libmongocrypt-helper 1.11.0.0.1001 → 1.13.2.0.1001

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (598) hide show
  1. checksums.yaml +4 -4
  2. data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +27 -1
  3. data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +13 -2
  4. data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -7
  5. data/ext/libmongocrypt/libmongocrypt/CONTRIBUTING.md +14 -0
  6. data/ext/libmongocrypt/libmongocrypt/Earthfile +49 -50
  7. data/ext/libmongocrypt/libmongocrypt/README.md +39 -23
  8. data/ext/libmongocrypt/libmongocrypt/bindings/cs/README.md +4 -67
  9. data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +14 -1
  10. data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +1 -1
  11. data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -1
  12. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/state_machine.py +1 -1
  13. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +39 -7
  14. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +32 -0
  15. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
  16. data/ext/libmongocrypt/libmongocrypt/bindings/python/pyproject.toml +1 -0
  17. data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +1 -1
  18. data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +10 -9
  19. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-field-config-map.json +0 -1
  20. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +0 -2
  21. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +13 -12
  22. data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +4 -2
  23. data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +1 -1
  24. data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +37 -40
  25. data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +10 -9
  26. data/ext/libmongocrypt/libmongocrypt/etc/format.sh +0 -2
  27. data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-in-functions.patch +158 -0
  28. data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +3 -3
  29. data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +1 -1
  30. data/ext/libmongocrypt/libmongocrypt/integrating.md +51 -13
  31. data/ext/libmongocrypt/libmongocrypt/kms-message/README.md +1 -1
  32. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_windows.c +2 -2
  33. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_response_parser.h +3 -0
  34. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message.c +1 -1
  35. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +2 -2
  36. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +3 -3
  37. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_response_parser.c +8 -0
  38. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +5 -5
  39. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +25 -8
  40. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +2 -2
  41. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +3 -3
  42. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +12 -10
  43. data/ext/libmongocrypt/libmongocrypt/src/mc-cmp-private.h +137 -0
  44. data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +5 -0
  45. data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +35 -1
  46. data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +5 -2
  47. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +99 -0
  48. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +226 -2
  49. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +0 -1
  50. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +0 -1
  51. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private-v2.h +5 -0
  52. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +39 -0
  53. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +165 -1
  54. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +0 -1
  55. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private-v2.h +183 -60
  56. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +498 -115
  57. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds-private.h +10 -0
  58. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block-private.h +49 -0
  59. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +98 -0
  60. data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +3 -2
  61. data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +2 -1
  62. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +2 -2
  63. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +1 -0
  64. data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +6 -1
  65. data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +2 -1
  66. data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +126 -0
  67. data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +1075 -0
  68. data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +95 -0
  69. data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +304 -0
  70. data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +45 -0
  71. data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +248 -0
  72. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +112 -2
  73. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +166 -2
  74. data/ext/libmongocrypt/libmongocrypt/src/mlib/windows-lean.h +2 -0
  75. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +11 -0
  76. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +36 -3
  77. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c +1 -1
  78. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key.c +1 -1
  79. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-private.h +2 -2
  80. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache.c +1 -1
  81. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext.c +1 -1
  82. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +2 -1
  83. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +8 -4
  84. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +429 -858
  85. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +55 -19
  86. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +13 -10
  87. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +15 -0
  88. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-private.h +9 -0
  89. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key.c +6 -2
  90. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx-private.h +6 -0
  91. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +174 -0
  92. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-log.c +0 -1
  93. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +4 -0
  94. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +518 -524
  95. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -4
  96. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +1 -1
  97. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +8 -12
  98. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +1 -1
  99. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +3 -1
  100. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +25 -9
  101. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +65 -6
  102. data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +3 -1
  103. data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1434 -0
  104. data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +2884 -0
  105. data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +139 -0
  106. data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.h +58 -0
  107. data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +2 -2
  108. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +1 -0
  109. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +1 -0
  110. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +1 -0
  111. data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +1 -1
  112. data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +20 -21
  113. data/ext/libmongocrypt/libmongocrypt/test/data/compact/missing-key-id/collinfo.json +2 -2
  114. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/collinfo.json +1 -1
  115. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +1 -1
  116. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +1 -1
  117. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +0 -1
  118. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +20 -21
  119. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd-to-mongocryptd.json +1 -2
  120. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/collinfo.json +2 -2
  121. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/encrypted-payload.json +2 -3
  122. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/mongocryptd-reply.json +1 -2
  123. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd-to-mongocryptd.json +1 -2
  124. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/collinfo.json +2 -2
  125. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/encrypted-payload.json +2 -3
  126. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/mongocryptd-reply.json +1 -2
  127. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd-to-mongocryptd.json +1 -2
  128. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/collinfo.json +2 -2
  129. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/mongocryptd-reply.json +1 -2
  130. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/collinfo.json +2 -1
  131. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-extraField.json +0 -1
  132. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-missingKeyId.json +0 -1
  133. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-badVersionSet.json +23 -0
  134. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-goodVersionSet.json +23 -0
  135. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField.json +0 -1
  136. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-badVersionSet.json +48 -0
  137. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-goodVersionSet.json +48 -0
  138. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields.json +47 -0
  139. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-twoFields.json +0 -1
  140. data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-field-config-map.json +1 -3
  141. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1DeterministicEncryptedValue.json +8 -0
  142. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1EncryptionPlaceholder.json +8 -0
  143. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1RandomEncryptedValue.json +8 -0
  144. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EncryptionPlaceholder.json +8 -0
  145. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +8 -0
  146. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2FindEqualityPayloadV2.json +8 -0
  147. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValue.json +8 -0
  148. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValueV2.json +8 -0
  149. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValue.json +8 -0
  150. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValueV2.json +8 -0
  151. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges-V2.json +8 -0
  152. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges.json +8 -0
  153. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/insert-indexed.json → explicit-decrypt/FLE2InsertUpdatePayload.json} +1 -1
  154. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2.json +8 -0
  155. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +8 -0
  156. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValue.json +8 -0
  157. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValueV2.json +8 -0
  158. data/ext/libmongocrypt/libmongocrypt/test/data/find-with-encryptionInformation.json +0 -1
  159. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/collinfo.json +2 -1
  160. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/collinfo.json +2 -1
  161. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-collinfo.json +26 -0
  162. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json +51 -0
  163. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json +45 -0
  164. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd.json +18 -0
  165. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/int32/encrypted-field-map.json → fle2-bad-str-encode-version/bad-encrypted-field-config-map.json} +7 -12
  166. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-bad-str-encode-version}/encrypted-payload.json +4 -4
  167. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd-to-mongocryptd.json +1 -2
  168. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-field-config-map.json +1 -2
  169. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd-to-mongocryptd.json +44 -0
  170. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd.json +17 -0
  171. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-equality/encrypted-field-map.json → fle2-create-encrypted-collection/encrypted-field-config-map.json} +9 -8
  172. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/encrypted-payload.json +17 -0
  173. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/mongocryptd-reply.json +50 -0
  174. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/cmd-to-mongocryptd.json +45 -0
  175. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/mongocryptd-reply.json +51 -0
  176. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +46 -0
  177. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json +18 -0
  178. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +25 -0
  179. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +18 -0
  180. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +52 -0
  181. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/collinfo.json +1 -1
  182. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-field-config-map.json +0 -1
  183. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload-v2.json +57 -59
  184. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/mongocryptd-reply.json +63 -64
  185. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/collinfo.json +1 -1
  186. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-field-config-map.json +0 -1
  187. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload-v2.json +64 -66
  188. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/mongocryptd-reply.json +69 -70
  189. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +1 -1
  190. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +1 -2
  191. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd-to-mongocryptd.json +1 -2
  192. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/collinfo.json +2 -2
  193. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/encrypted-payload.json +2 -3
  194. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/mongocryptd-reply.json +1 -2
  195. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongocryptd.json +0 -1
  196. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongod.json +0 -1
  197. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/reply-from-mongocryptd.json +0 -1
  198. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-field-map.json +0 -1
  199. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/cmd.json +9 -0
  200. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/double → fle2-insert-text-search}/encrypted-field-map.json +10 -9
  201. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/encrypted-payload.json +47 -0
  202. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/mongocryptd-reply.json +55 -0
  203. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/date → fle2-insert-text-search-with-str-encode-version}/encrypted-field-map.json +12 -10
  204. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/encrypted-payload.json +47 -0
  205. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/mongocryptd-reply.json +55 -0
  206. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/cmd.json +9 -0
  207. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/encrypted-field-map.json +2 -2
  208. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/encrypted-payload.json +40 -0
  209. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/mongocryptd-reply.json +2 -2
  210. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd-to-mongocryptd.json +55 -0
  211. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd.json +22 -0
  212. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-field-config-map.json +29 -0
  213. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-payload.json +23 -0
  214. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/mongocryptd-reply.json +61 -0
  215. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +56 -0
  216. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd.json +23 -0
  217. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +30 -0
  218. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +23 -0
  219. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +62 -0
  220. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneRangeV2.json +9 -1
  221. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneText.json +20 -0
  222. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneTextLarge.json +930 -0
  223. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneV2.json +1 -0
  224. data/ext/libmongocrypt/libmongocrypt/test/data/kms-tests.json +4 -4
  225. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd-to-mongocryptd.json +60 -0
  226. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd.json +14 -0
  227. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c1.json +39 -0
  228. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c2.json +39 -0
  229. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-facet/cmd.json +20 -0
  230. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/cmd.json +14 -0
  231. data/ext/libmongocrypt/libmongocrypt/{bindings/cs/MongoDB.Libmongocrypt.Test/test/example/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c1.json} +12 -10
  232. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c3.json} +13 -11
  233. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-nested/cmd.json +24 -0
  234. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd-to-mongocryptd.json +60 -0
  235. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd.json +14 -0
  236. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/schemaMap.json +40 -0
  237. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd-to-mongocryptd.json +60 -0
  238. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd.json +14 -0
  239. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/collInfo-c1.json +39 -0
  240. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/schemaMap.json +21 -0
  241. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd-to-mongocryptd.json +34 -0
  242. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd.json +14 -0
  243. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/collInfo-c1.json +39 -0
  244. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd-to-mongocryptd.json +49 -0
  245. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd.json +14 -0
  246. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c1.json +39 -0
  247. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c2.json +29 -0
  248. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/reply-from-mongocryptd.json +18 -0
  249. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-unionWith/cmd.json +21 -0
  250. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/cmd.json +14 -0
  251. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-c1.json +39 -0
  252. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-v1.json +11 -0
  253. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongocryptd.json +65 -0
  254. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongod.json +26 -0
  255. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd.json +19 -0
  256. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c1.json +39 -0
  257. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c2.json +39 -0
  258. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/keys/ABCDEFAB123498761234123456789012-local-document.json → test/data/lookup/mixed/csfle/csfle/key-doc.json} +4 -4
  259. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/reply-from-mongocryptd.json +33 -0
  260. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongocryptd.json +47 -0
  261. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongod.json +26 -0
  262. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd.json +19 -0
  263. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c1.json +39 -0
  264. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c2.json +17 -0
  265. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/key-doc.json +30 -0
  266. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/reply-from-mongocryptd.json +33 -0
  267. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd-to-mongocryptd.json +70 -0
  268. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd.json +19 -0
  269. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c1.json +39 -0
  270. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c2.json +42 -0
  271. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongocryptd.json +47 -0
  272. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongod.json +26 -0
  273. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd.json +19 -0
  274. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c1.json +17 -0
  275. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c2.json +39 -0
  276. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/key-doc.json +30 -0
  277. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/reply-from-mongocryptd.json +33 -0
  278. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongocryptd.json +29 -0
  279. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongod.json +19 -0
  280. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd.json +19 -0
  281. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c1.json +17 -0
  282. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c2.json +17 -0
  283. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/reply-from-mongocryptd.json +26 -0
  284. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongocryptd.json +53 -0
  285. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongod.json +58 -0
  286. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd.json +19 -0
  287. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c1.json +17 -0
  288. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c2.json +42 -0
  289. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/key-doc.json +30 -0
  290. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/reply-from-mongocryptd.json +65 -0
  291. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd-to-mongocryptd.json +70 -0
  292. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd.json +19 -0
  293. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c1.json +42 -0
  294. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c2.json +39 -0
  295. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongocryptd.json +53 -0
  296. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongod.json +56 -0
  297. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd.json +19 -0
  298. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c1.json +42 -0
  299. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c2.json +17 -0
  300. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/key-doc.json +30 -0
  301. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/reply-from-mongocryptd.json +63 -0
  302. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongocryptd.json +66 -0
  303. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongod.json +71 -0
  304. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd.json +19 -0
  305. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c1.json +42 -0
  306. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c2.json +42 -0
  307. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/key-doc.json +30 -0
  308. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/reply-from-mongocryptd.json +78 -0
  309. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongocryptd.json +61 -0
  310. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongod.json +14 -0
  311. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd.json +14 -0
  312. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c1.json +42 -0
  313. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c2.json +42 -0
  314. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/reply-from-mongocryptd.json +68 -0
  315. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongocryptd.json +66 -0
  316. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongod.json +71 -0
  317. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd.json +19 -0
  318. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/collInfo-c1.json +42 -0
  319. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert-unindexed/encrypted-field-map.json → lookup/qe-encryptedFieldsMap/encryptedFieldsMap.json} +6 -7
  320. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/key-doc.json +30 -0
  321. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/reply-from-mongocryptd.json +78 -0
  322. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongocryptd.json +46 -0
  323. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongod.json +53 -0
  324. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd.json +19 -0
  325. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/collInfo-c1.json +42 -0
  326. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/key-doc.json +30 -0
  327. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/reply-from-mongocryptd.json +58 -0
  328. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongocryptd.json +66 -0
  329. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongod.json +75 -0
  330. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd.json +19 -0
  331. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c1.json +42 -0
  332. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c2.json +42 -0
  333. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/key-doc.json +30 -0
  334. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/reply-from-mongocryptd.json +78 -0
  335. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-create/mongocryptd-ismaster.json → mongocryptd-ismaster-17.json} +1 -1
  336. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-ismaster-26.json +12 -0
  337. data/ext/libmongocrypt/libmongocrypt/test/data/multikey/command.json +7 -0
  338. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/key-document.json → test/data/multikey/key-document-a.json} +18 -19
  339. data/ext/libmongocrypt/libmongocrypt/test/data/multikey/key-document-b.json +37 -0
  340. data/ext/libmongocrypt/libmongocrypt/test/data/multikey/mongocryptd_reply.json +34 -0
  341. data/ext/libmongocrypt/libmongocrypt/test/data/multikey/schema_map.json +35 -0
  342. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/kms-reply.txt → test/data/rmd/kms-decrypt-reply-429.txt} +1 -1
  343. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields.json +42 -0
  344. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields2.json +42 -0
  345. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-jsonSchema.json +43 -0
  346. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-noSchema.json +21 -0
  347. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/create-with-jsonSchema.json +24 -0
  348. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields.json +20 -0
  349. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields2.json +20 -0
  350. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFieldsMap.json +42 -0
  351. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema.json +19 -0
  352. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema2.json +19 -0
  353. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/schemaMap.json +40 -0
  354. data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +28 -2
  355. data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +28 -2
  356. data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +1 -1
  357. data/ext/libmongocrypt/libmongocrypt/test/test-mc-cmp.c +304 -0
  358. data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +70 -0
  359. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +468 -0
  360. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +20 -1
  361. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev-v2.c +370 -22
  362. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +1 -1
  363. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +25 -1
  364. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +24 -1
  365. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +2 -2
  366. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +2 -2
  367. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-tag-and-encrypted-metadata-block.c +91 -0
  368. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -7
  369. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +32 -33
  370. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +68 -75
  371. data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +2 -2
  372. data/ext/libmongocrypt/libmongocrypt/test/test-mc-schema-broker.c +1124 -0
  373. data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +1207 -0
  374. data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +144 -37
  375. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +13 -14
  376. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.h +2 -2
  377. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +21 -4
  378. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +25 -0
  379. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +3 -20
  380. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +57 -46
  381. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +37 -7
  382. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +21 -0
  383. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +226 -146
  384. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +1529 -1197
  385. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +79 -0
  386. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +160 -0
  387. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +3 -3
  388. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +7 -7
  389. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +6 -5
  390. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +750 -110
  391. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +143 -33
  392. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +39 -4
  393. data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +97 -0
  394. data/lib/libmongocrypt_helper/version.rb +2 -2
  395. metadata +233 -225
  396. data/ext/libmongocrypt/libmongocrypt/bindings/cs/CMakeLists.txt +0 -17
  397. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Driver.snk +0 -0
  398. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/AssemblyInfo.cs +0 -4
  399. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Binary.cs +0 -145
  400. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/BinarySafeHandle.cs +0 -60
  401. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CheckableSafeHandle.cs +0 -46
  402. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CipherCallbacks.cs +0 -168
  403. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/ContextSafeHandle.cs +0 -48
  404. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClient.cs +0 -257
  405. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClientFactory.cs +0 -138
  406. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptContext.cs +0 -214
  407. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptException.cs +0 -37
  408. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptOptions.cs +0 -67
  409. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HashCallback.cs +0 -59
  410. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HmacShaCallbacks.cs +0 -96
  411. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/IStatus.cs +0 -26
  412. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsCredentials.cs +0 -53
  413. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsKeyId.cs +0 -91
  414. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequest.cs +0 -125
  415. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequestCollection.cs +0 -60
  416. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Library.cs +0 -684
  417. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoader.cs +0 -289
  418. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoadingException.cs +0 -34
  419. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/License.txt +0 -14
  420. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LogLevel.cs +0 -26
  421. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoCryptSafeHandle.cs +0 -48
  422. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.csproj +0 -107
  423. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.ruleset +0 -85
  424. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.targets +0 -21
  425. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/OperatingSystemHelper.cs +0 -59
  426. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Package.include.template.csproj +0 -38
  427. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/PinnedBinary.cs +0 -49
  428. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SecureRandomCallback.cs +0 -51
  429. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SigningRSAESPKCSCallback.cs +0 -74
  430. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Status.cs +0 -94
  431. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StatusSafeHandle.cs +0 -60
  432. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StyleCop.ruleset +0 -11
  433. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/stylecop.json +0 -8
  434. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/MongoDB.Libmongocrypt.Example.csproj +0 -23
  435. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Package.include.template.csproj +0 -11
  436. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Program.cs +0 -442
  437. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BasicTests.cs +0 -748
  438. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BsonUtil.cs +0 -82
  439. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CallbackUtils.cs +0 -37
  440. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CipherCallbacksTests.cs +0 -46
  441. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HashCallbackTests.cs +0 -37
  442. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HmacShaCallbacksTests.cs +0 -37
  443. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/MongoDB.Libmongocrypt.Test.csproj +0 -37
  444. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/Package.include.template.csproj +0 -23
  445. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/SigningRSAESPKCSCallbackTests.cs +0 -64
  446. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/command-reply.json +0 -13
  447. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command-reply.json +0 -16
  448. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command.json +0 -11
  449. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-value.json +0 -6
  450. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-document.json +0 -36
  451. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-filter.json +0 -19
  452. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/list-collections-filter.json +0 -3
  453. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/mongocryptd-command.json +0 -22
  454. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/xunit.runner.json +0 -6
  455. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/BasicTests.cs +0 -54
  456. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/MongoDB.Libmongocrypt.Test32.csproj +0 -44
  457. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/Package.include.template.csproj +0 -23
  458. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.cake +0 -215
  459. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.config +0 -3
  460. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.ps1 +0 -275
  461. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.sh +0 -77
  462. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/README.md +0 -36
  463. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +0 -28
  464. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +0 -217
  465. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +0 -24
  466. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +0 -354
  467. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
  468. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +0 -5
  469. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +0 -234
  470. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +0 -89
  471. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +0 -1
  472. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/BinaryHolder.java +0 -45
  473. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +0 -1165
  474. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +0 -96
  475. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +0 -92
  476. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/DisposableMemory.java +0 -31
  477. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/JULLogger.java +0 -130
  478. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Logger.java +0 -144
  479. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Loggers.java +0 -50
  480. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MacCallback.java +0 -60
  481. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MessageDigestCallback.java +0 -55
  482. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoAwsKmsProviderOptions.java +0 -104
  483. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypt.java +0 -100
  484. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContext.java +0 -137
  485. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContextImpl.java +0 -164
  486. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptException.java +0 -67
  487. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +0 -423
  488. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptOptions.java +0 -284
  489. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypts.java +0 -38
  490. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoDataKeyOptions.java +0 -125
  491. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +0 -227
  492. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptor.java +0 -76
  493. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptorImpl.java +0 -105
  494. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoLocalKmsProviderOptions.java +0 -83
  495. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoRewrapManyDataKeyOptions.java +0 -104
  496. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SLF4JLogger.java +0 -110
  497. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SecureRandomCallback.java +0 -51
  498. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SigningRSAESPKCSCallback.java +0 -76
  499. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/package-info.java +0 -18
  500. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +0 -180
  501. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +0 -134
  502. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +0 -389
  503. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command-reply.json +0 -13
  504. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command.json +0 -6
  505. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command-reply.json +0 -16
  506. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command.json +0 -11
  507. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-value.json +0 -6
  508. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +0 -26
  509. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/key-filter.json +0 -19
  510. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/rangeopts.json +0 -14
  511. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/value-to-encrypt.json +0 -20
  512. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/json-schema.json +0 -15
  513. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter-keyAltName.json +0 -14
  514. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter.json +0 -19
  515. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/list-collections-filter.json +0 -3
  516. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-command.json +0 -22
  517. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-reply.json +0 -18
  518. data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +0 -70
  519. data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +0 -20
  520. data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-schema.json +0 -19
  521. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +0 -47
  522. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/cmd.json +0 -8
  523. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/collinfo.json +0 -9
  524. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/ismaster-to-mongocryptd.json +0 -3
  525. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload.json +0 -91
  526. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload.json +0 -98
  527. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1.json +0 -8
  528. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1.json +0 -8
  529. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key.json +0 -8
  530. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/cmd.json +0 -6
  531. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-payload.json +0 -41
  532. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/mongocryptd-reply.json +0 -19
  533. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/cmd.json +0 -10
  534. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-payload.json +0 -42
  535. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/mongocryptd-reply.json +0 -50
  536. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/cmd.json +0 -6
  537. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-field-map.json +0 -28
  538. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-payload.json +0 -42
  539. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/mongocryptd-reply.json +0 -50
  540. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/cmd.json +0 -6
  541. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-field-map.json +0 -31
  542. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-payload.json +0 -51
  543. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/mongocryptd-reply.json +0 -59
  544. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/cmd.json +0 -8
  545. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-payload.json +0 -42
  546. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/mongocryptd-reply.json +0 -50
  547. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/cmd.json +0 -8
  548. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-field-map.json +0 -31
  549. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-payload.json +0 -45
  550. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/mongocryptd-reply.json +0 -53
  551. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/cmd.json +0 -8
  552. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-payload.json +0 -42
  553. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/mongocryptd-reply.json +0 -50
  554. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/cmd.json +0 -8
  555. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-field-map.json +0 -28
  556. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-payload.json +0 -42
  557. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/mongocryptd-reply.json +0 -50
  558. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload.json +0 -26
  559. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload.json +0 -26
  560. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
  561. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -26
  562. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload.json +0 -16
  563. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/cmd.json +0 -13
  564. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-field-map.json +0 -28
  565. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-payload.json +0 -45
  566. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/mongocryptd-reply.json +0 -53
  567. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/cmd.json +0 -9
  568. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-field-map.json +0 -28
  569. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-payload.json +0 -45
  570. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/mongocryptd-reply.json +0 -53
  571. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/cmd.json +0 -9
  572. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-field-map.json +0 -31
  573. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-payload.json +0 -54
  574. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/mongocryptd-reply.json +0 -62
  575. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/cmd.json +0 -11
  576. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-field-map.json +0 -28
  577. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-payload.json +0 -45
  578. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/mongocryptd-reply.json +0 -53
  579. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/cmd.json +0 -11
  580. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-field-map.json +0 -31
  581. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-payload.json +0 -48
  582. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/mongocryptd-reply.json +0 -56
  583. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-payload.json +0 -45
  584. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/mongocryptd-reply.json +0 -53
  585. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/cmd.json +0 -11
  586. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-field-map.json +0 -28
  587. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-payload.json +0 -45
  588. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/mongocryptd-reply.json +0 -53
  589. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload.json +0 -8
  590. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload.json +0 -8
  591. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -8
  592. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload.json +0 -8
  593. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/cmd.json +0 -9
  594. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-payload.json +0 -14
  595. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/mongocryptd-reply.json +0 -46
  596. data/ext/libmongocrypt/libmongocrypt/test/data/schema.json +0 -19
  597. /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/find-indexed.json → explicit-decrypt/FLE2FindEqualityPayload.json} +0 -0
  598. /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-text-search-with-str-encode-version}/cmd.json +0 -0
@@ -0,0 +1,1075 @@
1
+ /*
2
+ * Copyright 2018-present MongoDB, Inc.
3
+ *
4
+ * Licensed under the Apache License, Version 2.0 (the "License");
5
+ * you may not use this file except in compliance with the License.
6
+ * You may obtain a copy of the License at
7
+ *
8
+ * http://www.apache.org/licenses/LICENSE-2.0
9
+ *
10
+ * Unless required by applicable law or agreed to in writing, software
11
+ * distributed under the License is distributed on an "AS IS" BASIS,
12
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ * See the License for the specific language governing permissions and
14
+ * limitations under the License.
15
+ */
16
+
17
+ #include "mc-schema-broker-private.h"
18
+
19
+ #include "mc-efc-private.h" // mc_EncryptedFieldConfig_t
20
+ #include "mongocrypt-cache-collinfo-private.h"
21
+ #include "mongocrypt-key-broker-private.h"
22
+ #include "mongocrypt-private.h"
23
+ #include "mongocrypt-status-private.h"
24
+ #include "mongocrypt-util-private.h"
25
+ #include <bson/bson.h>
26
+
27
+ typedef struct mc_schema_entry_t {
28
+ char *coll;
29
+
30
+ struct {
31
+ bool set;
32
+ _mongocrypt_buffer_t buf; // Owns document.
33
+ bson_t bson; // Non-owning view into buf.
34
+ bool is_remote;
35
+ } jsonSchema;
36
+
37
+ struct {
38
+ bool set;
39
+ _mongocrypt_buffer_t buf; // Owns document.
40
+ bson_t bson; // Non-owning view into buf.
41
+ mc_EncryptedFieldConfig_t efc;
42
+ } encryptedFields;
43
+
44
+ struct mc_schema_entry_t *next;
45
+ bool satisfied; // true once a schema is found and applied, or an empty schema is applied.
46
+ } mc_schema_entry_t;
47
+
48
+ // mc_schema_broker_t stores schemas for an auto encryption operation.
49
+ struct mc_schema_broker_t {
50
+ char *db; // Database shared by all schemas.
51
+ mc_schema_entry_t *ll;
52
+ size_t ll_len;
53
+ bool use_range_v2;
54
+ };
55
+
56
+ mc_schema_broker_t *mc_schema_broker_new(void) {
57
+ return bson_malloc0(sizeof(mc_schema_broker_t));
58
+ }
59
+
60
+ void mc_schema_broker_use_rangev2(mc_schema_broker_t *sb) {
61
+ BSON_ASSERT_PARAM(sb);
62
+ sb->use_range_v2 = true;
63
+ }
64
+
65
+ bool mc_schema_broker_request(mc_schema_broker_t *sb, const char *db, const char *coll, mongocrypt_status_t *status) {
66
+ BSON_ASSERT_PARAM(sb);
67
+ BSON_ASSERT_PARAM(db);
68
+ BSON_ASSERT_PARAM(coll);
69
+
70
+ if (sb->db && 0 != strcmp(sb->db, db)) {
71
+ CLIENT_ERR("Cannot request schemas for different databases. Requested schemas for '%s' and '%s'.", sb->db, db);
72
+ return false;
73
+ }
74
+
75
+ // Check for duplicates. Keep pointer to last node.
76
+ mc_schema_entry_t *last = NULL;
77
+ for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
78
+ if (0 == strcmp(it->coll, coll)) {
79
+ return true;
80
+ }
81
+ last = it;
82
+ }
83
+
84
+ mc_schema_entry_t *se = bson_malloc0(sizeof *se);
85
+ se->coll = bson_strdup(coll);
86
+ if (NULL == last) {
87
+ sb->ll = se;
88
+ sb->db = bson_strdup(db);
89
+ } else {
90
+ last->next = se;
91
+ }
92
+ sb->ll_len++;
93
+ return true;
94
+ }
95
+
96
+ bool mc_schema_broker_has_multiple_requests(const mc_schema_broker_t *sb) {
97
+ BSON_ASSERT_PARAM(sb);
98
+ return sb->ll_len > 1;
99
+ }
100
+
101
+ void mc_schema_broker_destroy(mc_schema_broker_t *sb) {
102
+ if (!sb) {
103
+ return;
104
+ }
105
+ mc_schema_entry_t *it = sb->ll;
106
+ while (it != NULL) {
107
+ bson_free(it->coll);
108
+ // Always clean it->encryptedFields and it->jsonSchema. May be partially set.
109
+ mc_EncryptedFieldConfig_cleanup(&it->encryptedFields.efc);
110
+ _mongocrypt_buffer_cleanup(&it->encryptedFields.buf);
111
+ _mongocrypt_buffer_cleanup(&it->jsonSchema.buf);
112
+ mc_schema_entry_t *tmp = it->next;
113
+ bson_free(it);
114
+ it = tmp;
115
+ }
116
+ bson_free(sb->db);
117
+ bson_free(sb);
118
+ return;
119
+ }
120
+
121
+ bool mc_schema_broker_has_any_qe_schemas(const mc_schema_broker_t *sb) {
122
+ BSON_ASSERT_PARAM(sb);
123
+ for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
124
+ BSON_ASSERT(se->satisfied);
125
+ if (se->encryptedFields.set) {
126
+ return true;
127
+ }
128
+ }
129
+ return false;
130
+ }
131
+
132
+ // TRY_BSON_OR is a checks a BSON operation and sets a generic error status on failure.
133
+ #define TRY_BSON_OR(stmt) if (!try_or(stmt, "BSON failure", BSON_FUNC, status))
134
+
135
+ static bool try_or(bool val, const char *msg, const char *func, mongocrypt_status_t *status) {
136
+ if (!val) {
137
+ CLIENT_ERR("[%s] statement failed: %s", func, msg);
138
+ }
139
+ return val;
140
+ }
141
+
142
+ bool mc_schema_broker_append_listCollections_filter(const mc_schema_broker_t *sb,
143
+ bson_t *out,
144
+ mongocrypt_status_t *status) {
145
+ BSON_ASSERT_PARAM(sb);
146
+ BSON_ASSERT_PARAM(out);
147
+
148
+ size_t num_unsatisfied = 0;
149
+ for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
150
+ if (!se->satisfied) {
151
+ num_unsatisfied++;
152
+ }
153
+ }
154
+
155
+ if (num_unsatisfied == 0) {
156
+ CLIENT_ERR("Unexpected: attempting to create listCollections filter but no schemas needed");
157
+ return false;
158
+ } else if (num_unsatisfied == 1) {
159
+ // One request. Append as: { "name": <name> }
160
+ for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
161
+ if (se->satisfied) {
162
+ continue;
163
+ }
164
+
165
+ TRY_BSON_OR(BSON_APPEND_UTF8(out, "name", se->coll)) {
166
+ return false;
167
+ }
168
+ break;
169
+ }
170
+ } else {
171
+ // Multiple requests. Append as: { "name": { "$in": [ <name1>, <name2>, ... ] } }
172
+ bson_t in, in_array;
173
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(out, "name", &in)) {
174
+ return false;
175
+ }
176
+ TRY_BSON_OR(BSON_APPEND_ARRAY_BEGIN(&in, "$in", &in_array)) {
177
+ return false;
178
+ }
179
+
180
+ size_t idx = 0;
181
+ for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
182
+ if (se->satisfied) {
183
+ continue;
184
+ }
185
+
186
+ char idx_str[32];
187
+ int ret = bson_snprintf(idx_str, sizeof idx_str, "%zu", idx);
188
+ BSON_ASSERT(ret > 0 && ret <= (int)sizeof idx_str);
189
+
190
+ TRY_BSON_OR(BSON_APPEND_UTF8(&in_array, idx_str, se->coll)) {
191
+ return false;
192
+ }
193
+
194
+ idx++;
195
+ }
196
+ TRY_BSON_OR(bson_append_array_end(&in, &in_array)) {
197
+ return false;
198
+ }
199
+ TRY_BSON_OR(bson_append_document_end(out, &in)) {
200
+ return false;
201
+ }
202
+ }
203
+
204
+ return true;
205
+ }
206
+
207
+ static inline bool mc_schema_entry_satisfy_from_collinfo(mc_schema_entry_t *se,
208
+ const bson_t *collinfo,
209
+ const char *coll,
210
+ const char *db,
211
+ bool use_range_v2,
212
+ mongocrypt_status_t *status) {
213
+ BSON_ASSERT_PARAM(se);
214
+ BSON_ASSERT_PARAM(collinfo);
215
+ BSON_ASSERT_PARAM(coll);
216
+ BSON_ASSERT_PARAM(db);
217
+
218
+ if (se->satisfied) {
219
+ CLIENT_ERR("unexpected duplicate collinfo result for collection: %s.%s", db, coll);
220
+ return false;
221
+ }
222
+
223
+ bson_iter_t collinfo_iter;
224
+
225
+ if (!bson_iter_init(&collinfo_iter, collinfo)) {
226
+ CLIENT_ERR("failed to iterate collinfo for collection: %s.%s", db, coll);
227
+ return false;
228
+ }
229
+
230
+ // Disallow views.
231
+ bson_iter_t type_iter = collinfo_iter;
232
+ if (bson_iter_find(&type_iter, "type") && BSON_ITER_HOLDS_UTF8(&type_iter) && bson_iter_utf8(&type_iter, NULL)
233
+ && 0 == strcmp("view", bson_iter_utf8(&type_iter, NULL))) {
234
+ CLIENT_ERR("cannot auto encrypt a view: %s.%s", db, coll);
235
+ return false;
236
+ }
237
+
238
+ // Check if collection is configured for QE.
239
+ bson_iter_t encryptedFields_iter = collinfo_iter;
240
+ if (bson_iter_find_descendant(&encryptedFields_iter, "options.encryptedFields", &encryptedFields_iter)) {
241
+ if (!BSON_ITER_HOLDS_DOCUMENT(&encryptedFields_iter)) {
242
+ CLIENT_ERR("expected document for `options.encryptedFields` but got %s for collection %s.%s",
243
+ mc_bson_type_to_string(bson_iter_type(&encryptedFields_iter)),
244
+ db,
245
+ coll);
246
+ return false;
247
+ }
248
+ if (!_mongocrypt_buffer_copy_from_document_iter(&se->encryptedFields.buf, &encryptedFields_iter)) {
249
+ CLIENT_ERR("failed to copy `options.encryptedFields` for collection: %s.%s", db, coll);
250
+ return false;
251
+ }
252
+
253
+ if (!_mongocrypt_buffer_to_bson(&se->encryptedFields.buf, &se->encryptedFields.bson)) {
254
+ CLIENT_ERR("unable to create BSON from `options.encryptedFields` for collection: %s.%s", db, coll);
255
+ return false;
256
+ }
257
+
258
+ if (!mc_EncryptedFieldConfig_parse(&se->encryptedFields.efc, &se->encryptedFields.bson, status, use_range_v2)) {
259
+ return false;
260
+ }
261
+ se->encryptedFields.set = true;
262
+ }
263
+
264
+ // Check if collection is configured for CSFLE.
265
+ bool found_jsonSchema = false;
266
+ bson_iter_t validator_iter = collinfo_iter;
267
+ if (bson_iter_find_descendant(&validator_iter, "options.validator", &validator_iter)
268
+ && BSON_ITER_HOLDS_DOCUMENT(&validator_iter)) {
269
+ if (!bson_iter_recurse(&validator_iter, &validator_iter)) {
270
+ CLIENT_ERR("failed to iterate `options.validator` for collection: %s.%s", db, coll);
271
+ return false;
272
+ }
273
+ while (bson_iter_next(&validator_iter)) {
274
+ const char *key = bson_iter_key(&validator_iter);
275
+ if (0 == strcmp("$jsonSchema", key)) {
276
+ if (found_jsonSchema) {
277
+ CLIENT_ERR("duplicate `$jsonSchema` fields found for collection: %s.%s", db, coll);
278
+ return false;
279
+ }
280
+
281
+ if (!_mongocrypt_buffer_copy_from_document_iter(&se->jsonSchema.buf, &validator_iter)) {
282
+ CLIENT_ERR("unable to copy `$jsonSchema` for collection: %s.%s", db, coll);
283
+ return false;
284
+ }
285
+
286
+ if (!_mongocrypt_buffer_to_bson(&se->jsonSchema.buf, &se->jsonSchema.bson)) {
287
+ CLIENT_ERR("unable to create BSON from `$jsonSchema` for collection: %s.%s", db, coll);
288
+ return false;
289
+ }
290
+
291
+ found_jsonSchema = true;
292
+ BSON_ASSERT(!se->jsonSchema.set);
293
+ se->jsonSchema.set = true;
294
+ se->jsonSchema.is_remote = true;
295
+ }
296
+ }
297
+ }
298
+
299
+ se->satisfied = true;
300
+ return true;
301
+ }
302
+
303
+ bool mc_schema_broker_satisfy_from_collinfo(mc_schema_broker_t *sb,
304
+ const bson_t *collinfo,
305
+ _mongocrypt_cache_t *collinfo_cache,
306
+ mongocrypt_status_t *status) {
307
+ BSON_ASSERT_PARAM(sb);
308
+ BSON_ASSERT_PARAM(collinfo);
309
+ BSON_ASSERT_PARAM(collinfo_cache);
310
+
311
+ bson_iter_t collinfo_iter;
312
+
313
+ if (!bson_iter_init(&collinfo_iter, collinfo)) {
314
+ CLIENT_ERR("failed to iterate collinfo in database: %s", sb->db);
315
+ return false;
316
+ }
317
+
318
+ // Parse the collection from the `collinfo`.
319
+ const char *coll;
320
+ {
321
+ bson_iter_t name_iter = collinfo_iter;
322
+ if (!bson_iter_find(&name_iter, "name") || !BSON_ITER_HOLDS_UTF8(&name_iter)) {
323
+ CLIENT_ERR("failed to find 'name' in collinfo in database: %s", sb->db);
324
+ return false;
325
+ }
326
+ coll = bson_iter_utf8(&name_iter, NULL);
327
+ }
328
+
329
+ // Cache the received collinfo.
330
+ {
331
+ char *ns = bson_strdup_printf("%s.%s", sb->db, coll);
332
+ if (!_mongocrypt_cache_add_copy(collinfo_cache, ns, (void *)collinfo, status)) {
333
+ bson_free(ns);
334
+ return false;
335
+ }
336
+ bson_free(ns);
337
+ }
338
+
339
+ // Find matching entry.
340
+ mc_schema_entry_t *se = NULL;
341
+ {
342
+ for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
343
+ if (0 == strcmp(it->coll, coll)) {
344
+ se = it;
345
+ break;
346
+ }
347
+ }
348
+ if (!se) {
349
+ CLIENT_ERR("got unexpected collinfo result for collection: %s.%s", sb->db, coll);
350
+ return false;
351
+ }
352
+ }
353
+
354
+ if (!mc_schema_entry_satisfy_from_collinfo(se, collinfo, coll, sb->db, sb->use_range_v2, status)) {
355
+ return false;
356
+ }
357
+
358
+ return true;
359
+ }
360
+
361
+ bool mc_schema_broker_satisfy_from_schemaMap(mc_schema_broker_t *sb,
362
+ const bson_t *schema_map,
363
+ mongocrypt_status_t *status) {
364
+ BSON_ASSERT_PARAM(sb);
365
+ BSON_ASSERT_PARAM(schema_map);
366
+
367
+ for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
368
+ if (it->satisfied) {
369
+ continue;
370
+ }
371
+
372
+ bool loop_ok = false;
373
+ char *ns = bson_strdup_printf("%s.%s", sb->db, it->coll);
374
+ bson_iter_t iter;
375
+
376
+ if (bson_iter_init_find(&iter, schema_map, ns)) {
377
+ if (!_mongocrypt_buffer_copy_from_document_iter(&it->jsonSchema.buf, &iter)) {
378
+ CLIENT_ERR("failed to read schema from schema map for collection: %s", ns);
379
+ goto loop_fail;
380
+ }
381
+
382
+ if (!_mongocrypt_buffer_to_bson(&it->jsonSchema.buf, &it->jsonSchema.bson)) {
383
+ CLIENT_ERR("unable to create BSON from schema map for collection: %s", ns);
384
+ goto loop_fail;
385
+ }
386
+
387
+ BSON_ASSERT(!it->jsonSchema.set);
388
+ it->jsonSchema.set = true;
389
+ it->jsonSchema.is_remote = false;
390
+ it->satisfied = true;
391
+ }
392
+
393
+ loop_ok = true;
394
+ loop_fail:
395
+ bson_free(ns);
396
+ if (!loop_ok) {
397
+ return false;
398
+ }
399
+ }
400
+ return true;
401
+ }
402
+
403
+ bool mc_schema_broker_satisfy_from_encryptedFieldsMap(mc_schema_broker_t *sb,
404
+ const bson_t *ef_map,
405
+ mongocrypt_status_t *status) {
406
+ BSON_ASSERT_PARAM(sb);
407
+ BSON_ASSERT_PARAM(ef_map);
408
+
409
+ for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
410
+ if (it->satisfied) {
411
+ continue;
412
+ }
413
+
414
+ bool loop_ok = false;
415
+ char *ns = bson_strdup_printf("%s.%s", sb->db, it->coll);
416
+ bson_iter_t iter;
417
+
418
+ if (bson_iter_init_find(&iter, ef_map, ns)) {
419
+ if (!_mongocrypt_buffer_copy_from_document_iter(&it->encryptedFields.buf, &iter)) {
420
+ CLIENT_ERR("failed to read encryptedFields from encryptedFields map for collection: %s", ns);
421
+ goto loop_fail;
422
+ }
423
+
424
+ if (!_mongocrypt_buffer_to_bson(&it->encryptedFields.buf, &it->encryptedFields.bson)) {
425
+ CLIENT_ERR("failed to create BSON from encryptedFields map for collection: %s", ns);
426
+ goto loop_fail;
427
+ }
428
+
429
+ if (!mc_EncryptedFieldConfig_parse(&it->encryptedFields.efc,
430
+ &it->encryptedFields.bson,
431
+ status,
432
+ sb->use_range_v2)) {
433
+ goto loop_fail;
434
+ }
435
+
436
+ BSON_ASSERT(!it->encryptedFields.set);
437
+ it->encryptedFields.set = true;
438
+ it->satisfied = true;
439
+ }
440
+
441
+ loop_ok = true;
442
+ loop_fail:
443
+ bson_free(ns);
444
+ if (!loop_ok) {
445
+ return false;
446
+ }
447
+ }
448
+
449
+ return true;
450
+ }
451
+
452
+ bool mc_schema_broker_satisfy_from_cache(mc_schema_broker_t *sb,
453
+ _mongocrypt_cache_t *listCollections_cache,
454
+ mongocrypt_status_t *status) {
455
+ BSON_ASSERT_PARAM(sb);
456
+ BSON_ASSERT_PARAM(listCollections_cache);
457
+
458
+ for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
459
+ if (it->satisfied) {
460
+ continue;
461
+ }
462
+ char *ns = bson_strdup_printf("%s.%s", sb->db, it->coll);
463
+
464
+ // Check if there is a listCollections result cached.
465
+ bool loop_ok = false;
466
+ bson_t *collinfo = NULL;
467
+ if (!_mongocrypt_cache_get(listCollections_cache, ns, (void **)&collinfo)) {
468
+ CLIENT_ERR("failed to retrieve from listCollections cache for entry: %s", ns);
469
+ goto loop_fail;
470
+ }
471
+
472
+ if (!collinfo) {
473
+ goto loop_skip;
474
+ }
475
+
476
+ if (!mc_schema_entry_satisfy_from_collinfo(it, collinfo, sb->db, it->coll, sb->use_range_v2, status)) {
477
+ goto loop_fail;
478
+ }
479
+
480
+ loop_skip:
481
+ loop_ok = true;
482
+ loop_fail:
483
+ bson_destroy(collinfo);
484
+ bson_free(ns);
485
+ if (!loop_ok) {
486
+ return false;
487
+ }
488
+ }
489
+ return true;
490
+ }
491
+
492
+ bool mc_schema_broker_satisfy_from_create_or_collMod(mc_schema_broker_t *sb,
493
+ const bson_t *cmd,
494
+ mongocrypt_status_t *status) {
495
+ BSON_ASSERT_PARAM(sb);
496
+ BSON_ASSERT_PARAM(cmd);
497
+
498
+ bson_iter_t iter;
499
+ if (!bson_iter_init(&iter, cmd) || !bson_iter_next(&iter)) {
500
+ CLIENT_ERR("Failed to get command name");
501
+ return false;
502
+ }
503
+
504
+ const char *cmd_name = bson_iter_key(&iter);
505
+ if (0 != strcmp(cmd_name, "create") && 0 != strcmp(cmd_name, "collMod")) {
506
+ // Ignore other commands.
507
+ return true;
508
+ }
509
+
510
+ if (!BSON_ITER_HOLDS_UTF8(&iter)) {
511
+ CLIENT_ERR("Failed to get collection name from command");
512
+ return false;
513
+ }
514
+ const char *coll = bson_iter_utf8(&iter, NULL);
515
+
516
+ // Check if schema was requested.
517
+ mc_schema_entry_t *found = NULL;
518
+ for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
519
+ if (0 == strcmp(it->coll, coll)) {
520
+ found = it;
521
+ break;
522
+ }
523
+ }
524
+
525
+ if (!found) {
526
+ // Command is for a collection that is not needed.
527
+ return true;
528
+ }
529
+
530
+ if (found->satisfied) {
531
+ return true;
532
+ }
533
+
534
+ if (bson_iter_find_descendant(&iter, "validator.$jsonSchema", &iter)) {
535
+ if (!_mongocrypt_buffer_copy_from_document_iter(&found->jsonSchema.buf, &iter)) {
536
+ CLIENT_ERR("failed to read schema from schema map for collection: %s", coll);
537
+ return false;
538
+ }
539
+
540
+ if (!_mongocrypt_buffer_to_bson(&found->jsonSchema.buf, &found->jsonSchema.bson)) {
541
+ CLIENT_ERR("unable to create BSON from schema map for collection: %s", coll);
542
+ return false;
543
+ }
544
+
545
+ found->jsonSchema.set = true;
546
+ found->jsonSchema.is_remote = true; // Mark remote. Schema may have non-CSFLE validators.
547
+ found->satisfied = true;
548
+ return true;
549
+ }
550
+
551
+ // Command does not have a schema. Not an error.
552
+ return true;
553
+ }
554
+
555
+ bool mc_schema_broker_satisfy_remaining_with_empty_schemas(mc_schema_broker_t *sb,
556
+ _mongocrypt_cache_t *collinfo_cache /* may be NULL */,
557
+ mongocrypt_status_t *status) {
558
+ BSON_ASSERT_PARAM(sb);
559
+
560
+ for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
561
+ if (it->satisfied) {
562
+ continue;
563
+ }
564
+
565
+ // Cache the received collinfo.
566
+ if (collinfo_cache) {
567
+ char *ns = bson_strdup_printf("%s.%s", sb->db, it->coll);
568
+ bson_t empty = BSON_INITIALIZER;
569
+ if (!_mongocrypt_cache_add_copy(collinfo_cache, ns, &empty, status)) {
570
+ bson_destroy(&empty);
571
+ bson_free(ns);
572
+ return false;
573
+ }
574
+ bson_destroy(&empty);
575
+ bson_free(ns);
576
+ }
577
+
578
+ it->satisfied = true;
579
+ }
580
+
581
+ return true;
582
+ }
583
+
584
+ bool mc_schema_broker_need_more_schemas(const mc_schema_broker_t *sb) {
585
+ BSON_ASSERT_PARAM(sb);
586
+ for (const mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
587
+ if (!it->satisfied) {
588
+ return true;
589
+ }
590
+ }
591
+ return false;
592
+ }
593
+
594
+ const mc_EncryptedFieldConfig_t *
595
+ mc_schema_broker_get_encryptedFields(const mc_schema_broker_t *sb, const char *coll, mongocrypt_status_t *status) {
596
+ BSON_ASSERT_PARAM(sb);
597
+ BSON_ASSERT_PARAM(coll);
598
+
599
+ for (const mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
600
+ BSON_ASSERT(it->satisfied);
601
+ if (0 != strcmp(it->coll, coll)) {
602
+ continue;
603
+ }
604
+ if (!it->encryptedFields.set) {
605
+ CLIENT_ERR("Expected encryptedFields for '%s', but none set", coll);
606
+ return NULL;
607
+ }
608
+ return &it->encryptedFields.efc;
609
+ }
610
+ CLIENT_ERR("Expected encryptedFields for '%s', but did not find entry", coll);
611
+ return NULL;
612
+ }
613
+
614
+ static bool append_encryptedFields(const bson_t *encryptedFields,
615
+ const char *coll,
616
+ uint8_t default_strEncodeVersion,
617
+ bson_t *out,
618
+ mongocrypt_status_t *status) {
619
+ BSON_ASSERT_PARAM(encryptedFields); // May be an empty BSON document.
620
+ BSON_ASSERT_PARAM(out);
621
+ BSON_ASSERT_PARAM(coll);
622
+
623
+ bool ok = false;
624
+
625
+ bool has_escCollection = false;
626
+ bool has_ecocCollection = false;
627
+ bool has_fields = false;
628
+ bool has_strEncodeVersion = false;
629
+
630
+ char *default_escCollection = NULL;
631
+ char *default_ecocCollection = NULL;
632
+
633
+ bson_iter_t iter;
634
+ TRY_BSON_OR(bson_iter_init(&iter, encryptedFields)) {
635
+ goto fail;
636
+ }
637
+
638
+ // Copy all values. Check if state collections are present.
639
+ while (bson_iter_next(&iter)) {
640
+ if (strcmp(bson_iter_key(&iter), "escCollection") == 0) {
641
+ has_escCollection = true;
642
+ }
643
+ if (strcmp(bson_iter_key(&iter), "ecocCollection") == 0) {
644
+ has_ecocCollection = true;
645
+ }
646
+ if (strcmp(bson_iter_key(&iter), "fields") == 0) {
647
+ has_fields = true;
648
+ }
649
+ if (strcmp(bson_iter_key(&iter), "strEncodeVersion") == 0) {
650
+ has_strEncodeVersion = true;
651
+ }
652
+ TRY_BSON_OR(BSON_APPEND_VALUE(out, bson_iter_key(&iter), bson_iter_value(&iter))) {
653
+ goto fail;
654
+ }
655
+ }
656
+
657
+ if (!has_escCollection) {
658
+ default_escCollection = bson_strdup_printf("enxcol_.%s.esc", coll);
659
+ TRY_BSON_OR(BSON_APPEND_UTF8(out, "escCollection", default_escCollection)) {
660
+ goto fail;
661
+ }
662
+ }
663
+
664
+ if (!has_ecocCollection) {
665
+ default_ecocCollection = bson_strdup_printf("enxcol_.%s.ecoc", coll);
666
+ TRY_BSON_OR(BSON_APPEND_UTF8(out, "ecocCollection", default_ecocCollection)) {
667
+ goto fail;
668
+ }
669
+ }
670
+
671
+ if (!has_fields) {
672
+ bson_t empty = BSON_INITIALIZER;
673
+ TRY_BSON_OR(BSON_APPEND_ARRAY(out, "fields", &empty)) {
674
+ goto fail;
675
+ }
676
+ }
677
+
678
+ if (!has_strEncodeVersion && default_strEncodeVersion != 0) {
679
+ // 0 indicates encryptedFields has no text fields and no set strEncodeVersion.
680
+ // Only add strEncodeVersion if needed since older server components do not recognize it.
681
+ TRY_BSON_OR(BSON_APPEND_INT32(out, "strEncodeVersion", (int32_t)default_strEncodeVersion)) {
682
+ goto fail;
683
+ }
684
+ }
685
+
686
+ ok = true;
687
+ fail:
688
+ bson_free(default_escCollection);
689
+ bson_free(default_ecocCollection);
690
+ return ok;
691
+ }
692
+
693
+ static bool append_encryptionInformation(const mc_schema_broker_t *sb,
694
+ const char *cmd_name,
695
+ bson_t *out,
696
+ mongocrypt_status_t *status) {
697
+ BSON_ASSERT_PARAM(sb);
698
+ BSON_ASSERT_PARAM(cmd_name);
699
+ BSON_ASSERT_PARAM(out);
700
+
701
+ bson_t encryption_information_bson;
702
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(out, "encryptionInformation", &encryption_information_bson)) {
703
+ return false;
704
+ }
705
+ TRY_BSON_OR(BSON_APPEND_INT32(&encryption_information_bson, "type", 1)) {
706
+ return false;
707
+ }
708
+
709
+ bson_t schema_bson;
710
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(&encryption_information_bson, "schema", &schema_bson)) {
711
+ return false;
712
+ }
713
+
714
+ for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
715
+ BSON_ASSERT(se->satisfied);
716
+ bool loop_ok = false;
717
+ char *ns = bson_strdup_printf("%s.%s", sb->db, se->coll);
718
+ bson_t ns_to_schema_bson;
719
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(&schema_bson, ns, &ns_to_schema_bson)) {
720
+ goto loop_fail;
721
+ }
722
+
723
+ bson_t empty_encryptedFields = BSON_INITIALIZER; // Use empty encryptedFields if none set.
724
+ const bson_t *encryptedFields = &empty_encryptedFields;
725
+ uint8_t default_strEncodeVersion = 0;
726
+ if (se->encryptedFields.set) {
727
+ encryptedFields = &se->encryptedFields.bson;
728
+ default_strEncodeVersion = se->encryptedFields.efc.str_encode_version;
729
+ }
730
+ if (!append_encryptedFields(encryptedFields, se->coll, default_strEncodeVersion, &ns_to_schema_bson, status)) {
731
+ goto loop_fail;
732
+ }
733
+
734
+ TRY_BSON_OR(bson_append_document_end(&schema_bson, &ns_to_schema_bson)) {
735
+ goto loop_fail;
736
+ }
737
+ loop_ok = true;
738
+ loop_fail:
739
+ bson_free(ns);
740
+ bson_destroy(&empty_encryptedFields);
741
+ if (!loop_ok) {
742
+ return false;
743
+ }
744
+ }
745
+ TRY_BSON_OR(bson_append_document_end(&encryption_information_bson, &schema_bson)) {
746
+ return false;
747
+ }
748
+ TRY_BSON_OR(bson_append_document_end(out, &encryption_information_bson)) {
749
+ return false;
750
+ }
751
+ return true;
752
+ }
753
+
754
+ static const char *get_cmd_name(const bson_t *cmd, mongocrypt_status_t *status) {
755
+ bson_iter_t iter;
756
+ const char *cmd_name;
757
+
758
+ BSON_ASSERT_PARAM(cmd);
759
+
760
+ if (!bson_iter_init(&iter, cmd)) {
761
+ CLIENT_ERR("unable to iterate over command BSON");
762
+ return NULL;
763
+ }
764
+
765
+ /* The command name is the first key. */
766
+ if (!bson_iter_next(&iter)) {
767
+ CLIENT_ERR("unexpected empty BSON for command");
768
+ return NULL;
769
+ }
770
+
771
+ cmd_name = bson_iter_key(&iter);
772
+ if (!cmd_name) {
773
+ CLIENT_ERR("unable to get command name from BSON");
774
+ return NULL;
775
+ }
776
+ return cmd_name;
777
+ }
778
+
779
+ static bool insert_encryptionInformation(const mc_schema_broker_t *sb,
780
+ const char *cmd_name,
781
+ bson_t *cmd /* in and out */,
782
+ mc_cmd_target_t cmd_target,
783
+ mongocrypt_status_t *status) {
784
+ BSON_ASSERT_PARAM(sb);
785
+ BSON_ASSERT_PARAM(cmd_name);
786
+ BSON_ASSERT_PARAM(cmd);
787
+
788
+ bson_t out = BSON_INITIALIZER;
789
+ bson_t explain = BSON_INITIALIZER;
790
+ bson_iter_t iter;
791
+ bool ok = false;
792
+
793
+ // For `bulkWrite`, append `encryptionInformation` inside the `nsInfo.0` document.
794
+ if (0 == strcmp(cmd_name, "bulkWrite")) {
795
+ // Get the single `nsInfo` document from the input command.
796
+ bson_t nsInfo; // Non-owning.
797
+ {
798
+ bson_iter_t nsInfo_iter;
799
+ if (!bson_iter_init(&nsInfo_iter, cmd)) {
800
+ CLIENT_ERR("failed to iterate command");
801
+ goto fail;
802
+ }
803
+ if (!bson_iter_find_descendant(&nsInfo_iter, "nsInfo.0", &nsInfo_iter)) {
804
+ CLIENT_ERR("expected one namespace in `bulkWrite`, but found zero.");
805
+ goto fail;
806
+ }
807
+ if (bson_has_field(cmd, "nsInfo.1")) {
808
+ CLIENT_ERR("expected one namespace in `bulkWrite`, but found more than one. Only one namespace is "
809
+ "supported.");
810
+ goto fail;
811
+ }
812
+ if (!mc_iter_document_as_bson(&nsInfo_iter, &nsInfo, status)) {
813
+ goto fail;
814
+ }
815
+ // Ensure `nsInfo` does not already have an `encryptionInformation` field.
816
+ if (bson_has_field(&nsInfo, "encryptionInformation")) {
817
+ CLIENT_ERR("unexpected `encryptionInformation` present in input `nsInfo`.");
818
+ goto fail;
819
+ }
820
+ }
821
+
822
+ // Copy input and append `encryptionInformation` to `nsInfo`.
823
+ {
824
+ // Append everything from input except `nsInfo`.
825
+ bson_copy_to_excluding_noinit(cmd, &out, "nsInfo", NULL);
826
+ // Append `nsInfo` array.
827
+ bson_t nsInfo_array;
828
+ if (!BSON_APPEND_ARRAY_BEGIN(&out, "nsInfo", &nsInfo_array)) {
829
+ CLIENT_ERR("unable to begin appending 'nsInfo' array");
830
+ goto fail;
831
+ }
832
+ bson_t nsInfo_array_0;
833
+ if (!BSON_APPEND_DOCUMENT_BEGIN(&nsInfo_array, "0", &nsInfo_array_0)) {
834
+ CLIENT_ERR("unable to append 'nsInfo.0' document");
835
+ goto fail;
836
+ }
837
+ // Copy everything from input `nsInfo`.
838
+ if (!bson_concat(&nsInfo_array_0, &nsInfo)) {
839
+ CLIENT_ERR("unable to concat to 'nsInfo.0' document");
840
+ goto fail;
841
+ }
842
+ // And append `encryptionInformation`.
843
+ if (!append_encryptionInformation(sb, cmd_name, &nsInfo_array_0, status)) {
844
+ goto fail;
845
+ }
846
+ if (!bson_append_document_end(&nsInfo_array, &nsInfo_array_0)) {
847
+ CLIENT_ERR("unable to end appending 'nsInfo' document in array");
848
+ }
849
+ if (!bson_append_array_end(&out, &nsInfo_array)) {
850
+ CLIENT_ERR("unable to end appending 'nsInfo' array");
851
+ goto fail;
852
+ }
853
+ // Overwrite `cmd`.
854
+ bson_destroy(cmd);
855
+ if (!bson_steal(cmd, &out)) {
856
+ CLIENT_ERR("failed to steal BSON with encryptionInformation");
857
+ goto fail;
858
+ }
859
+ }
860
+
861
+ goto success;
862
+ }
863
+
864
+ if (0 == strcmp(cmd_name, "explain")
865
+ && (cmd_target == MC_CMD_SCHEMAS_FOR_CRYPT_SHARED || cmd_target == MC_CMD_SCHEMAS_FOR_SERVER)) {
866
+ // The "explain" command is a special case when sent to crypt_shared or the server, which expect
867
+ // "encryptionInformation" nested in the "explain" document instead of at top-level. Example:
868
+ // {
869
+ // "explain": {
870
+ // "find": "to-crypt_shared-or-server"
871
+ // "encryptionInformation": {}
872
+ // }
873
+ // }
874
+ if (!bson_iter_init_find(&iter, cmd, "explain")) {
875
+ CLIENT_ERR("expected to find 'explain' field");
876
+ goto fail;
877
+ }
878
+
879
+ if (!BSON_ITER_HOLDS_DOCUMENT(&iter)) {
880
+ CLIENT_ERR("expected 'explain' to be document");
881
+ goto fail;
882
+ }
883
+
884
+ {
885
+ bson_t tmp;
886
+ if (!mc_iter_document_as_bson(&iter, &tmp, status)) {
887
+ goto fail;
888
+ }
889
+ bson_destroy(&explain);
890
+ bson_copy_to(&tmp, &explain);
891
+ }
892
+
893
+ if (!append_encryptionInformation(sb, cmd_name, &explain, status)) {
894
+ goto fail;
895
+ }
896
+
897
+ if (!BSON_APPEND_DOCUMENT(&out, "explain", &explain)) {
898
+ CLIENT_ERR("unable to append 'explain' document");
899
+ goto fail;
900
+ }
901
+
902
+ bson_copy_to_excluding_noinit(cmd, &out, "explain", NULL);
903
+ bson_destroy(cmd);
904
+ if (!bson_steal(cmd, &out)) {
905
+ CLIENT_ERR("failed to steal BSON with encryptionInformation");
906
+ goto fail;
907
+ }
908
+ goto success;
909
+ }
910
+
911
+ // Default case: append "encryptionInformation" at top-level. Example:
912
+ // {
913
+ // "<command name>": { ... }
914
+ // "encryptionInformation": {}
915
+ // }
916
+ if (!append_encryptionInformation(sb, cmd_name, cmd, status)) {
917
+ goto fail;
918
+ }
919
+
920
+ success:
921
+ ok = true;
922
+ fail:
923
+ bson_destroy(&explain);
924
+ if (!ok) {
925
+ bson_destroy(&out);
926
+ }
927
+ return ok;
928
+ }
929
+
930
+ // insert_csfleEncryptionSchemas appends schema information to a command for CSFLE.
931
+ // Only consumed by query analysis (mongocryptd/crypt_shared).
932
+ // For one JSON schema, use `jsonSchema` for backwards compatibility.
933
+ // For multiple JSON schemas, use `csfleEncryptionSchemas` (added in server 8.2).
934
+ static bool insert_csfleEncryptionSchemas(const mc_schema_broker_t *sb,
935
+ bson_t *cmd /* in/out */,
936
+ mc_cmd_target_t cmd_target,
937
+ mongocrypt_status_t *status) {
938
+ BSON_ASSERT_PARAM(sb);
939
+ BSON_ASSERT_PARAM(cmd);
940
+
941
+ if (cmd_target != MC_CMD_SCHEMAS_FOR_CRYPT_SHARED && cmd_target != MC_CMD_SCHEMAS_FOR_MONGOCRYPTD) {
942
+ // CSFLE schemas are only used for query analysis.
943
+ return true;
944
+ }
945
+
946
+ if (sb->ll_len == 1) {
947
+ // Append the only jsonSchema with the "jsonSchema" field.
948
+ const mc_schema_entry_t *se = sb->ll;
949
+ BSON_ASSERT(se);
950
+ BSON_ASSERT(!se->next);
951
+ BSON_ASSERT(se->satisfied);
952
+ if (se->jsonSchema.set) {
953
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT(cmd, "jsonSchema", &se->jsonSchema.bson)) {
954
+ return false;
955
+ }
956
+ TRY_BSON_OR(BSON_APPEND_BOOL(cmd, "isRemoteSchema", se->jsonSchema.is_remote)) {
957
+ return false;
958
+ }
959
+ } else {
960
+ bson_t empty = BSON_INITIALIZER;
961
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT(cmd, "jsonSchema", &empty)) {
962
+ return false;
963
+ }
964
+ // Append isRemoteSchema:true to preserve existing value. But I expect it can/should be false.
965
+ TRY_BSON_OR(BSON_APPEND_BOOL(cmd, "isRemoteSchema", true)) {
966
+ return false;
967
+ }
968
+ }
969
+ return true;
970
+ }
971
+
972
+ // Append multiple schemas as "csfleEncryptionSchemas"
973
+ bson_t csfleEncryptionSchemas;
974
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(cmd, "csfleEncryptionSchemas", &csfleEncryptionSchemas)) {
975
+ return false;
976
+ }
977
+
978
+ for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
979
+ BSON_ASSERT(se->satisfied);
980
+
981
+ char *ns = bson_strdup_printf("%s.%s", sb->db, se->coll);
982
+ bson_t ns_to_doc;
983
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(&csfleEncryptionSchemas, ns, &ns_to_doc)) {
984
+ bson_free(ns);
985
+ return false;
986
+ }
987
+ bson_free(ns);
988
+
989
+ if (!se->jsonSchema.set) {
990
+ // Append as an empty document.
991
+ bson_t empty = BSON_INITIALIZER;
992
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT(&ns_to_doc, "jsonSchema", &empty)) {
993
+ return false;
994
+ }
995
+ TRY_BSON_OR(BSON_APPEND_BOOL(&ns_to_doc, "isRemoteSchema", false)) {
996
+ return false;
997
+ }
998
+ } else {
999
+ TRY_BSON_OR(BSON_APPEND_DOCUMENT(&ns_to_doc, "jsonSchema", &se->jsonSchema.bson)) {
1000
+ return false;
1001
+ }
1002
+ TRY_BSON_OR(BSON_APPEND_BOOL(&ns_to_doc, "isRemoteSchema", se->jsonSchema.is_remote)) {
1003
+ return false;
1004
+ }
1005
+ }
1006
+ TRY_BSON_OR(bson_append_document_end(&csfleEncryptionSchemas, &ns_to_doc)) {
1007
+ return false;
1008
+ }
1009
+ }
1010
+
1011
+ TRY_BSON_OR(bson_append_document_end(cmd, &csfleEncryptionSchemas)) {
1012
+ return false;
1013
+ }
1014
+
1015
+ return true;
1016
+ }
1017
+
1018
+ bool mc_schema_broker_add_schemas_to_cmd(const mc_schema_broker_t *sb,
1019
+ bson_t *cmd /* in and out */,
1020
+ mc_cmd_target_t cmd_target,
1021
+ mongocrypt_status_t *status) {
1022
+ BSON_ASSERT_PARAM(sb);
1023
+ BSON_ASSERT_PARAM(cmd);
1024
+
1025
+ const char *cmd_name = get_cmd_name(cmd, status);
1026
+ if (!cmd_name) {
1027
+ return false;
1028
+ }
1029
+
1030
+ bool has_encryptedFields = false;
1031
+ bool has_jsonSchema = false;
1032
+ const char *coll_with_encryptedFields = NULL;
1033
+ const char *coll_with_jsonSchema = NULL;
1034
+ for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
1035
+ BSON_ASSERT(it->satisfied);
1036
+ if (it->encryptedFields.set) {
1037
+ has_encryptedFields = true;
1038
+ coll_with_encryptedFields = it->coll;
1039
+ } else if (it->jsonSchema.set) {
1040
+ has_jsonSchema = true;
1041
+ coll_with_jsonSchema = it->coll;
1042
+ }
1043
+ }
1044
+
1045
+ if (has_encryptedFields && has_jsonSchema) {
1046
+ // If any collection has encryptedFields, error if any collection only has a JSON Schema.
1047
+ CLIENT_ERR("Collection '%s' has an encryptedFields configured, but collection '%s' has a JSON schema "
1048
+ "configured. This is currently not supported. To ignore the JSON schema, add an empty entry for "
1049
+ "'%s' to AutoEncryptionOpts.encryptedFieldsMap: \"%s\": { \"fields\": [] }",
1050
+ coll_with_encryptedFields,
1051
+ coll_with_jsonSchema,
1052
+ coll_with_jsonSchema,
1053
+ coll_with_jsonSchema);
1054
+ return false;
1055
+ }
1056
+
1057
+ if (has_encryptedFields) {
1058
+ // Use encryptionInformation.
1059
+ return insert_encryptionInformation(sb, cmd_name, cmd, cmd_target, status);
1060
+ }
1061
+
1062
+ if (has_jsonSchema) {
1063
+ // Use csfleEncryptionSchemas / jsonSchema only.
1064
+ return insert_csfleEncryptionSchemas(sb, cmd, cmd_target, status);
1065
+ }
1066
+
1067
+ // Collections have no QE or CSFLE schemas.
1068
+ if (0 == strcmp(cmd_name, "bulkWrite")) {
1069
+ // "bulkWrite" does not support the jsonSchema field. Use encryptionInformation with empty schemas.
1070
+ return insert_encryptionInformation(sb, cmd_name, cmd, cmd_target, status);
1071
+ }
1072
+
1073
+ // Use csfleEncryptionSchemas / jsonSchema with empty schemas.
1074
+ return insert_csfleEncryptionSchemas(sb, cmd, cmd_target, status);
1075
+ }