349
2640
  mongocrypt_binary_destroy(out);
3350
2641
  }
3351
2642
 
@@ -3353,7 +2644,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
3353
2644
  mongocrypt_destroy(crypt);
3354
2645
  }
3355
2646
 
3356
- /* deleteTokens are appended when bypassQueryAnalysis is true. */
2647
+ /* Test that deleteTokens are not appended when bypassQueryAnalysis is true in v2. */
3357
2648
  {
3358
2649
  mongocrypt_t *crypt = mongocrypt_new();
3359
2650
  /* Configure crypt. */
@@ -3364,264 +2655,6 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
3364
2655
  ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
3365
2656
  mongocrypt_binary_destroy(localkey);
3366
2657
  mongocrypt_setopt_bypass_query_analysis(crypt);
3367
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note:
3368
- // decrypting
3369
- // QEv1 is still supported.
3370
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
3371
- ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
3372
- }
3373
-
3374
- mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3375
-
3376
- ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
3377
-
3378
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
3379
- {
3380
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/empty/collinfo.json")), ctx);
3381
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3382
- }
3383
-
3384
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
3385
- {
3386
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3387
- TEST_FILE("./test/data/keys/"
3388
- "12345678123498761234123456789012-local-document.json")),
3389
- ctx);
3390
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3391
- TEST_FILE("./test/data/keys/"
3392
- "12345678123498761234123456789013-local-document.json")),
3393
- ctx);
3394
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3395
- }
3396
-
3397
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
3398
- {
3399
- mongocrypt_binary_t *out = mongocrypt_binary_new();
3400
- ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
3401
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload.json"), out);
3402
- mongocrypt_binary_destroy(out);
3403
- }
3404
-
3405
- mongocrypt_ctx_destroy(ctx);
3406
- mongocrypt_destroy(crypt);
3407
- }
3408
-
3409
- /* Test that deleteTokens are appended when using an
3410
- * encrypted_field_config_map. */
3411
- {
3412
- mongocrypt_t *crypt = mongocrypt_new();
3413
- /* Configure crypt. */
3414
- {
3415
- char localkey_data[MONGOCRYPT_KEY_LEN] = {0};
3416
- mongocrypt_binary_t *localkey;
3417
- localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
3418
- ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
3419
- mongocrypt_binary_destroy(localkey);
3420
- ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
3421
- TEST_FILE("./test/data/fle2-delete/success/"
3422
- "encrypted-field-config-map.json")),
3423
- crypt);
3424
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note:
3425
- // decrypting
3426
- // QEv1 is still supported.
3427
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
3428
- ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
3429
- }
3430
-
3431
- mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3432
-
3433
- ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/success/cmd.json")),
3434
- ctx);
3435
-
3436
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
3437
- {
3438
- ASSERT_OK(
3439
- mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/success/mongocryptd-reply.json")),
3440
- ctx);
3441
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3442
- }
3443
-
3444
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
3445
- {
3446
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3447
- TEST_FILE("./test/data/keys/"
3448
- "ABCDEFAB123498761234123456789012-local-document.json")),
3449
- ctx);
3450
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3451
- TEST_FILE("./test/data/keys/"
3452
- "12345678123498761234123456789012-local-document.json")),
3453
- ctx);
3454
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3455
- TEST_FILE("./test/data/keys/"
3456
- "12345678123498761234123456789013-local-document.json")),
3457
- ctx);
3458
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3459
- }
3460
-
3461
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
3462
- {
3463
- mongocrypt_binary_t *out = mongocrypt_binary_new();
3464
- ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
3465
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload.json"),
3466
- out);
3467
- mongocrypt_binary_destroy(out);
3468
- }
3469
-
3470
- mongocrypt_ctx_destroy(ctx);
3471
- mongocrypt_destroy(crypt);
3472
- }
3473
-
3474
- /* Test that deleteTokens are appended when using an
3475
- * encrypted_field_config_map and bypass_query_analysis. */
3476
- {
3477
- mongocrypt_t *crypt = mongocrypt_new();
3478
- /* Configure crypt. */
3479
- {
3480
- char localkey_data[MONGOCRYPT_KEY_LEN] = {0};
3481
- mongocrypt_binary_t *localkey;
3482
- localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
3483
- ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
3484
- mongocrypt_binary_destroy(localkey);
3485
- ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
3486
- TEST_FILE("./test/data/fle2-delete/empty/"
3487
- "encrypted-field-config-map.json")),
3488
- crypt);
3489
- mongocrypt_setopt_bypass_query_analysis(crypt);
3490
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note:
3491
- // decrypting
3492
- // QEv1 is still supported.
3493
- ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
3494
- ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
3495
- }
3496
-
3497
- mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3498
-
3499
- ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
3500
-
3501
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
3502
- {
3503
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3504
- TEST_FILE("./test/data/keys/"
3505
- "12345678123498761234123456789012-local-document.json")),
3506
- ctx);
3507
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3508
- TEST_FILE("./test/data/keys/"
3509
- "12345678123498761234123456789013-local-document.json")),
3510
- ctx);
3511
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3512
- }
3513
-
3514
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
3515
- {
3516
- mongocrypt_binary_t *out = mongocrypt_binary_new();
3517
- ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
3518
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload.json"), out);
3519
- mongocrypt_binary_destroy(out);
3520
- }
3521
-
3522
- mongocrypt_ctx_destroy(ctx);
3523
- mongocrypt_destroy(crypt);
3524
- }
3525
- }
3526
-
3527
- /* Test encrypting an empty 'delete' command without values to be encrypted.
3528
- * Expect deleteTokens to not be applied. */
3529
- static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
3530
- tester_mongocrypt_flags flags = TESTER_MONGOCRYPT_DEFAULT;
3531
-
3532
- /* Test success. */
3533
- {
3534
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
3535
- mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3536
-
3537
- ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/success/cmd.json")),
3538
- ctx);
3539
-
3540
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
3541
- {
3542
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/success/collinfo.json")), ctx);
3543
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3544
- }
3545
-
3546
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
3547
- {
3548
- ASSERT_OK(
3549
- mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/success/mongocryptd-reply.json")),
3550
- ctx);
3551
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3552
- }
3553
-
3554
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
3555
- {
3556
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3557
- TEST_FILE("./test/data/keys/"
3558
- "ABCDEFAB123498761234123456789012-local-document.json")),
3559
- ctx);
3560
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
3561
- TEST_FILE("./test/data/keys/"
3562
- "12345678123498761234123456789012-local-document.json")),
3563
- ctx);
3564
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3565
- }
3566
-
3567
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
3568
- {
3569
- mongocrypt_binary_t *out = mongocrypt_binary_new();
3570
- ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
3571
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload-v2.json"),
3572
- out);
3573
- mongocrypt_binary_destroy(out);
3574
- }
3575
-
3576
- mongocrypt_ctx_destroy(ctx);
3577
- mongocrypt_destroy(crypt);
3578
- }
3579
- /* Test with no encrypted values. */
3580
- {
3581
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
3582
- mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3583
-
3584
- ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
3585
-
3586
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
3587
- {
3588
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/empty/collinfo.json")), ctx);
3589
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3590
- }
3591
-
3592
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
3593
- {
3594
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/empty/mongocryptd-reply.json")),
3595
- ctx);
3596
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
3597
- }
3598
-
3599
- /* We do not need delete tokens in v2 so we skip need keys state. */
3600
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
3601
- {
3602
- mongocrypt_binary_t *out = mongocrypt_binary_new();
3603
- ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
3604
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
3605
- out);
3606
- mongocrypt_binary_destroy(out);
3607
- }
3608
-
3609
- mongocrypt_ctx_destroy(ctx);
3610
- mongocrypt_destroy(crypt);
3611
- }
3612
-
3613
- /* Test that deleteTokens are no appended when bypassQueryAnalysis is true in v2. */
3614
- {
3615
- mongocrypt_t *crypt = mongocrypt_new();
3616
- /* Configure crypt. */
3617
- {
3618
- char localkey_data[MONGOCRYPT_KEY_LEN] = {0};
3619
- mongocrypt_binary_t *localkey;
3620
- localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
3621
- ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
3622
- mongocrypt_binary_destroy(localkey);
3623
- mongocrypt_setopt_bypass_query_analysis(crypt);
3624
- mongocrypt_setopt_fle2v2(crypt, true);
3625
2658
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
3626
2659
  }
3627
2660
 
@@ -3664,7 +2697,6 @@ static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
3664
2697
  TEST_FILE("./test/data/fle2-delete/success/"
3665
2698
  "encrypted-field-config-map.json")),
3666
2699
  crypt);
3667
- mongocrypt_setopt_fle2v2(crypt, true);
3668
2700
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
3669
2701
  }
3670
2702
 
@@ -3723,7 +2755,6 @@ static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
3723
2755
  "encrypted-field-config-map.json")),
3724
2756
  crypt);
3725
2757
  mongocrypt_setopt_bypass_query_analysis(crypt);
3726
- mongocrypt_setopt_fle2v2(crypt, true);
3727
2758
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
3728
2759
  }
3729
2760
 
@@ -3746,7 +2777,6 @@ static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
3746
2777
  }
3747
2778
 
3748
2779
  static void _test_encrypt_fle2_delete(_mongocrypt_tester_t *tester) {
3749
- _test_encrypt_fle2_delete_v1(tester);
3750
2780
  _test_encrypt_fle2_delete_v2(tester);
3751
2781
  }
3752
2782
 
@@ -3756,9 +2786,7 @@ static void _test_encrypt_fle2_omits_encryptionInformation(_mongocrypt_tester_t
3756
2786
  /* 'find' does not include 'encryptionInformation' if no fields are
3757
2787
  * encrypted. */
3758
2788
  {
3759
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
3760
- // QEv1 is still supported.
3761
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
2789
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
3762
2790
  mongocrypt_ctx_t *ctx;
3763
2791
 
3764
2792
  ctx = mongocrypt_ctx_new(crypt);
@@ -3801,9 +2829,7 @@ static void _test_encrypt_fle2_omits_encryptionInformation(_mongocrypt_tester_t
3801
2829
  /* 'find' includes encryptionInformation if the initial command includes an
3802
2830
  * explicitly encrypted payload. */
3803
2831
  {
3804
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
3805
- // QEv1 is still supported.
3806
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
2832
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
3807
2833
  mongocrypt_ctx_t *ctx;
3808
2834
 
3809
2835
  ctx = mongocrypt_ctx_new(crypt);
@@ -3850,9 +2876,7 @@ static void _test_encrypt_fle2_explain_with_mongocryptd(_mongocrypt_tester_t *te
3850
2876
  /* Test with an encrypted value. Otherwise 'encryptionInformation' is not
3851
2877
  * appended. */
3852
2878
  {
3853
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
3854
- // QEv1 is still supported.
3855
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
2879
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
3856
2880
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3857
2881
 
3858
2882
  ASSERT_OK(
@@ -3914,17 +2938,14 @@ static void _test_encrypt_fle2_explain_with_mongocryptd(_mongocrypt_tester_t *te
3914
2938
 
3915
2939
  static void _test_encrypt_fle2_explain_with_csfle(_mongocrypt_tester_t *tester) {
3916
2940
  if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
3917
- fputs("No 'real' csfle library is available. The "
3918
- "_test_encrypt_fle2_explain_with_csfle test is a no-op.",
3919
- stderr);
2941
+ TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
3920
2942
  return;
3921
2943
  }
3922
2944
 
3923
2945
  /* Test with an encrypted value. Otherwise 'encryptionInformation' is not
3924
2946
  * appended. */
3925
2947
  {
3926
- mongocrypt_t *crypt =
3927
- _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_SHARED_LIB | TESTER_MONGOCRYPT_WITH_CRYPT_V1);
2948
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_SHARED_LIB);
3928
2949
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3929
2950
 
3930
2951
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-explain/with-csfle/cmd.json")),
@@ -4012,9 +3033,7 @@ static void _test_encrypt_fle1_explain_with_mongocryptd(_mongocrypt_tester_t *te
4012
3033
 
4013
3034
  static void _test_encrypt_fle1_explain_with_csfle(_mongocrypt_tester_t *tester) {
4014
3035
  if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
4015
- fputs("No 'real' csfle library is available. The "
4016
- "_test_encrypt_fle1_explain_with_csfle test is a no-op.",
4017
- stderr);
3036
+ TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
4018
3037
  return;
4019
3038
  }
4020
3039
 
@@ -4050,9 +3069,7 @@ static void _test_encrypt_fle1_explain_with_csfle(_mongocrypt_tester_t *tester)
4050
3069
  // Test that an input command with $db preserves $db in the output.
4051
3070
  static void _test_dollardb_preserved(_mongocrypt_tester_t *tester) {
4052
3071
  /* Test with an encrypted value. */
4053
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
4054
- // QEv1 is still supported.
4055
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
3072
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4056
3073
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4057
3074
 
4058
3075
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/dollardb/preserved/cmd.json")), ctx);
@@ -4155,9 +3172,7 @@ static void _test_dollardb_preserved_empty(_mongocrypt_tester_t *tester) {
4155
3172
 
4156
3173
  // Test that an input command with no $db does not include $db in the output.
4157
3174
  static void _test_dollardb_omitted(_mongocrypt_tester_t *tester) {
4158
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
4159
- // QEv1 is still supported.
4160
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
3175
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4161
3176
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4162
3177
 
4163
3178
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/dollardb/omitted/cmd.json")), ctx);
@@ -4266,6 +3281,24 @@ static void _test_dollardb_preserved_fle1(_mongocrypt_tester_t *tester) {
4266
3281
  mongocrypt_destroy(crypt);
4267
3282
  }
4268
3283
 
3284
+ #define expect_mongo_op(ctx, expect) \
3285
+ if (1) { \
3286
+ mongocrypt_binary_t *got = mongocrypt_binary_new(); \
3287
+ ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, got), ctx); \
3288
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON((expect), got); \
3289
+ mongocrypt_binary_destroy(got); \
3290
+ } else \
3291
+ ((void)0)
3292
+
3293
+ #define expect_and_reply_to_ismaster(ctx) \
3294
+ if (1) { \
3295
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS); \
3296
+ expect_mongo_op(ctx, TEST_BSON("{'isMaster': 1}")); \
3297
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/mongocryptd-ismaster-26.json")), ctx); \
3298
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx); \
3299
+ } else \
3300
+ ((void)0)
3301
+
4269
3302
  static void _test_fle1_create_without_schema(_mongocrypt_tester_t *tester) {
4270
3303
  mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4271
3304
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
@@ -4273,38 +3306,24 @@ static void _test_fle1_create_without_schema(_mongocrypt_tester_t *tester) {
4273
3306
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle1-create/without-schema/cmd.json")),
4274
3307
  ctx);
4275
3308
 
3309
+ expect_and_reply_to_ismaster(ctx);
3310
+
4276
3311
  ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4277
3312
  {
4278
3313
  mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
4279
3314
 
4280
3315
  ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
4281
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/"
4282
- "ismaster-to-mongocryptd.json"),
3316
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/cmd-to-mongocryptd.json"),
4283
3317
  cmd_to_mongocryptd);
4284
3318
  mongocrypt_binary_destroy(cmd_to_mongocryptd);
4285
3319
  ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
4286
3320
  TEST_FILE("./test/data/fle1-create/without-schema/"
4287
- "mongocryptd-ismaster.json")),
3321
+ "mongocryptd-reply.json")),
4288
3322
  ctx);
4289
3323
  ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4290
3324
  }
4291
3325
 
4292
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4293
- {
4294
- mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
4295
-
4296
- ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
4297
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/cmd-to-mongocryptd.json"),
4298
- cmd_to_mongocryptd);
4299
- mongocrypt_binary_destroy(cmd_to_mongocryptd);
4300
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
4301
- TEST_FILE("./test/data/fle1-create/without-schema/"
4302
- "mongocryptd-reply.json")),
4303
- ctx);
4304
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4305
- }
4306
-
4307
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
3326
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
4308
3327
  {
4309
3328
  mongocrypt_binary_t *out = mongocrypt_binary_new();
4310
3329
  ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
@@ -4331,21 +3350,7 @@ static void _test_fle1_create_with_schema(_mongocrypt_tester_t *tester) {
4331
3350
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle1-create/with-schema/cmd.json")),
4332
3351
  ctx);
4333
3352
 
4334
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4335
- {
4336
- mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
4337
-
4338
- ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
4339
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/with-schema/"
4340
- "ismaster-to-mongocryptd.json"),
4341
- cmd_to_mongocryptd);
4342
- mongocrypt_binary_destroy(cmd_to_mongocryptd);
4343
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
4344
- TEST_FILE("./test/data/fle1-create/with-schema/"
4345
- "mongocryptd-ismaster.json")),
4346
- ctx);
4347
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4348
- }
3353
+ expect_and_reply_to_ismaster(ctx);
4349
3354
 
4350
3355
  ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4351
3356
  {
@@ -4384,21 +3389,7 @@ static void _test_fle1_create_with_cmd_schema(_mongocrypt_tester_t *tester) {
4384
3389
  ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle1-create/with-cmd-schema/cmd.json")),
4385
3390
  ctx);
4386
3391
 
4387
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4388
- {
4389
- mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
4390
-
4391
- ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
4392
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/with-cmd-schema/"
4393
- "ismaster-to-mongocryptd.json"),
4394
- cmd_to_mongocryptd);
4395
- mongocrypt_binary_destroy(cmd_to_mongocryptd);
4396
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
4397
- TEST_FILE("./test/data/fle1-create/with-cmd-schema/"
4398
- "mongocryptd-ismaster.json")),
4399
- ctx);
4400
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4401
- }
3392
+ expect_and_reply_to_ismaster(ctx);
4402
3393
 
4403
3394
  ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4404
3395
  {
@@ -4469,9 +3460,7 @@ static void _test_fle1_create_old_mongocryptd(_mongocrypt_tester_t *tester) {
4469
3460
 
4470
3461
  static void _test_fle1_create_with_csfle(_mongocrypt_tester_t *tester) {
4471
3462
  if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
4472
- fputs("No 'real' csfle library is available. The "
4473
- "_test_fle1_create_with_csfle test is a no-op.",
4474
- stderr);
3463
+ TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
4475
3464
  return;
4476
3465
  }
4477
3466
 
@@ -4494,45 +3483,32 @@ static void _test_fle1_create_with_csfle(_mongocrypt_tester_t *tester) {
4494
3483
  mongocrypt_destroy(crypt);
4495
3484
  }
4496
3485
 
4497
- static void _test_fle2_create(_mongocrypt_tester_t *tester) {
3486
+ static void test_successful_fle2_create(_mongocrypt_tester_t *tester,
3487
+ const char *efc_map_path,
3488
+ const char *cmd_path,
3489
+ const char *cmd_to_cryptd_path,
3490
+ const char *cryptd_reply_path,
3491
+ const char *encrypted_payload_path) {
4498
3492
  mongocrypt_t *crypt = mongocrypt_new();
4499
3493
 
4500
3494
  ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
4501
- ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(
4502
- crypt,
4503
- TEST_FILE("./test/data/fle2-create/encrypted-field-config-map.json")),
4504
- crypt);
3495
+ ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_FILE(efc_map_path)), crypt);
4505
3496
  ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
4506
3497
 
4507
3498
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4508
3499
 
4509
- ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-create/cmd.json")), ctx);
4510
-
4511
- ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4512
- {
4513
- mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
3500
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE(cmd_path)), ctx);
4514
3501
 
4515
- ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
4516
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/"
4517
- "ismaster-to-mongocryptd.json"),
4518
- cmd_to_mongocryptd);
4519
- mongocrypt_binary_destroy(cmd_to_mongocryptd);
4520
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
4521
- TEST_FILE("./test/data/fle1-create/without-schema/"
4522
- "mongocryptd-ismaster.json")),
4523
- ctx);
4524
- ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4525
- }
3502
+ expect_and_reply_to_ismaster(ctx);
4526
3503
 
4527
3504
  ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4528
3505
  {
4529
3506
  mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
4530
3507
 
4531
3508
  ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
4532
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-create/cmd-to-mongocryptd.json"),
4533
- cmd_to_mongocryptd);
3509
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(cmd_to_cryptd_path), cmd_to_mongocryptd);
4534
3510
  mongocrypt_binary_destroy(cmd_to_mongocryptd);
4535
- ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-create/mongocryptd-reply.json")), ctx);
3511
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE(cryptd_reply_path)), ctx);
4536
3512
  ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4537
3513
  }
4538
3514
 
@@ -4540,7 +3516,7 @@ static void _test_fle2_create(_mongocrypt_tester_t *tester) {
4540
3516
  {
4541
3517
  mongocrypt_binary_t *out = mongocrypt_binary_new();
4542
3518
  ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
4543
- ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-create/encrypted-payload.json"), out);
3519
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(encrypted_payload_path), out);
4544
3520
  mongocrypt_binary_destroy(out);
4545
3521
  }
4546
3522
 
@@ -4548,6 +3524,85 @@ static void _test_fle2_create(_mongocrypt_tester_t *tester) {
4548
3524
  mongocrypt_destroy(crypt);
4549
3525
  }
4550
3526
 
3527
+ #define TEST_SUCCESSFUL_FLE2_CREATE(efc_path, cmd_path, cryptd_path, payload_path) \
3528
+ test_successful_fle2_create(tester, \
3529
+ "./test/data/" efc_path "/encrypted-field-config-map.json", \
3530
+ "./test/data/" cmd_path "/cmd.json", \
3531
+ "./test/data/" cryptd_path "/cmd-to-mongocryptd.json", \
3532
+ "./test/data/" cryptd_path "/mongocryptd-reply.json", \
3533
+ "./test/data/" payload_path "/encrypted-payload.json")
3534
+
3535
+ #define TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR(path) TEST_SUCCESSFUL_FLE2_CREATE(path, path, path, path)
3536
+
3537
+ static void _test_fle2_create(_mongocrypt_tester_t *tester) {
3538
+ TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-create");
3539
+ }
3540
+
3541
+ static void _test_fle2_create_with_encrypted_fields(_mongocrypt_tester_t *tester) {
3542
+ TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-create-encrypted-collection");
3543
+ }
3544
+
3545
+ static void _test_fle2_create_with_encrypted_fields_and_str_encode_version(_mongocrypt_tester_t *tester) {
3546
+ TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-create-encrypted-collection-with-str-encode-version");
3547
+ }
3548
+
3549
+ static void _test_fle2_create_with_encrypted_fields_unset_str_encode_version(_mongocrypt_tester_t *tester) {
3550
+ TEST_SUCCESSFUL_FLE2_CREATE("fle2-create-encrypted-collection-with-str-encode-version",
3551
+ "fle2-create-encrypted-collection",
3552
+ "fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version",
3553
+ "fle2-create-encrypted-collection-with-str-encode-version");
3554
+ }
3555
+
3556
+ static void _test_fle2_text_search_create_with_encrypted_fields(_mongocrypt_tester_t *tester) {
3557
+ TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-text-search-create-encrypted-collection");
3558
+ }
3559
+
3560
+ static void _test_fle2_text_search_create_with_encrypted_fields_and_str_encode_version(_mongocrypt_tester_t *tester) {
3561
+ TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-text-search-create-encrypted-collection-with-str-encode-version");
3562
+ }
3563
+
3564
+ static void _test_fle2_text_search_create_with_encrypted_fields_unset_str_encode_version(_mongocrypt_tester_t *tester) {
3565
+ TEST_SUCCESSFUL_FLE2_CREATE("fle2-text-search-create-encrypted-collection-with-str-encode-version",
3566
+ "fle2-text-search-create-encrypted-collection",
3567
+ "fle2-text-search-create-encrypted-collection",
3568
+ "fle2-text-search-create-encrypted-collection-with-str-encode-version");
3569
+ }
3570
+
3571
+ static void
3572
+ _test_fle2_text_search_create_with_encrypted_fields_unmatching_str_encode_version(_mongocrypt_tester_t *tester) {
3573
+ TEST_SUCCESSFUL_FLE2_CREATE("fle2-text-search-create-encrypted-collection",
3574
+ "fle2-text-search-create-encrypted-collection-with-str-encode-version",
3575
+ "fle2-text-search-create-encrypted-collection-with-str-encode-version",
3576
+ "fle2-text-search-create-encrypted-collection-with-str-encode-version");
3577
+ }
3578
+
3579
+ // Test that the JSON Schema found from a "create" command is not cached.
3580
+ static void _test_fle2_create_does_not_cache_empty_schema(_mongocrypt_tester_t *tester) {
3581
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
3582
+ // Auto encrypt a "create" to "db.coll".
3583
+ {
3584
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3585
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-create/cmd.json")), ctx);
3586
+ expect_and_reply_to_ismaster(ctx);
3587
+
3588
+ // Expect MONGOCRYPT_CTX_NEED_MONGO_COLLINFO is skipped since no server-side schema is expected for "create".
3589
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
3590
+ mongocrypt_ctx_destroy(ctx);
3591
+ }
3592
+
3593
+ // Auto encrypt "find" to "db.coll". Expect server-side schema is requested.
3594
+ {
3595
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
3596
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON(BSON_STR({"find" : "coll", "filter" : {}}))),
3597
+ ctx);
3598
+ // The MONGOCRYPT_CTX_NEED_COLLINFO state is entered to request a server-side schema.
3599
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
3600
+ mongocrypt_ctx_destroy(ctx);
3601
+ }
3602
+
3603
+ mongocrypt_destroy(crypt);
3604
+ }
3605
+
4551
3606
  /* Regression test for MONGOCRYPT-435 */
4552
3607
  static void _test_fle2_create_bypass_query_analysis(_mongocrypt_tester_t *tester) {
4553
3608
  mongocrypt_t *crypt = mongocrypt_new();
@@ -4582,15 +3637,13 @@ static void _test_encrypt_macos_no_ctr(_mongocrypt_tester_t *tester) {
4582
3637
  _mongocrypt_buffer_t key_id;
4583
3638
 
4584
3639
  if (_aes_ctr_is_supported_by_os) {
4585
- printf("Common Crypto with CTR support detected. Skipping.");
3640
+ TEST_PRINTF("Common Crypto with CTR support detected. Skipping.");
4586
3641
  return;
4587
3642
  }
4588
3643
 
4589
3644
  _mongocrypt_buffer_copy_from_hex(&key_id, "ABCDEFAB123498761234123456789012");
4590
3645
 
4591
- // TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
4592
- // QEv1 is still supported.
4593
- mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
3646
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4594
3647
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4595
3648
 
4596
3649
  ASSERT_OK(mongocrypt_ctx_setopt_algorithm(ctx, MONGOCRYPT_ALGORITHM_UNINDEXED_STR, -1), ctx);
@@ -4663,7 +3716,7 @@ static void _test_fle1_collmod_without_jsonSchema(_mongocrypt_tester_t *tester)
4663
3716
 
4664
3717
  static void _test_bulkWrite(_mongocrypt_tester_t *tester) {
4665
3718
  if (!_aes_ctr_is_supported_by_os) {
4666
- printf("Common Crypto with no CTR support detected. Required by QEv2 encryption. Skipping.");
3719
+ TEST_PRINTF("Common Crypto with no CTR support detected. Required by QEv2 encryption. Skipping.");
4667
3720
  return;
4668
3721
  }
4669
3722
 
@@ -5135,11 +4188,11 @@ typedef struct {
5135
4188
 
5136
4189
  static void autoencryption_test_run(autoencryption_test *aet) {
5137
4190
  if (!_aes_ctr_is_supported_by_os) {
5138
- printf("Common Crypto with no CTR support detected. Skipping.");
4191
+ TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
5139
4192
  return;
5140
4193
  }
5141
4194
 
5142
- printf(" auto_encryption test: '%s' ... begin\n", aet->desc);
4195
+ TEST_PRINTF(" auto_encryption test: '%s' ... begin\n", aet->desc);
5143
4196
 
5144
4197
  // Reset global counter for the `payloadId` to produce deterministic payloads.
5145
4198
  extern void mc_reset_payloadId_for_testing(void);
@@ -5206,14 +4259,14 @@ static void autoencryption_test_run(autoencryption_test *aet) {
5206
4259
  mongocrypt_binary_destroy(got);
5207
4260
  }
5208
4261
 
5209
- printf(" auto_encryption test: '%s' ... end\n", aet->desc);
4262
+ TEST_PRINTF(" auto_encryption test: '%s' ... end\n", aet->desc);
5210
4263
  mongocrypt_ctx_destroy(ctx);
5211
4264
  mongocrypt_destroy(crypt);
5212
4265
  }
5213
4266
 
5214
4267
  static void _test_no_trimFactor(_mongocrypt_tester_t *tester) {
5215
4268
  if (!_aes_ctr_is_supported_by_os) {
5216
- printf("Common Crypto with no CTR support detected. Skipping.");
4269
+ TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
5217
4270
  return;
5218
4271
  }
5219
4272
 
@@ -5281,7 +4334,7 @@ static void lookup_payload_bson(mongocrypt_binary_t *result, char *path, bson_t
5281
4334
  // Test that the crypto params added in SERVER-91889 are sent for "range" payloads.
5282
4335
  static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
5283
4336
  if (!_aes_ctr_is_supported_by_os) {
5284
- printf("Common Crypto with no CTR support detected. Skipping.");
4337
+ TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
5285
4338
  return;
5286
4339
  }
5287
4340
 
@@ -5304,7 +4357,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
5304
4357
  tc.msg = TEST_BSON("{'v': 123456}");
5305
4358
  tc.keys_to_feed[0] = key123;
5306
4359
  tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-insert-int32/expected.json");
5307
- tc.use_v2 = true; // Use QEv2 protocol.
5308
4360
  tc.use_range_v2 = true; // Use RangeV2 protocol.
5309
4361
  ee_testcase_run(&tc);
5310
4362
  // Check the parameters are present in the final payload.
@@ -5330,7 +4382,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
5330
4382
  tc.msg = TEST_BSON("{'v': 123456}");
5331
4383
  tc.keys_to_feed[0] = key123;
5332
4384
  tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-insert-int32-defaults/expected.json");
5333
- tc.use_v2 = true; // Use QEv2 protocol.
5334
4385
  tc.use_range_v2 = true; // Use RangeV2 protocol.
5335
4386
  ee_testcase_run(&tc);
5336
4387
  // Check the parameters are present in the final payload.
@@ -5357,7 +4408,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
5357
4408
  tc.msg = TEST_BSON("{'v': 123456.0}");
5358
4409
  tc.keys_to_feed[0] = key123;
5359
4410
  tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-insert-double/expected.json");
5360
- tc.use_v2 = true; // Use QEv2 protocol.
5361
4411
  tc.use_range_v2 = true; // Use RangeV2 protocol.
5362
4412
  ee_testcase_run(&tc);
5363
4413
  // Check the parameters are present in the final payload.
@@ -5383,7 +4433,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
5383
4433
  tc.msg = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32-defaults/to-encrypt.json");
5384
4434
  tc.keys_to_feed[0] = key123;
5385
4435
  tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32-defaults/expected.json");
5386
- tc.use_v2 = true; // Use QEv2 protocol.
5387
4436
  tc.use_range_v2 = true; // Use RangeV2 protocol.
5388
4437
  ee_testcase_run(&tc);
5389
4438
  // Check the parameters are present in the final payload.
@@ -5409,7 +4458,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
5409
4458
  tc.msg = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32/to-encrypt.json");
5410
4459
  tc.keys_to_feed[0] = key123;
5411
4460
  tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32/expected.json");
5412
- tc.use_v2 = true; // Use QEv2 protocol.
5413
4461
  tc.use_range_v2 = true; // Use RangeV2 protocol.
5414
4462
  ee_testcase_run(&tc);
5415
4463
  // Check the parameters are present in the final payload.
@@ -5476,6 +4524,1275 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
5476
4524
  _mongocrypt_buffer_cleanup(&key123_id);
5477
4525
  }
5478
4526
 
4527
+ typedef struct _responses {
4528
+ const char *key_document;
4529
+ const char *oauth_response;
4530
+ const char *decrypt_response;
4531
+ } _responses;
4532
+
4533
+ static void _test_encrypt_retry_provider(_responses r, _mongocrypt_tester_t *tester) {
4534
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4535
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4536
+
4537
+ // Create context.
4538
+ {
4539
+ // Use explicit encryption to simplify (no schema needed).
4540
+ ASSERT_OK(mongocrypt_ctx_setopt_key_alt_name(ctx, TEST_BSON(BSON_STR({"keyAltName" : "keyDocumentName"}))),
4541
+ ctx);
4542
+ ASSERT_OK(mongocrypt_ctx_setopt_algorithm(ctx, MONGOCRYPT_ALGORITHM_DETERMINISTIC_STR, -1), ctx);
4543
+ ASSERT_OK(mongocrypt_ctx_explicit_encrypt_init(ctx, TEST_BSON(BSON_STR({"v" : "foo"}))), ctx);
4544
+ }
4545
+
4546
+ // Feed key.
4547
+ {
4548
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
4549
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE(r.key_document)), ctx);
4550
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4551
+ }
4552
+
4553
+ // Needs KMS for oauth token.
4554
+ {
4555
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_KMS);
4556
+ mongocrypt_kms_ctx_t *kctx = mongocrypt_ctx_next_kms_ctx(ctx);
4557
+ ASSERT(kctx);
4558
+ // Feed a retryable HTTP error.
4559
+ ASSERT_OK(mongocrypt_kms_ctx_feed(kctx, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")), kctx);
4560
+ // Expect KMS request is returned again for a retry.
4561
+ kctx = mongocrypt_ctx_next_kms_ctx(ctx);
4562
+ ASSERT_OK(kctx, ctx);
4563
+ ASSERT_CMPINT64(mongocrypt_kms_ctx_usleep(kctx), >, 0);
4564
+ ASSERT_OK(mongocrypt_kms_ctx_feed(kctx, TEST_FILE(r.oauth_response)), kctx);
4565
+ ASSERT_OK(mongocrypt_ctx_kms_done(ctx), ctx);
4566
+ }
4567
+
4568
+ // Needs KMS to decrypt DEK.
4569
+ {
4570
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_KMS);
4571
+ mongocrypt_kms_ctx_t *kctx = mongocrypt_ctx_next_kms_ctx(ctx);
4572
+ ASSERT(kctx);
4573
+ // Feed a retryable HTTP error.
4574
+ ASSERT_OK(mongocrypt_kms_ctx_feed(kctx, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")), kctx);
4575
+ // Expect KMS request is returned again for a retry.
4576
+ kctx = mongocrypt_ctx_next_kms_ctx(ctx);
4577
+ ASSERT_OK(kctx, ctx);
4578
+ ASSERT_CMPINT64(mongocrypt_kms_ctx_usleep(kctx), >, 0);
4579
+ // Feed a successful response.
4580
+ ASSERT_OK(mongocrypt_kms_ctx_feed(kctx, TEST_FILE(r.decrypt_response)), kctx);
4581
+ ASSERT_OK(mongocrypt_ctx_kms_done(ctx), ctx);
4582
+ }
4583
+
4584
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
4585
+ mongocrypt_binary_t *bin = mongocrypt_binary_new();
4586
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, bin), ctx);
4587
+ mongocrypt_binary_destroy(bin);
4588
+ mongocrypt_ctx_destroy(ctx);
4589
+ mongocrypt_destroy(crypt);
4590
+ }
4591
+
4592
+ static void _test_encrypt_retry(_mongocrypt_tester_t *tester) {
4593
+ // Test that an HTTP error is retried with AWS
4594
+ {
4595
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4596
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4597
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
4598
+ _mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_KMS);
4599
+ mongocrypt_kms_ctx_t *kms_ctx = mongocrypt_ctx_next_kms_ctx(ctx);
4600
+ ASSERT_OK(kms_ctx, ctx);
4601
+ // Expect no sleep is requested before any error.
4602
+ ASSERT_CMPINT64(mongocrypt_kms_ctx_usleep(kms_ctx), ==, 0);
4603
+ // Feed a retryable HTTP error.
4604
+ ASSERT_OK(mongocrypt_kms_ctx_feed(kms_ctx, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")), kms_ctx);
4605
+ // Expect KMS request is returned again for a retry.
4606
+ kms_ctx = mongocrypt_ctx_next_kms_ctx(ctx);
4607
+ ASSERT_OK(kms_ctx, ctx);
4608
+ // Feed a successful response.
4609
+ ASSERT_OK(mongocrypt_kms_ctx_feed(kms_ctx, TEST_FILE("./test/data/kms-aws/decrypt-response.txt")), kms_ctx);
4610
+ ASSERT_OK(mongocrypt_ctx_kms_done(ctx), ctx);
4611
+ _mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_DONE);
4612
+ mongocrypt_ctx_destroy(ctx);
4613
+ mongocrypt_destroy(crypt);
4614
+ }
4615
+ // Azure
4616
+ {
4617
+ _responses r = {
4618
+ "./test/data/key-document-azure.json",
4619
+ "./test/data/kms-azure/oauth-response.txt",
4620
+ "./test/data/kms-azure/decrypt-response.txt",
4621
+ };
4622
+ _test_encrypt_retry_provider(r, tester);
4623
+ }
4624
+ // GCP
4625
+ {
4626
+ _responses r = {
4627
+ "./test/data/key-document-gcp.json",
4628
+ "./test/data/kms-gcp/oauth-response.txt",
4629
+ "./test/data/kms-gcp/decrypt-response.txt",
4630
+ };
4631
+ _test_encrypt_retry_provider(r, tester);
4632
+ }
4633
+ // Multiple keys
4634
+ {
4635
+ // Create crypt with retry enabled.
4636
+ mongocrypt_t *crypt = mongocrypt_new();
4637
+ ASSERT_OK(mongocrypt_setopt_kms_providers(
4638
+ crypt,
4639
+ TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
4640
+ crypt);
4641
+ ASSERT_OK(mongocrypt_setopt_retry_kms(crypt, true), crypt);
4642
+ ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TEST_FILE("./test/data/multikey/schema_map.json")), crypt);
4643
+ ASSERT_OK(mongocrypt_init(crypt), crypt);
4644
+
4645
+ // Encrypt a command requiring two keys.
4646
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4647
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/multikey/command.json")), ctx);
4648
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4649
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/multikey/mongocryptd_reply.json")), ctx);
4650
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4651
+
4652
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
4653
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/multikey/key-document-a.json")), ctx);
4654
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/multikey/key-document-b.json")), ctx);
4655
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4656
+
4657
+ // Expect two keys are needed. Obtain both.
4658
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_KMS);
4659
+ mongocrypt_kms_ctx_t *kctx1 = mongocrypt_ctx_next_kms_ctx(ctx);
4660
+ ASSERT(kctx1);
4661
+ mongocrypt_kms_ctx_t *kctx2 = mongocrypt_ctx_next_kms_ctx(ctx);
4662
+ ASSERT(kctx2);
4663
+
4664
+ // Feed a successful response to the first.
4665
+ ASSERT_OK(mongocrypt_kms_ctx_feed(kctx1, TEST_FILE("./test/data/kms-aws/decrypt-response.txt")), kctx1);
4666
+
4667
+ // Feed a retryable error response to the second.
4668
+ ASSERT_OK(mongocrypt_kms_ctx_feed(kctx2, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")), kctx2);
4669
+
4670
+ // Expect the retried KMS context is returned again.
4671
+ mongocrypt_kms_ctx_t *kctx_retry = mongocrypt_ctx_next_kms_ctx(ctx);
4672
+ ASSERT(kctx_retry);
4673
+ ASSERT_OK(mongocrypt_kms_ctx_feed(kctx_retry, TEST_FILE("./test/data/kms-aws/decrypt-response.txt")),
4674
+ kctx_retry);
4675
+
4676
+ ASSERT_OK(mongocrypt_ctx_kms_done(ctx), ctx);
4677
+ _mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_DONE);
4678
+ mongocrypt_ctx_destroy(ctx);
4679
+ mongocrypt_destroy(crypt);
4680
+ }
4681
+ // Test retry does not occur if not enabled.
4682
+ {
4683
+ mongocrypt_t *crypt = mongocrypt_new();
4684
+ ASSERT_OK(mongocrypt_setopt_kms_providers(
4685
+ crypt,
4686
+ TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
4687
+ crypt);
4688
+ ASSERT_OK(mongocrypt_init(crypt), crypt);
4689
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4690
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
4691
+ _mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_KMS);
4692
+ mongocrypt_kms_ctx_t *kms_ctx = mongocrypt_ctx_next_kms_ctx(ctx);
4693
+ ASSERT_OK(kms_ctx, ctx); // Give a retryable HTTP error. Expect error due to retry disabled.
4694
+ ASSERT_FAILS(mongocrypt_kms_ctx_feed(kms_ctx, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")),
4695
+ kms_ctx,
4696
+ "Error in KMS response");
4697
+ mongocrypt_ctx_destroy(ctx);
4698
+ mongocrypt_destroy(crypt);
4699
+ }
4700
+
4701
+ // Test network retry does not occur if not enabled.
4702
+ {
4703
+ mongocrypt_t *crypt = mongocrypt_new();
4704
+ ASSERT_OK(mongocrypt_setopt_kms_providers(
4705
+ crypt,
4706
+ TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
4707
+ crypt);
4708
+ ASSERT_OK(mongocrypt_init(crypt), crypt);
4709
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4710
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
4711
+ _mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_KMS);
4712
+ mongocrypt_kms_ctx_t *kms_ctx = mongocrypt_ctx_next_kms_ctx(ctx);
4713
+ ASSERT_OK(kms_ctx, ctx); // Give a retryable network error. Expect error due to retry disabled.
4714
+ ASSERT_FAILS(mongocrypt_kms_ctx_fail(kms_ctx), kms_ctx, "KMS request failed due to network error");
4715
+ mongocrypt_ctx_destroy(ctx);
4716
+ mongocrypt_destroy(crypt);
4717
+ }
4718
+ }
4719
+
4720
+ static void capture_logs(mongocrypt_log_level_t level, const char *message, uint32_t message_len, void *ctx) {
4721
+ mc_array_t *log_msgs = ctx;
4722
+ char *message_copy = bson_strdup(message);
4723
+ _mc_array_append_val(log_msgs, message_copy);
4724
+ }
4725
+
4726
+ // Regression test for: MONGOCRYPT-770
4727
+ static void _test_does_not_warn_for_empty_local_schema(_mongocrypt_tester_t *tester) {
4728
+ mongocrypt_t *crypt = mongocrypt_new();
4729
+ ASSERT_OK(mongocrypt_setopt_kms_providers(
4730
+ crypt,
4731
+ TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
4732
+ crypt);
4733
+
4734
+ mc_array_t log_msgs; // Array of char *;
4735
+ _mc_array_init(&log_msgs, sizeof(char *));
4736
+ ASSERT_OK(mongocrypt_setopt_log_handler(crypt, capture_logs, &log_msgs), crypt);
4737
+
4738
+ // Configure a local schema for "db.coll":
4739
+ ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TEST_BSON(BSON_STR({"db.coll" : {}}))), crypt);
4740
+
4741
+ ASSERT_OK(mongocrypt_init(crypt), crypt);
4742
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4743
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON(BSON_STR({"find" : "coll", "filter" : {}}))), ctx);
4744
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4745
+
4746
+ // Feed mongocryptd reply indicating `schemaRequiresEncryption: false`.
4747
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_BSON(BSON_STR({
4748
+ "hasEncryptionPlaceholders" : false,
4749
+ "schemaRequiresEncryption" : false,
4750
+ "result" : {"find" : "test", "filter" : {}},
4751
+ "ok" : {"$numberDouble" : "1.0"}
4752
+ }))),
4753
+ ctx);
4754
+
4755
+ // Expect no warning (passing an empty local schema is a valid use-case).
4756
+ if (log_msgs.len > 0) {
4757
+ TEST_STDERR_PRINTF("Got unexpected log messages:\n");
4758
+ for (size_t i = 0; i < log_msgs.len; i++) {
4759
+ TEST_STDERR_PRINTF("> %s\n", _mc_array_index(&log_msgs, char *, i));
4760
+ }
4761
+ abort();
4762
+ }
4763
+
4764
+ for (size_t i = 0; i < log_msgs.len; i++) {
4765
+ bson_free(_mc_array_index(&log_msgs, char *, i));
4766
+ }
4767
+ _mc_array_destroy(&log_msgs);
4768
+ mongocrypt_ctx_destroy(ctx);
4769
+ mongocrypt_destroy(crypt);
4770
+ }
4771
+
4772
+ static void _test_fle2_encrypted_field_config_with_bad_str_encode_version(_mongocrypt_tester_t *tester) {
4773
+ mongocrypt_t *crypt = mongocrypt_new();
4774
+
4775
+ ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
4776
+ ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(
4777
+ crypt,
4778
+ TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-encrypted-field-config-map.json")),
4779
+ crypt);
4780
+ ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
4781
+
4782
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4783
+ ASSERT_FAILS(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-insert-v2/cmd.json")),
4784
+ ctx,
4785
+ "'strEncodeVersion' of 99 is not supported");
4786
+
4787
+ mongocrypt_ctx_destroy(ctx);
4788
+ mongocrypt_destroy(crypt);
4789
+ }
4790
+
4791
+ static void _test_fle2_encrypted_fields_with_unmatching_str_encode_version(_mongocrypt_tester_t *tester) {
4792
+ mongocrypt_t *crypt = mongocrypt_new();
4793
+
4794
+ ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
4795
+ ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
4796
+ TEST_FILE("./test/data/fle2-create-encrypted-collection/"
4797
+ "encrypted-field-config-map.json")),
4798
+ crypt);
4799
+ ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
4800
+
4801
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4802
+
4803
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(
4804
+ ctx,
4805
+ "db",
4806
+ -1,
4807
+ TEST_FILE("./test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json")),
4808
+ ctx);
4809
+
4810
+ expect_and_reply_to_ismaster(ctx);
4811
+
4812
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4813
+ {
4814
+ mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
4815
+
4816
+ ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
4817
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(
4818
+ TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json"),
4819
+ cmd_to_mongocryptd);
4820
+ mongocrypt_binary_destroy(cmd_to_mongocryptd);
4821
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(
4822
+ ctx,
4823
+ TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json")),
4824
+ ctx);
4825
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4826
+ }
4827
+
4828
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
4829
+ {
4830
+ mongocrypt_binary_t *out = mongocrypt_binary_new();
4831
+ ASSERT_FAILS(mongocrypt_ctx_finalize(ctx, out),
4832
+ ctx,
4833
+ "'strEncodeVersion' of 1 does not match efc->str_encode_version of 0");
4834
+ mongocrypt_binary_destroy(out);
4835
+ }
4836
+
4837
+ mongocrypt_ctx_destroy(ctx);
4838
+ mongocrypt_destroy(crypt);
4839
+ }
4840
+
4841
+ static void _test_fle2_collinfo_with_bad_str_encode_version(_mongocrypt_tester_t *tester) {
4842
+ mongocrypt_t *crypt = mongocrypt_new();
4843
+ ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
4844
+ ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
4845
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4846
+
4847
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-insert-v2/cmd.json")), ctx);
4848
+
4849
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
4850
+ ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-collinfo.json")),
4851
+ ctx,
4852
+ "'strEncodeVersion' of 99 is not supported");
4853
+
4854
+ mongocrypt_ctx_destroy(ctx);
4855
+ mongocrypt_destroy(crypt);
4856
+ }
4857
+
4858
+ static void _test_lookup(_mongocrypt_tester_t *tester) {
4859
+ // Test $lookup works.
4860
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
4861
+ {
4862
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4863
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4864
+
4865
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
4866
+
4867
+ expect_and_reply_to_ismaster(ctx);
4868
+
4869
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
4870
+ {
4871
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
4872
+ // Feed both needed schemas.
4873
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
4874
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
4875
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4876
+ }
4877
+
4878
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4879
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
4880
+
4881
+ mongocrypt_ctx_destroy(ctx);
4882
+ mongocrypt_destroy(crypt);
4883
+ }
4884
+ #undef TF
4885
+
4886
+ // Test $lookup errors if multiple-collection support is not opted-in.
4887
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
4888
+ {
4889
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4890
+ crypt->multiple_collinfo_enabled = false;
4891
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4892
+ ASSERT_FAILS(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")),
4893
+ ctx,
4894
+ "not configured to support encrypting a command with multiple collections");
4895
+ mongocrypt_ctx_destroy(ctx);
4896
+ mongocrypt_destroy(crypt);
4897
+ }
4898
+ #undef TF
4899
+
4900
+ // Test $lookup errors if mongocryptd is too old.
4901
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
4902
+ {
4903
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4904
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4905
+
4906
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
4907
+
4908
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4909
+ {
4910
+ expect_mongo_op(ctx, TEST_BSON("{'isMaster': 1}"));
4911
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/mongocryptd-ismaster-17.json")), ctx);
4912
+ ASSERT_FAILS(mongocrypt_ctx_mongo_done(ctx), ctx, "Upgrade mongocryptd");
4913
+ }
4914
+
4915
+ mongocrypt_ctx_destroy(ctx);
4916
+ mongocrypt_destroy(crypt);
4917
+ }
4918
+ #undef TF
4919
+
4920
+ // Test nested $lookup.
4921
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-nested/" suffix)
4922
+ {
4923
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4924
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4925
+
4926
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
4927
+
4928
+ expect_and_reply_to_ismaster(ctx);
4929
+
4930
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
4931
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2", "c3" ]}})));
4932
+
4933
+ mongocrypt_ctx_destroy(ctx);
4934
+ mongocrypt_destroy(crypt);
4935
+ }
4936
+ #undef TF
4937
+
4938
+ // Test $lookup within $unionWith.
4939
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-unionWith/" suffix)
4940
+ {
4941
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4942
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4943
+
4944
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
4945
+
4946
+ expect_and_reply_to_ismaster(ctx);
4947
+
4948
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
4949
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2", "c3" ]}})));
4950
+
4951
+ mongocrypt_ctx_destroy(ctx);
4952
+ mongocrypt_destroy(crypt);
4953
+ }
4954
+ #undef TF
4955
+
4956
+ // Test $lookup within $facet.
4957
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-facet/" suffix)
4958
+ {
4959
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
4960
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4961
+
4962
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
4963
+
4964
+ expect_and_reply_to_ismaster(ctx);
4965
+
4966
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
4967
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
4968
+
4969
+ mongocrypt_ctx_destroy(ctx);
4970
+ mongocrypt_destroy(crypt);
4971
+ }
4972
+ #undef TF
4973
+
4974
+ // Test $lookup when one schema is in the schemaMap.
4975
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-schemaMap/" suffix)
4976
+ {
4977
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_SKIP_INIT);
4978
+ ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TF("schemaMap.json")), crypt);
4979
+ ASSERT_OK(mongocrypt_init(crypt), crypt);
4980
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
4981
+
4982
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
4983
+
4984
+ expect_and_reply_to_ismaster(ctx);
4985
+
4986
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
4987
+ {
4988
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
4989
+ // Feed remote schema for "c1". "c2" is found in the schemaMap.
4990
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
4991
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
4992
+ }
4993
+
4994
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
4995
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
4996
+
4997
+ mongocrypt_ctx_destroy(ctx);
4998
+ mongocrypt_destroy(crypt);
4999
+ }
5000
+ #undef TF
5001
+
5002
+ // Test $lookup with a self-lookup.
5003
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-self/" suffix)
5004
+ {
5005
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5006
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5007
+
5008
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5009
+
5010
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5011
+ {
5012
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
5013
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5014
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5015
+ }
5016
+
5017
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5018
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5019
+
5020
+ mongocrypt_ctx_destroy(ctx);
5021
+ mongocrypt_destroy(crypt);
5022
+ }
5023
+ #undef TF
5024
+
5025
+ // Test $lookup when one schema is already cached.
5026
+ {
5027
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5028
+
5029
+ // Do a self-lookup to add only "c1" to the cache.
5030
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-self/" suffix)
5031
+ {
5032
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5033
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5034
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5035
+ {
5036
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
5037
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5038
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5039
+ }
5040
+ mongocrypt_ctx_destroy(ctx);
5041
+ }
5042
+ #undef TF
5043
+
5044
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
5045
+ // Expect "c1" schema is not requested again.
5046
+ {
5047
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5048
+
5049
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5050
+ expect_and_reply_to_ismaster(ctx);
5051
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5052
+ {
5053
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c2"})));
5054
+ // Feed remaining needed schema.
5055
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5056
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5057
+ }
5058
+
5059
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5060
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5061
+
5062
+ mongocrypt_ctx_destroy(ctx);
5063
+ }
5064
+ mongocrypt_destroy(crypt);
5065
+ }
5066
+
5067
+ #undef TF
5068
+
5069
+ // Test $lookup caches no collinfo results as empty schemas.
5070
+ {
5071
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5072
+
5073
+ // Do a self-lookup to add only "c1" to the cache.
5074
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
5075
+ {
5076
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5077
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5078
+ expect_and_reply_to_ismaster(ctx);
5079
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5080
+ // Feed no collinfo results. Expect "c1" and "c2" to be cached as empty schemas.
5081
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5082
+ mongocrypt_ctx_destroy(ctx);
5083
+ }
5084
+ #undef TF
5085
+
5086
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
5087
+ // Expect "c1" schema is not requested again.
5088
+ {
5089
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5090
+
5091
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5092
+ expect_and_reply_to_ismaster(ctx);
5093
+ // Expect no more schemas are needed (both empty).
5094
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5095
+ mongocrypt_ctx_destroy(ctx);
5096
+ }
5097
+ mongocrypt_destroy(crypt);
5098
+ }
5099
+ #undef TF
5100
+ // Test $lookup from a view.
5101
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-view/" suffix)
5102
+ {
5103
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5104
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5105
+
5106
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5107
+ expect_and_reply_to_ismaster(ctx);
5108
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5109
+ {
5110
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "v1" ]}})));
5111
+
5112
+ // Feed both needed schemas.
5113
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5114
+ ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-v1.json")), ctx, "cannot auto encrypt a view");
5115
+ }
5116
+
5117
+ mongocrypt_ctx_destroy(ctx);
5118
+ mongocrypt_destroy(crypt);
5119
+ }
5120
+ #undef TF
5121
+ // Test $lookup with feeding the same schema twice.
5122
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
5123
+ {
5124
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5125
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5126
+
5127
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5128
+ expect_and_reply_to_ismaster(ctx);
5129
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5130
+ {
5131
+ // Feed schema for "c2" twice.
5132
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5133
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5134
+ ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx, "unexpected duplicate");
5135
+ }
5136
+
5137
+ mongocrypt_ctx_destroy(ctx);
5138
+ mongocrypt_destroy(crypt);
5139
+ }
5140
+ #undef TF
5141
+
5142
+ // Test $lookup with with feeding a non-matching schema.
5143
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-mismatch/" suffix)
5144
+ {
5145
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5146
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5147
+
5148
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5149
+ expect_and_reply_to_ismaster(ctx);
5150
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5151
+ {
5152
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5153
+ ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c3.json")), ctx, "got unexpected collinfo");
5154
+ }
5155
+
5156
+ mongocrypt_ctx_destroy(ctx);
5157
+ mongocrypt_destroy(crypt);
5158
+ }
5159
+ #undef TF
5160
+
5161
+ // Test $lookup with only local schemas.
5162
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-only-schemaMap/" suffix)
5163
+ {
5164
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_SKIP_INIT);
5165
+ ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TF("schemaMap.json")), crypt);
5166
+ ASSERT_OK(mongocrypt_init(crypt), crypt);
5167
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5168
+
5169
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5170
+ expect_and_reply_to_ismaster(ctx);
5171
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5172
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5173
+
5174
+ mongocrypt_ctx_destroy(ctx);
5175
+ mongocrypt_destroy(crypt);
5176
+ }
5177
+ #undef TF
5178
+
5179
+ // Test $lookup from a collection that has no $jsonSchema configured.
5180
+ #define TF(suffix) TEST_FILE("./test/data/lookup/csfle-sibling/" suffix)
5181
+ {
5182
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5183
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5184
+
5185
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5186
+ expect_and_reply_to_ismaster(ctx);
5187
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5188
+ {
5189
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5190
+ // Feed both needed schemas.
5191
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5192
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5193
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5194
+ }
5195
+
5196
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5197
+ {
5198
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5199
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("reply-from-mongocryptd.json")), ctx);
5200
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5201
+ }
5202
+
5203
+ mongocrypt_ctx_destroy(ctx);
5204
+ mongocrypt_destroy(crypt);
5205
+ }
5206
+ #undef TF
5207
+
5208
+ // Test $lookup with QE.
5209
+ #define TF(suffix) TEST_FILE("./test/data/lookup/qe/" suffix)
5210
+ {
5211
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5212
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5213
+
5214
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5215
+ expect_and_reply_to_ismaster(ctx);
5216
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5217
+ {
5218
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5219
+ // Feed both needed schemas.
5220
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5221
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5222
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5223
+ }
5224
+
5225
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5226
+ {
5227
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5228
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5229
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5230
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5231
+ }
5232
+
5233
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5234
+ {
5235
+ // Expect no `encryptionInformation` since no encryption payloads.
5236
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5237
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5238
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5239
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5240
+ mongocrypt_binary_destroy(got);
5241
+ }
5242
+
5243
+ mongocrypt_ctx_destroy(ctx);
5244
+ mongocrypt_destroy(crypt);
5245
+ }
5246
+ #undef TF
5247
+
5248
+ // Test $lookup with QE with an encrypted payload.
5249
+ #define TF(suffix) TEST_FILE("./test/data/lookup/qe-with-payload/" suffix)
5250
+ {
5251
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5252
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5253
+
5254
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5255
+ expect_and_reply_to_ismaster(ctx);
5256
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5257
+ {
5258
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5259
+ // Feed both needed schemas.
5260
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5261
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5262
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5263
+ }
5264
+
5265
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5266
+ {
5267
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5268
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5269
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5270
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5271
+ }
5272
+
5273
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
5274
+ {
5275
+ mongocrypt_binary_t *to_feed = TF("key-doc.json");
5276
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5277
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5278
+ }
5279
+
5280
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5281
+ {
5282
+ // Expect `encryptionInformation` since command has encryption payloads.
5283
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5284
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5285
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5286
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5287
+ mongocrypt_binary_destroy(got);
5288
+ }
5289
+
5290
+ mongocrypt_ctx_destroy(ctx);
5291
+ mongocrypt_destroy(crypt);
5292
+ }
5293
+ #undef TF
5294
+
5295
+ // Test $lookup with QE from encryptedFieldsMap.
5296
+ #define TF(suffix) TEST_FILE("./test/data/lookup/qe-encryptedFieldsMap/" suffix)
5297
+ {
5298
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_SKIP_INIT);
5299
+ ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TF("encryptedFieldsMap.json")), crypt);
5300
+ ASSERT_OK(mongocrypt_init(crypt), crypt);
5301
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5302
+
5303
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5304
+ expect_and_reply_to_ismaster(ctx);
5305
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5306
+ {
5307
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
5308
+ // Only feed collinfo for c1. c2 is included in encryptedFieldsMap.
5309
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5310
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5311
+ }
5312
+
5313
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5314
+ {
5315
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5316
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5317
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5318
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5319
+ }
5320
+
5321
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
5322
+ {
5323
+ mongocrypt_binary_t *to_feed = TF("key-doc.json");
5324
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5325
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5326
+ }
5327
+
5328
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5329
+ {
5330
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5331
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5332
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5333
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5334
+ mongocrypt_binary_destroy(got);
5335
+ }
5336
+
5337
+ mongocrypt_ctx_destroy(ctx);
5338
+ mongocrypt_destroy(crypt);
5339
+ }
5340
+ #undef TF
5341
+
5342
+ // Test $lookup with QE with self-lookup.
5343
+ #define TF(suffix) TEST_FILE("./test/data/lookup/qe-self/" suffix)
5344
+ {
5345
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5346
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5347
+
5348
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5349
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5350
+ {
5351
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
5352
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5353
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5354
+ }
5355
+
5356
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5357
+ {
5358
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5359
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5360
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5361
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5362
+ }
5363
+
5364
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
5365
+ {
5366
+ mongocrypt_binary_t *to_feed = TF("key-doc.json");
5367
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5368
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5369
+ }
5370
+
5371
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5372
+ {
5373
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5374
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5375
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5376
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5377
+ mongocrypt_binary_destroy(got);
5378
+ }
5379
+
5380
+ mongocrypt_ctx_destroy(ctx);
5381
+ mongocrypt_destroy(crypt);
5382
+ }
5383
+ #undef TF
5384
+
5385
+ // Test $lookup with QE from from cache.
5386
+ {
5387
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5388
+
5389
+ // Do a self-lookup to add only "c1" to the cache.
5390
+ #define TF(suffix) TEST_FILE("./test/data/lookup/qe-self/" suffix)
5391
+ {
5392
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5393
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5394
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5395
+ {
5396
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
5397
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5398
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5399
+ }
5400
+ mongocrypt_ctx_destroy(ctx);
5401
+ }
5402
+ #undef TF
5403
+
5404
+ #define TF(suffix) TEST_FILE("./test/data/lookup/qe-with-payload/" suffix)
5405
+ // Expect "c1" schema is not requested again.
5406
+ {
5407
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5408
+
5409
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5410
+ expect_and_reply_to_ismaster(ctx);
5411
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5412
+ {
5413
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c2"})));
5414
+ // Feed remaining needed schema.
5415
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5416
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5417
+ }
5418
+
5419
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5420
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5421
+
5422
+ mongocrypt_ctx_destroy(ctx);
5423
+ }
5424
+ mongocrypt_destroy(crypt);
5425
+ }
5426
+
5427
+ #undef TF
5428
+
5429
+ // Test $lookup with mixed: QE + CSFLE
5430
+ #define TF(suffix) TEST_FILE("./test/data/lookup/mixed/qe/csfle/" suffix)
5431
+ {
5432
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5433
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5434
+
5435
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5436
+ expect_and_reply_to_ismaster(ctx);
5437
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5438
+ {
5439
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5440
+
5441
+ // Feed both needed schemas.
5442
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5443
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5444
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5445
+ }
5446
+
5447
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5448
+ {
5449
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5450
+ ASSERT_FAILS(mongocrypt_ctx_mongo_op(ctx, got), ctx, "currently not supported");
5451
+ mongocrypt_binary_destroy(got);
5452
+ }
5453
+
5454
+ mongocrypt_ctx_destroy(ctx);
5455
+ mongocrypt_destroy(crypt);
5456
+ }
5457
+ #undef TF
5458
+
5459
+ // Test $lookup with mixed: QE + no-schema
5460
+ #define TF(suffix) TEST_FILE("./test/data/lookup/mixed/qe/no-schema/" suffix)
5461
+ {
5462
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5463
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5464
+
5465
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5466
+ expect_and_reply_to_ismaster(ctx);
5467
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5468
+ {
5469
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5470
+ // Feed both needed schemas.
5471
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5472
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5473
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5474
+ }
5475
+
5476
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5477
+ {
5478
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5479
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5480
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5481
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5482
+ }
5483
+
5484
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
5485
+ {
5486
+ mongocrypt_binary_t *to_feed = TF("key-doc.json");
5487
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5488
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5489
+ }
5490
+
5491
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5492
+ {
5493
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5494
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5495
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5496
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5497
+ mongocrypt_binary_destroy(got);
5498
+ }
5499
+
5500
+ mongocrypt_ctx_destroy(ctx);
5501
+ mongocrypt_destroy(crypt);
5502
+ }
5503
+ #undef TF
5504
+
5505
+ // Test $lookup with mixed: QE + QE
5506
+ #define TF(suffix) TEST_FILE("./test/data/lookup/mixed/qe/qe/" suffix)
5507
+ {
5508
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5509
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5510
+
5511
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5512
+ expect_and_reply_to_ismaster(ctx);
5513
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5514
+ {
5515
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5516
+ // Feed both needed schemas.
5517
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5518
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5519
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5520
+ }
5521
+
5522
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5523
+ {
5524
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5525
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5526
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5527
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5528
+ }
5529
+
5530
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
5531
+ {
5532
+ mongocrypt_binary_t *to_feed = TF("key-doc.json");
5533
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5534
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5535
+ }
5536
+
5537
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5538
+ {
5539
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5540
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5541
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5542
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5543
+ mongocrypt_binary_destroy(got);
5544
+ }
5545
+
5546
+ mongocrypt_ctx_destroy(ctx);
5547
+ mongocrypt_destroy(crypt);
5548
+ }
5549
+ #undef TF
5550
+
5551
+ // Test $lookup with mixed: CSFLE + CSFLE.
5552
+ #define TF(suffix) TEST_FILE("./test/data/lookup/mixed/csfle/csfle/" suffix)
5553
+ {
5554
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5555
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5556
+
5557
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5558
+ expect_and_reply_to_ismaster(ctx);
5559
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5560
+ {
5561
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5562
+ // Feed both needed schemas.
5563
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5564
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5565
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5566
+ }
5567
+
5568
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5569
+ {
5570
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5571
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5572
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5573
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5574
+ }
5575
+
5576
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
5577
+ {
5578
+ mongocrypt_binary_t *to_feed = TF("key-doc.json");
5579
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5580
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5581
+ }
5582
+
5583
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5584
+ {
5585
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5586
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5587
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5588
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5589
+ mongocrypt_binary_destroy(got);
5590
+ }
5591
+
5592
+ mongocrypt_ctx_destroy(ctx);
5593
+ mongocrypt_destroy(crypt);
5594
+ }
5595
+ #undef TF
5596
+
5597
+ #define TF(suffix) TEST_FILE("./test/data/lookup/mixed/csfle/qe/" suffix)
5598
+ {
5599
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5600
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5601
+
5602
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5603
+ expect_and_reply_to_ismaster(ctx);
5604
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5605
+ {
5606
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5607
+ // Feed both needed schemas.
5608
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5609
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5610
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5611
+ }
5612
+
5613
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5614
+ {
5615
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5616
+ ASSERT_FAILS(mongocrypt_ctx_mongo_op(ctx, got), ctx, "This is currently not supported");
5617
+ mongocrypt_binary_destroy(got);
5618
+ }
5619
+
5620
+ mongocrypt_ctx_destroy(ctx);
5621
+ mongocrypt_destroy(crypt);
5622
+ }
5623
+ #undef TF
5624
+
5625
+ #define TF(suffix) TEST_FILE("./test/data/lookup/mixed/csfle/no-schema/" suffix)
5626
+ {
5627
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5628
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5629
+
5630
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5631
+ expect_and_reply_to_ismaster(ctx);
5632
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5633
+ {
5634
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5635
+ // Feed both needed schemas.
5636
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5637
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5638
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5639
+ }
5640
+
5641
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5642
+ {
5643
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5644
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5645
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5646
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5647
+ }
5648
+
5649
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
5650
+ {
5651
+ mongocrypt_binary_t *to_feed = TF("key-doc.json");
5652
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5653
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5654
+ }
5655
+
5656
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5657
+ {
5658
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5659
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5660
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5661
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5662
+ mongocrypt_binary_destroy(got);
5663
+ }
5664
+
5665
+ mongocrypt_ctx_destroy(ctx);
5666
+ mongocrypt_destroy(crypt);
5667
+ }
5668
+ #undef TF
5669
+
5670
+ #define TF(suffix) TEST_FILE("./test/data/lookup/mixed/no-schema/csfle/" suffix)
5671
+ {
5672
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5673
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5674
+
5675
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5676
+ expect_and_reply_to_ismaster(ctx);
5677
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5678
+ {
5679
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5680
+ // Feed both needed schemas.
5681
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5682
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5683
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5684
+ }
5685
+
5686
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5687
+ {
5688
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5689
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5690
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5691
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5692
+ }
5693
+
5694
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
5695
+ {
5696
+ mongocrypt_binary_t *to_feed = TF("key-doc.json");
5697
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5698
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5699
+ }
5700
+
5701
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5702
+ {
5703
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5704
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5705
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5706
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5707
+ mongocrypt_binary_destroy(got);
5708
+ }
5709
+ mongocrypt_ctx_destroy(ctx);
5710
+ mongocrypt_destroy(crypt);
5711
+ }
5712
+ #undef TF
5713
+
5714
+ #define TF(suffix) TEST_FILE("./test/data/lookup/mixed/no-schema/no-schema/" suffix)
5715
+ {
5716
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5717
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5718
+
5719
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5720
+ expect_and_reply_to_ismaster(ctx);
5721
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5722
+ {
5723
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5724
+ // Feed both needed schemas.
5725
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5726
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5727
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5728
+ }
5729
+
5730
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5731
+ {
5732
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5733
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5734
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5735
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5736
+ }
5737
+
5738
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5739
+ {
5740
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5741
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5742
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5743
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5744
+ mongocrypt_binary_destroy(got);
5745
+ }
5746
+ mongocrypt_ctx_destroy(ctx);
5747
+ mongocrypt_destroy(crypt);
5748
+ }
5749
+ #undef TF
5750
+
5751
+ #define TF(suffix) TEST_FILE("./test/data/lookup/mixed/no-schema/qe/" suffix)
5752
+ {
5753
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
5754
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
5755
+
5756
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
5757
+ expect_and_reply_to_ismaster(ctx);
5758
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
5759
+ {
5760
+ expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
5761
+ // Feed both needed schemas.
5762
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
5763
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
5764
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5765
+ }
5766
+
5767
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
5768
+ {
5769
+ expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
5770
+ mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
5771
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5772
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5773
+ }
5774
+
5775
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
5776
+ {
5777
+ mongocrypt_binary_t *to_feed = TF("key-doc.json");
5778
+ ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
5779
+ ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
5780
+ }
5781
+
5782
+ ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
5783
+ {
5784
+ mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
5785
+ mongocrypt_binary_t *got = mongocrypt_binary_new();
5786
+ ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
5787
+ ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
5788
+ mongocrypt_binary_destroy(got);
5789
+ }
5790
+ mongocrypt_ctx_destroy(ctx);
5791
+ mongocrypt_destroy(crypt);
5792
+ }
5793
+ #undef TF
5794
+ }
5795
+
5479
5796
  void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
5480
5797
  INSTALL_TEST(_test_explicit_encrypt_init);
5481
5798
  INSTALL_TEST(_test_encrypt_init);
@@ -5489,12 +5806,12 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
5489
5806
  INSTALL_TEST(_test_local_schema);
5490
5807
  INSTALL_TEST(_test_encrypt_caches_collinfo);
5491
5808
  INSTALL_TEST(_test_encrypt_caches_keys);
5809
+ INSTALL_TEST(_test_encrypt_cache_expiration);
5492
5810
  INSTALL_TEST(_test_encrypt_caches_keys_by_alt_name);
5493
5811
  INSTALL_TEST(_test_encrypt_random);
5494
5812
  INSTALL_TEST(_test_encrypt_is_remote_schema);
5495
5813
  INSTALL_TEST(_test_encrypt_init_each_cmd);
5496
5814
  INSTALL_TEST(_test_encrypt_invalid_siblings);
5497
- INSTALL_TEST(_test_encrypt_dupe_jsonschema);
5498
5815
  INSTALL_TEST(_test_encrypting_with_explicit_encryption);
5499
5816
  INSTALL_TEST(_test_explicit_encryption);
5500
5817
  INSTALL_TEST(_test_encrypt_empty_aws);
@@ -5510,8 +5827,8 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
5510
5827
  INSTALL_TEST(_test_encrypt_no_schema);
5511
5828
  INSTALL_TEST(_test_encrypt_remote_encryptedfields);
5512
5829
  INSTALL_TEST(_test_encrypt_with_bypassqueryanalysis);
5513
- INSTALL_TEST(_test_FLE2EncryptionPlaceholder_parse);
5514
5830
  INSTALL_TEST(_test_encrypt_fle2_insert_payload);
5831
+ INSTALL_TEST(_test_encrypt_fle2_insert_payload_with_str_encode_version);
5515
5832
  INSTALL_TEST(_test_encrypt_fle2_find_payload);
5516
5833
  INSTALL_TEST(_test_encrypt_fle2_unindexed_encrypted_payload);
5517
5834
  INSTALL_TEST(_test_encrypt_fle2_explicit);
@@ -5532,11 +5849,18 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
5532
5849
  INSTALL_TEST(_test_fle1_create_old_mongocryptd);
5533
5850
  INSTALL_TEST(_test_fle1_create_with_csfle);
5534
5851
  INSTALL_TEST(_test_fle2_create);
5852
+ INSTALL_TEST(_test_fle2_create_with_encrypted_fields);
5853
+ INSTALL_TEST(_test_fle2_create_with_encrypted_fields_and_str_encode_version);
5854
+ INSTALL_TEST(_test_fle2_create_with_encrypted_fields_unset_str_encode_version);
5855
+ INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields);
5856
+ INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields_and_str_encode_version);
5857
+ INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields_unset_str_encode_version);
5858
+ INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields_unmatching_str_encode_version);
5859
+ INSTALL_TEST(_test_fle2_create_does_not_cache_empty_schema);
5535
5860
  INSTALL_TEST(_test_fle2_create_bypass_query_analysis);
5536
5861
  INSTALL_TEST(_test_encrypt_macos_no_ctr);
5537
5862
  INSTALL_TEST(_test_fle1_collmod_with_jsonSchema);
5538
5863
  INSTALL_TEST(_test_fle1_collmod_without_jsonSchema);
5539
- INSTALL_TEST(_test_FLE2EncryptionPlaceholder_range_parse);
5540
5864
  INSTALL_TEST(_test_encrypt_fle2_insert_range_payload_int32);
5541
5865
  INSTALL_TEST(_test_encrypt_fle2_insert_range_payload_int64);
5542
5866
  INSTALL_TEST(_test_encrypt_fle2_insert_range_payload_date);
@@ -5555,8 +5879,16 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
5555
5879
  INSTALL_TEST(_test_encrypt_fle2_find_range_payload_decimal128);
5556
5880
  INSTALL_TEST(_test_encrypt_fle2_find_range_payload_decimal128_precision);
5557
5881
  #endif
5882
+ INSTALL_TEST(_test_encrypt_fle2_insert_text_search_payload);
5883
+ INSTALL_TEST(_test_encrypt_fle2_insert_text_search_payload_with_str_encode_version);
5558
5884
  INSTALL_TEST(_test_bulkWrite);
5559
5885
  INSTALL_TEST(_test_rangePreview_fails);
5560
5886
  INSTALL_TEST(_test_no_trimFactor);
5561
5887
  INSTALL_TEST(_test_range_sends_cryptoParams);
5888
+ INSTALL_TEST(_test_encrypt_retry);
5889
+ INSTALL_TEST(_test_does_not_warn_for_empty_local_schema);
5890
+ INSTALL_TEST(_test_fle2_encrypted_field_config_with_bad_str_encode_version);
5891
+ INSTALL_TEST(_test_fle2_encrypted_fields_with_unmatching_str_encode_version);
5892
+ INSTALL_TEST(_test_fle2_collinfo_with_bad_str_encode_version);
5893
+ INSTALL_TEST(_test_lookup);
5562
5894
  }