libmongocrypt-helper 1.11.0.0.1001 → 1.13.2.0.1001
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +27 -1
- data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +13 -2
- data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -7
- data/ext/libmongocrypt/libmongocrypt/CONTRIBUTING.md +14 -0
- data/ext/libmongocrypt/libmongocrypt/Earthfile +49 -50
- data/ext/libmongocrypt/libmongocrypt/README.md +39 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/README.md +4 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +14 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/state_machine.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +39 -7
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +32 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pyproject.toml +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +0 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +13 -12
- data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +4 -2
- data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +1 -1
- data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +37 -40
- data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/etc/format.sh +0 -2
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-in-functions.patch +158 -0
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +3 -3
- data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/integrating.md +51 -13
- data/ext/libmongocrypt/libmongocrypt/kms-message/README.md +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_windows.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_response_parser.h +3 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_response_parser.c +8 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +25 -8
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +12 -10
- data/ext/libmongocrypt/libmongocrypt/src/mc-cmp-private.h +137 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +35 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +5 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +99 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +226 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private-v2.h +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +39 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +165 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private-v2.h +183 -60
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +498 -115
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds-private.h +10 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block-private.h +49 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +98 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +1 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +6 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +126 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +1075 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +95 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +304 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +45 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +248 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +112 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +166 -2
- data/ext/libmongocrypt/libmongocrypt/src/mlib/windows-lean.h +2 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +11 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +36 -3
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-private.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +8 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +429 -858
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +55 -19
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +13 -10
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +15 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-private.h +9 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key.c +6 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx-private.h +6 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +174 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-log.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +4 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +518 -524
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +8 -12
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +25 -9
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +65 -6
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1434 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +2884 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +139 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.h +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/missing-key-id/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-extraField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-missingKeyId.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-badVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-goodVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-badVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-goodVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-twoFields.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-field-config-map.json +1 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1DeterministicEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1RandomEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2FindEqualityPayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges-V2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/insert-indexed.json → explicit-decrypt/FLE2InsertUpdatePayload.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/find-with-encryptionInformation.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-collinfo.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/int32/encrypted-field-map.json → fle2-bad-str-encode-version/bad-encrypted-field-config-map.json} +7 -12
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-bad-str-encode-version}/encrypted-payload.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-field-config-map.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd-to-mongocryptd.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-equality/encrypted-field-map.json → fle2-create-encrypted-collection/encrypted-field-config-map.json} +9 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/encrypted-payload.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/mongocryptd-reply.json +50 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload-v2.json +57 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/mongocryptd-reply.json +63 -64
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload-v2.json +64 -66
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/mongocryptd-reply.json +69 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongod.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/reply-from-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-field-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/double → fle2-insert-text-search}/encrypted-field-map.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/date → fle2-insert-text-search-with-str-encode-version}/encrypted-field-map.json +12 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/encrypted-field-map.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/mongocryptd-reply.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd-to-mongocryptd.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd.json +22 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-field-config-map.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/mongocryptd-reply.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +62 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneRangeV2.json +9 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneText.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneTextLarge.json +930 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneV2.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/kms-tests.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-facet/cmd.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/cs/MongoDB.Libmongocrypt.Test/test/example/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c1.json} +12 -10
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c3.json} +13 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-nested/cmd.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/schemaMap.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd-to-mongocryptd.json +34 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd-to-mongocryptd.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c2.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/reply-from-mongocryptd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-unionWith/cmd.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-v1.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/keys/ABCDEFAB123498761234123456789012-local-document.json → test/data/lookup/mixed/csfle/csfle/key-doc.json} +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongocryptd.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongod.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/reply-from-mongocryptd.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongod.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/reply-from-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongod.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/reply-from-mongocryptd.json +63 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongocryptd.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongod.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/reply-from-mongocryptd.json +68 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert-unindexed/encrypted-field-map.json → lookup/qe-encryptedFieldsMap/encryptedFieldsMap.json} +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongod.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/reply-from-mongocryptd.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongod.json +75 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-create/mongocryptd-ismaster.json → mongocryptd-ismaster-17.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-ismaster-26.json +12 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/command.json +7 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/key-document.json → test/data/multikey/key-document-a.json} +18 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/key-document-b.json +37 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/mongocryptd_reply.json +34 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/schema_map.json +35 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/kms-reply.txt → test/data/rmd/kms-decrypt-reply-429.txt} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-jsonSchema.json +43 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-noSchema.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/create-with-jsonSchema.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields2.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFieldsMap.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema2.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-cmp.c +304 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +468 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +20 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev-v2.c +370 -22
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +25 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +24 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-tag-and-encrypted-metadata-block.c +91 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +32 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +68 -75
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-schema-broker.c +1124 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +1207 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +144 -37
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +13 -14
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +21 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +3 -20
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +57 -46
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +37 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +226 -146
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +1529 -1197
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +79 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +160 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +7 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +6 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +750 -110
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +143 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +39 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +97 -0
- data/lib/libmongocrypt_helper/version.rb +2 -2
- metadata +233 -225
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/CMakeLists.txt +0 -17
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Driver.snk +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/AssemblyInfo.cs +0 -4
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Binary.cs +0 -145
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/BinarySafeHandle.cs +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CheckableSafeHandle.cs +0 -46
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CipherCallbacks.cs +0 -168
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/ContextSafeHandle.cs +0 -48
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClient.cs +0 -257
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClientFactory.cs +0 -138
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptContext.cs +0 -214
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptException.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptOptions.cs +0 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HashCallback.cs +0 -59
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HmacShaCallbacks.cs +0 -96
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/IStatus.cs +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsCredentials.cs +0 -53
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsKeyId.cs +0 -91
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequest.cs +0 -125
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequestCollection.cs +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Library.cs +0 -684
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoader.cs +0 -289
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoadingException.cs +0 -34
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/License.txt +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LogLevel.cs +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoCryptSafeHandle.cs +0 -48
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.csproj +0 -107
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.ruleset +0 -85
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.targets +0 -21
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/OperatingSystemHelper.cs +0 -59
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Package.include.template.csproj +0 -38
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/PinnedBinary.cs +0 -49
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SecureRandomCallback.cs +0 -51
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SigningRSAESPKCSCallback.cs +0 -74
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Status.cs +0 -94
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StatusSafeHandle.cs +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StyleCop.ruleset +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/stylecop.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/MongoDB.Libmongocrypt.Example.csproj +0 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Package.include.template.csproj +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Program.cs +0 -442
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BasicTests.cs +0 -748
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BsonUtil.cs +0 -82
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CallbackUtils.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CipherCallbacksTests.cs +0 -46
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HashCallbackTests.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HmacShaCallbacksTests.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/MongoDB.Libmongocrypt.Test.csproj +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/Package.include.template.csproj +0 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/SigningRSAESPKCSCallbackTests.cs +0 -64
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/command-reply.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command-reply.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-value.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-document.json +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/list-collections-filter.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/mongocryptd-command.json +0 -22
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/xunit.runner.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/BasicTests.cs +0 -54
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/MongoDB.Libmongocrypt.Test32.csproj +0 -44
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/Package.include.template.csproj +0 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.cake +0 -215
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.config +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.ps1 +0 -275
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.sh +0 -77
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/README.md +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +0 -28
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +0 -217
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +0 -24
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +0 -354
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +0 -5
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +0 -234
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +0 -89
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/BinaryHolder.java +0 -45
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +0 -1165
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +0 -96
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +0 -92
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/DisposableMemory.java +0 -31
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/JULLogger.java +0 -130
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Logger.java +0 -144
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Loggers.java +0 -50
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MacCallback.java +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MessageDigestCallback.java +0 -55
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoAwsKmsProviderOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypt.java +0 -100
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContext.java +0 -137
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContextImpl.java +0 -164
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptException.java +0 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +0 -423
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptOptions.java +0 -284
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypts.java +0 -38
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoDataKeyOptions.java +0 -125
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +0 -227
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptor.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptorImpl.java +0 -105
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoLocalKmsProviderOptions.java +0 -83
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoRewrapManyDataKeyOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SLF4JLogger.java +0 -110
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SecureRandomCallback.java +0 -51
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SigningRSAESPKCSCallback.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/package-info.java +0 -18
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +0 -180
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +0 -134
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +0 -389
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command-reply.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command-reply.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-value.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/rangeopts.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/value-to-encrypt.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/json-schema.json +0 -15
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter-keyAltName.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/list-collections-filter.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-command.json +0 -22
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-reply.json +0 -18
- data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +0 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-schema.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +0 -47
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/collinfo.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/ismaster-to-mongocryptd.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload.json +0 -91
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload.json +0 -98
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-payload.json +0 -41
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/mongocryptd-reply.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/cmd.json +0 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-payload.json +0 -51
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/mongocryptd-reply.json +0 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/cmd.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-payload.json +0 -54
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/mongocryptd-reply.json +0 -62
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-payload.json +0 -48
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/mongocryptd-reply.json +0 -56
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-payload.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/mongocryptd-reply.json +0 -46
- data/ext/libmongocrypt/libmongocrypt/test/data/schema.json +0 -19
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/find-indexed.json → explicit-decrypt/FLE2FindEqualityPayload.json} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-text-search-with-str-encode-version}/cmd.json +0 -0
@@ -18,7 +18,9 @@
|
|
18
18
|
|
19
19
|
#include "kms_message/kms_b64.h"
|
20
20
|
#include "mongocrypt-crypto-private.h" // MONGOCRYPT_KEY_LEN
|
21
|
+
#include "mongocrypt.h"
|
21
22
|
#include "test-mongocrypt-assert-match-bson.h"
|
23
|
+
#include "test-mongocrypt-assert.h"
|
22
24
|
#include "test-mongocrypt-crypto-std-hooks.h"
|
23
25
|
#include "test-mongocrypt.h"
|
24
26
|
|
@@ -507,9 +509,7 @@ static void _test_encrypt_need_markings(_mongocrypt_tester_t *tester) {
|
|
507
509
|
|
508
510
|
static void _test_encrypt_csfle_no_needs_markings(_mongocrypt_tester_t *tester) {
|
509
511
|
if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
|
510
|
-
|
511
|
-
"_test_encrypt_csfle_no_needs_markings test is a no-op.",
|
512
|
-
stderr);
|
512
|
+
TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
|
513
513
|
return;
|
514
514
|
}
|
515
515
|
|
@@ -616,7 +616,7 @@ static void _test_view(_mongocrypt_tester_t *tester) {
|
|
616
616
|
|
617
617
|
crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
618
618
|
ctx = mongocrypt_ctx_new(crypt);
|
619
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1,
|
619
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_BSON(BSON_STR({"find" : "v", "filter" : {}}))), ctx);
|
620
620
|
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
621
621
|
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/collection-info-view.json")),
|
622
622
|
ctx,
|
@@ -755,6 +755,32 @@ static void _test_encrypt_caches_keys(_mongocrypt_tester_t *tester) {
|
|
755
755
|
mongocrypt_destroy(crypt);
|
756
756
|
}
|
757
757
|
|
758
|
+
static void _test_encrypt_cache_expiration(_mongocrypt_tester_t *tester) {
|
759
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_SHORT_CACHE);
|
760
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
761
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
|
762
|
+
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_DONE);
|
763
|
+
mongocrypt_ctx_destroy(ctx);
|
764
|
+
|
765
|
+
// Sleep to trigger cache expiration.
|
766
|
+
// Cache entries expire after 1ms, but use 20ms to avoid timing errors observed on Windows distros: CDRIVER-4526
|
767
|
+
_usleep(20 * 1000);
|
768
|
+
/* The next context requests keys again
|
769
|
+
*/
|
770
|
+
ctx = mongocrypt_ctx_new(crypt);
|
771
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
|
772
|
+
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
773
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/example/mongocryptd-reply.json")), ctx);
|
774
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
775
|
+
BSON_ASSERT(mongocrypt_ctx_state(ctx) == MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
776
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/example/key-document.json")), ctx);
|
777
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
778
|
+
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_DONE);
|
779
|
+
|
780
|
+
mongocrypt_ctx_destroy(ctx);
|
781
|
+
mongocrypt_destroy(crypt);
|
782
|
+
}
|
783
|
+
|
758
784
|
static void _test_encrypt_caches_keys_by_alt_name(_mongocrypt_tester_t *tester) {
|
759
785
|
mongocrypt_t *crypt;
|
760
786
|
mongocrypt_ctx_t *ctx;
|
@@ -979,28 +1005,8 @@ static void _test_encrypt_invalid_siblings(_mongocrypt_tester_t *tester) {
|
|
979
1005
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
980
1006
|
|
981
1007
|
BSON_ASSERT(MONGOCRYPT_CTX_NEED_MONGO_MARKINGS == mongocrypt_ctx_state(ctx));
|
982
|
-
|
983
|
-
|
984
|
-
"JSON schema validator has siblings");
|
985
|
-
|
986
|
-
mongocrypt_ctx_destroy(ctx);
|
987
|
-
mongocrypt_destroy(crypt);
|
988
|
-
}
|
989
|
-
|
990
|
-
static void _test_encrypt_dupe_jsonschema(_mongocrypt_tester_t *tester) {
|
991
|
-
mongocrypt_t *crypt;
|
992
|
-
mongocrypt_ctx_t *ctx;
|
993
|
-
|
994
|
-
crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
995
|
-
ctx = mongocrypt_ctx_new(crypt);
|
996
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
|
997
|
-
|
998
|
-
BSON_ASSERT(MONGOCRYPT_CTX_NEED_MONGO_COLLINFO == mongocrypt_ctx_state(ctx));
|
999
|
-
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx,
|
1000
|
-
TEST_BSON("{'options': {'validator': { '$jsonSchema': {}, "
|
1001
|
-
"'$jsonSchema': {} } } }")),
|
1002
|
-
ctx,
|
1003
|
-
"duplicate $jsonSchema");
|
1008
|
+
// MONGOCRYPT-771 removes checks for sibling validators.
|
1009
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/example/mongocryptd-reply.json")), ctx);
|
1004
1010
|
|
1005
1011
|
mongocrypt_ctx_destroy(ctx);
|
1006
1012
|
mongocrypt_destroy(crypt);
|
@@ -1302,9 +1308,6 @@ static void _test_encrypt_with_encrypted_field_config_map(_mongocrypt_tester_t *
|
|
1302
1308
|
mongocrypt_setopt_kms_providers(crypt, TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
1303
1309
|
crypt);
|
1304
1310
|
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_BSON("{'db.coll': {'fields': []}}")), crypt);
|
1305
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1306
|
-
// QEv1 is still supported.
|
1307
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1308
1311
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1309
1312
|
|
1310
1313
|
/* Test encrypting a command on a collection present in the encrypted field
|
@@ -1412,9 +1415,6 @@ static void _test_encrypt_remote_encryptedfields(_mongocrypt_tester_t *tester) {
|
|
1412
1415
|
ASSERT_OK(
|
1413
1416
|
mongocrypt_setopt_kms_providers(crypt, TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
1414
1417
|
crypt);
|
1415
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1416
|
-
// QEv1 is still supported.
|
1417
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1418
1418
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1419
1419
|
/* Test success. */
|
1420
1420
|
{
|
@@ -1477,9 +1477,6 @@ static void _test_encrypt_remote_encryptedfields(_mongocrypt_tester_t *tester) {
|
|
1477
1477
|
mongocrypt_setopt_kms_providers(crypt,
|
1478
1478
|
TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
1479
1479
|
crypt);
|
1480
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1481
|
-
// QEv1 is still supported.
|
1482
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1483
1480
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1484
1481
|
ctx = mongocrypt_ctx_new(crypt);
|
1485
1482
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-find-explicit/cmd.json")),
|
@@ -1527,9 +1524,6 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
|
|
1527
1524
|
crypt);
|
1528
1525
|
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_BSON("{'db.coll': {'fields': []}}")), crypt);
|
1529
1526
|
mongocrypt_setopt_bypass_query_analysis(crypt);
|
1530
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1531
|
-
// QEv1 is still supported.
|
1532
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1533
1527
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1534
1528
|
|
1535
1529
|
ctx = mongocrypt_ctx_new(crypt);
|
@@ -1559,9 +1553,6 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
|
|
1559
1553
|
TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
1560
1554
|
crypt);
|
1561
1555
|
mongocrypt_setopt_bypass_query_analysis(crypt);
|
1562
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1563
|
-
// QEv1 is still supported.
|
1564
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1565
1556
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1566
1557
|
|
1567
1558
|
ctx = mongocrypt_ctx_new(crypt);
|
@@ -1570,7 +1561,9 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
|
|
1570
1561
|
|
1571
1562
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
1572
1563
|
{
|
1573
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(
|
1564
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(
|
1565
|
+
ctx,
|
1566
|
+
TEST_BSON("{'name': 'coll', 'options': {'encryptedFields': {'fields': []}}}")),
|
1574
1567
|
ctx);
|
1575
1568
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
1576
1569
|
}
|
@@ -1590,301 +1583,6 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
|
|
1590
1583
|
}
|
1591
1584
|
}
|
1592
1585
|
|
1593
|
-
static void _test_FLE2EncryptionPlaceholder_parse(_mongocrypt_tester_t *tester) {
|
1594
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1595
|
-
bson_t as_bson;
|
1596
|
-
mongocrypt_status_t *status;
|
1597
|
-
_mongocrypt_buffer_t buf;
|
1598
|
-
|
1599
|
-
status = mongocrypt_status_new();
|
1600
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1601
|
-
"03610000001074000100000010610002000000056b690010000000041234567812349876"
|
1602
|
-
"1234123456789012056b75001000000004abcdefab123498761234123456789012027600"
|
1603
|
-
"0900000076616c75653132330012636d00000000000000000000");
|
1604
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1605
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1606
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1607
|
-
|
1608
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
|
1609
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_EQUALITY);
|
1610
|
-
ASSERT(BSON_ITER_HOLDS_UTF8(&placeholder.v_iter));
|
1611
|
-
ASSERT_STREQUAL(bson_iter_utf8(&placeholder.v_iter, NULL), "value123");
|
1612
|
-
|
1613
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1614
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1615
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1616
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1617
|
-
|
1618
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1619
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1620
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1621
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1622
|
-
|
1623
|
-
ASSERT(placeholder.maxContentionFactor == 0);
|
1624
|
-
|
1625
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1626
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1627
|
-
mongocrypt_status_destroy(status);
|
1628
|
-
}
|
1629
|
-
|
1630
|
-
static void _test_FLE2EncryptionPlaceholder_range_parse(_mongocrypt_tester_t *tester) {
|
1631
|
-
// Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT.
|
1632
|
-
{
|
1633
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1634
|
-
bson_t as_bson;
|
1635
|
-
mongocrypt_status_t *status;
|
1636
|
-
_mongocrypt_buffer_t buf;
|
1637
|
-
|
1638
|
-
status = mongocrypt_status_new();
|
1639
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1640
|
-
"037d0000001074000100000010610003000000056b690010000000041234567812349"
|
1641
|
-
"8761234123456789012056b75001000000004abcdefab123498761234123456789012"
|
1642
|
-
"0376001e00000010760040e20100106d696e0000000000106d61780087d6120000126"
|
1643
|
-
"36d000000000000000000127300010000000000000000");
|
1644
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1645
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1646
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1647
|
-
|
1648
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
|
1649
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
|
1650
|
-
|
1651
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1652
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1653
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1654
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1655
|
-
|
1656
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1657
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1658
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1659
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1660
|
-
|
1661
|
-
ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
|
1662
|
-
|
1663
|
-
// Parse FLE2RangeInsertSpec.
|
1664
|
-
{
|
1665
|
-
mc_FLE2RangeInsertSpec_t spec;
|
1666
|
-
|
1667
|
-
ASSERT_OK_STATUS(mc_FLE2RangeInsertSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
|
1668
|
-
status);
|
1669
|
-
|
1670
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.v));
|
1671
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.v), ==, 123456);
|
1672
|
-
|
1673
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.min));
|
1674
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.min), ==, 0);
|
1675
|
-
|
1676
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.max));
|
1677
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.max), ==, 1234567);
|
1678
|
-
}
|
1679
|
-
|
1680
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1681
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1682
|
-
mongocrypt_status_destroy(status);
|
1683
|
-
}
|
1684
|
-
|
1685
|
-
// Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND.
|
1686
|
-
{
|
1687
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1688
|
-
bson_t as_bson;
|
1689
|
-
mongocrypt_status_t *status;
|
1690
|
-
_mongocrypt_buffer_t buf;
|
1691
|
-
|
1692
|
-
status = mongocrypt_status_new();
|
1693
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1694
|
-
"03ec0000001074000200000010610003000000056b690010000000041234567812349"
|
1695
|
-
"8761234123456789012056b75001000000004abcdefab123498761234123456789012"
|
1696
|
-
"0376008d000000036564676573496e666f005b000000106c6f776572426f756e64000"
|
1697
|
-
"0000000086c62496e636c756465640001107570706572426f756e640087d612000875"
|
1698
|
-
"62496e636c75646564000110696e6465784d696e000000000010696e6465784d61780"
|
1699
|
-
"087d6120000107061796c6f6164496400d20400001066697273744f70657261746f72"
|
1700
|
-
"00010000000012636d000000000000000000127300010000000000000000");
|
1701
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1702
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1703
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1704
|
-
|
1705
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
|
1706
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
|
1707
|
-
|
1708
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1709
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1710
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1711
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1712
|
-
|
1713
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1714
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1715
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1716
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1717
|
-
|
1718
|
-
ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
|
1719
|
-
|
1720
|
-
// Parse FLE2RangeFindSpec.
|
1721
|
-
{
|
1722
|
-
mc_FLE2RangeFindSpec_t spec;
|
1723
|
-
|
1724
|
-
ASSERT_OK_STATUS(mc_FLE2RangeFindSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
|
1725
|
-
status);
|
1726
|
-
|
1727
|
-
ASSERT(spec.edgesInfo.set);
|
1728
|
-
|
1729
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.lowerBound));
|
1730
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.lowerBound), ==, 0);
|
1731
|
-
ASSERT(spec.edgesInfo.value.lbIncluded);
|
1732
|
-
|
1733
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.upperBound));
|
1734
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.upperBound), ==, 1234567);
|
1735
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1736
|
-
|
1737
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.indexMin));
|
1738
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.indexMin), ==, 0);
|
1739
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1740
|
-
|
1741
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.indexMax));
|
1742
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.indexMax), ==, 1234567);
|
1743
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1744
|
-
|
1745
|
-
ASSERT_CMPINT32(spec.payloadId, ==, 1234);
|
1746
|
-
|
1747
|
-
ASSERT_CMPINT(spec.firstOperator, ==, FLE2RangeOperator_kGt);
|
1748
|
-
ASSERT_CMPINT(spec.secondOperator, ==, FLE2RangeOperator_kNone);
|
1749
|
-
}
|
1750
|
-
|
1751
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1752
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1753
|
-
mongocrypt_status_destroy(status);
|
1754
|
-
}
|
1755
|
-
|
1756
|
-
// Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND with precision.
|
1757
|
-
{
|
1758
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1759
|
-
bson_t as_bson;
|
1760
|
-
mongocrypt_status_t *status;
|
1761
|
-
_mongocrypt_buffer_t buf;
|
1762
|
-
|
1763
|
-
status = mongocrypt_status_new();
|
1764
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1765
|
-
"030b0100001074000200000010610003000000056b690010000000041234567812349"
|
1766
|
-
"8761234123456789012056b75001000000004abcdefab123498761234123456789012"
|
1767
|
-
"037600ac000000036564676573496e666f007a000000016c6f776572426f756e64000"
|
1768
|
-
"000000000000000086c62496e636c756465640001017570706572426f756e64000000"
|
1769
|
-
"000000006940087562496e636c75646564000110707265636973696f6e00020000000"
|
1770
|
-
"1696e6465784d696e00000000000000000001696e6465784d61780000000000000069"
|
1771
|
-
"4000107061796c6f6164496400d20400001066697273744f70657261746f720001000"
|
1772
|
-
"0000012636d000000000000000000127300010000000000000000");
|
1773
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1774
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1775
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1776
|
-
|
1777
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
|
1778
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
|
1779
|
-
|
1780
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1781
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1782
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1783
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1784
|
-
|
1785
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1786
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1787
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1788
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1789
|
-
|
1790
|
-
ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
|
1791
|
-
|
1792
|
-
// Parse FLE2RangeFindSpec.
|
1793
|
-
{
|
1794
|
-
mc_FLE2RangeFindSpec_t spec;
|
1795
|
-
|
1796
|
-
ASSERT_OK_STATUS(mc_FLE2RangeFindSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
|
1797
|
-
status);
|
1798
|
-
|
1799
|
-
ASSERT(spec.edgesInfo.set);
|
1800
|
-
|
1801
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.lowerBound));
|
1802
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.lowerBound), ==, 0.0);
|
1803
|
-
ASSERT(spec.edgesInfo.value.lbIncluded);
|
1804
|
-
|
1805
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.upperBound));
|
1806
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.upperBound), ==, 200.0);
|
1807
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1808
|
-
|
1809
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.indexMin));
|
1810
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.indexMin), ==, 0);
|
1811
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1812
|
-
|
1813
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.indexMax));
|
1814
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.indexMax), ==, 200.0);
|
1815
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1816
|
-
|
1817
|
-
ASSERT_CMPDOUBLE(spec.payloadId, ==, 1234);
|
1818
|
-
|
1819
|
-
ASSERT_CMPINT(spec.firstOperator, ==, FLE2RangeOperator_kGt);
|
1820
|
-
ASSERT(spec.edgesInfo.value.precision.set);
|
1821
|
-
ASSERT_CMPUINT32(spec.edgesInfo.value.precision.value, ==, 2);
|
1822
|
-
}
|
1823
|
-
|
1824
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1825
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1826
|
-
mongocrypt_status_destroy(status);
|
1827
|
-
}
|
1828
|
-
|
1829
|
-
// Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT with precision.
|
1830
|
-
{
|
1831
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1832
|
-
bson_t as_bson;
|
1833
|
-
mongocrypt_status_t *status;
|
1834
|
-
_mongocrypt_buffer_t buf;
|
1835
|
-
|
1836
|
-
status = mongocrypt_status_new();
|
1837
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1838
|
-
"03980000001074000100000010610003000000056b690010000000041234567812349"
|
1839
|
-
"8761234123456789012056b75001000000004abcdefab123498761234123456789012"
|
1840
|
-
"0376003900000001760077be9f1a2fdd5e40016d696e000000000000000000016d617"
|
1841
|
-
"800000000000000694010707265636973696f6e00020000000012636d000000000000"
|
1842
|
-
"000000127300010000000000000000");
|
1843
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1844
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1845
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1846
|
-
|
1847
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
|
1848
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
|
1849
|
-
|
1850
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1851
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1852
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1853
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1854
|
-
|
1855
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1856
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1857
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1858
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1859
|
-
|
1860
|
-
ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
|
1861
|
-
|
1862
|
-
// Parse FLE2RangeInsertSpec.
|
1863
|
-
{
|
1864
|
-
mc_FLE2RangeInsertSpec_t spec;
|
1865
|
-
|
1866
|
-
ASSERT_OK_STATUS(mc_FLE2RangeInsertSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
|
1867
|
-
status);
|
1868
|
-
|
1869
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.v));
|
1870
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.v), ==, 123.456);
|
1871
|
-
|
1872
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.min));
|
1873
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.min), ==, 0.0);
|
1874
|
-
|
1875
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.max));
|
1876
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.max), ==, 200.0);
|
1877
|
-
|
1878
|
-
ASSERT(spec.precision.set);
|
1879
|
-
ASSERT_CMPUINT32(spec.precision.value, ==, 2);
|
1880
|
-
}
|
1881
|
-
|
1882
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1883
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1884
|
-
mongocrypt_status_destroy(status);
|
1885
|
-
}
|
1886
|
-
}
|
1887
|
-
|
1888
1586
|
// Shared implementation for insert and find tests
|
1889
1587
|
typedef struct {
|
1890
1588
|
_mongocrypt_buffer_t buf;
|
@@ -1906,27 +1604,18 @@ static bool _test_rng_source(void *ctx, mongocrypt_binary_t *out, uint32_t count
|
|
1906
1604
|
|
1907
1605
|
typedef enum {
|
1908
1606
|
kFLE2v2Default,
|
1909
|
-
kFLE2v2Disable,
|
1910
1607
|
kFLE2v2Enable,
|
1911
1608
|
} _test_fle2v2_option;
|
1912
1609
|
|
1913
1610
|
#define TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, data_path, rng_source, v2_failure) \
|
1914
1611
|
{ \
|
1915
1612
|
(rng_source)->pos = 0; \
|
1916
|
-
_test_encrypt_fle2_encryption_placeholder(tester, data_path, rng_source,
|
1917
|
-
char v2path[4096]; \
|
1918
|
-
/* transitional: Use v1 data path if expecting failure */ \
|
1919
|
-
ASSERT(snprintf(v2path, sizeof(v2path), "%s%s", data_path, v2_failure ? "" : "-v2")); \
|
1920
|
-
(rng_source)->pos = 0; \
|
1921
|
-
_test_encrypt_fle2_encryption_placeholder(tester, v2path, rng_source, kFLE2v2Default, NULL); \
|
1922
|
-
(rng_source)->pos = 0; \
|
1923
|
-
_test_encrypt_fle2_encryption_placeholder(tester, v2path, rng_source, kFLE2v2Enable, v2_failure); \
|
1613
|
+
_test_encrypt_fle2_encryption_placeholder(tester, data_path, rng_source, NULL); \
|
1924
1614
|
}
|
1925
1615
|
|
1926
1616
|
static void _test_encrypt_fle2_encryption_placeholder(_mongocrypt_tester_t *tester,
|
1927
1617
|
const char *data_path,
|
1928
1618
|
_test_rng_data_source *rng_source,
|
1929
|
-
_test_fle2v2_option test_fle2v2_option,
|
1930
1619
|
const char *finalize_failure) {
|
1931
1620
|
mongocrypt_t *crypt;
|
1932
1621
|
char pathbuf[2048];
|
@@ -1939,7 +1628,7 @@ static void _test_encrypt_fle2_encryption_placeholder(_mongocrypt_tester_t *test
|
|
1939
1628
|
((void)0)
|
1940
1629
|
|
1941
1630
|
if (!_aes_ctr_is_supported_by_os) {
|
1942
|
-
|
1631
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
1943
1632
|
return;
|
1944
1633
|
}
|
1945
1634
|
|
@@ -1951,9 +1640,6 @@ static void _test_encrypt_fle2_encryption_placeholder(_mongocrypt_tester_t *test
|
|
1951
1640
|
mongocrypt_binary_t *localkey;
|
1952
1641
|
|
1953
1642
|
crypt = mongocrypt_new();
|
1954
|
-
if (test_fle2v2_option == kFLE2v2Disable) {
|
1955
|
-
ASSERT(mongocrypt_setopt_fle2v2(crypt, false));
|
1956
|
-
}
|
1957
1643
|
mongocrypt_setopt_log_handler(crypt, _mongocrypt_stdout_log_fn, NULL);
|
1958
1644
|
localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
|
1959
1645
|
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
@@ -2030,7 +1716,28 @@ static void _test_encrypt_fle2_insert_payload(_mongocrypt_tester_t *tester) {
|
|
2030
1716
|
uint8_t rng_data[] = RNG_DATA;
|
2031
1717
|
|
2032
1718
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2033
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert", &source, NULL)
|
1719
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-v2", &source, NULL)
|
1720
|
+
}
|
1721
|
+
|
1722
|
+
static void _test_encrypt_fle2_insert_payload_with_str_encode_version(_mongocrypt_tester_t *tester) {
|
1723
|
+
uint8_t rng_data[] = RNG_DATA;
|
1724
|
+
|
1725
|
+
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
1726
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-v2-with-str-encode-version", &source, NULL)
|
1727
|
+
}
|
1728
|
+
|
1729
|
+
static void _test_encrypt_fle2_insert_text_search_payload(_mongocrypt_tester_t *tester) {
|
1730
|
+
uint8_t rng_data[] = RNG_DATA;
|
1731
|
+
|
1732
|
+
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
1733
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-text-search", &source, NULL)
|
1734
|
+
}
|
1735
|
+
|
1736
|
+
static void _test_encrypt_fle2_insert_text_search_payload_with_str_encode_version(_mongocrypt_tester_t *tester) {
|
1737
|
+
uint8_t rng_data[] = RNG_DATA;
|
1738
|
+
|
1739
|
+
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
1740
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-text-search-with-str-encode-version", &source, NULL)
|
2034
1741
|
}
|
2035
1742
|
|
2036
1743
|
#undef RNG_DATA
|
@@ -2038,7 +1745,7 @@ static void _test_encrypt_fle2_insert_payload(_mongocrypt_tester_t *tester) {
|
|
2038
1745
|
// FLE2FindEqualityPayload only uses deterministic token generation.
|
2039
1746
|
static void _test_encrypt_fle2_find_payload(_mongocrypt_tester_t *tester) {
|
2040
1747
|
_test_rng_data_source source = {{0}};
|
2041
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-equality", &source, NULL)
|
1748
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-equality-v2", &source, NULL)
|
2042
1749
|
}
|
2043
1750
|
|
2044
1751
|
/* 16 bytes of random data are used for IV. This IV produces the expected test
|
@@ -2048,7 +1755,7 @@ static void _test_encrypt_fle2_find_payload(_mongocrypt_tester_t *tester) {
|
|
2048
1755
|
static void _test_encrypt_fle2_unindexed_encrypted_payload(_mongocrypt_tester_t *tester) {
|
2049
1756
|
uint8_t rng_data[] = RNG_DATA;
|
2050
1757
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2051
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-unindexed", &source, NULL);
|
1758
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-unindexed-v2", &source, NULL);
|
2052
1759
|
}
|
2053
1760
|
|
2054
1761
|
#undef RNG_DATA
|
@@ -2058,7 +1765,7 @@ static void _test_encrypt_fle2_unindexed_encrypted_payload(_mongocrypt_tester_t
|
|
2058
1765
|
static void _test_encrypt_fle2_insert_range_payload_int32(_mongocrypt_tester_t *tester) {
|
2059
1766
|
uint8_t rng_data[] = RNG_DATA;
|
2060
1767
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2061
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int32", &source, NULL)
|
1768
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int32-v2", &source, NULL)
|
2062
1769
|
}
|
2063
1770
|
|
2064
1771
|
#undef RNG_DATA
|
@@ -2068,7 +1775,7 @@ static void _test_encrypt_fle2_insert_range_payload_int32(_mongocrypt_tester_t *
|
|
2068
1775
|
static void _test_encrypt_fle2_insert_range_payload_int64(_mongocrypt_tester_t *tester) {
|
2069
1776
|
uint8_t rng_data[] = RNG_DATA;
|
2070
1777
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2071
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int64", &source, NULL)
|
1778
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int64-v2", &source, NULL)
|
2072
1779
|
}
|
2073
1780
|
|
2074
1781
|
#undef RNG_DATA
|
@@ -2078,7 +1785,7 @@ static void _test_encrypt_fle2_insert_range_payload_int64(_mongocrypt_tester_t *
|
|
2078
1785
|
static void _test_encrypt_fle2_insert_range_payload_date(_mongocrypt_tester_t *tester) {
|
2079
1786
|
uint8_t rng_data[] = RNG_DATA;
|
2080
1787
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2081
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/date", &source, NULL)
|
1788
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/date-v2", &source, NULL)
|
2082
1789
|
}
|
2083
1790
|
|
2084
1791
|
#undef RNG_DATA
|
@@ -2088,7 +1795,7 @@ static void _test_encrypt_fle2_insert_range_payload_date(_mongocrypt_tester_t *t
|
|
2088
1795
|
static void _test_encrypt_fle2_insert_range_payload_double(_mongocrypt_tester_t *tester) {
|
2089
1796
|
uint8_t rng_data[] = RNG_DATA;
|
2090
1797
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2091
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double", &source, NULL)
|
1798
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double-v2", &source, NULL)
|
2092
1799
|
}
|
2093
1800
|
|
2094
1801
|
#undef RNG_DATA
|
@@ -2098,7 +1805,7 @@ static void _test_encrypt_fle2_insert_range_payload_double(_mongocrypt_tester_t
|
|
2098
1805
|
static void _test_encrypt_fle2_insert_range_payload_double_precision(_mongocrypt_tester_t *tester) {
|
2099
1806
|
uint8_t rng_data[] = RNG_DATA;
|
2100
1807
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2101
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double-precision", &source, NULL)
|
1808
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double-precision-v2", &source, NULL)
|
2102
1809
|
}
|
2103
1810
|
|
2104
1811
|
#undef RNG_DATA
|
@@ -2109,7 +1816,7 @@ static void _test_encrypt_fle2_insert_range_payload_double_precision(_mongocrypt
|
|
2109
1816
|
static void _test_encrypt_fle2_insert_range_payload_decimal128(_mongocrypt_tester_t *tester) {
|
2110
1817
|
uint8_t rng_data[] = RNG_DATA;
|
2111
1818
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2112
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128", &source, NULL)
|
1819
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128-v2", &source, NULL)
|
2113
1820
|
}
|
2114
1821
|
|
2115
1822
|
#undef RNG_DATA
|
@@ -2119,7 +1826,7 @@ static void _test_encrypt_fle2_insert_range_payload_decimal128(_mongocrypt_teste
|
|
2119
1826
|
static void _test_encrypt_fle2_insert_range_payload_decimal128_precision(_mongocrypt_tester_t *tester) {
|
2120
1827
|
uint8_t rng_data[] = RNG_DATA;
|
2121
1828
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2122
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128-precision", &source, NULL)
|
1829
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128-precision-v2", &source, NULL)
|
2123
1830
|
}
|
2124
1831
|
|
2125
1832
|
#undef RNG_DATA
|
@@ -2128,48 +1835,48 @@ static void _test_encrypt_fle2_insert_range_payload_decimal128_precision(_mongoc
|
|
2128
1835
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2129
1836
|
static void _test_encrypt_fle2_find_range_payload_int32(_mongocrypt_tester_t *tester) {
|
2130
1837
|
_test_rng_data_source source = {{0}};
|
2131
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int32", &source, NULL)
|
1838
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int32-v2", &source, NULL)
|
2132
1839
|
}
|
2133
1840
|
|
2134
1841
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2135
1842
|
static void _test_encrypt_fle2_find_range_payload_int64(_mongocrypt_tester_t *tester) {
|
2136
1843
|
_test_rng_data_source source = {{0}};
|
2137
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int64", &source, NULL)
|
1844
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int64-v2", &source, NULL)
|
2138
1845
|
}
|
2139
1846
|
|
2140
1847
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2141
1848
|
static void _test_encrypt_fle2_find_range_payload_date(_mongocrypt_tester_t *tester) {
|
2142
1849
|
_test_rng_data_source source = {{0}};
|
2143
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/date", &source, NULL)
|
1850
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/date-v2", &source, NULL)
|
2144
1851
|
}
|
2145
1852
|
|
2146
1853
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2147
1854
|
static void _test_encrypt_fle2_find_range_payload_double(_mongocrypt_tester_t *tester) {
|
2148
1855
|
_test_rng_data_source source = {{0}};
|
2149
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double", &source, NULL)
|
1856
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double-v2", &source, NULL)
|
2150
1857
|
}
|
2151
1858
|
|
2152
1859
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2153
1860
|
static void _test_encrypt_fle2_find_range_payload_double_precision(_mongocrypt_tester_t *tester) {
|
2154
1861
|
_test_rng_data_source source = {{0}};
|
2155
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double-precision", &source, NULL)
|
1862
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double-precision-v2", &source, NULL)
|
2156
1863
|
}
|
2157
1864
|
|
2158
1865
|
#if MONGOCRYPT_HAVE_DECIMAL128_SUPPORT
|
2159
1866
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2160
1867
|
static void _test_encrypt_fle2_find_range_payload_decimal128(_mongocrypt_tester_t *tester) {
|
2161
1868
|
_test_rng_data_source source = {{0}};
|
2162
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128", &source, NULL)
|
1869
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128-v2", &source, NULL)
|
2163
1870
|
}
|
2164
1871
|
|
2165
1872
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2166
1873
|
static void _test_encrypt_fle2_find_range_payload_decimal128_precision(_mongocrypt_tester_t *tester) {
|
2167
1874
|
_test_rng_data_source source = {{0}};
|
2168
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128-precision", &source, NULL)
|
1875
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128-precision-v2", &source, NULL)
|
2169
1876
|
}
|
2170
1877
|
#endif // MONGOCRYPT_HAVE_DECIMAL128_SUPPORT
|
2171
1878
|
|
2172
|
-
static mongocrypt_t *_crypt_with_rng(_test_rng_data_source *rng_source, bool
|
1879
|
+
static mongocrypt_t *_crypt_with_rng(_test_rng_data_source *rng_source, bool use_range_v2) {
|
2173
1880
|
mongocrypt_t *crypt;
|
2174
1881
|
mongocrypt_binary_t *localkey;
|
2175
1882
|
/* localkey_data is the KEK used to encrypt the keyMaterial
|
@@ -2191,9 +1898,6 @@ static mongocrypt_t *_crypt_with_rng(_test_rng_data_source *rng_source, bool use
|
|
2191
1898
|
crypt);
|
2192
1899
|
|
2193
1900
|
mongocrypt_binary_destroy(localkey);
|
2194
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
2195
|
-
// QEv1 is still supported.
|
2196
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, use_v2), crypt);
|
2197
1901
|
if (use_range_v2) {
|
2198
1902
|
ASSERT_OK(mongocrypt_setopt_use_range_v2(crypt), crypt);
|
2199
1903
|
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
@@ -2218,25 +1922,20 @@ typedef struct {
|
|
2218
1922
|
const char *expect_finalize_error;
|
2219
1923
|
const char *expect_init_error;
|
2220
1924
|
bool is_expression;
|
2221
|
-
bool use_v2;
|
2222
1925
|
bool use_range_v2;
|
2223
1926
|
} ee_testcase;
|
2224
1927
|
|
2225
1928
|
static void ee_testcase_run(ee_testcase *tc) {
|
2226
|
-
|
1929
|
+
TEST_PRINTF(" explicit_encryption_finalize test case: %s ... begin\n", tc->desc);
|
2227
1930
|
extern void mc_reset_payloadId_for_testing(void);
|
2228
1931
|
mc_reset_payloadId_for_testing();
|
2229
1932
|
mongocrypt_t *crypt;
|
2230
1933
|
if (tc->rng_data.buf.len > 0) {
|
2231
1934
|
// Use fixed data for random number generation to produce deterministic
|
2232
1935
|
// results.
|
2233
|
-
crypt = _crypt_with_rng(&tc->rng_data, tc->
|
1936
|
+
crypt = _crypt_with_rng(&tc->rng_data, tc->use_range_v2);
|
2234
1937
|
} else {
|
2235
1938
|
tester_mongocrypt_flags flags = TESTER_MONGOCRYPT_DEFAULT;
|
2236
|
-
// TODO(MONGOCRYPT-572): Remove tests cases for QEv1.
|
2237
|
-
if (!tc->use_v2) {
|
2238
|
-
flags |= TESTER_MONGOCRYPT_WITH_CRYPT_V1;
|
2239
|
-
}
|
2240
1939
|
if (tc->use_range_v2) {
|
2241
1940
|
flags |= TESTER_MONGOCRYPT_WITH_RANGE_V2;
|
2242
1941
|
}
|
@@ -2305,7 +2004,7 @@ static void ee_testcase_run(ee_testcase *tc) {
|
|
2305
2004
|
}
|
2306
2005
|
|
2307
2006
|
cleanup:
|
2308
|
-
|
2007
|
+
TEST_PRINTF(" explicit_encryption_finalize test case: %s ... end\n", tc->desc);
|
2309
2008
|
mongocrypt_ctx_destroy(ctx);
|
2310
2009
|
mongocrypt_destroy(crypt);
|
2311
2010
|
}
|
@@ -2316,7 +2015,7 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2316
2015
|
_mongocrypt_buffer_t key123_id;
|
2317
2016
|
|
2318
2017
|
if (!_aes_ctr_is_supported_by_os) {
|
2319
|
-
|
2018
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
2320
2019
|
return;
|
2321
2020
|
}
|
2322
2021
|
|
@@ -2330,26 +2029,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2330
2029
|
"12345678123498761234123456789012-local-"
|
2331
2030
|
"document.json");
|
2332
2031
|
|
2333
|
-
{
|
2334
|
-
ee_testcase tc = {0};
|
2335
|
-
tc.desc = "Unindexed";
|
2336
|
-
#define RNG_DATA "\x4d\x06\x95\x64\xf5\xa0\x5e\x9e\x35\x23\xb9\x8f\x57\x5a\xcb\x15"
|
2337
|
-
uint8_t rng_data[] = RNG_DATA;
|
2338
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2339
|
-
#undef RNG_DATA
|
2340
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_UNINDEXED_STR;
|
2341
|
-
tc.user_key_id = &keyABC_id;
|
2342
|
-
tc.index_key_id = &key123_id;
|
2343
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2344
|
-
tc.keys_to_feed[0] = keyABC;
|
2345
|
-
tc.keys_to_feed[1] = key123;
|
2346
|
-
tc.expect = TEST_BSON("{'v': { '$binary': { 'base64': "
|
2347
|
-
"'BqvN76sSNJh2EjQSNFZ4kBICTQaVZPWgXp41I7mPV1rLFTtw1tXzjc"
|
2348
|
-
"dSEyxpKKqujlko5TeizkB9hHQ009dVY1+fgIiDcefh+eQrm3CkhQ=='"
|
2349
|
-
", 'subType': '06' } }}");
|
2350
|
-
ee_testcase_run(&tc);
|
2351
|
-
}
|
2352
|
-
|
2353
2032
|
{
|
2354
2033
|
ee_testcase tc = {0};
|
2355
2034
|
tc.desc = "Unindexed (v2)";
|
@@ -2366,27 +2045,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2366
2045
|
tc.expect = TEST_BSON("{'v' : {'$binary' : {'base64': "
|
2367
2046
|
"'EKvN76sSNJh2EjQSNFZ4kBICTQaVZPWgXp41I7mPV1rLFVl3jjP90PgD4T+Mtubn/"
|
2368
2047
|
"mm4CKsKGaV1yxlic9Dty1Adef4Y+bsLGKhBbCa5eojM/A==','subType' : '06'}}}");
|
2369
|
-
tc.use_v2 = true;
|
2370
|
-
ee_testcase_run(&tc);
|
2371
|
-
}
|
2372
|
-
|
2373
|
-
{
|
2374
|
-
ee_testcase tc = {0};
|
2375
|
-
tc.desc = "Indexed";
|
2376
|
-
#define RNG_DATA \
|
2377
|
-
"\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
|
2378
|
-
"\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
|
2379
|
-
uint8_t rng_data[] = RNG_DATA;
|
2380
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2381
|
-
#undef RNG_DATA
|
2382
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2383
|
-
tc.user_key_id = &keyABC_id;
|
2384
|
-
tc.index_key_id = &key123_id;
|
2385
|
-
tc.contention_factor = OPT_I64(0);
|
2386
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2387
|
-
tc.keys_to_feed[0] = keyABC;
|
2388
|
-
tc.keys_to_feed[1] = key123;
|
2389
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed.json");
|
2390
2048
|
ee_testcase_run(&tc);
|
2391
2049
|
}
|
2392
2050
|
|
@@ -2407,32 +2065,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2407
2065
|
tc.keys_to_feed[0] = keyABC;
|
2408
2066
|
tc.keys_to_feed[1] = key123;
|
2409
2067
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed-v2.json");
|
2410
|
-
tc.use_v2 = true;
|
2411
|
-
ee_testcase_run(&tc);
|
2412
|
-
}
|
2413
|
-
|
2414
|
-
{
|
2415
|
-
ee_testcase tc = {0};
|
2416
|
-
tc.desc = "Indexed with non-zero ContentionFactor. Random number chosen is 0";
|
2417
|
-
/* First 8 bytes are for random ContentionFactor.
|
2418
|
-
* Second 16 bytes are IV for 'p' field in FLE2InsertUpdatePayload
|
2419
|
-
* Third 16 bytes are IV for 'v' field in FLE2InsertUpdatePayload
|
2420
|
-
*/
|
2421
|
-
#define RNG_DATA \
|
2422
|
-
"\x00\x00\x00\x00\x00\x00\x00\x00" \
|
2423
|
-
"\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
|
2424
|
-
"\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
|
2425
|
-
uint8_t rng_data[] = RNG_DATA;
|
2426
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2427
|
-
#undef RNG_DATA
|
2428
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2429
|
-
tc.user_key_id = &keyABC_id;
|
2430
|
-
tc.index_key_id = &key123_id;
|
2431
|
-
tc.contention_factor = OPT_I64(1);
|
2432
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2433
|
-
tc.keys_to_feed[0] = keyABC;
|
2434
|
-
tc.keys_to_feed[1] = key123;
|
2435
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed.json");
|
2436
2068
|
ee_testcase_run(&tc);
|
2437
2069
|
}
|
2438
2070
|
|
@@ -2458,33 +2090,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2458
2090
|
tc.keys_to_feed[0] = keyABC;
|
2459
2091
|
tc.keys_to_feed[1] = key123;
|
2460
2092
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed-v2.json");
|
2461
|
-
tc.use_v2 = true;
|
2462
|
-
ee_testcase_run(&tc);
|
2463
|
-
}
|
2464
|
-
|
2465
|
-
{
|
2466
|
-
ee_testcase tc = {0};
|
2467
|
-
tc.desc = "Indexed with non-zero ContentionFactor. Random number chosen is 1";
|
2468
|
-
/* First 8 bytes are for random ContentionFactor.
|
2469
|
-
* Second 16 bytes are IV for 'p' field in FLE2InsertUpdatePayload
|
2470
|
-
* Third 16 bytes are IV for 'v' field in FLE2InsertUpdatePayload
|
2471
|
-
*/
|
2472
|
-
#define RNG_DATA \
|
2473
|
-
"\x01\x00\x00\x00\x00\x00\x00\x00" \
|
2474
|
-
"\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
|
2475
|
-
"\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
|
2476
|
-
uint8_t rng_data[] = RNG_DATA;
|
2477
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2478
|
-
#undef RNG_DATA
|
2479
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2480
|
-
tc.user_key_id = &keyABC_id;
|
2481
|
-
tc.index_key_id = &key123_id;
|
2482
|
-
tc.contention_factor = OPT_I64(1);
|
2483
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2484
|
-
tc.keys_to_feed[0] = keyABC;
|
2485
|
-
tc.keys_to_feed[1] = key123;
|
2486
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/"
|
2487
|
-
"insert-indexed-contentionFactor1.json");
|
2488
2093
|
ee_testcase_run(&tc);
|
2489
2094
|
}
|
2490
2095
|
|
@@ -2511,26 +2116,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2511
2116
|
tc.keys_to_feed[1] = key123;
|
2512
2117
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/"
|
2513
2118
|
"insert-indexed-contentionFactor1-v2.json");
|
2514
|
-
tc.use_v2 = true;
|
2515
|
-
ee_testcase_run(&tc);
|
2516
|
-
}
|
2517
|
-
|
2518
|
-
{
|
2519
|
-
ee_testcase tc = {0};
|
2520
|
-
tc.desc = "omitted index_key_id defaults to using user_key_id";
|
2521
|
-
#define RNG_DATA \
|
2522
|
-
"\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
|
2523
|
-
"\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
|
2524
|
-
uint8_t rng_data[] = RNG_DATA;
|
2525
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2526
|
-
#undef RNG_DATA
|
2527
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2528
|
-
tc.user_key_id = &keyABC_id;
|
2529
|
-
tc.contention_factor = OPT_I64(0);
|
2530
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2531
|
-
tc.keys_to_feed[0] = keyABC;
|
2532
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/"
|
2533
|
-
"insert-indexed-same-user-and-index-key.json");
|
2534
2119
|
ee_testcase_run(&tc);
|
2535
2120
|
}
|
2536
2121
|
|
@@ -2550,13 +2135,12 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2550
2135
|
tc.keys_to_feed[0] = keyABC;
|
2551
2136
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/"
|
2552
2137
|
"insert-indexed-same-user-and-index-key-v2.json");
|
2553
|
-
tc.use_v2 = true;
|
2554
2138
|
ee_testcase_run(&tc);
|
2555
2139
|
}
|
2556
2140
|
|
2557
2141
|
{
|
2558
2142
|
ee_testcase tc = {0};
|
2559
|
-
tc.desc = "algorithm='Indexed' with query type";
|
2143
|
+
tc.desc = "algorithm='Indexed' with query type (v2)";
|
2560
2144
|
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2561
2145
|
tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
|
2562
2146
|
tc.user_key_id = &keyABC_id;
|
@@ -2565,121 +2149,44 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2565
2149
|
tc.msg = TEST_BSON("{'v': 123456}");
|
2566
2150
|
tc.keys_to_feed[0] = keyABC;
|
2567
2151
|
tc.keys_to_feed[1] = key123;
|
2568
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed.json");
|
2152
|
+
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-v2.json");
|
2569
2153
|
ee_testcase_run(&tc);
|
2570
2154
|
}
|
2571
2155
|
|
2572
2156
|
{
|
2573
2157
|
ee_testcase tc = {0};
|
2574
|
-
tc.desc = "algorithm='Indexed' with query type (v2)";
|
2158
|
+
tc.desc = "algorithm='Indexed' with query type and non-zero contention factor (v2)";
|
2575
2159
|
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2576
2160
|
tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
|
2577
2161
|
tc.user_key_id = &keyABC_id;
|
2578
2162
|
tc.index_key_id = &key123_id;
|
2579
|
-
tc.contention_factor = OPT_I64(
|
2163
|
+
tc.contention_factor = OPT_I64(1);
|
2580
2164
|
tc.msg = TEST_BSON("{'v': 123456}");
|
2581
2165
|
tc.keys_to_feed[0] = keyABC;
|
2582
2166
|
tc.keys_to_feed[1] = key123;
|
2583
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-v2.json");
|
2584
|
-
tc.use_v2 = true;
|
2167
|
+
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-contentionFactor1-v2.json");
|
2585
2168
|
ee_testcase_run(&tc);
|
2586
2169
|
}
|
2587
2170
|
|
2588
2171
|
{
|
2589
2172
|
ee_testcase tc = {0};
|
2590
|
-
tc.desc = "
|
2173
|
+
tc.desc = "Negative contention factor is an error on insert (v2)";
|
2591
2174
|
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2592
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
|
2593
2175
|
tc.user_key_id = &keyABC_id;
|
2594
|
-
tc.
|
2595
|
-
tc.contention_factor = OPT_I64(1);
|
2176
|
+
tc.contention_factor = OPT_I64(-1);
|
2596
2177
|
tc.msg = TEST_BSON("{'v': 123456}");
|
2597
|
-
tc.
|
2598
|
-
tc.keys_to_feed[1] = key123;
|
2599
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-contentionFactor1.json");
|
2178
|
+
tc.expect_init_error = "contention must be non-negative";
|
2600
2179
|
ee_testcase_run(&tc);
|
2601
2180
|
}
|
2602
2181
|
|
2603
2182
|
{
|
2604
2183
|
ee_testcase tc = {0};
|
2605
|
-
tc.desc = "
|
2606
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2607
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
|
2608
|
-
tc.user_key_id = &keyABC_id;
|
2609
|
-
tc.index_key_id = &key123_id;
|
2610
|
-
tc.contention_factor = OPT_I64(1);
|
2611
|
-
tc.msg = TEST_BSON("{'v': 123456}");
|
2612
|
-
tc.keys_to_feed[0] = keyABC;
|
2613
|
-
tc.keys_to_feed[1] = key123;
|
2614
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-contentionFactor1-v2.json");
|
2615
|
-
tc.use_v2 = true;
|
2616
|
-
ee_testcase_run(&tc);
|
2617
|
-
}
|
2618
|
-
|
2619
|
-
{
|
2620
|
-
ee_testcase tc = {0};
|
2621
|
-
tc.desc = "Negative contention factor is an error on insert";
|
2622
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2623
|
-
tc.user_key_id = &keyABC_id;
|
2624
|
-
tc.contention_factor = OPT_I64(-1);
|
2625
|
-
tc.msg = TEST_BSON("{'v': 123456}");
|
2626
|
-
tc.expect_init_error = "contention must be non-negative";
|
2627
|
-
ee_testcase_run(&tc);
|
2628
|
-
}
|
2629
|
-
|
2630
|
-
{
|
2631
|
-
ee_testcase tc = {0};
|
2632
|
-
tc.desc = "Negative contention factor is an error on insert (v2)";
|
2633
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2634
|
-
tc.user_key_id = &keyABC_id;
|
2635
|
-
tc.contention_factor = OPT_I64(-1);
|
2636
|
-
tc.msg = TEST_BSON("{'v': 123456}");
|
2637
|
-
tc.expect_init_error = "contention must be non-negative";
|
2638
|
-
tc.use_v2 = true;
|
2639
|
-
ee_testcase_run(&tc);
|
2640
|
-
}
|
2641
|
-
|
2642
|
-
{
|
2643
|
-
ee_testcase tc = {0};
|
2644
|
-
tc.desc = "INT64_MAX contention factor is an error on insert";
|
2645
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2646
|
-
tc.user_key_id = &keyABC_id;
|
2647
|
-
tc.contention_factor = OPT_I64(INT64_MAX);
|
2648
|
-
tc.msg = TEST_BSON("{'v': 123456}");
|
2649
|
-
tc.expect_init_error = "contention must be < INT64_MAX";
|
2650
|
-
ee_testcase_run(&tc);
|
2651
|
-
}
|
2652
|
-
|
2653
|
-
{
|
2654
|
-
ee_testcase tc = {0};
|
2655
|
-
tc.desc = "INT64_MAX contention factor is an error on insert (v2)";
|
2184
|
+
tc.desc = "INT64_MAX contention factor is an error on insert (v2)";
|
2656
2185
|
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2657
2186
|
tc.user_key_id = &keyABC_id;
|
2658
2187
|
tc.contention_factor = OPT_I64(INT64_MAX);
|
2659
2188
|
tc.msg = TEST_BSON("{'v': 123456}");
|
2660
2189
|
tc.expect_init_error = "contention must be < INT64_MAX";
|
2661
|
-
tc.use_v2 = true;
|
2662
|
-
ee_testcase_run(&tc);
|
2663
|
-
}
|
2664
|
-
|
2665
|
-
{
|
2666
|
-
ee_testcase tc = {0};
|
2667
|
-
tc.desc = "algorithm='Range' with int32";
|
2668
|
-
#include "./data/fle2-insert-range-explicit/int32/RNG_DATA.h"
|
2669
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
|
2670
|
-
#undef RNG_DATA
|
2671
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2672
|
-
tc.user_key_id = &keyABC_id;
|
2673
|
-
tc.index_key_id = &key123_id;
|
2674
|
-
tc.contention_factor = OPT_I64(0);
|
2675
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/"
|
2676
|
-
"int32/rangeopts.json");
|
2677
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/"
|
2678
|
-
"value-to-encrypt.json");
|
2679
|
-
tc.keys_to_feed[0] = keyABC;
|
2680
|
-
tc.keys_to_feed[1] = key123;
|
2681
|
-
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/"
|
2682
|
-
"encrypted-payload.json");
|
2683
2190
|
ee_testcase_run(&tc);
|
2684
2191
|
}
|
2685
2192
|
|
@@ -2701,28 +2208,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2701
2208
|
tc.keys_to_feed[1] = key123;
|
2702
2209
|
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/"
|
2703
2210
|
"encrypted-payload-v2.json");
|
2704
|
-
tc.use_v2 = true;
|
2705
|
-
ee_testcase_run(&tc);
|
2706
|
-
}
|
2707
|
-
|
2708
|
-
{
|
2709
|
-
ee_testcase tc = {0};
|
2710
|
-
tc.desc = "algorithm='Range' with sparsity=2 with int32";
|
2711
|
-
#include "./data/fle2-insert-range-explicit/sparsity-2/RNG_DATA.h"
|
2712
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
|
2713
|
-
#undef RNG_DATA
|
2714
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2715
|
-
tc.user_key_id = &keyABC_id;
|
2716
|
-
tc.index_key_id = &key123_id;
|
2717
|
-
tc.contention_factor = OPT_I64(0);
|
2718
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/"
|
2719
|
-
"sparsity-2/rangeopts.json");
|
2720
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/sparsity-2/"
|
2721
|
-
"value-to-encrypt.json");
|
2722
|
-
tc.keys_to_feed[0] = keyABC;
|
2723
|
-
tc.keys_to_feed[1] = key123;
|
2724
|
-
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/sparsity-2/"
|
2725
|
-
"encrypted-payload.json");
|
2726
2211
|
ee_testcase_run(&tc);
|
2727
2212
|
}
|
2728
2213
|
|
@@ -2744,26 +2229,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2744
2229
|
tc.keys_to_feed[1] = key123;
|
2745
2230
|
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/sparsity-2/"
|
2746
2231
|
"encrypted-payload-v2.json");
|
2747
|
-
tc.use_v2 = true;
|
2748
|
-
ee_testcase_run(&tc);
|
2749
|
-
}
|
2750
|
-
|
2751
|
-
{
|
2752
|
-
ee_testcase tc = {0};
|
2753
|
-
tc.desc = "algorithm='Range' with query_type='range' with int32";
|
2754
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2755
|
-
tc.user_key_id = &keyABC_id;
|
2756
|
-
tc.index_key_id = &keyABC_id;
|
2757
|
-
tc.contention_factor = OPT_I64(4);
|
2758
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
2759
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
2760
|
-
"int32/rangeopts.json");
|
2761
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/int32/"
|
2762
|
-
"value-to-encrypt.json");
|
2763
|
-
tc.keys_to_feed[0] = keyABC;
|
2764
|
-
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/int32/"
|
2765
|
-
"encrypted-payload.json");
|
2766
|
-
tc.is_expression = true;
|
2767
2232
|
ee_testcase_run(&tc);
|
2768
2233
|
}
|
2769
2234
|
|
@@ -2783,20 +2248,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2783
2248
|
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/int32/"
|
2784
2249
|
"encrypted-payload-v2.json");
|
2785
2250
|
tc.is_expression = true;
|
2786
|
-
tc.use_v2 = true;
|
2787
|
-
ee_testcase_run(&tc);
|
2788
|
-
}
|
2789
|
-
|
2790
|
-
{
|
2791
|
-
ee_testcase tc = {0};
|
2792
|
-
tc.desc = "An unsupported range BSON type is an error";
|
2793
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2794
|
-
tc.user_key_id = &keyABC_id;
|
2795
|
-
tc.contention_factor = OPT_I64(0);
|
2796
|
-
tc.range_opts = TEST_BSON("{'min': 0, 'max': 1, 'sparsity': {'$numberLong': '1'}}");
|
2797
|
-
tc.msg = TEST_BSON("{'v': 'abc'}");
|
2798
|
-
tc.keys_to_feed[0] = keyABC;
|
2799
|
-
tc.expect_finalize_error = "expected matching 'min' and value type";
|
2800
2251
|
ee_testcase_run(&tc);
|
2801
2252
|
}
|
2802
2253
|
|
@@ -2810,28 +2261,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2810
2261
|
tc.msg = TEST_BSON("{'v': 'abc'}");
|
2811
2262
|
tc.keys_to_feed[0] = keyABC;
|
2812
2263
|
tc.expect_finalize_error = "expected matching 'min' and value type";
|
2813
|
-
tc.use_v2 = true;
|
2814
|
-
ee_testcase_run(&tc);
|
2815
|
-
}
|
2816
|
-
|
2817
|
-
{
|
2818
|
-
ee_testcase tc = {0};
|
2819
|
-
tc.desc = "algorithm='Range' with query_type='range' with double with "
|
2820
|
-
"precision";
|
2821
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2822
|
-
tc.user_key_id = &keyABC_id;
|
2823
|
-
tc.index_key_id = &key123_id;
|
2824
|
-
tc.contention_factor = OPT_I64(0);
|
2825
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
2826
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/double-precision/"
|
2827
|
-
"rangeopts.json");
|
2828
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
2829
|
-
"double-precision/value-to-encrypt.json");
|
2830
|
-
tc.keys_to_feed[0] = keyABC;
|
2831
|
-
tc.keys_to_feed[1] = key123;
|
2832
|
-
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
2833
|
-
"double-precision/encrypted-payload.json");
|
2834
|
-
tc.is_expression = true;
|
2835
2264
|
ee_testcase_run(&tc);
|
2836
2265
|
}
|
2837
2266
|
|
@@ -2853,28 +2282,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2853
2282
|
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
2854
2283
|
"double-precision/encrypted-payload-v2.json");
|
2855
2284
|
tc.is_expression = true;
|
2856
|
-
tc.use_v2 = true;
|
2857
|
-
ee_testcase_run(&tc);
|
2858
|
-
}
|
2859
|
-
|
2860
|
-
{
|
2861
|
-
ee_testcase tc = {0};
|
2862
|
-
tc.desc = "algorithm='Range' with double precision with precision";
|
2863
|
-
#include "./data/fle2-insert-range-explicit/double-precision/RNG_DATA.h"
|
2864
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
|
2865
|
-
#undef RNG_DATA
|
2866
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2867
|
-
tc.user_key_id = &keyABC_id;
|
2868
|
-
tc.index_key_id = &key123_id;
|
2869
|
-
tc.contention_factor = OPT_I64(0);
|
2870
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/double-precision/"
|
2871
|
-
"rangeopts.json");
|
2872
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/"
|
2873
|
-
"double-precision/value-to-encrypt.json");
|
2874
|
-
tc.keys_to_feed[0] = keyABC;
|
2875
|
-
tc.keys_to_feed[1] = key123;
|
2876
|
-
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double-precision/"
|
2877
|
-
"encrypted-payload.json");
|
2878
2285
|
ee_testcase_run(&tc);
|
2879
2286
|
}
|
2880
2287
|
|
@@ -2896,26 +2303,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2896
2303
|
tc.keys_to_feed[1] = key123;
|
2897
2304
|
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double-precision/"
|
2898
2305
|
"encrypted-payload-v2.json");
|
2899
|
-
tc.use_v2 = true;
|
2900
|
-
ee_testcase_run(&tc);
|
2901
|
-
}
|
2902
|
-
|
2903
|
-
{
|
2904
|
-
ee_testcase tc = {0};
|
2905
|
-
tc.desc = "algorithm='Range' with query_type='range' with double without "
|
2906
|
-
"precision";
|
2907
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2908
|
-
tc.user_key_id = &keyABC_id;
|
2909
|
-
tc.index_key_id = &key123_id;
|
2910
|
-
tc.contention_factor = OPT_I64(0);
|
2911
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
2912
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/double/"
|
2913
|
-
"rangeopts.json");
|
2914
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/double/value-to-encrypt.json");
|
2915
|
-
tc.keys_to_feed[0] = keyABC;
|
2916
|
-
tc.keys_to_feed[1] = key123;
|
2917
|
-
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/double/encrypted-payload.json");
|
2918
|
-
tc.is_expression = true;
|
2919
2306
|
ee_testcase_run(&tc);
|
2920
2307
|
}
|
2921
2308
|
|
@@ -2935,27 +2322,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2935
2322
|
tc.keys_to_feed[1] = key123;
|
2936
2323
|
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/double/encrypted-payload-v2.json");
|
2937
2324
|
tc.is_expression = true;
|
2938
|
-
tc.use_v2 = true;
|
2939
|
-
ee_testcase_run(&tc);
|
2940
|
-
}
|
2941
|
-
|
2942
|
-
{
|
2943
|
-
ee_testcase tc = {0};
|
2944
|
-
tc.desc = "algorithm='Range' with double without precision";
|
2945
|
-
#include "./data/fle2-insert-range-explicit/double/RNG_DATA.h"
|
2946
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
|
2947
|
-
#undef RNG_DATA
|
2948
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2949
|
-
tc.user_key_id = &keyABC_id;
|
2950
|
-
tc.index_key_id = &key123_id;
|
2951
|
-
tc.contention_factor = OPT_I64(0);
|
2952
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/double/"
|
2953
|
-
"rangeopts.json");
|
2954
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/double/value-to-encrypt.json");
|
2955
|
-
tc.keys_to_feed[0] = keyABC;
|
2956
|
-
tc.keys_to_feed[1] = key123;
|
2957
|
-
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double/"
|
2958
|
-
"encrypted-payload.json");
|
2959
2325
|
ee_testcase_run(&tc);
|
2960
2326
|
}
|
2961
2327
|
|
@@ -2976,20 +2342,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2976
2342
|
tc.keys_to_feed[1] = key123;
|
2977
2343
|
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double/"
|
2978
2344
|
"encrypted-payload-v2.json");
|
2979
|
-
tc.use_v2 = true;
|
2980
|
-
ee_testcase_run(&tc);
|
2981
|
-
}
|
2982
|
-
|
2983
|
-
{
|
2984
|
-
ee_testcase tc = {0};
|
2985
|
-
tc.desc = "min > max for insert";
|
2986
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2987
|
-
tc.user_key_id = &keyABC_id;
|
2988
|
-
tc.contention_factor = OPT_I64(0);
|
2989
|
-
tc.range_opts = TEST_BSON("{'min': 1, 'max': 0, 'sparsity': {'$numberLong': '1'}}");
|
2990
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/value-to-encrypt.json");
|
2991
|
-
tc.keys_to_feed[0] = keyABC;
|
2992
|
-
tc.expect_finalize_error = "minimum value must be less than the maximum value";
|
2993
2345
|
ee_testcase_run(&tc);
|
2994
2346
|
}
|
2995
2347
|
|
@@ -3003,22 +2355,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
3003
2355
|
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/value-to-encrypt.json");
|
3004
2356
|
tc.keys_to_feed[0] = keyABC;
|
3005
2357
|
tc.expect_finalize_error = "minimum value must be less than the maximum value";
|
3006
|
-
tc.use_v2 = true;
|
3007
|
-
ee_testcase_run(&tc);
|
3008
|
-
}
|
3009
|
-
|
3010
|
-
{
|
3011
|
-
ee_testcase tc = {0};
|
3012
|
-
tc.desc = "min > max for find";
|
3013
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
3014
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
3015
|
-
tc.user_key_id = &keyABC_id;
|
3016
|
-
tc.contention_factor = OPT_I64(0);
|
3017
|
-
tc.range_opts = TEST_BSON("{'min': 25, 'max': 24, 'sparsity': {'$numberLong': '1'}}");
|
3018
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/int32/value-to-encrypt.json");
|
3019
|
-
tc.keys_to_feed[0] = keyABC;
|
3020
|
-
tc.expect_finalize_error = "minimum value must be less than the maximum value";
|
3021
|
-
tc.is_expression = true;
|
3022
2358
|
ee_testcase_run(&tc);
|
3023
2359
|
}
|
3024
2360
|
|
@@ -3037,24 +2373,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
3037
2373
|
ee_testcase_run(&tc);
|
3038
2374
|
}
|
3039
2375
|
|
3040
|
-
{
|
3041
|
-
ee_testcase tc = {0};
|
3042
|
-
tc.desc = "open interval";
|
3043
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
3044
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
3045
|
-
tc.user_key_id = &keyABC_id;
|
3046
|
-
tc.contention_factor = OPT_I64(0);
|
3047
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
3048
|
-
"int32-openinterval/rangeopts.json");
|
3049
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
3050
|
-
"int32-openinterval/value-to-encrypt.json");
|
3051
|
-
tc.keys_to_feed[0] = keyABC;
|
3052
|
-
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
3053
|
-
"int32-openinterval/encrypted-payload.json");
|
3054
|
-
tc.is_expression = true;
|
3055
|
-
ee_testcase_run(&tc);
|
3056
|
-
}
|
3057
|
-
|
3058
2376
|
{
|
3059
2377
|
ee_testcase tc = {0};
|
3060
2378
|
tc.desc = "open interval (v2)";
|
@@ -3070,7 +2388,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
3070
2388
|
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
3071
2389
|
"int32-openinterval/encrypted-payload-v2.json");
|
3072
2390
|
tc.is_expression = true;
|
3073
|
-
tc.use_v2 = true;
|
3074
2391
|
ee_testcase_run(&tc);
|
3075
2392
|
}
|
3076
2393
|
|
@@ -3154,17 +2471,13 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
|
|
3154
2471
|
TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
3155
2472
|
crypt);
|
3156
2473
|
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_BSON("{'db.coll': {'fields': []}}")), crypt);
|
3157
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
3158
|
-
// QEv1 is still supported.
|
3159
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
3160
2474
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3161
2475
|
ctx = mongocrypt_ctx_new(crypt);
|
3162
2476
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON("{'find': 'coll'}")), ctx);
|
3163
2477
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3164
2478
|
{
|
3165
2479
|
const char *expect_schema = "{ 'fields': [], 'escCollection': "
|
3166
|
-
"'enxcol_.coll.esc', '
|
3167
|
-
"'enxcol_.coll.ecc', 'ecocCollection': "
|
2480
|
+
"'enxcol_.coll.esc', 'ecocCollection': "
|
3168
2481
|
"'enxcol_.coll.ecoc' }";
|
3169
2482
|
mongocrypt_binary_t *cmd_to_mongocryptd;
|
3170
2483
|
|
@@ -3189,17 +2502,14 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
|
|
3189
2502
|
crypt);
|
3190
2503
|
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(
|
3191
2504
|
crypt,
|
3192
|
-
TEST_BSON("{'db.coll': { 'fields': [], 'escCollection': 'esc', "
|
3193
|
-
"'eccCollection': 'ecc', 'ecocCollection': 'ecoc'}}")),
|
2505
|
+
TEST_BSON("{'db.coll': { 'fields': [], 'escCollection': 'esc', 'ecocCollection': 'ecoc'}}")),
|
3194
2506
|
crypt);
|
3195
2507
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3196
2508
|
ctx = mongocrypt_ctx_new(crypt);
|
3197
2509
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON("{'find': 'coll'}")), ctx);
|
3198
2510
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3199
2511
|
{
|
3200
|
-
const char *expect_schema = "{'fields': [], 'escCollection': 'esc', "
|
3201
|
-
"'eccCollection': 'ecc', "
|
3202
|
-
"'ecocCollection': 'ecoc' }";
|
2512
|
+
const char *expect_schema = "{'fields': [], 'escCollection': 'esc', 'ecocCollection': 'ecoc' }";
|
3203
2513
|
mongocrypt_binary_t *cmd_to_mongocryptd;
|
3204
2514
|
|
3205
2515
|
cmd_to_mongocryptd = mongocrypt_binary_new();
|
@@ -3221,19 +2531,17 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
|
|
3221
2531
|
mongocrypt_setopt_kms_providers(crypt,
|
3222
2532
|
TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
3223
2533
|
crypt);
|
3224
|
-
ASSERT_OK(
|
3225
|
-
|
3226
|
-
|
3227
|
-
|
3228
|
-
crypt);
|
2534
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
|
2535
|
+
TEST_BSON("{'fields': [], 'db.coll': {'escCollection': "
|
2536
|
+
"'esc', 'fields': []}}")),
|
2537
|
+
crypt);
|
3229
2538
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3230
2539
|
ctx = mongocrypt_ctx_new(crypt);
|
3231
2540
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON("{'find': 'coll'}")), ctx);
|
3232
2541
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3233
2542
|
{
|
3234
|
-
const char *expect_schema =
|
3235
|
-
|
3236
|
-
"'ecocCollection': 'enxcol_.coll.ecoc' }";
|
2543
|
+
const char *expect_schema =
|
2544
|
+
"{'escCollection': 'esc', 'fields': [], 'ecocCollection': 'enxcol_.coll.ecoc' }";
|
3237
2545
|
mongocrypt_binary_t *cmd_to_mongocryptd;
|
3238
2546
|
|
3239
2547
|
cmd_to_mongocryptd = mongocrypt_binary_new();
|
@@ -3251,13 +2559,13 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
|
|
3251
2559
|
}
|
3252
2560
|
|
3253
2561
|
/* Test encrypting an empty 'delete' command without values to be encrypted.
|
3254
|
-
* Expect deleteTokens to be applied. */
|
3255
|
-
static void
|
2562
|
+
* Expect deleteTokens to not be applied. */
|
2563
|
+
static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
|
2564
|
+
tester_mongocrypt_flags flags = TESTER_MONGOCRYPT_DEFAULT;
|
2565
|
+
|
3256
2566
|
/* Test success. */
|
3257
2567
|
{
|
3258
|
-
|
3259
|
-
// QEv1 is still supported.
|
3260
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2568
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
|
3261
2569
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3262
2570
|
|
3263
2571
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/success/cmd.json")),
|
@@ -3287,10 +2595,6 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3287
2595
|
TEST_FILE("./test/data/keys/"
|
3288
2596
|
"12345678123498761234123456789012-local-document.json")),
|
3289
2597
|
ctx);
|
3290
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3291
|
-
TEST_FILE("./test/data/keys/"
|
3292
|
-
"12345678123498761234123456789013-local-document.json")),
|
3293
|
-
ctx);
|
3294
2598
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3295
2599
|
}
|
3296
2600
|
|
@@ -3298,7 +2602,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3298
2602
|
{
|
3299
2603
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3300
2604
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3301
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload.json"),
|
2605
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload-v2.json"),
|
3302
2606
|
out);
|
3303
2607
|
mongocrypt_binary_destroy(out);
|
3304
2608
|
}
|
@@ -3308,9 +2612,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3308
2612
|
}
|
3309
2613
|
/* Test with no encrypted values. */
|
3310
2614
|
{
|
3311
|
-
|
3312
|
-
// QEv1 is still supported.
|
3313
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2615
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
|
3314
2616
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3315
2617
|
|
3316
2618
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
|
@@ -3328,24 +2630,13 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3328
2630
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3329
2631
|
}
|
3330
2632
|
|
3331
|
-
|
3332
|
-
{
|
3333
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3334
|
-
TEST_FILE("./test/data/keys/"
|
3335
|
-
"12345678123498761234123456789012-local-document.json")),
|
3336
|
-
ctx);
|
3337
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3338
|
-
TEST_FILE("./test/data/keys/"
|
3339
|
-
"12345678123498761234123456789013-local-document.json")),
|
3340
|
-
ctx);
|
3341
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3342
|
-
}
|
3343
|
-
|
2633
|
+
/* We do not need delete tokens in v2 so we skip need keys state. */
|
3344
2634
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3345
2635
|
{
|
3346
2636
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3347
2637
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3348
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload.json"),
|
2638
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
|
2639
|
+
out);
|
3349
2640
|
mongocrypt_binary_destroy(out);
|
3350
2641
|
}
|
3351
2642
|
|
@@ -3353,7 +2644,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3353
2644
|
mongocrypt_destroy(crypt);
|
3354
2645
|
}
|
3355
2646
|
|
3356
|
-
/* deleteTokens are appended when bypassQueryAnalysis is true. */
|
2647
|
+
/* Test that deleteTokens are not appended when bypassQueryAnalysis is true in v2. */
|
3357
2648
|
{
|
3358
2649
|
mongocrypt_t *crypt = mongocrypt_new();
|
3359
2650
|
/* Configure crypt. */
|
@@ -3364,264 +2655,6 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3364
2655
|
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
3365
2656
|
mongocrypt_binary_destroy(localkey);
|
3366
2657
|
mongocrypt_setopt_bypass_query_analysis(crypt);
|
3367
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note:
|
3368
|
-
// decrypting
|
3369
|
-
// QEv1 is still supported.
|
3370
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
3371
|
-
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3372
|
-
}
|
3373
|
-
|
3374
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3375
|
-
|
3376
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
|
3377
|
-
|
3378
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
3379
|
-
{
|
3380
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/empty/collinfo.json")), ctx);
|
3381
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3382
|
-
}
|
3383
|
-
|
3384
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
3385
|
-
{
|
3386
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3387
|
-
TEST_FILE("./test/data/keys/"
|
3388
|
-
"12345678123498761234123456789012-local-document.json")),
|
3389
|
-
ctx);
|
3390
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3391
|
-
TEST_FILE("./test/data/keys/"
|
3392
|
-
"12345678123498761234123456789013-local-document.json")),
|
3393
|
-
ctx);
|
3394
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3395
|
-
}
|
3396
|
-
|
3397
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3398
|
-
{
|
3399
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3400
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3401
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload.json"), out);
|
3402
|
-
mongocrypt_binary_destroy(out);
|
3403
|
-
}
|
3404
|
-
|
3405
|
-
mongocrypt_ctx_destroy(ctx);
|
3406
|
-
mongocrypt_destroy(crypt);
|
3407
|
-
}
|
3408
|
-
|
3409
|
-
/* Test that deleteTokens are appended when using an
|
3410
|
-
* encrypted_field_config_map. */
|
3411
|
-
{
|
3412
|
-
mongocrypt_t *crypt = mongocrypt_new();
|
3413
|
-
/* Configure crypt. */
|
3414
|
-
{
|
3415
|
-
char localkey_data[MONGOCRYPT_KEY_LEN] = {0};
|
3416
|
-
mongocrypt_binary_t *localkey;
|
3417
|
-
localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
|
3418
|
-
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
3419
|
-
mongocrypt_binary_destroy(localkey);
|
3420
|
-
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
|
3421
|
-
TEST_FILE("./test/data/fle2-delete/success/"
|
3422
|
-
"encrypted-field-config-map.json")),
|
3423
|
-
crypt);
|
3424
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note:
|
3425
|
-
// decrypting
|
3426
|
-
// QEv1 is still supported.
|
3427
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
3428
|
-
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3429
|
-
}
|
3430
|
-
|
3431
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3432
|
-
|
3433
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/success/cmd.json")),
|
3434
|
-
ctx);
|
3435
|
-
|
3436
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3437
|
-
{
|
3438
|
-
ASSERT_OK(
|
3439
|
-
mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/success/mongocryptd-reply.json")),
|
3440
|
-
ctx);
|
3441
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3442
|
-
}
|
3443
|
-
|
3444
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
3445
|
-
{
|
3446
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3447
|
-
TEST_FILE("./test/data/keys/"
|
3448
|
-
"ABCDEFAB123498761234123456789012-local-document.json")),
|
3449
|
-
ctx);
|
3450
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3451
|
-
TEST_FILE("./test/data/keys/"
|
3452
|
-
"12345678123498761234123456789012-local-document.json")),
|
3453
|
-
ctx);
|
3454
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3455
|
-
TEST_FILE("./test/data/keys/"
|
3456
|
-
"12345678123498761234123456789013-local-document.json")),
|
3457
|
-
ctx);
|
3458
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3459
|
-
}
|
3460
|
-
|
3461
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3462
|
-
{
|
3463
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3464
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3465
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload.json"),
|
3466
|
-
out);
|
3467
|
-
mongocrypt_binary_destroy(out);
|
3468
|
-
}
|
3469
|
-
|
3470
|
-
mongocrypt_ctx_destroy(ctx);
|
3471
|
-
mongocrypt_destroy(crypt);
|
3472
|
-
}
|
3473
|
-
|
3474
|
-
/* Test that deleteTokens are appended when using an
|
3475
|
-
* encrypted_field_config_map and bypass_query_analysis. */
|
3476
|
-
{
|
3477
|
-
mongocrypt_t *crypt = mongocrypt_new();
|
3478
|
-
/* Configure crypt. */
|
3479
|
-
{
|
3480
|
-
char localkey_data[MONGOCRYPT_KEY_LEN] = {0};
|
3481
|
-
mongocrypt_binary_t *localkey;
|
3482
|
-
localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
|
3483
|
-
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
3484
|
-
mongocrypt_binary_destroy(localkey);
|
3485
|
-
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
|
3486
|
-
TEST_FILE("./test/data/fle2-delete/empty/"
|
3487
|
-
"encrypted-field-config-map.json")),
|
3488
|
-
crypt);
|
3489
|
-
mongocrypt_setopt_bypass_query_analysis(crypt);
|
3490
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note:
|
3491
|
-
// decrypting
|
3492
|
-
// QEv1 is still supported.
|
3493
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
3494
|
-
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3495
|
-
}
|
3496
|
-
|
3497
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3498
|
-
|
3499
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
|
3500
|
-
|
3501
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
3502
|
-
{
|
3503
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3504
|
-
TEST_FILE("./test/data/keys/"
|
3505
|
-
"12345678123498761234123456789012-local-document.json")),
|
3506
|
-
ctx);
|
3507
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3508
|
-
TEST_FILE("./test/data/keys/"
|
3509
|
-
"12345678123498761234123456789013-local-document.json")),
|
3510
|
-
ctx);
|
3511
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3512
|
-
}
|
3513
|
-
|
3514
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3515
|
-
{
|
3516
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3517
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3518
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload.json"), out);
|
3519
|
-
mongocrypt_binary_destroy(out);
|
3520
|
-
}
|
3521
|
-
|
3522
|
-
mongocrypt_ctx_destroy(ctx);
|
3523
|
-
mongocrypt_destroy(crypt);
|
3524
|
-
}
|
3525
|
-
}
|
3526
|
-
|
3527
|
-
/* Test encrypting an empty 'delete' command without values to be encrypted.
|
3528
|
-
* Expect deleteTokens to not be applied. */
|
3529
|
-
static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
|
3530
|
-
tester_mongocrypt_flags flags = TESTER_MONGOCRYPT_DEFAULT;
|
3531
|
-
|
3532
|
-
/* Test success. */
|
3533
|
-
{
|
3534
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
|
3535
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3536
|
-
|
3537
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/success/cmd.json")),
|
3538
|
-
ctx);
|
3539
|
-
|
3540
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
3541
|
-
{
|
3542
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/success/collinfo.json")), ctx);
|
3543
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3544
|
-
}
|
3545
|
-
|
3546
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3547
|
-
{
|
3548
|
-
ASSERT_OK(
|
3549
|
-
mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/success/mongocryptd-reply.json")),
|
3550
|
-
ctx);
|
3551
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3552
|
-
}
|
3553
|
-
|
3554
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
3555
|
-
{
|
3556
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3557
|
-
TEST_FILE("./test/data/keys/"
|
3558
|
-
"ABCDEFAB123498761234123456789012-local-document.json")),
|
3559
|
-
ctx);
|
3560
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3561
|
-
TEST_FILE("./test/data/keys/"
|
3562
|
-
"12345678123498761234123456789012-local-document.json")),
|
3563
|
-
ctx);
|
3564
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3565
|
-
}
|
3566
|
-
|
3567
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3568
|
-
{
|
3569
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3570
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3571
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload-v2.json"),
|
3572
|
-
out);
|
3573
|
-
mongocrypt_binary_destroy(out);
|
3574
|
-
}
|
3575
|
-
|
3576
|
-
mongocrypt_ctx_destroy(ctx);
|
3577
|
-
mongocrypt_destroy(crypt);
|
3578
|
-
}
|
3579
|
-
/* Test with no encrypted values. */
|
3580
|
-
{
|
3581
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
|
3582
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3583
|
-
|
3584
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
|
3585
|
-
|
3586
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
3587
|
-
{
|
3588
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/empty/collinfo.json")), ctx);
|
3589
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3590
|
-
}
|
3591
|
-
|
3592
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3593
|
-
{
|
3594
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/empty/mongocryptd-reply.json")),
|
3595
|
-
ctx);
|
3596
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3597
|
-
}
|
3598
|
-
|
3599
|
-
/* We do not need delete tokens in v2 so we skip need keys state. */
|
3600
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3601
|
-
{
|
3602
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3603
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3604
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
|
3605
|
-
out);
|
3606
|
-
mongocrypt_binary_destroy(out);
|
3607
|
-
}
|
3608
|
-
|
3609
|
-
mongocrypt_ctx_destroy(ctx);
|
3610
|
-
mongocrypt_destroy(crypt);
|
3611
|
-
}
|
3612
|
-
|
3613
|
-
/* Test that deleteTokens are no appended when bypassQueryAnalysis is true in v2. */
|
3614
|
-
{
|
3615
|
-
mongocrypt_t *crypt = mongocrypt_new();
|
3616
|
-
/* Configure crypt. */
|
3617
|
-
{
|
3618
|
-
char localkey_data[MONGOCRYPT_KEY_LEN] = {0};
|
3619
|
-
mongocrypt_binary_t *localkey;
|
3620
|
-
localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
|
3621
|
-
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
3622
|
-
mongocrypt_binary_destroy(localkey);
|
3623
|
-
mongocrypt_setopt_bypass_query_analysis(crypt);
|
3624
|
-
mongocrypt_setopt_fle2v2(crypt, true);
|
3625
2658
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3626
2659
|
}
|
3627
2660
|
|
@@ -3664,7 +2697,6 @@ static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
|
|
3664
2697
|
TEST_FILE("./test/data/fle2-delete/success/"
|
3665
2698
|
"encrypted-field-config-map.json")),
|
3666
2699
|
crypt);
|
3667
|
-
mongocrypt_setopt_fle2v2(crypt, true);
|
3668
2700
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3669
2701
|
}
|
3670
2702
|
|
@@ -3723,7 +2755,6 @@ static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
|
|
3723
2755
|
"encrypted-field-config-map.json")),
|
3724
2756
|
crypt);
|
3725
2757
|
mongocrypt_setopt_bypass_query_analysis(crypt);
|
3726
|
-
mongocrypt_setopt_fle2v2(crypt, true);
|
3727
2758
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3728
2759
|
}
|
3729
2760
|
|
@@ -3746,7 +2777,6 @@ static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
|
|
3746
2777
|
}
|
3747
2778
|
|
3748
2779
|
static void _test_encrypt_fle2_delete(_mongocrypt_tester_t *tester) {
|
3749
|
-
_test_encrypt_fle2_delete_v1(tester);
|
3750
2780
|
_test_encrypt_fle2_delete_v2(tester);
|
3751
2781
|
}
|
3752
2782
|
|
@@ -3756,9 +2786,7 @@ static void _test_encrypt_fle2_omits_encryptionInformation(_mongocrypt_tester_t
|
|
3756
2786
|
/* 'find' does not include 'encryptionInformation' if no fields are
|
3757
2787
|
* encrypted. */
|
3758
2788
|
{
|
3759
|
-
|
3760
|
-
// QEv1 is still supported.
|
3761
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2789
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
3762
2790
|
mongocrypt_ctx_t *ctx;
|
3763
2791
|
|
3764
2792
|
ctx = mongocrypt_ctx_new(crypt);
|
@@ -3801,9 +2829,7 @@ static void _test_encrypt_fle2_omits_encryptionInformation(_mongocrypt_tester_t
|
|
3801
2829
|
/* 'find' includes encryptionInformation if the initial command includes an
|
3802
2830
|
* explicitly encrypted payload. */
|
3803
2831
|
{
|
3804
|
-
|
3805
|
-
// QEv1 is still supported.
|
3806
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2832
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
3807
2833
|
mongocrypt_ctx_t *ctx;
|
3808
2834
|
|
3809
2835
|
ctx = mongocrypt_ctx_new(crypt);
|
@@ -3850,9 +2876,7 @@ static void _test_encrypt_fle2_explain_with_mongocryptd(_mongocrypt_tester_t *te
|
|
3850
2876
|
/* Test with an encrypted value. Otherwise 'encryptionInformation' is not
|
3851
2877
|
* appended. */
|
3852
2878
|
{
|
3853
|
-
|
3854
|
-
// QEv1 is still supported.
|
3855
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2879
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
3856
2880
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3857
2881
|
|
3858
2882
|
ASSERT_OK(
|
@@ -3914,17 +2938,14 @@ static void _test_encrypt_fle2_explain_with_mongocryptd(_mongocrypt_tester_t *te
|
|
3914
2938
|
|
3915
2939
|
static void _test_encrypt_fle2_explain_with_csfle(_mongocrypt_tester_t *tester) {
|
3916
2940
|
if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
|
3917
|
-
|
3918
|
-
"_test_encrypt_fle2_explain_with_csfle test is a no-op.",
|
3919
|
-
stderr);
|
2941
|
+
TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
|
3920
2942
|
return;
|
3921
2943
|
}
|
3922
2944
|
|
3923
2945
|
/* Test with an encrypted value. Otherwise 'encryptionInformation' is not
|
3924
2946
|
* appended. */
|
3925
2947
|
{
|
3926
|
-
mongocrypt_t *crypt =
|
3927
|
-
_mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_SHARED_LIB | TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2948
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_SHARED_LIB);
|
3928
2949
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3929
2950
|
|
3930
2951
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-explain/with-csfle/cmd.json")),
|
@@ -4012,9 +3033,7 @@ static void _test_encrypt_fle1_explain_with_mongocryptd(_mongocrypt_tester_t *te
|
|
4012
3033
|
|
4013
3034
|
static void _test_encrypt_fle1_explain_with_csfle(_mongocrypt_tester_t *tester) {
|
4014
3035
|
if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
|
4015
|
-
|
4016
|
-
"_test_encrypt_fle1_explain_with_csfle test is a no-op.",
|
4017
|
-
stderr);
|
3036
|
+
TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
|
4018
3037
|
return;
|
4019
3038
|
}
|
4020
3039
|
|
@@ -4050,9 +3069,7 @@ static void _test_encrypt_fle1_explain_with_csfle(_mongocrypt_tester_t *tester)
|
|
4050
3069
|
// Test that an input command with $db preserves $db in the output.
|
4051
3070
|
static void _test_dollardb_preserved(_mongocrypt_tester_t *tester) {
|
4052
3071
|
/* Test with an encrypted value. */
|
4053
|
-
|
4054
|
-
// QEv1 is still supported.
|
4055
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
3072
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4056
3073
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4057
3074
|
|
4058
3075
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/dollardb/preserved/cmd.json")), ctx);
|
@@ -4155,9 +3172,7 @@ static void _test_dollardb_preserved_empty(_mongocrypt_tester_t *tester) {
|
|
4155
3172
|
|
4156
3173
|
// Test that an input command with no $db does not include $db in the output.
|
4157
3174
|
static void _test_dollardb_omitted(_mongocrypt_tester_t *tester) {
|
4158
|
-
|
4159
|
-
// QEv1 is still supported.
|
4160
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
3175
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4161
3176
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4162
3177
|
|
4163
3178
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/dollardb/omitted/cmd.json")), ctx);
|
@@ -4266,6 +3281,24 @@ static void _test_dollardb_preserved_fle1(_mongocrypt_tester_t *tester) {
|
|
4266
3281
|
mongocrypt_destroy(crypt);
|
4267
3282
|
}
|
4268
3283
|
|
3284
|
+
#define expect_mongo_op(ctx, expect) \
|
3285
|
+
if (1) { \
|
3286
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new(); \
|
3287
|
+
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, got), ctx); \
|
3288
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON((expect), got); \
|
3289
|
+
mongocrypt_binary_destroy(got); \
|
3290
|
+
} else \
|
3291
|
+
((void)0)
|
3292
|
+
|
3293
|
+
#define expect_and_reply_to_ismaster(ctx) \
|
3294
|
+
if (1) { \
|
3295
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS); \
|
3296
|
+
expect_mongo_op(ctx, TEST_BSON("{'isMaster': 1}")); \
|
3297
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/mongocryptd-ismaster-26.json")), ctx); \
|
3298
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx); \
|
3299
|
+
} else \
|
3300
|
+
((void)0)
|
3301
|
+
|
4269
3302
|
static void _test_fle1_create_without_schema(_mongocrypt_tester_t *tester) {
|
4270
3303
|
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4271
3304
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
@@ -4273,38 +3306,24 @@ static void _test_fle1_create_without_schema(_mongocrypt_tester_t *tester) {
|
|
4273
3306
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle1-create/without-schema/cmd.json")),
|
4274
3307
|
ctx);
|
4275
3308
|
|
3309
|
+
expect_and_reply_to_ismaster(ctx);
|
3310
|
+
|
4276
3311
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4277
3312
|
{
|
4278
3313
|
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4279
3314
|
|
4280
3315
|
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4281
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/"
|
4282
|
-
"ismaster-to-mongocryptd.json"),
|
3316
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/cmd-to-mongocryptd.json"),
|
4283
3317
|
cmd_to_mongocryptd);
|
4284
3318
|
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4285
3319
|
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4286
3320
|
TEST_FILE("./test/data/fle1-create/without-schema/"
|
4287
|
-
"mongocryptd-
|
3321
|
+
"mongocryptd-reply.json")),
|
4288
3322
|
ctx);
|
4289
3323
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4290
3324
|
}
|
4291
3325
|
|
4292
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx),
|
4293
|
-
{
|
4294
|
-
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4295
|
-
|
4296
|
-
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4297
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/cmd-to-mongocryptd.json"),
|
4298
|
-
cmd_to_mongocryptd);
|
4299
|
-
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4300
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4301
|
-
TEST_FILE("./test/data/fle1-create/without-schema/"
|
4302
|
-
"mongocryptd-reply.json")),
|
4303
|
-
ctx);
|
4304
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4305
|
-
}
|
4306
|
-
|
4307
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3326
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
4308
3327
|
{
|
4309
3328
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
4310
3329
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
@@ -4331,21 +3350,7 @@ static void _test_fle1_create_with_schema(_mongocrypt_tester_t *tester) {
|
|
4331
3350
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle1-create/with-schema/cmd.json")),
|
4332
3351
|
ctx);
|
4333
3352
|
|
4334
|
-
|
4335
|
-
{
|
4336
|
-
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4337
|
-
|
4338
|
-
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4339
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/with-schema/"
|
4340
|
-
"ismaster-to-mongocryptd.json"),
|
4341
|
-
cmd_to_mongocryptd);
|
4342
|
-
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4343
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4344
|
-
TEST_FILE("./test/data/fle1-create/with-schema/"
|
4345
|
-
"mongocryptd-ismaster.json")),
|
4346
|
-
ctx);
|
4347
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4348
|
-
}
|
3353
|
+
expect_and_reply_to_ismaster(ctx);
|
4349
3354
|
|
4350
3355
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4351
3356
|
{
|
@@ -4384,21 +3389,7 @@ static void _test_fle1_create_with_cmd_schema(_mongocrypt_tester_t *tester) {
|
|
4384
3389
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle1-create/with-cmd-schema/cmd.json")),
|
4385
3390
|
ctx);
|
4386
3391
|
|
4387
|
-
|
4388
|
-
{
|
4389
|
-
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4390
|
-
|
4391
|
-
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4392
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/with-cmd-schema/"
|
4393
|
-
"ismaster-to-mongocryptd.json"),
|
4394
|
-
cmd_to_mongocryptd);
|
4395
|
-
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4396
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4397
|
-
TEST_FILE("./test/data/fle1-create/with-cmd-schema/"
|
4398
|
-
"mongocryptd-ismaster.json")),
|
4399
|
-
ctx);
|
4400
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4401
|
-
}
|
3392
|
+
expect_and_reply_to_ismaster(ctx);
|
4402
3393
|
|
4403
3394
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4404
3395
|
{
|
@@ -4469,9 +3460,7 @@ static void _test_fle1_create_old_mongocryptd(_mongocrypt_tester_t *tester) {
|
|
4469
3460
|
|
4470
3461
|
static void _test_fle1_create_with_csfle(_mongocrypt_tester_t *tester) {
|
4471
3462
|
if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
|
4472
|
-
|
4473
|
-
"_test_fle1_create_with_csfle test is a no-op.",
|
4474
|
-
stderr);
|
3463
|
+
TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
|
4475
3464
|
return;
|
4476
3465
|
}
|
4477
3466
|
|
@@ -4494,45 +3483,32 @@ static void _test_fle1_create_with_csfle(_mongocrypt_tester_t *tester) {
|
|
4494
3483
|
mongocrypt_destroy(crypt);
|
4495
3484
|
}
|
4496
3485
|
|
4497
|
-
static void
|
3486
|
+
static void test_successful_fle2_create(_mongocrypt_tester_t *tester,
|
3487
|
+
const char *efc_map_path,
|
3488
|
+
const char *cmd_path,
|
3489
|
+
const char *cmd_to_cryptd_path,
|
3490
|
+
const char *cryptd_reply_path,
|
3491
|
+
const char *encrypted_payload_path) {
|
4498
3492
|
mongocrypt_t *crypt = mongocrypt_new();
|
4499
3493
|
|
4500
3494
|
ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
|
4501
|
-
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(
|
4502
|
-
crypt,
|
4503
|
-
TEST_FILE("./test/data/fle2-create/encrypted-field-config-map.json")),
|
4504
|
-
crypt);
|
3495
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_FILE(efc_map_path)), crypt);
|
4505
3496
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
4506
3497
|
|
4507
3498
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4508
3499
|
|
4509
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE(
|
4510
|
-
|
4511
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4512
|
-
{
|
4513
|
-
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
3500
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE(cmd_path)), ctx);
|
4514
3501
|
|
4515
|
-
|
4516
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/"
|
4517
|
-
"ismaster-to-mongocryptd.json"),
|
4518
|
-
cmd_to_mongocryptd);
|
4519
|
-
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4520
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4521
|
-
TEST_FILE("./test/data/fle1-create/without-schema/"
|
4522
|
-
"mongocryptd-ismaster.json")),
|
4523
|
-
ctx);
|
4524
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4525
|
-
}
|
3502
|
+
expect_and_reply_to_ismaster(ctx);
|
4526
3503
|
|
4527
3504
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4528
3505
|
{
|
4529
3506
|
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4530
3507
|
|
4531
3508
|
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4532
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(
|
4533
|
-
cmd_to_mongocryptd);
|
3509
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(cmd_to_cryptd_path), cmd_to_mongocryptd);
|
4534
3510
|
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4535
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE(
|
3511
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE(cryptd_reply_path)), ctx);
|
4536
3512
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4537
3513
|
}
|
4538
3514
|
|
@@ -4540,7 +3516,7 @@ static void _test_fle2_create(_mongocrypt_tester_t *tester) {
|
|
4540
3516
|
{
|
4541
3517
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
4542
3518
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
4543
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(
|
3519
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(encrypted_payload_path), out);
|
4544
3520
|
mongocrypt_binary_destroy(out);
|
4545
3521
|
}
|
4546
3522
|
|
@@ -4548,6 +3524,85 @@ static void _test_fle2_create(_mongocrypt_tester_t *tester) {
|
|
4548
3524
|
mongocrypt_destroy(crypt);
|
4549
3525
|
}
|
4550
3526
|
|
3527
|
+
#define TEST_SUCCESSFUL_FLE2_CREATE(efc_path, cmd_path, cryptd_path, payload_path) \
|
3528
|
+
test_successful_fle2_create(tester, \
|
3529
|
+
"./test/data/" efc_path "/encrypted-field-config-map.json", \
|
3530
|
+
"./test/data/" cmd_path "/cmd.json", \
|
3531
|
+
"./test/data/" cryptd_path "/cmd-to-mongocryptd.json", \
|
3532
|
+
"./test/data/" cryptd_path "/mongocryptd-reply.json", \
|
3533
|
+
"./test/data/" payload_path "/encrypted-payload.json")
|
3534
|
+
|
3535
|
+
#define TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR(path) TEST_SUCCESSFUL_FLE2_CREATE(path, path, path, path)
|
3536
|
+
|
3537
|
+
static void _test_fle2_create(_mongocrypt_tester_t *tester) {
|
3538
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-create");
|
3539
|
+
}
|
3540
|
+
|
3541
|
+
static void _test_fle2_create_with_encrypted_fields(_mongocrypt_tester_t *tester) {
|
3542
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-create-encrypted-collection");
|
3543
|
+
}
|
3544
|
+
|
3545
|
+
static void _test_fle2_create_with_encrypted_fields_and_str_encode_version(_mongocrypt_tester_t *tester) {
|
3546
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-create-encrypted-collection-with-str-encode-version");
|
3547
|
+
}
|
3548
|
+
|
3549
|
+
static void _test_fle2_create_with_encrypted_fields_unset_str_encode_version(_mongocrypt_tester_t *tester) {
|
3550
|
+
TEST_SUCCESSFUL_FLE2_CREATE("fle2-create-encrypted-collection-with-str-encode-version",
|
3551
|
+
"fle2-create-encrypted-collection",
|
3552
|
+
"fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version",
|
3553
|
+
"fle2-create-encrypted-collection-with-str-encode-version");
|
3554
|
+
}
|
3555
|
+
|
3556
|
+
static void _test_fle2_text_search_create_with_encrypted_fields(_mongocrypt_tester_t *tester) {
|
3557
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-text-search-create-encrypted-collection");
|
3558
|
+
}
|
3559
|
+
|
3560
|
+
static void _test_fle2_text_search_create_with_encrypted_fields_and_str_encode_version(_mongocrypt_tester_t *tester) {
|
3561
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-text-search-create-encrypted-collection-with-str-encode-version");
|
3562
|
+
}
|
3563
|
+
|
3564
|
+
static void _test_fle2_text_search_create_with_encrypted_fields_unset_str_encode_version(_mongocrypt_tester_t *tester) {
|
3565
|
+
TEST_SUCCESSFUL_FLE2_CREATE("fle2-text-search-create-encrypted-collection-with-str-encode-version",
|
3566
|
+
"fle2-text-search-create-encrypted-collection",
|
3567
|
+
"fle2-text-search-create-encrypted-collection",
|
3568
|
+
"fle2-text-search-create-encrypted-collection-with-str-encode-version");
|
3569
|
+
}
|
3570
|
+
|
3571
|
+
static void
|
3572
|
+
_test_fle2_text_search_create_with_encrypted_fields_unmatching_str_encode_version(_mongocrypt_tester_t *tester) {
|
3573
|
+
TEST_SUCCESSFUL_FLE2_CREATE("fle2-text-search-create-encrypted-collection",
|
3574
|
+
"fle2-text-search-create-encrypted-collection-with-str-encode-version",
|
3575
|
+
"fle2-text-search-create-encrypted-collection-with-str-encode-version",
|
3576
|
+
"fle2-text-search-create-encrypted-collection-with-str-encode-version");
|
3577
|
+
}
|
3578
|
+
|
3579
|
+
// Test that the JSON Schema found from a "create" command is not cached.
|
3580
|
+
static void _test_fle2_create_does_not_cache_empty_schema(_mongocrypt_tester_t *tester) {
|
3581
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
3582
|
+
// Auto encrypt a "create" to "db.coll".
|
3583
|
+
{
|
3584
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3585
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-create/cmd.json")), ctx);
|
3586
|
+
expect_and_reply_to_ismaster(ctx);
|
3587
|
+
|
3588
|
+
// Expect MONGOCRYPT_CTX_NEED_MONGO_COLLINFO is skipped since no server-side schema is expected for "create".
|
3589
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3590
|
+
mongocrypt_ctx_destroy(ctx);
|
3591
|
+
}
|
3592
|
+
|
3593
|
+
// Auto encrypt "find" to "db.coll". Expect server-side schema is requested.
|
3594
|
+
{
|
3595
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3596
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON(BSON_STR({"find" : "coll", "filter" : {}}))),
|
3597
|
+
ctx);
|
3598
|
+
// The MONGOCRYPT_CTX_NEED_COLLINFO state is entered to request a server-side schema.
|
3599
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
3600
|
+
mongocrypt_ctx_destroy(ctx);
|
3601
|
+
}
|
3602
|
+
|
3603
|
+
mongocrypt_destroy(crypt);
|
3604
|
+
}
|
3605
|
+
|
4551
3606
|
/* Regression test for MONGOCRYPT-435 */
|
4552
3607
|
static void _test_fle2_create_bypass_query_analysis(_mongocrypt_tester_t *tester) {
|
4553
3608
|
mongocrypt_t *crypt = mongocrypt_new();
|
@@ -4582,15 +3637,13 @@ static void _test_encrypt_macos_no_ctr(_mongocrypt_tester_t *tester) {
|
|
4582
3637
|
_mongocrypt_buffer_t key_id;
|
4583
3638
|
|
4584
3639
|
if (_aes_ctr_is_supported_by_os) {
|
4585
|
-
|
3640
|
+
TEST_PRINTF("Common Crypto with CTR support detected. Skipping.");
|
4586
3641
|
return;
|
4587
3642
|
}
|
4588
3643
|
|
4589
3644
|
_mongocrypt_buffer_copy_from_hex(&key_id, "ABCDEFAB123498761234123456789012");
|
4590
3645
|
|
4591
|
-
|
4592
|
-
// QEv1 is still supported.
|
4593
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
3646
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4594
3647
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4595
3648
|
|
4596
3649
|
ASSERT_OK(mongocrypt_ctx_setopt_algorithm(ctx, MONGOCRYPT_ALGORITHM_UNINDEXED_STR, -1), ctx);
|
@@ -4663,7 +3716,7 @@ static void _test_fle1_collmod_without_jsonSchema(_mongocrypt_tester_t *tester)
|
|
4663
3716
|
|
4664
3717
|
static void _test_bulkWrite(_mongocrypt_tester_t *tester) {
|
4665
3718
|
if (!_aes_ctr_is_supported_by_os) {
|
4666
|
-
|
3719
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Required by QEv2 encryption. Skipping.");
|
4667
3720
|
return;
|
4668
3721
|
}
|
4669
3722
|
|
@@ -5135,11 +4188,11 @@ typedef struct {
|
|
5135
4188
|
|
5136
4189
|
static void autoencryption_test_run(autoencryption_test *aet) {
|
5137
4190
|
if (!_aes_ctr_is_supported_by_os) {
|
5138
|
-
|
4191
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
5139
4192
|
return;
|
5140
4193
|
}
|
5141
4194
|
|
5142
|
-
|
4195
|
+
TEST_PRINTF(" auto_encryption test: '%s' ... begin\n", aet->desc);
|
5143
4196
|
|
5144
4197
|
// Reset global counter for the `payloadId` to produce deterministic payloads.
|
5145
4198
|
extern void mc_reset_payloadId_for_testing(void);
|
@@ -5206,14 +4259,14 @@ static void autoencryption_test_run(autoencryption_test *aet) {
|
|
5206
4259
|
mongocrypt_binary_destroy(got);
|
5207
4260
|
}
|
5208
4261
|
|
5209
|
-
|
4262
|
+
TEST_PRINTF(" auto_encryption test: '%s' ... end\n", aet->desc);
|
5210
4263
|
mongocrypt_ctx_destroy(ctx);
|
5211
4264
|
mongocrypt_destroy(crypt);
|
5212
4265
|
}
|
5213
4266
|
|
5214
4267
|
static void _test_no_trimFactor(_mongocrypt_tester_t *tester) {
|
5215
4268
|
if (!_aes_ctr_is_supported_by_os) {
|
5216
|
-
|
4269
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
5217
4270
|
return;
|
5218
4271
|
}
|
5219
4272
|
|
@@ -5281,7 +4334,7 @@ static void lookup_payload_bson(mongocrypt_binary_t *result, char *path, bson_t
|
|
5281
4334
|
// Test that the crypto params added in SERVER-91889 are sent for "range" payloads.
|
5282
4335
|
static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
5283
4336
|
if (!_aes_ctr_is_supported_by_os) {
|
5284
|
-
|
4337
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
5285
4338
|
return;
|
5286
4339
|
}
|
5287
4340
|
|
@@ -5304,7 +4357,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5304
4357
|
tc.msg = TEST_BSON("{'v': 123456}");
|
5305
4358
|
tc.keys_to_feed[0] = key123;
|
5306
4359
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-insert-int32/expected.json");
|
5307
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5308
4360
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5309
4361
|
ee_testcase_run(&tc);
|
5310
4362
|
// Check the parameters are present in the final payload.
|
@@ -5330,7 +4382,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5330
4382
|
tc.msg = TEST_BSON("{'v': 123456}");
|
5331
4383
|
tc.keys_to_feed[0] = key123;
|
5332
4384
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-insert-int32-defaults/expected.json");
|
5333
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5334
4385
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5335
4386
|
ee_testcase_run(&tc);
|
5336
4387
|
// Check the parameters are present in the final payload.
|
@@ -5357,7 +4408,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5357
4408
|
tc.msg = TEST_BSON("{'v': 123456.0}");
|
5358
4409
|
tc.keys_to_feed[0] = key123;
|
5359
4410
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-insert-double/expected.json");
|
5360
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5361
4411
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5362
4412
|
ee_testcase_run(&tc);
|
5363
4413
|
// Check the parameters are present in the final payload.
|
@@ -5383,7 +4433,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5383
4433
|
tc.msg = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32-defaults/to-encrypt.json");
|
5384
4434
|
tc.keys_to_feed[0] = key123;
|
5385
4435
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32-defaults/expected.json");
|
5386
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5387
4436
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5388
4437
|
ee_testcase_run(&tc);
|
5389
4438
|
// Check the parameters are present in the final payload.
|
@@ -5409,7 +4458,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5409
4458
|
tc.msg = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32/to-encrypt.json");
|
5410
4459
|
tc.keys_to_feed[0] = key123;
|
5411
4460
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32/expected.json");
|
5412
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5413
4461
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5414
4462
|
ee_testcase_run(&tc);
|
5415
4463
|
// Check the parameters are present in the final payload.
|
@@ -5476,6 +4524,1275 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5476
4524
|
_mongocrypt_buffer_cleanup(&key123_id);
|
5477
4525
|
}
|
5478
4526
|
|
4527
|
+
typedef struct _responses {
|
4528
|
+
const char *key_document;
|
4529
|
+
const char *oauth_response;
|
4530
|
+
const char *decrypt_response;
|
4531
|
+
} _responses;
|
4532
|
+
|
4533
|
+
static void _test_encrypt_retry_provider(_responses r, _mongocrypt_tester_t *tester) {
|
4534
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4535
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4536
|
+
|
4537
|
+
// Create context.
|
4538
|
+
{
|
4539
|
+
// Use explicit encryption to simplify (no schema needed).
|
4540
|
+
ASSERT_OK(mongocrypt_ctx_setopt_key_alt_name(ctx, TEST_BSON(BSON_STR({"keyAltName" : "keyDocumentName"}))),
|
4541
|
+
ctx);
|
4542
|
+
ASSERT_OK(mongocrypt_ctx_setopt_algorithm(ctx, MONGOCRYPT_ALGORITHM_DETERMINISTIC_STR, -1), ctx);
|
4543
|
+
ASSERT_OK(mongocrypt_ctx_explicit_encrypt_init(ctx, TEST_BSON(BSON_STR({"v" : "foo"}))), ctx);
|
4544
|
+
}
|
4545
|
+
|
4546
|
+
// Feed key.
|
4547
|
+
{
|
4548
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
4549
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE(r.key_document)), ctx);
|
4550
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4551
|
+
}
|
4552
|
+
|
4553
|
+
// Needs KMS for oauth token.
|
4554
|
+
{
|
4555
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_KMS);
|
4556
|
+
mongocrypt_kms_ctx_t *kctx = mongocrypt_ctx_next_kms_ctx(ctx);
|
4557
|
+
ASSERT(kctx);
|
4558
|
+
// Feed a retryable HTTP error.
|
4559
|
+
ASSERT_OK(mongocrypt_kms_ctx_feed(kctx, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")), kctx);
|
4560
|
+
// Expect KMS request is returned again for a retry.
|
4561
|
+
kctx = mongocrypt_ctx_next_kms_ctx(ctx);
|
4562
|
+
ASSERT_OK(kctx, ctx);
|
4563
|
+
ASSERT_CMPINT64(mongocrypt_kms_ctx_usleep(kctx), >, 0);
|
4564
|
+
ASSERT_OK(mongocrypt_kms_ctx_feed(kctx, TEST_FILE(r.oauth_response)), kctx);
|
4565
|
+
ASSERT_OK(mongocrypt_ctx_kms_done(ctx), ctx);
|
4566
|
+
}
|
4567
|
+
|
4568
|
+
// Needs KMS to decrypt DEK.
|
4569
|
+
{
|
4570
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_KMS);
|
4571
|
+
mongocrypt_kms_ctx_t *kctx = mongocrypt_ctx_next_kms_ctx(ctx);
|
4572
|
+
ASSERT(kctx);
|
4573
|
+
// Feed a retryable HTTP error.
|
4574
|
+
ASSERT_OK(mongocrypt_kms_ctx_feed(kctx, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")), kctx);
|
4575
|
+
// Expect KMS request is returned again for a retry.
|
4576
|
+
kctx = mongocrypt_ctx_next_kms_ctx(ctx);
|
4577
|
+
ASSERT_OK(kctx, ctx);
|
4578
|
+
ASSERT_CMPINT64(mongocrypt_kms_ctx_usleep(kctx), >, 0);
|
4579
|
+
// Feed a successful response.
|
4580
|
+
ASSERT_OK(mongocrypt_kms_ctx_feed(kctx, TEST_FILE(r.decrypt_response)), kctx);
|
4581
|
+
ASSERT_OK(mongocrypt_ctx_kms_done(ctx), ctx);
|
4582
|
+
}
|
4583
|
+
|
4584
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
4585
|
+
mongocrypt_binary_t *bin = mongocrypt_binary_new();
|
4586
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, bin), ctx);
|
4587
|
+
mongocrypt_binary_destroy(bin);
|
4588
|
+
mongocrypt_ctx_destroy(ctx);
|
4589
|
+
mongocrypt_destroy(crypt);
|
4590
|
+
}
|
4591
|
+
|
4592
|
+
static void _test_encrypt_retry(_mongocrypt_tester_t *tester) {
|
4593
|
+
// Test that an HTTP error is retried with AWS
|
4594
|
+
{
|
4595
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4596
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4597
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
|
4598
|
+
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_KMS);
|
4599
|
+
mongocrypt_kms_ctx_t *kms_ctx = mongocrypt_ctx_next_kms_ctx(ctx);
|
4600
|
+
ASSERT_OK(kms_ctx, ctx);
|
4601
|
+
// Expect no sleep is requested before any error.
|
4602
|
+
ASSERT_CMPINT64(mongocrypt_kms_ctx_usleep(kms_ctx), ==, 0);
|
4603
|
+
// Feed a retryable HTTP error.
|
4604
|
+
ASSERT_OK(mongocrypt_kms_ctx_feed(kms_ctx, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")), kms_ctx);
|
4605
|
+
// Expect KMS request is returned again for a retry.
|
4606
|
+
kms_ctx = mongocrypt_ctx_next_kms_ctx(ctx);
|
4607
|
+
ASSERT_OK(kms_ctx, ctx);
|
4608
|
+
// Feed a successful response.
|
4609
|
+
ASSERT_OK(mongocrypt_kms_ctx_feed(kms_ctx, TEST_FILE("./test/data/kms-aws/decrypt-response.txt")), kms_ctx);
|
4610
|
+
ASSERT_OK(mongocrypt_ctx_kms_done(ctx), ctx);
|
4611
|
+
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_DONE);
|
4612
|
+
mongocrypt_ctx_destroy(ctx);
|
4613
|
+
mongocrypt_destroy(crypt);
|
4614
|
+
}
|
4615
|
+
// Azure
|
4616
|
+
{
|
4617
|
+
_responses r = {
|
4618
|
+
"./test/data/key-document-azure.json",
|
4619
|
+
"./test/data/kms-azure/oauth-response.txt",
|
4620
|
+
"./test/data/kms-azure/decrypt-response.txt",
|
4621
|
+
};
|
4622
|
+
_test_encrypt_retry_provider(r, tester);
|
4623
|
+
}
|
4624
|
+
// GCP
|
4625
|
+
{
|
4626
|
+
_responses r = {
|
4627
|
+
"./test/data/key-document-gcp.json",
|
4628
|
+
"./test/data/kms-gcp/oauth-response.txt",
|
4629
|
+
"./test/data/kms-gcp/decrypt-response.txt",
|
4630
|
+
};
|
4631
|
+
_test_encrypt_retry_provider(r, tester);
|
4632
|
+
}
|
4633
|
+
// Multiple keys
|
4634
|
+
{
|
4635
|
+
// Create crypt with retry enabled.
|
4636
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4637
|
+
ASSERT_OK(mongocrypt_setopt_kms_providers(
|
4638
|
+
crypt,
|
4639
|
+
TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
|
4640
|
+
crypt);
|
4641
|
+
ASSERT_OK(mongocrypt_setopt_retry_kms(crypt, true), crypt);
|
4642
|
+
ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TEST_FILE("./test/data/multikey/schema_map.json")), crypt);
|
4643
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
4644
|
+
|
4645
|
+
// Encrypt a command requiring two keys.
|
4646
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4647
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/multikey/command.json")), ctx);
|
4648
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4649
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/multikey/mongocryptd_reply.json")), ctx);
|
4650
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4651
|
+
|
4652
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
4653
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/multikey/key-document-a.json")), ctx);
|
4654
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/multikey/key-document-b.json")), ctx);
|
4655
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4656
|
+
|
4657
|
+
// Expect two keys are needed. Obtain both.
|
4658
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_KMS);
|
4659
|
+
mongocrypt_kms_ctx_t *kctx1 = mongocrypt_ctx_next_kms_ctx(ctx);
|
4660
|
+
ASSERT(kctx1);
|
4661
|
+
mongocrypt_kms_ctx_t *kctx2 = mongocrypt_ctx_next_kms_ctx(ctx);
|
4662
|
+
ASSERT(kctx2);
|
4663
|
+
|
4664
|
+
// Feed a successful response to the first.
|
4665
|
+
ASSERT_OK(mongocrypt_kms_ctx_feed(kctx1, TEST_FILE("./test/data/kms-aws/decrypt-response.txt")), kctx1);
|
4666
|
+
|
4667
|
+
// Feed a retryable error response to the second.
|
4668
|
+
ASSERT_OK(mongocrypt_kms_ctx_feed(kctx2, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")), kctx2);
|
4669
|
+
|
4670
|
+
// Expect the retried KMS context is returned again.
|
4671
|
+
mongocrypt_kms_ctx_t *kctx_retry = mongocrypt_ctx_next_kms_ctx(ctx);
|
4672
|
+
ASSERT(kctx_retry);
|
4673
|
+
ASSERT_OK(mongocrypt_kms_ctx_feed(kctx_retry, TEST_FILE("./test/data/kms-aws/decrypt-response.txt")),
|
4674
|
+
kctx_retry);
|
4675
|
+
|
4676
|
+
ASSERT_OK(mongocrypt_ctx_kms_done(ctx), ctx);
|
4677
|
+
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_DONE);
|
4678
|
+
mongocrypt_ctx_destroy(ctx);
|
4679
|
+
mongocrypt_destroy(crypt);
|
4680
|
+
}
|
4681
|
+
// Test retry does not occur if not enabled.
|
4682
|
+
{
|
4683
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4684
|
+
ASSERT_OK(mongocrypt_setopt_kms_providers(
|
4685
|
+
crypt,
|
4686
|
+
TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
|
4687
|
+
crypt);
|
4688
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
4689
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4690
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
|
4691
|
+
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_KMS);
|
4692
|
+
mongocrypt_kms_ctx_t *kms_ctx = mongocrypt_ctx_next_kms_ctx(ctx);
|
4693
|
+
ASSERT_OK(kms_ctx, ctx); // Give a retryable HTTP error. Expect error due to retry disabled.
|
4694
|
+
ASSERT_FAILS(mongocrypt_kms_ctx_feed(kms_ctx, TEST_FILE("./test/data/rmd/kms-decrypt-reply-429.txt")),
|
4695
|
+
kms_ctx,
|
4696
|
+
"Error in KMS response");
|
4697
|
+
mongocrypt_ctx_destroy(ctx);
|
4698
|
+
mongocrypt_destroy(crypt);
|
4699
|
+
}
|
4700
|
+
|
4701
|
+
// Test network retry does not occur if not enabled.
|
4702
|
+
{
|
4703
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4704
|
+
ASSERT_OK(mongocrypt_setopt_kms_providers(
|
4705
|
+
crypt,
|
4706
|
+
TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
|
4707
|
+
crypt);
|
4708
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
4709
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4710
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
|
4711
|
+
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_KMS);
|
4712
|
+
mongocrypt_kms_ctx_t *kms_ctx = mongocrypt_ctx_next_kms_ctx(ctx);
|
4713
|
+
ASSERT_OK(kms_ctx, ctx); // Give a retryable network error. Expect error due to retry disabled.
|
4714
|
+
ASSERT_FAILS(mongocrypt_kms_ctx_fail(kms_ctx), kms_ctx, "KMS request failed due to network error");
|
4715
|
+
mongocrypt_ctx_destroy(ctx);
|
4716
|
+
mongocrypt_destroy(crypt);
|
4717
|
+
}
|
4718
|
+
}
|
4719
|
+
|
4720
|
+
static void capture_logs(mongocrypt_log_level_t level, const char *message, uint32_t message_len, void *ctx) {
|
4721
|
+
mc_array_t *log_msgs = ctx;
|
4722
|
+
char *message_copy = bson_strdup(message);
|
4723
|
+
_mc_array_append_val(log_msgs, message_copy);
|
4724
|
+
}
|
4725
|
+
|
4726
|
+
// Regression test for: MONGOCRYPT-770
|
4727
|
+
static void _test_does_not_warn_for_empty_local_schema(_mongocrypt_tester_t *tester) {
|
4728
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4729
|
+
ASSERT_OK(mongocrypt_setopt_kms_providers(
|
4730
|
+
crypt,
|
4731
|
+
TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
|
4732
|
+
crypt);
|
4733
|
+
|
4734
|
+
mc_array_t log_msgs; // Array of char *;
|
4735
|
+
_mc_array_init(&log_msgs, sizeof(char *));
|
4736
|
+
ASSERT_OK(mongocrypt_setopt_log_handler(crypt, capture_logs, &log_msgs), crypt);
|
4737
|
+
|
4738
|
+
// Configure a local schema for "db.coll":
|
4739
|
+
ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TEST_BSON(BSON_STR({"db.coll" : {}}))), crypt);
|
4740
|
+
|
4741
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
4742
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4743
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON(BSON_STR({"find" : "coll", "filter" : {}}))), ctx);
|
4744
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4745
|
+
|
4746
|
+
// Feed mongocryptd reply indicating `schemaRequiresEncryption: false`.
|
4747
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_BSON(BSON_STR({
|
4748
|
+
"hasEncryptionPlaceholders" : false,
|
4749
|
+
"schemaRequiresEncryption" : false,
|
4750
|
+
"result" : {"find" : "test", "filter" : {}},
|
4751
|
+
"ok" : {"$numberDouble" : "1.0"}
|
4752
|
+
}))),
|
4753
|
+
ctx);
|
4754
|
+
|
4755
|
+
// Expect no warning (passing an empty local schema is a valid use-case).
|
4756
|
+
if (log_msgs.len > 0) {
|
4757
|
+
TEST_STDERR_PRINTF("Got unexpected log messages:\n");
|
4758
|
+
for (size_t i = 0; i < log_msgs.len; i++) {
|
4759
|
+
TEST_STDERR_PRINTF("> %s\n", _mc_array_index(&log_msgs, char *, i));
|
4760
|
+
}
|
4761
|
+
abort();
|
4762
|
+
}
|
4763
|
+
|
4764
|
+
for (size_t i = 0; i < log_msgs.len; i++) {
|
4765
|
+
bson_free(_mc_array_index(&log_msgs, char *, i));
|
4766
|
+
}
|
4767
|
+
_mc_array_destroy(&log_msgs);
|
4768
|
+
mongocrypt_ctx_destroy(ctx);
|
4769
|
+
mongocrypt_destroy(crypt);
|
4770
|
+
}
|
4771
|
+
|
4772
|
+
static void _test_fle2_encrypted_field_config_with_bad_str_encode_version(_mongocrypt_tester_t *tester) {
|
4773
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4774
|
+
|
4775
|
+
ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
|
4776
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(
|
4777
|
+
crypt,
|
4778
|
+
TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-encrypted-field-config-map.json")),
|
4779
|
+
crypt);
|
4780
|
+
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
4781
|
+
|
4782
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4783
|
+
ASSERT_FAILS(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-insert-v2/cmd.json")),
|
4784
|
+
ctx,
|
4785
|
+
"'strEncodeVersion' of 99 is not supported");
|
4786
|
+
|
4787
|
+
mongocrypt_ctx_destroy(ctx);
|
4788
|
+
mongocrypt_destroy(crypt);
|
4789
|
+
}
|
4790
|
+
|
4791
|
+
static void _test_fle2_encrypted_fields_with_unmatching_str_encode_version(_mongocrypt_tester_t *tester) {
|
4792
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4793
|
+
|
4794
|
+
ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
|
4795
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
|
4796
|
+
TEST_FILE("./test/data/fle2-create-encrypted-collection/"
|
4797
|
+
"encrypted-field-config-map.json")),
|
4798
|
+
crypt);
|
4799
|
+
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
4800
|
+
|
4801
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4802
|
+
|
4803
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(
|
4804
|
+
ctx,
|
4805
|
+
"db",
|
4806
|
+
-1,
|
4807
|
+
TEST_FILE("./test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json")),
|
4808
|
+
ctx);
|
4809
|
+
|
4810
|
+
expect_and_reply_to_ismaster(ctx);
|
4811
|
+
|
4812
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4813
|
+
{
|
4814
|
+
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4815
|
+
|
4816
|
+
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4817
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(
|
4818
|
+
TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json"),
|
4819
|
+
cmd_to_mongocryptd);
|
4820
|
+
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4821
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(
|
4822
|
+
ctx,
|
4823
|
+
TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json")),
|
4824
|
+
ctx);
|
4825
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4826
|
+
}
|
4827
|
+
|
4828
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
4829
|
+
{
|
4830
|
+
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
4831
|
+
ASSERT_FAILS(mongocrypt_ctx_finalize(ctx, out),
|
4832
|
+
ctx,
|
4833
|
+
"'strEncodeVersion' of 1 does not match efc->str_encode_version of 0");
|
4834
|
+
mongocrypt_binary_destroy(out);
|
4835
|
+
}
|
4836
|
+
|
4837
|
+
mongocrypt_ctx_destroy(ctx);
|
4838
|
+
mongocrypt_destroy(crypt);
|
4839
|
+
}
|
4840
|
+
|
4841
|
+
static void _test_fle2_collinfo_with_bad_str_encode_version(_mongocrypt_tester_t *tester) {
|
4842
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4843
|
+
ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
|
4844
|
+
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
4845
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4846
|
+
|
4847
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-insert-v2/cmd.json")), ctx);
|
4848
|
+
|
4849
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4850
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-collinfo.json")),
|
4851
|
+
ctx,
|
4852
|
+
"'strEncodeVersion' of 99 is not supported");
|
4853
|
+
|
4854
|
+
mongocrypt_ctx_destroy(ctx);
|
4855
|
+
mongocrypt_destroy(crypt);
|
4856
|
+
}
|
4857
|
+
|
4858
|
+
static void _test_lookup(_mongocrypt_tester_t *tester) {
|
4859
|
+
// Test $lookup works.
|
4860
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
4861
|
+
{
|
4862
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4863
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4864
|
+
|
4865
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4866
|
+
|
4867
|
+
expect_and_reply_to_ismaster(ctx);
|
4868
|
+
|
4869
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4870
|
+
{
|
4871
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
4872
|
+
// Feed both needed schemas.
|
4873
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
4874
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
4875
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4876
|
+
}
|
4877
|
+
|
4878
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4879
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
4880
|
+
|
4881
|
+
mongocrypt_ctx_destroy(ctx);
|
4882
|
+
mongocrypt_destroy(crypt);
|
4883
|
+
}
|
4884
|
+
#undef TF
|
4885
|
+
|
4886
|
+
// Test $lookup errors if multiple-collection support is not opted-in.
|
4887
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
4888
|
+
{
|
4889
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4890
|
+
crypt->multiple_collinfo_enabled = false;
|
4891
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4892
|
+
ASSERT_FAILS(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")),
|
4893
|
+
ctx,
|
4894
|
+
"not configured to support encrypting a command with multiple collections");
|
4895
|
+
mongocrypt_ctx_destroy(ctx);
|
4896
|
+
mongocrypt_destroy(crypt);
|
4897
|
+
}
|
4898
|
+
#undef TF
|
4899
|
+
|
4900
|
+
// Test $lookup errors if mongocryptd is too old.
|
4901
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
4902
|
+
{
|
4903
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4904
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4905
|
+
|
4906
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4907
|
+
|
4908
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4909
|
+
{
|
4910
|
+
expect_mongo_op(ctx, TEST_BSON("{'isMaster': 1}"));
|
4911
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/mongocryptd-ismaster-17.json")), ctx);
|
4912
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_done(ctx), ctx, "Upgrade mongocryptd");
|
4913
|
+
}
|
4914
|
+
|
4915
|
+
mongocrypt_ctx_destroy(ctx);
|
4916
|
+
mongocrypt_destroy(crypt);
|
4917
|
+
}
|
4918
|
+
#undef TF
|
4919
|
+
|
4920
|
+
// Test nested $lookup.
|
4921
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-nested/" suffix)
|
4922
|
+
{
|
4923
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4924
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4925
|
+
|
4926
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4927
|
+
|
4928
|
+
expect_and_reply_to_ismaster(ctx);
|
4929
|
+
|
4930
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4931
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2", "c3" ]}})));
|
4932
|
+
|
4933
|
+
mongocrypt_ctx_destroy(ctx);
|
4934
|
+
mongocrypt_destroy(crypt);
|
4935
|
+
}
|
4936
|
+
#undef TF
|
4937
|
+
|
4938
|
+
// Test $lookup within $unionWith.
|
4939
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-unionWith/" suffix)
|
4940
|
+
{
|
4941
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4942
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4943
|
+
|
4944
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4945
|
+
|
4946
|
+
expect_and_reply_to_ismaster(ctx);
|
4947
|
+
|
4948
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4949
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2", "c3" ]}})));
|
4950
|
+
|
4951
|
+
mongocrypt_ctx_destroy(ctx);
|
4952
|
+
mongocrypt_destroy(crypt);
|
4953
|
+
}
|
4954
|
+
#undef TF
|
4955
|
+
|
4956
|
+
// Test $lookup within $facet.
|
4957
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-facet/" suffix)
|
4958
|
+
{
|
4959
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4960
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4961
|
+
|
4962
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4963
|
+
|
4964
|
+
expect_and_reply_to_ismaster(ctx);
|
4965
|
+
|
4966
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4967
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
4968
|
+
|
4969
|
+
mongocrypt_ctx_destroy(ctx);
|
4970
|
+
mongocrypt_destroy(crypt);
|
4971
|
+
}
|
4972
|
+
#undef TF
|
4973
|
+
|
4974
|
+
// Test $lookup when one schema is in the schemaMap.
|
4975
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-schemaMap/" suffix)
|
4976
|
+
{
|
4977
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_SKIP_INIT);
|
4978
|
+
ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TF("schemaMap.json")), crypt);
|
4979
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
4980
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4981
|
+
|
4982
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4983
|
+
|
4984
|
+
expect_and_reply_to_ismaster(ctx);
|
4985
|
+
|
4986
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4987
|
+
{
|
4988
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
4989
|
+
// Feed remote schema for "c1". "c2" is found in the schemaMap.
|
4990
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
4991
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4992
|
+
}
|
4993
|
+
|
4994
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4995
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
4996
|
+
|
4997
|
+
mongocrypt_ctx_destroy(ctx);
|
4998
|
+
mongocrypt_destroy(crypt);
|
4999
|
+
}
|
5000
|
+
#undef TF
|
5001
|
+
|
5002
|
+
// Test $lookup with a self-lookup.
|
5003
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-self/" suffix)
|
5004
|
+
{
|
5005
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5006
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5007
|
+
|
5008
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5009
|
+
|
5010
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5011
|
+
{
|
5012
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5013
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5014
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5015
|
+
}
|
5016
|
+
|
5017
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5018
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5019
|
+
|
5020
|
+
mongocrypt_ctx_destroy(ctx);
|
5021
|
+
mongocrypt_destroy(crypt);
|
5022
|
+
}
|
5023
|
+
#undef TF
|
5024
|
+
|
5025
|
+
// Test $lookup when one schema is already cached.
|
5026
|
+
{
|
5027
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5028
|
+
|
5029
|
+
// Do a self-lookup to add only "c1" to the cache.
|
5030
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-self/" suffix)
|
5031
|
+
{
|
5032
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5033
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5034
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5035
|
+
{
|
5036
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5037
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5038
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5039
|
+
}
|
5040
|
+
mongocrypt_ctx_destroy(ctx);
|
5041
|
+
}
|
5042
|
+
#undef TF
|
5043
|
+
|
5044
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
5045
|
+
// Expect "c1" schema is not requested again.
|
5046
|
+
{
|
5047
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5048
|
+
|
5049
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5050
|
+
expect_and_reply_to_ismaster(ctx);
|
5051
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5052
|
+
{
|
5053
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c2"})));
|
5054
|
+
// Feed remaining needed schema.
|
5055
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5056
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5057
|
+
}
|
5058
|
+
|
5059
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5060
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5061
|
+
|
5062
|
+
mongocrypt_ctx_destroy(ctx);
|
5063
|
+
}
|
5064
|
+
mongocrypt_destroy(crypt);
|
5065
|
+
}
|
5066
|
+
|
5067
|
+
#undef TF
|
5068
|
+
|
5069
|
+
// Test $lookup caches no collinfo results as empty schemas.
|
5070
|
+
{
|
5071
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5072
|
+
|
5073
|
+
// Do a self-lookup to add only "c1" to the cache.
|
5074
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
5075
|
+
{
|
5076
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5077
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5078
|
+
expect_and_reply_to_ismaster(ctx);
|
5079
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5080
|
+
// Feed no collinfo results. Expect "c1" and "c2" to be cached as empty schemas.
|
5081
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5082
|
+
mongocrypt_ctx_destroy(ctx);
|
5083
|
+
}
|
5084
|
+
#undef TF
|
5085
|
+
|
5086
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
5087
|
+
// Expect "c1" schema is not requested again.
|
5088
|
+
{
|
5089
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5090
|
+
|
5091
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5092
|
+
expect_and_reply_to_ismaster(ctx);
|
5093
|
+
// Expect no more schemas are needed (both empty).
|
5094
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5095
|
+
mongocrypt_ctx_destroy(ctx);
|
5096
|
+
}
|
5097
|
+
mongocrypt_destroy(crypt);
|
5098
|
+
}
|
5099
|
+
#undef TF
|
5100
|
+
// Test $lookup from a view.
|
5101
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-view/" suffix)
|
5102
|
+
{
|
5103
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5104
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5105
|
+
|
5106
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5107
|
+
expect_and_reply_to_ismaster(ctx);
|
5108
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5109
|
+
{
|
5110
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "v1" ]}})));
|
5111
|
+
|
5112
|
+
// Feed both needed schemas.
|
5113
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5114
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-v1.json")), ctx, "cannot auto encrypt a view");
|
5115
|
+
}
|
5116
|
+
|
5117
|
+
mongocrypt_ctx_destroy(ctx);
|
5118
|
+
mongocrypt_destroy(crypt);
|
5119
|
+
}
|
5120
|
+
#undef TF
|
5121
|
+
// Test $lookup with feeding the same schema twice.
|
5122
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
5123
|
+
{
|
5124
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5125
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5126
|
+
|
5127
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5128
|
+
expect_and_reply_to_ismaster(ctx);
|
5129
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5130
|
+
{
|
5131
|
+
// Feed schema for "c2" twice.
|
5132
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5133
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5134
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx, "unexpected duplicate");
|
5135
|
+
}
|
5136
|
+
|
5137
|
+
mongocrypt_ctx_destroy(ctx);
|
5138
|
+
mongocrypt_destroy(crypt);
|
5139
|
+
}
|
5140
|
+
#undef TF
|
5141
|
+
|
5142
|
+
// Test $lookup with with feeding a non-matching schema.
|
5143
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-mismatch/" suffix)
|
5144
|
+
{
|
5145
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5146
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5147
|
+
|
5148
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5149
|
+
expect_and_reply_to_ismaster(ctx);
|
5150
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5151
|
+
{
|
5152
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5153
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c3.json")), ctx, "got unexpected collinfo");
|
5154
|
+
}
|
5155
|
+
|
5156
|
+
mongocrypt_ctx_destroy(ctx);
|
5157
|
+
mongocrypt_destroy(crypt);
|
5158
|
+
}
|
5159
|
+
#undef TF
|
5160
|
+
|
5161
|
+
// Test $lookup with only local schemas.
|
5162
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-only-schemaMap/" suffix)
|
5163
|
+
{
|
5164
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_SKIP_INIT);
|
5165
|
+
ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TF("schemaMap.json")), crypt);
|
5166
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
5167
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5168
|
+
|
5169
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5170
|
+
expect_and_reply_to_ismaster(ctx);
|
5171
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5172
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5173
|
+
|
5174
|
+
mongocrypt_ctx_destroy(ctx);
|
5175
|
+
mongocrypt_destroy(crypt);
|
5176
|
+
}
|
5177
|
+
#undef TF
|
5178
|
+
|
5179
|
+
// Test $lookup from a collection that has no $jsonSchema configured.
|
5180
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-sibling/" suffix)
|
5181
|
+
{
|
5182
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5183
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5184
|
+
|
5185
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5186
|
+
expect_and_reply_to_ismaster(ctx);
|
5187
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5188
|
+
{
|
5189
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5190
|
+
// Feed both needed schemas.
|
5191
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5192
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5193
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5194
|
+
}
|
5195
|
+
|
5196
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5197
|
+
{
|
5198
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5199
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("reply-from-mongocryptd.json")), ctx);
|
5200
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5201
|
+
}
|
5202
|
+
|
5203
|
+
mongocrypt_ctx_destroy(ctx);
|
5204
|
+
mongocrypt_destroy(crypt);
|
5205
|
+
}
|
5206
|
+
#undef TF
|
5207
|
+
|
5208
|
+
// Test $lookup with QE.
|
5209
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe/" suffix)
|
5210
|
+
{
|
5211
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5212
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5213
|
+
|
5214
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5215
|
+
expect_and_reply_to_ismaster(ctx);
|
5216
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5217
|
+
{
|
5218
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5219
|
+
// Feed both needed schemas.
|
5220
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5221
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5222
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5223
|
+
}
|
5224
|
+
|
5225
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5226
|
+
{
|
5227
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5228
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5229
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5230
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5231
|
+
}
|
5232
|
+
|
5233
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5234
|
+
{
|
5235
|
+
// Expect no `encryptionInformation` since no encryption payloads.
|
5236
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5237
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5238
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5239
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5240
|
+
mongocrypt_binary_destroy(got);
|
5241
|
+
}
|
5242
|
+
|
5243
|
+
mongocrypt_ctx_destroy(ctx);
|
5244
|
+
mongocrypt_destroy(crypt);
|
5245
|
+
}
|
5246
|
+
#undef TF
|
5247
|
+
|
5248
|
+
// Test $lookup with QE with an encrypted payload.
|
5249
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-with-payload/" suffix)
|
5250
|
+
{
|
5251
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5252
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5253
|
+
|
5254
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5255
|
+
expect_and_reply_to_ismaster(ctx);
|
5256
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5257
|
+
{
|
5258
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5259
|
+
// Feed both needed schemas.
|
5260
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5261
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5262
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5263
|
+
}
|
5264
|
+
|
5265
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5266
|
+
{
|
5267
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5268
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5269
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5270
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5271
|
+
}
|
5272
|
+
|
5273
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5274
|
+
{
|
5275
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5276
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5277
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5278
|
+
}
|
5279
|
+
|
5280
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5281
|
+
{
|
5282
|
+
// Expect `encryptionInformation` since command has encryption payloads.
|
5283
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5284
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5285
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5286
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5287
|
+
mongocrypt_binary_destroy(got);
|
5288
|
+
}
|
5289
|
+
|
5290
|
+
mongocrypt_ctx_destroy(ctx);
|
5291
|
+
mongocrypt_destroy(crypt);
|
5292
|
+
}
|
5293
|
+
#undef TF
|
5294
|
+
|
5295
|
+
// Test $lookup with QE from encryptedFieldsMap.
|
5296
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-encryptedFieldsMap/" suffix)
|
5297
|
+
{
|
5298
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_SKIP_INIT);
|
5299
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TF("encryptedFieldsMap.json")), crypt);
|
5300
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
5301
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5302
|
+
|
5303
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5304
|
+
expect_and_reply_to_ismaster(ctx);
|
5305
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5306
|
+
{
|
5307
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5308
|
+
// Only feed collinfo for c1. c2 is included in encryptedFieldsMap.
|
5309
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5310
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5311
|
+
}
|
5312
|
+
|
5313
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5314
|
+
{
|
5315
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5316
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5317
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5318
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5319
|
+
}
|
5320
|
+
|
5321
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5322
|
+
{
|
5323
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5324
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5325
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5326
|
+
}
|
5327
|
+
|
5328
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5329
|
+
{
|
5330
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5331
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5332
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5333
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5334
|
+
mongocrypt_binary_destroy(got);
|
5335
|
+
}
|
5336
|
+
|
5337
|
+
mongocrypt_ctx_destroy(ctx);
|
5338
|
+
mongocrypt_destroy(crypt);
|
5339
|
+
}
|
5340
|
+
#undef TF
|
5341
|
+
|
5342
|
+
// Test $lookup with QE with self-lookup.
|
5343
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-self/" suffix)
|
5344
|
+
{
|
5345
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5346
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5347
|
+
|
5348
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5349
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5350
|
+
{
|
5351
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5352
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5353
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5354
|
+
}
|
5355
|
+
|
5356
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5357
|
+
{
|
5358
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5359
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5360
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5361
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5362
|
+
}
|
5363
|
+
|
5364
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5365
|
+
{
|
5366
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5367
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5368
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5369
|
+
}
|
5370
|
+
|
5371
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5372
|
+
{
|
5373
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5374
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5375
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5376
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5377
|
+
mongocrypt_binary_destroy(got);
|
5378
|
+
}
|
5379
|
+
|
5380
|
+
mongocrypt_ctx_destroy(ctx);
|
5381
|
+
mongocrypt_destroy(crypt);
|
5382
|
+
}
|
5383
|
+
#undef TF
|
5384
|
+
|
5385
|
+
// Test $lookup with QE from from cache.
|
5386
|
+
{
|
5387
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5388
|
+
|
5389
|
+
// Do a self-lookup to add only "c1" to the cache.
|
5390
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-self/" suffix)
|
5391
|
+
{
|
5392
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5393
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5394
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5395
|
+
{
|
5396
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5397
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5398
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5399
|
+
}
|
5400
|
+
mongocrypt_ctx_destroy(ctx);
|
5401
|
+
}
|
5402
|
+
#undef TF
|
5403
|
+
|
5404
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-with-payload/" suffix)
|
5405
|
+
// Expect "c1" schema is not requested again.
|
5406
|
+
{
|
5407
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5408
|
+
|
5409
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5410
|
+
expect_and_reply_to_ismaster(ctx);
|
5411
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5412
|
+
{
|
5413
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c2"})));
|
5414
|
+
// Feed remaining needed schema.
|
5415
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5416
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5417
|
+
}
|
5418
|
+
|
5419
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5420
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5421
|
+
|
5422
|
+
mongocrypt_ctx_destroy(ctx);
|
5423
|
+
}
|
5424
|
+
mongocrypt_destroy(crypt);
|
5425
|
+
}
|
5426
|
+
|
5427
|
+
#undef TF
|
5428
|
+
|
5429
|
+
// Test $lookup with mixed: QE + CSFLE
|
5430
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/qe/csfle/" suffix)
|
5431
|
+
{
|
5432
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5433
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5434
|
+
|
5435
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5436
|
+
expect_and_reply_to_ismaster(ctx);
|
5437
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5438
|
+
{
|
5439
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5440
|
+
|
5441
|
+
// Feed both needed schemas.
|
5442
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5443
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5444
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5445
|
+
}
|
5446
|
+
|
5447
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5448
|
+
{
|
5449
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5450
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_op(ctx, got), ctx, "currently not supported");
|
5451
|
+
mongocrypt_binary_destroy(got);
|
5452
|
+
}
|
5453
|
+
|
5454
|
+
mongocrypt_ctx_destroy(ctx);
|
5455
|
+
mongocrypt_destroy(crypt);
|
5456
|
+
}
|
5457
|
+
#undef TF
|
5458
|
+
|
5459
|
+
// Test $lookup with mixed: QE + no-schema
|
5460
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/qe/no-schema/" suffix)
|
5461
|
+
{
|
5462
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5463
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5464
|
+
|
5465
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5466
|
+
expect_and_reply_to_ismaster(ctx);
|
5467
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5468
|
+
{
|
5469
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5470
|
+
// Feed both needed schemas.
|
5471
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5472
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5473
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5474
|
+
}
|
5475
|
+
|
5476
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5477
|
+
{
|
5478
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5479
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5480
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5481
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5482
|
+
}
|
5483
|
+
|
5484
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5485
|
+
{
|
5486
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5487
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5488
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5489
|
+
}
|
5490
|
+
|
5491
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5492
|
+
{
|
5493
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5494
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5495
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5496
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5497
|
+
mongocrypt_binary_destroy(got);
|
5498
|
+
}
|
5499
|
+
|
5500
|
+
mongocrypt_ctx_destroy(ctx);
|
5501
|
+
mongocrypt_destroy(crypt);
|
5502
|
+
}
|
5503
|
+
#undef TF
|
5504
|
+
|
5505
|
+
// Test $lookup with mixed: QE + QE
|
5506
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/qe/qe/" suffix)
|
5507
|
+
{
|
5508
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5509
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5510
|
+
|
5511
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5512
|
+
expect_and_reply_to_ismaster(ctx);
|
5513
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5514
|
+
{
|
5515
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5516
|
+
// Feed both needed schemas.
|
5517
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5518
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5519
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5520
|
+
}
|
5521
|
+
|
5522
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5523
|
+
{
|
5524
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5525
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5526
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5527
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5528
|
+
}
|
5529
|
+
|
5530
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5531
|
+
{
|
5532
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5533
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5534
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5535
|
+
}
|
5536
|
+
|
5537
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5538
|
+
{
|
5539
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5540
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5541
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5542
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5543
|
+
mongocrypt_binary_destroy(got);
|
5544
|
+
}
|
5545
|
+
|
5546
|
+
mongocrypt_ctx_destroy(ctx);
|
5547
|
+
mongocrypt_destroy(crypt);
|
5548
|
+
}
|
5549
|
+
#undef TF
|
5550
|
+
|
5551
|
+
// Test $lookup with mixed: CSFLE + CSFLE.
|
5552
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/csfle/csfle/" suffix)
|
5553
|
+
{
|
5554
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5555
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5556
|
+
|
5557
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5558
|
+
expect_and_reply_to_ismaster(ctx);
|
5559
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5560
|
+
{
|
5561
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5562
|
+
// Feed both needed schemas.
|
5563
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5564
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5565
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5566
|
+
}
|
5567
|
+
|
5568
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5569
|
+
{
|
5570
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5571
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5572
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5573
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5574
|
+
}
|
5575
|
+
|
5576
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5577
|
+
{
|
5578
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5579
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5580
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5581
|
+
}
|
5582
|
+
|
5583
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5584
|
+
{
|
5585
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5586
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5587
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5588
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5589
|
+
mongocrypt_binary_destroy(got);
|
5590
|
+
}
|
5591
|
+
|
5592
|
+
mongocrypt_ctx_destroy(ctx);
|
5593
|
+
mongocrypt_destroy(crypt);
|
5594
|
+
}
|
5595
|
+
#undef TF
|
5596
|
+
|
5597
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/csfle/qe/" suffix)
|
5598
|
+
{
|
5599
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5600
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5601
|
+
|
5602
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5603
|
+
expect_and_reply_to_ismaster(ctx);
|
5604
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5605
|
+
{
|
5606
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5607
|
+
// Feed both needed schemas.
|
5608
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5609
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5610
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5611
|
+
}
|
5612
|
+
|
5613
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5614
|
+
{
|
5615
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5616
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_op(ctx, got), ctx, "This is currently not supported");
|
5617
|
+
mongocrypt_binary_destroy(got);
|
5618
|
+
}
|
5619
|
+
|
5620
|
+
mongocrypt_ctx_destroy(ctx);
|
5621
|
+
mongocrypt_destroy(crypt);
|
5622
|
+
}
|
5623
|
+
#undef TF
|
5624
|
+
|
5625
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/csfle/no-schema/" suffix)
|
5626
|
+
{
|
5627
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5628
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5629
|
+
|
5630
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5631
|
+
expect_and_reply_to_ismaster(ctx);
|
5632
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5633
|
+
{
|
5634
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5635
|
+
// Feed both needed schemas.
|
5636
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5637
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5638
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5639
|
+
}
|
5640
|
+
|
5641
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5642
|
+
{
|
5643
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5644
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5645
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5646
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5647
|
+
}
|
5648
|
+
|
5649
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5650
|
+
{
|
5651
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5652
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5653
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5654
|
+
}
|
5655
|
+
|
5656
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5657
|
+
{
|
5658
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5659
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5660
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5661
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5662
|
+
mongocrypt_binary_destroy(got);
|
5663
|
+
}
|
5664
|
+
|
5665
|
+
mongocrypt_ctx_destroy(ctx);
|
5666
|
+
mongocrypt_destroy(crypt);
|
5667
|
+
}
|
5668
|
+
#undef TF
|
5669
|
+
|
5670
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/no-schema/csfle/" suffix)
|
5671
|
+
{
|
5672
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5673
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5674
|
+
|
5675
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5676
|
+
expect_and_reply_to_ismaster(ctx);
|
5677
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5678
|
+
{
|
5679
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5680
|
+
// Feed both needed schemas.
|
5681
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5682
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5683
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5684
|
+
}
|
5685
|
+
|
5686
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5687
|
+
{
|
5688
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5689
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5690
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5691
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5692
|
+
}
|
5693
|
+
|
5694
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5695
|
+
{
|
5696
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5697
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5698
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5699
|
+
}
|
5700
|
+
|
5701
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5702
|
+
{
|
5703
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5704
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5705
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5706
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5707
|
+
mongocrypt_binary_destroy(got);
|
5708
|
+
}
|
5709
|
+
mongocrypt_ctx_destroy(ctx);
|
5710
|
+
mongocrypt_destroy(crypt);
|
5711
|
+
}
|
5712
|
+
#undef TF
|
5713
|
+
|
5714
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/no-schema/no-schema/" suffix)
|
5715
|
+
{
|
5716
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5717
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5718
|
+
|
5719
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5720
|
+
expect_and_reply_to_ismaster(ctx);
|
5721
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5722
|
+
{
|
5723
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5724
|
+
// Feed both needed schemas.
|
5725
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5726
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5727
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5728
|
+
}
|
5729
|
+
|
5730
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5731
|
+
{
|
5732
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5733
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5734
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5735
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5736
|
+
}
|
5737
|
+
|
5738
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5739
|
+
{
|
5740
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5741
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5742
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5743
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5744
|
+
mongocrypt_binary_destroy(got);
|
5745
|
+
}
|
5746
|
+
mongocrypt_ctx_destroy(ctx);
|
5747
|
+
mongocrypt_destroy(crypt);
|
5748
|
+
}
|
5749
|
+
#undef TF
|
5750
|
+
|
5751
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/no-schema/qe/" suffix)
|
5752
|
+
{
|
5753
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5754
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5755
|
+
|
5756
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5757
|
+
expect_and_reply_to_ismaster(ctx);
|
5758
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5759
|
+
{
|
5760
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5761
|
+
// Feed both needed schemas.
|
5762
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5763
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5764
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5765
|
+
}
|
5766
|
+
|
5767
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5768
|
+
{
|
5769
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5770
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5771
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5772
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5773
|
+
}
|
5774
|
+
|
5775
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5776
|
+
{
|
5777
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5778
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5779
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5780
|
+
}
|
5781
|
+
|
5782
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5783
|
+
{
|
5784
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5785
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5786
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5787
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5788
|
+
mongocrypt_binary_destroy(got);
|
5789
|
+
}
|
5790
|
+
mongocrypt_ctx_destroy(ctx);
|
5791
|
+
mongocrypt_destroy(crypt);
|
5792
|
+
}
|
5793
|
+
#undef TF
|
5794
|
+
}
|
5795
|
+
|
5479
5796
|
void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
5480
5797
|
INSTALL_TEST(_test_explicit_encrypt_init);
|
5481
5798
|
INSTALL_TEST(_test_encrypt_init);
|
@@ -5489,12 +5806,12 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
|
5489
5806
|
INSTALL_TEST(_test_local_schema);
|
5490
5807
|
INSTALL_TEST(_test_encrypt_caches_collinfo);
|
5491
5808
|
INSTALL_TEST(_test_encrypt_caches_keys);
|
5809
|
+
INSTALL_TEST(_test_encrypt_cache_expiration);
|
5492
5810
|
INSTALL_TEST(_test_encrypt_caches_keys_by_alt_name);
|
5493
5811
|
INSTALL_TEST(_test_encrypt_random);
|
5494
5812
|
INSTALL_TEST(_test_encrypt_is_remote_schema);
|
5495
5813
|
INSTALL_TEST(_test_encrypt_init_each_cmd);
|
5496
5814
|
INSTALL_TEST(_test_encrypt_invalid_siblings);
|
5497
|
-
INSTALL_TEST(_test_encrypt_dupe_jsonschema);
|
5498
5815
|
INSTALL_TEST(_test_encrypting_with_explicit_encryption);
|
5499
5816
|
INSTALL_TEST(_test_explicit_encryption);
|
5500
5817
|
INSTALL_TEST(_test_encrypt_empty_aws);
|
@@ -5510,8 +5827,8 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
|
5510
5827
|
INSTALL_TEST(_test_encrypt_no_schema);
|
5511
5828
|
INSTALL_TEST(_test_encrypt_remote_encryptedfields);
|
5512
5829
|
INSTALL_TEST(_test_encrypt_with_bypassqueryanalysis);
|
5513
|
-
INSTALL_TEST(_test_FLE2EncryptionPlaceholder_parse);
|
5514
5830
|
INSTALL_TEST(_test_encrypt_fle2_insert_payload);
|
5831
|
+
INSTALL_TEST(_test_encrypt_fle2_insert_payload_with_str_encode_version);
|
5515
5832
|
INSTALL_TEST(_test_encrypt_fle2_find_payload);
|
5516
5833
|
INSTALL_TEST(_test_encrypt_fle2_unindexed_encrypted_payload);
|
5517
5834
|
INSTALL_TEST(_test_encrypt_fle2_explicit);
|
@@ -5532,11 +5849,18 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
|
5532
5849
|
INSTALL_TEST(_test_fle1_create_old_mongocryptd);
|
5533
5850
|
INSTALL_TEST(_test_fle1_create_with_csfle);
|
5534
5851
|
INSTALL_TEST(_test_fle2_create);
|
5852
|
+
INSTALL_TEST(_test_fle2_create_with_encrypted_fields);
|
5853
|
+
INSTALL_TEST(_test_fle2_create_with_encrypted_fields_and_str_encode_version);
|
5854
|
+
INSTALL_TEST(_test_fle2_create_with_encrypted_fields_unset_str_encode_version);
|
5855
|
+
INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields);
|
5856
|
+
INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields_and_str_encode_version);
|
5857
|
+
INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields_unset_str_encode_version);
|
5858
|
+
INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields_unmatching_str_encode_version);
|
5859
|
+
INSTALL_TEST(_test_fle2_create_does_not_cache_empty_schema);
|
5535
5860
|
INSTALL_TEST(_test_fle2_create_bypass_query_analysis);
|
5536
5861
|
INSTALL_TEST(_test_encrypt_macos_no_ctr);
|
5537
5862
|
INSTALL_TEST(_test_fle1_collmod_with_jsonSchema);
|
5538
5863
|
INSTALL_TEST(_test_fle1_collmod_without_jsonSchema);
|
5539
|
-
INSTALL_TEST(_test_FLE2EncryptionPlaceholder_range_parse);
|
5540
5864
|
INSTALL_TEST(_test_encrypt_fle2_insert_range_payload_int32);
|
5541
5865
|
INSTALL_TEST(_test_encrypt_fle2_insert_range_payload_int64);
|
5542
5866
|
INSTALL_TEST(_test_encrypt_fle2_insert_range_payload_date);
|
@@ -5555,8 +5879,16 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
|
5555
5879
|
INSTALL_TEST(_test_encrypt_fle2_find_range_payload_decimal128);
|
5556
5880
|
INSTALL_TEST(_test_encrypt_fle2_find_range_payload_decimal128_precision);
|
5557
5881
|
#endif
|
5882
|
+
INSTALL_TEST(_test_encrypt_fle2_insert_text_search_payload);
|
5883
|
+
INSTALL_TEST(_test_encrypt_fle2_insert_text_search_payload_with_str_encode_version);
|
5558
5884
|
INSTALL_TEST(_test_bulkWrite);
|
5559
5885
|
INSTALL_TEST(_test_rangePreview_fails);
|
5560
5886
|
INSTALL_TEST(_test_no_trimFactor);
|
5561
5887
|
INSTALL_TEST(_test_range_sends_cryptoParams);
|
5888
|
+
INSTALL_TEST(_test_encrypt_retry);
|
5889
|
+
INSTALL_TEST(_test_does_not_warn_for_empty_local_schema);
|
5890
|
+
INSTALL_TEST(_test_fle2_encrypted_field_config_with_bad_str_encode_version);
|
5891
|
+
INSTALL_TEST(_test_fle2_encrypted_fields_with_unmatching_str_encode_version);
|
5892
|
+
INSTALL_TEST(_test_fle2_collinfo_with_bad_str_encode_version);
|
5893
|
+
INSTALL_TEST(_test_lookup);
|
5562
5894
|
}
|