libmongocrypt-helper 1.11.0.0.1001 → 1.13.2.0.1001
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +27 -1
- data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +13 -2
- data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -7
- data/ext/libmongocrypt/libmongocrypt/CONTRIBUTING.md +14 -0
- data/ext/libmongocrypt/libmongocrypt/Earthfile +49 -50
- data/ext/libmongocrypt/libmongocrypt/README.md +39 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/README.md +4 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +14 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/state_machine.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +39 -7
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +32 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pyproject.toml +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +0 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +13 -12
- data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +4 -2
- data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +1 -1
- data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +37 -40
- data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/etc/format.sh +0 -2
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-in-functions.patch +158 -0
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +3 -3
- data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/integrating.md +51 -13
- data/ext/libmongocrypt/libmongocrypt/kms-message/README.md +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_windows.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_response_parser.h +3 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_response_parser.c +8 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +25 -8
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +12 -10
- data/ext/libmongocrypt/libmongocrypt/src/mc-cmp-private.h +137 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +35 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +5 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +99 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +226 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private-v2.h +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +39 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +165 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private-v2.h +183 -60
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +498 -115
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds-private.h +10 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block-private.h +49 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +98 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +1 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +6 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +126 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +1075 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +95 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +304 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +45 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +248 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +112 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +166 -2
- data/ext/libmongocrypt/libmongocrypt/src/mlib/windows-lean.h +2 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +11 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +36 -3
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-private.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +8 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +429 -858
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +55 -19
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +13 -10
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +15 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-private.h +9 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key.c +6 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx-private.h +6 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +174 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-log.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +4 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +518 -524
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +8 -12
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +25 -9
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +65 -6
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1434 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +2884 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +139 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.h +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/missing-key-id/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-extraField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-missingKeyId.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-badVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-goodVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-badVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-goodVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-twoFields.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-field-config-map.json +1 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1DeterministicEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1RandomEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2FindEqualityPayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges-V2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/insert-indexed.json → explicit-decrypt/FLE2InsertUpdatePayload.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/find-with-encryptionInformation.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-collinfo.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/int32/encrypted-field-map.json → fle2-bad-str-encode-version/bad-encrypted-field-config-map.json} +7 -12
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-bad-str-encode-version}/encrypted-payload.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-field-config-map.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd-to-mongocryptd.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-equality/encrypted-field-map.json → fle2-create-encrypted-collection/encrypted-field-config-map.json} +9 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/encrypted-payload.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/mongocryptd-reply.json +50 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload-v2.json +57 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/mongocryptd-reply.json +63 -64
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload-v2.json +64 -66
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/mongocryptd-reply.json +69 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongod.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/reply-from-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-field-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/double → fle2-insert-text-search}/encrypted-field-map.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/date → fle2-insert-text-search-with-str-encode-version}/encrypted-field-map.json +12 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/encrypted-field-map.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/mongocryptd-reply.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd-to-mongocryptd.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd.json +22 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-field-config-map.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/mongocryptd-reply.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +62 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneRangeV2.json +9 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneText.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneTextLarge.json +930 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneV2.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/kms-tests.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-facet/cmd.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/cs/MongoDB.Libmongocrypt.Test/test/example/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c1.json} +12 -10
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c3.json} +13 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-nested/cmd.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/schemaMap.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd-to-mongocryptd.json +34 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd-to-mongocryptd.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c2.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/reply-from-mongocryptd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-unionWith/cmd.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-v1.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/keys/ABCDEFAB123498761234123456789012-local-document.json → test/data/lookup/mixed/csfle/csfle/key-doc.json} +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongocryptd.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongod.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/reply-from-mongocryptd.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongod.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/reply-from-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongod.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/reply-from-mongocryptd.json +63 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongocryptd.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongod.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/reply-from-mongocryptd.json +68 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert-unindexed/encrypted-field-map.json → lookup/qe-encryptedFieldsMap/encryptedFieldsMap.json} +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongod.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/reply-from-mongocryptd.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongod.json +75 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-create/mongocryptd-ismaster.json → mongocryptd-ismaster-17.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-ismaster-26.json +12 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/command.json +7 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/key-document.json → test/data/multikey/key-document-a.json} +18 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/key-document-b.json +37 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/mongocryptd_reply.json +34 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/multikey/schema_map.json +35 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/kms-reply.txt → test/data/rmd/kms-decrypt-reply-429.txt} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-jsonSchema.json +43 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-noSchema.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/create-with-jsonSchema.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields2.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFieldsMap.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema2.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-cmp.c +304 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +468 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +20 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev-v2.c +370 -22
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +25 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +24 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-tag-and-encrypted-metadata-block.c +91 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +32 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +68 -75
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-schema-broker.c +1124 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +1207 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +144 -37
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +13 -14
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +21 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +3 -20
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +57 -46
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +37 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +226 -146
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +1529 -1197
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +79 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +160 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +7 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +6 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +750 -110
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +143 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +39 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +97 -0
- data/lib/libmongocrypt_helper/version.rb +2 -2
- metadata +233 -225
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/CMakeLists.txt +0 -17
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Driver.snk +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/AssemblyInfo.cs +0 -4
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Binary.cs +0 -145
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/BinarySafeHandle.cs +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CheckableSafeHandle.cs +0 -46
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CipherCallbacks.cs +0 -168
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/ContextSafeHandle.cs +0 -48
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClient.cs +0 -257
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClientFactory.cs +0 -138
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptContext.cs +0 -214
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptException.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptOptions.cs +0 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HashCallback.cs +0 -59
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HmacShaCallbacks.cs +0 -96
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/IStatus.cs +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsCredentials.cs +0 -53
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsKeyId.cs +0 -91
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequest.cs +0 -125
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequestCollection.cs +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Library.cs +0 -684
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoader.cs +0 -289
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoadingException.cs +0 -34
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/License.txt +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LogLevel.cs +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoCryptSafeHandle.cs +0 -48
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.csproj +0 -107
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.ruleset +0 -85
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.targets +0 -21
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/OperatingSystemHelper.cs +0 -59
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Package.include.template.csproj +0 -38
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/PinnedBinary.cs +0 -49
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SecureRandomCallback.cs +0 -51
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SigningRSAESPKCSCallback.cs +0 -74
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Status.cs +0 -94
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StatusSafeHandle.cs +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StyleCop.ruleset +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/stylecop.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/MongoDB.Libmongocrypt.Example.csproj +0 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Package.include.template.csproj +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Program.cs +0 -442
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BasicTests.cs +0 -748
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BsonUtil.cs +0 -82
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CallbackUtils.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CipherCallbacksTests.cs +0 -46
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HashCallbackTests.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HmacShaCallbacksTests.cs +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/MongoDB.Libmongocrypt.Test.csproj +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/Package.include.template.csproj +0 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/SigningRSAESPKCSCallbackTests.cs +0 -64
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/command-reply.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command-reply.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-value.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-document.json +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/list-collections-filter.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/mongocryptd-command.json +0 -22
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/xunit.runner.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/BasicTests.cs +0 -54
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/MongoDB.Libmongocrypt.Test32.csproj +0 -44
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/Package.include.template.csproj +0 -23
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.cake +0 -215
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.config +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.ps1 +0 -275
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.sh +0 -77
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/README.md +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +0 -28
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +0 -217
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +0 -24
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +0 -354
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +0 -5
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +0 -234
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +0 -89
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/BinaryHolder.java +0 -45
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +0 -1165
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +0 -96
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +0 -92
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/DisposableMemory.java +0 -31
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/JULLogger.java +0 -130
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Logger.java +0 -144
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Loggers.java +0 -50
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MacCallback.java +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MessageDigestCallback.java +0 -55
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoAwsKmsProviderOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypt.java +0 -100
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContext.java +0 -137
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContextImpl.java +0 -164
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptException.java +0 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +0 -423
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptOptions.java +0 -284
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypts.java +0 -38
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoDataKeyOptions.java +0 -125
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +0 -227
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptor.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptorImpl.java +0 -105
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoLocalKmsProviderOptions.java +0 -83
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoRewrapManyDataKeyOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SLF4JLogger.java +0 -110
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SecureRandomCallback.java +0 -51
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SigningRSAESPKCSCallback.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/package-info.java +0 -18
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +0 -180
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +0 -134
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +0 -389
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command-reply.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command-reply.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-value.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/rangeopts.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/value-to-encrypt.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/json-schema.json +0 -15
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter-keyAltName.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/list-collections-filter.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-command.json +0 -22
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-reply.json +0 -18
- data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +0 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-schema.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +0 -47
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/collinfo.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/ismaster-to-mongocryptd.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload.json +0 -91
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload.json +0 -98
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-payload.json +0 -41
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/mongocryptd-reply.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/cmd.json +0 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-payload.json +0 -51
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/mongocryptd-reply.json +0 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/cmd.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-payload.json +0 -54
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/mongocryptd-reply.json +0 -62
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-payload.json +0 -48
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/mongocryptd-reply.json +0 -56
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-payload.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/mongocryptd-reply.json +0 -46
- data/ext/libmongocrypt/libmongocrypt/test/data/schema.json +0 -19
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/find-indexed.json → explicit-decrypt/FLE2FindEqualityPayload.json} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-text-search-with-str-encode-version}/cmd.json +0 -0
|
@@ -0,0 +1,1075 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright 2018-present MongoDB, Inc.
|
|
3
|
+
*
|
|
4
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
+
* you may not use this file except in compliance with the License.
|
|
6
|
+
* You may obtain a copy of the License at
|
|
7
|
+
*
|
|
8
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
*
|
|
10
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
+
* See the License for the specific language governing permissions and
|
|
14
|
+
* limitations under the License.
|
|
15
|
+
*/
|
|
16
|
+
|
|
17
|
+
#include "mc-schema-broker-private.h"
|
|
18
|
+
|
|
19
|
+
#include "mc-efc-private.h" // mc_EncryptedFieldConfig_t
|
|
20
|
+
#include "mongocrypt-cache-collinfo-private.h"
|
|
21
|
+
#include "mongocrypt-key-broker-private.h"
|
|
22
|
+
#include "mongocrypt-private.h"
|
|
23
|
+
#include "mongocrypt-status-private.h"
|
|
24
|
+
#include "mongocrypt-util-private.h"
|
|
25
|
+
#include <bson/bson.h>
|
|
26
|
+
|
|
27
|
+
typedef struct mc_schema_entry_t {
|
|
28
|
+
char *coll;
|
|
29
|
+
|
|
30
|
+
struct {
|
|
31
|
+
bool set;
|
|
32
|
+
_mongocrypt_buffer_t buf; // Owns document.
|
|
33
|
+
bson_t bson; // Non-owning view into buf.
|
|
34
|
+
bool is_remote;
|
|
35
|
+
} jsonSchema;
|
|
36
|
+
|
|
37
|
+
struct {
|
|
38
|
+
bool set;
|
|
39
|
+
_mongocrypt_buffer_t buf; // Owns document.
|
|
40
|
+
bson_t bson; // Non-owning view into buf.
|
|
41
|
+
mc_EncryptedFieldConfig_t efc;
|
|
42
|
+
} encryptedFields;
|
|
43
|
+
|
|
44
|
+
struct mc_schema_entry_t *next;
|
|
45
|
+
bool satisfied; // true once a schema is found and applied, or an empty schema is applied.
|
|
46
|
+
} mc_schema_entry_t;
|
|
47
|
+
|
|
48
|
+
// mc_schema_broker_t stores schemas for an auto encryption operation.
|
|
49
|
+
struct mc_schema_broker_t {
|
|
50
|
+
char *db; // Database shared by all schemas.
|
|
51
|
+
mc_schema_entry_t *ll;
|
|
52
|
+
size_t ll_len;
|
|
53
|
+
bool use_range_v2;
|
|
54
|
+
};
|
|
55
|
+
|
|
56
|
+
mc_schema_broker_t *mc_schema_broker_new(void) {
|
|
57
|
+
return bson_malloc0(sizeof(mc_schema_broker_t));
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
void mc_schema_broker_use_rangev2(mc_schema_broker_t *sb) {
|
|
61
|
+
BSON_ASSERT_PARAM(sb);
|
|
62
|
+
sb->use_range_v2 = true;
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
bool mc_schema_broker_request(mc_schema_broker_t *sb, const char *db, const char *coll, mongocrypt_status_t *status) {
|
|
66
|
+
BSON_ASSERT_PARAM(sb);
|
|
67
|
+
BSON_ASSERT_PARAM(db);
|
|
68
|
+
BSON_ASSERT_PARAM(coll);
|
|
69
|
+
|
|
70
|
+
if (sb->db && 0 != strcmp(sb->db, db)) {
|
|
71
|
+
CLIENT_ERR("Cannot request schemas for different databases. Requested schemas for '%s' and '%s'.", sb->db, db);
|
|
72
|
+
return false;
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
// Check for duplicates. Keep pointer to last node.
|
|
76
|
+
mc_schema_entry_t *last = NULL;
|
|
77
|
+
for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
78
|
+
if (0 == strcmp(it->coll, coll)) {
|
|
79
|
+
return true;
|
|
80
|
+
}
|
|
81
|
+
last = it;
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
mc_schema_entry_t *se = bson_malloc0(sizeof *se);
|
|
85
|
+
se->coll = bson_strdup(coll);
|
|
86
|
+
if (NULL == last) {
|
|
87
|
+
sb->ll = se;
|
|
88
|
+
sb->db = bson_strdup(db);
|
|
89
|
+
} else {
|
|
90
|
+
last->next = se;
|
|
91
|
+
}
|
|
92
|
+
sb->ll_len++;
|
|
93
|
+
return true;
|
|
94
|
+
}
|
|
95
|
+
|
|
96
|
+
bool mc_schema_broker_has_multiple_requests(const mc_schema_broker_t *sb) {
|
|
97
|
+
BSON_ASSERT_PARAM(sb);
|
|
98
|
+
return sb->ll_len > 1;
|
|
99
|
+
}
|
|
100
|
+
|
|
101
|
+
void mc_schema_broker_destroy(mc_schema_broker_t *sb) {
|
|
102
|
+
if (!sb) {
|
|
103
|
+
return;
|
|
104
|
+
}
|
|
105
|
+
mc_schema_entry_t *it = sb->ll;
|
|
106
|
+
while (it != NULL) {
|
|
107
|
+
bson_free(it->coll);
|
|
108
|
+
// Always clean it->encryptedFields and it->jsonSchema. May be partially set.
|
|
109
|
+
mc_EncryptedFieldConfig_cleanup(&it->encryptedFields.efc);
|
|
110
|
+
_mongocrypt_buffer_cleanup(&it->encryptedFields.buf);
|
|
111
|
+
_mongocrypt_buffer_cleanup(&it->jsonSchema.buf);
|
|
112
|
+
mc_schema_entry_t *tmp = it->next;
|
|
113
|
+
bson_free(it);
|
|
114
|
+
it = tmp;
|
|
115
|
+
}
|
|
116
|
+
bson_free(sb->db);
|
|
117
|
+
bson_free(sb);
|
|
118
|
+
return;
|
|
119
|
+
}
|
|
120
|
+
|
|
121
|
+
bool mc_schema_broker_has_any_qe_schemas(const mc_schema_broker_t *sb) {
|
|
122
|
+
BSON_ASSERT_PARAM(sb);
|
|
123
|
+
for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
|
|
124
|
+
BSON_ASSERT(se->satisfied);
|
|
125
|
+
if (se->encryptedFields.set) {
|
|
126
|
+
return true;
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
return false;
|
|
130
|
+
}
|
|
131
|
+
|
|
132
|
+
// TRY_BSON_OR is a checks a BSON operation and sets a generic error status on failure.
|
|
133
|
+
#define TRY_BSON_OR(stmt) if (!try_or(stmt, "BSON failure", BSON_FUNC, status))
|
|
134
|
+
|
|
135
|
+
static bool try_or(bool val, const char *msg, const char *func, mongocrypt_status_t *status) {
|
|
136
|
+
if (!val) {
|
|
137
|
+
CLIENT_ERR("[%s] statement failed: %s", func, msg);
|
|
138
|
+
}
|
|
139
|
+
return val;
|
|
140
|
+
}
|
|
141
|
+
|
|
142
|
+
bool mc_schema_broker_append_listCollections_filter(const mc_schema_broker_t *sb,
|
|
143
|
+
bson_t *out,
|
|
144
|
+
mongocrypt_status_t *status) {
|
|
145
|
+
BSON_ASSERT_PARAM(sb);
|
|
146
|
+
BSON_ASSERT_PARAM(out);
|
|
147
|
+
|
|
148
|
+
size_t num_unsatisfied = 0;
|
|
149
|
+
for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
|
|
150
|
+
if (!se->satisfied) {
|
|
151
|
+
num_unsatisfied++;
|
|
152
|
+
}
|
|
153
|
+
}
|
|
154
|
+
|
|
155
|
+
if (num_unsatisfied == 0) {
|
|
156
|
+
CLIENT_ERR("Unexpected: attempting to create listCollections filter but no schemas needed");
|
|
157
|
+
return false;
|
|
158
|
+
} else if (num_unsatisfied == 1) {
|
|
159
|
+
// One request. Append as: { "name": <name> }
|
|
160
|
+
for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
|
|
161
|
+
if (se->satisfied) {
|
|
162
|
+
continue;
|
|
163
|
+
}
|
|
164
|
+
|
|
165
|
+
TRY_BSON_OR(BSON_APPEND_UTF8(out, "name", se->coll)) {
|
|
166
|
+
return false;
|
|
167
|
+
}
|
|
168
|
+
break;
|
|
169
|
+
}
|
|
170
|
+
} else {
|
|
171
|
+
// Multiple requests. Append as: { "name": { "$in": [ <name1>, <name2>, ... ] } }
|
|
172
|
+
bson_t in, in_array;
|
|
173
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(out, "name", &in)) {
|
|
174
|
+
return false;
|
|
175
|
+
}
|
|
176
|
+
TRY_BSON_OR(BSON_APPEND_ARRAY_BEGIN(&in, "$in", &in_array)) {
|
|
177
|
+
return false;
|
|
178
|
+
}
|
|
179
|
+
|
|
180
|
+
size_t idx = 0;
|
|
181
|
+
for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
|
|
182
|
+
if (se->satisfied) {
|
|
183
|
+
continue;
|
|
184
|
+
}
|
|
185
|
+
|
|
186
|
+
char idx_str[32];
|
|
187
|
+
int ret = bson_snprintf(idx_str, sizeof idx_str, "%zu", idx);
|
|
188
|
+
BSON_ASSERT(ret > 0 && ret <= (int)sizeof idx_str);
|
|
189
|
+
|
|
190
|
+
TRY_BSON_OR(BSON_APPEND_UTF8(&in_array, idx_str, se->coll)) {
|
|
191
|
+
return false;
|
|
192
|
+
}
|
|
193
|
+
|
|
194
|
+
idx++;
|
|
195
|
+
}
|
|
196
|
+
TRY_BSON_OR(bson_append_array_end(&in, &in_array)) {
|
|
197
|
+
return false;
|
|
198
|
+
}
|
|
199
|
+
TRY_BSON_OR(bson_append_document_end(out, &in)) {
|
|
200
|
+
return false;
|
|
201
|
+
}
|
|
202
|
+
}
|
|
203
|
+
|
|
204
|
+
return true;
|
|
205
|
+
}
|
|
206
|
+
|
|
207
|
+
static inline bool mc_schema_entry_satisfy_from_collinfo(mc_schema_entry_t *se,
|
|
208
|
+
const bson_t *collinfo,
|
|
209
|
+
const char *coll,
|
|
210
|
+
const char *db,
|
|
211
|
+
bool use_range_v2,
|
|
212
|
+
mongocrypt_status_t *status) {
|
|
213
|
+
BSON_ASSERT_PARAM(se);
|
|
214
|
+
BSON_ASSERT_PARAM(collinfo);
|
|
215
|
+
BSON_ASSERT_PARAM(coll);
|
|
216
|
+
BSON_ASSERT_PARAM(db);
|
|
217
|
+
|
|
218
|
+
if (se->satisfied) {
|
|
219
|
+
CLIENT_ERR("unexpected duplicate collinfo result for collection: %s.%s", db, coll);
|
|
220
|
+
return false;
|
|
221
|
+
}
|
|
222
|
+
|
|
223
|
+
bson_iter_t collinfo_iter;
|
|
224
|
+
|
|
225
|
+
if (!bson_iter_init(&collinfo_iter, collinfo)) {
|
|
226
|
+
CLIENT_ERR("failed to iterate collinfo for collection: %s.%s", db, coll);
|
|
227
|
+
return false;
|
|
228
|
+
}
|
|
229
|
+
|
|
230
|
+
// Disallow views.
|
|
231
|
+
bson_iter_t type_iter = collinfo_iter;
|
|
232
|
+
if (bson_iter_find(&type_iter, "type") && BSON_ITER_HOLDS_UTF8(&type_iter) && bson_iter_utf8(&type_iter, NULL)
|
|
233
|
+
&& 0 == strcmp("view", bson_iter_utf8(&type_iter, NULL))) {
|
|
234
|
+
CLIENT_ERR("cannot auto encrypt a view: %s.%s", db, coll);
|
|
235
|
+
return false;
|
|
236
|
+
}
|
|
237
|
+
|
|
238
|
+
// Check if collection is configured for QE.
|
|
239
|
+
bson_iter_t encryptedFields_iter = collinfo_iter;
|
|
240
|
+
if (bson_iter_find_descendant(&encryptedFields_iter, "options.encryptedFields", &encryptedFields_iter)) {
|
|
241
|
+
if (!BSON_ITER_HOLDS_DOCUMENT(&encryptedFields_iter)) {
|
|
242
|
+
CLIENT_ERR("expected document for `options.encryptedFields` but got %s for collection %s.%s",
|
|
243
|
+
mc_bson_type_to_string(bson_iter_type(&encryptedFields_iter)),
|
|
244
|
+
db,
|
|
245
|
+
coll);
|
|
246
|
+
return false;
|
|
247
|
+
}
|
|
248
|
+
if (!_mongocrypt_buffer_copy_from_document_iter(&se->encryptedFields.buf, &encryptedFields_iter)) {
|
|
249
|
+
CLIENT_ERR("failed to copy `options.encryptedFields` for collection: %s.%s", db, coll);
|
|
250
|
+
return false;
|
|
251
|
+
}
|
|
252
|
+
|
|
253
|
+
if (!_mongocrypt_buffer_to_bson(&se->encryptedFields.buf, &se->encryptedFields.bson)) {
|
|
254
|
+
CLIENT_ERR("unable to create BSON from `options.encryptedFields` for collection: %s.%s", db, coll);
|
|
255
|
+
return false;
|
|
256
|
+
}
|
|
257
|
+
|
|
258
|
+
if (!mc_EncryptedFieldConfig_parse(&se->encryptedFields.efc, &se->encryptedFields.bson, status, use_range_v2)) {
|
|
259
|
+
return false;
|
|
260
|
+
}
|
|
261
|
+
se->encryptedFields.set = true;
|
|
262
|
+
}
|
|
263
|
+
|
|
264
|
+
// Check if collection is configured for CSFLE.
|
|
265
|
+
bool found_jsonSchema = false;
|
|
266
|
+
bson_iter_t validator_iter = collinfo_iter;
|
|
267
|
+
if (bson_iter_find_descendant(&validator_iter, "options.validator", &validator_iter)
|
|
268
|
+
&& BSON_ITER_HOLDS_DOCUMENT(&validator_iter)) {
|
|
269
|
+
if (!bson_iter_recurse(&validator_iter, &validator_iter)) {
|
|
270
|
+
CLIENT_ERR("failed to iterate `options.validator` for collection: %s.%s", db, coll);
|
|
271
|
+
return false;
|
|
272
|
+
}
|
|
273
|
+
while (bson_iter_next(&validator_iter)) {
|
|
274
|
+
const char *key = bson_iter_key(&validator_iter);
|
|
275
|
+
if (0 == strcmp("$jsonSchema", key)) {
|
|
276
|
+
if (found_jsonSchema) {
|
|
277
|
+
CLIENT_ERR("duplicate `$jsonSchema` fields found for collection: %s.%s", db, coll);
|
|
278
|
+
return false;
|
|
279
|
+
}
|
|
280
|
+
|
|
281
|
+
if (!_mongocrypt_buffer_copy_from_document_iter(&se->jsonSchema.buf, &validator_iter)) {
|
|
282
|
+
CLIENT_ERR("unable to copy `$jsonSchema` for collection: %s.%s", db, coll);
|
|
283
|
+
return false;
|
|
284
|
+
}
|
|
285
|
+
|
|
286
|
+
if (!_mongocrypt_buffer_to_bson(&se->jsonSchema.buf, &se->jsonSchema.bson)) {
|
|
287
|
+
CLIENT_ERR("unable to create BSON from `$jsonSchema` for collection: %s.%s", db, coll);
|
|
288
|
+
return false;
|
|
289
|
+
}
|
|
290
|
+
|
|
291
|
+
found_jsonSchema = true;
|
|
292
|
+
BSON_ASSERT(!se->jsonSchema.set);
|
|
293
|
+
se->jsonSchema.set = true;
|
|
294
|
+
se->jsonSchema.is_remote = true;
|
|
295
|
+
}
|
|
296
|
+
}
|
|
297
|
+
}
|
|
298
|
+
|
|
299
|
+
se->satisfied = true;
|
|
300
|
+
return true;
|
|
301
|
+
}
|
|
302
|
+
|
|
303
|
+
bool mc_schema_broker_satisfy_from_collinfo(mc_schema_broker_t *sb,
|
|
304
|
+
const bson_t *collinfo,
|
|
305
|
+
_mongocrypt_cache_t *collinfo_cache,
|
|
306
|
+
mongocrypt_status_t *status) {
|
|
307
|
+
BSON_ASSERT_PARAM(sb);
|
|
308
|
+
BSON_ASSERT_PARAM(collinfo);
|
|
309
|
+
BSON_ASSERT_PARAM(collinfo_cache);
|
|
310
|
+
|
|
311
|
+
bson_iter_t collinfo_iter;
|
|
312
|
+
|
|
313
|
+
if (!bson_iter_init(&collinfo_iter, collinfo)) {
|
|
314
|
+
CLIENT_ERR("failed to iterate collinfo in database: %s", sb->db);
|
|
315
|
+
return false;
|
|
316
|
+
}
|
|
317
|
+
|
|
318
|
+
// Parse the collection from the `collinfo`.
|
|
319
|
+
const char *coll;
|
|
320
|
+
{
|
|
321
|
+
bson_iter_t name_iter = collinfo_iter;
|
|
322
|
+
if (!bson_iter_find(&name_iter, "name") || !BSON_ITER_HOLDS_UTF8(&name_iter)) {
|
|
323
|
+
CLIENT_ERR("failed to find 'name' in collinfo in database: %s", sb->db);
|
|
324
|
+
return false;
|
|
325
|
+
}
|
|
326
|
+
coll = bson_iter_utf8(&name_iter, NULL);
|
|
327
|
+
}
|
|
328
|
+
|
|
329
|
+
// Cache the received collinfo.
|
|
330
|
+
{
|
|
331
|
+
char *ns = bson_strdup_printf("%s.%s", sb->db, coll);
|
|
332
|
+
if (!_mongocrypt_cache_add_copy(collinfo_cache, ns, (void *)collinfo, status)) {
|
|
333
|
+
bson_free(ns);
|
|
334
|
+
return false;
|
|
335
|
+
}
|
|
336
|
+
bson_free(ns);
|
|
337
|
+
}
|
|
338
|
+
|
|
339
|
+
// Find matching entry.
|
|
340
|
+
mc_schema_entry_t *se = NULL;
|
|
341
|
+
{
|
|
342
|
+
for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
343
|
+
if (0 == strcmp(it->coll, coll)) {
|
|
344
|
+
se = it;
|
|
345
|
+
break;
|
|
346
|
+
}
|
|
347
|
+
}
|
|
348
|
+
if (!se) {
|
|
349
|
+
CLIENT_ERR("got unexpected collinfo result for collection: %s.%s", sb->db, coll);
|
|
350
|
+
return false;
|
|
351
|
+
}
|
|
352
|
+
}
|
|
353
|
+
|
|
354
|
+
if (!mc_schema_entry_satisfy_from_collinfo(se, collinfo, coll, sb->db, sb->use_range_v2, status)) {
|
|
355
|
+
return false;
|
|
356
|
+
}
|
|
357
|
+
|
|
358
|
+
return true;
|
|
359
|
+
}
|
|
360
|
+
|
|
361
|
+
bool mc_schema_broker_satisfy_from_schemaMap(mc_schema_broker_t *sb,
|
|
362
|
+
const bson_t *schema_map,
|
|
363
|
+
mongocrypt_status_t *status) {
|
|
364
|
+
BSON_ASSERT_PARAM(sb);
|
|
365
|
+
BSON_ASSERT_PARAM(schema_map);
|
|
366
|
+
|
|
367
|
+
for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
368
|
+
if (it->satisfied) {
|
|
369
|
+
continue;
|
|
370
|
+
}
|
|
371
|
+
|
|
372
|
+
bool loop_ok = false;
|
|
373
|
+
char *ns = bson_strdup_printf("%s.%s", sb->db, it->coll);
|
|
374
|
+
bson_iter_t iter;
|
|
375
|
+
|
|
376
|
+
if (bson_iter_init_find(&iter, schema_map, ns)) {
|
|
377
|
+
if (!_mongocrypt_buffer_copy_from_document_iter(&it->jsonSchema.buf, &iter)) {
|
|
378
|
+
CLIENT_ERR("failed to read schema from schema map for collection: %s", ns);
|
|
379
|
+
goto loop_fail;
|
|
380
|
+
}
|
|
381
|
+
|
|
382
|
+
if (!_mongocrypt_buffer_to_bson(&it->jsonSchema.buf, &it->jsonSchema.bson)) {
|
|
383
|
+
CLIENT_ERR("unable to create BSON from schema map for collection: %s", ns);
|
|
384
|
+
goto loop_fail;
|
|
385
|
+
}
|
|
386
|
+
|
|
387
|
+
BSON_ASSERT(!it->jsonSchema.set);
|
|
388
|
+
it->jsonSchema.set = true;
|
|
389
|
+
it->jsonSchema.is_remote = false;
|
|
390
|
+
it->satisfied = true;
|
|
391
|
+
}
|
|
392
|
+
|
|
393
|
+
loop_ok = true;
|
|
394
|
+
loop_fail:
|
|
395
|
+
bson_free(ns);
|
|
396
|
+
if (!loop_ok) {
|
|
397
|
+
return false;
|
|
398
|
+
}
|
|
399
|
+
}
|
|
400
|
+
return true;
|
|
401
|
+
}
|
|
402
|
+
|
|
403
|
+
bool mc_schema_broker_satisfy_from_encryptedFieldsMap(mc_schema_broker_t *sb,
|
|
404
|
+
const bson_t *ef_map,
|
|
405
|
+
mongocrypt_status_t *status) {
|
|
406
|
+
BSON_ASSERT_PARAM(sb);
|
|
407
|
+
BSON_ASSERT_PARAM(ef_map);
|
|
408
|
+
|
|
409
|
+
for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
410
|
+
if (it->satisfied) {
|
|
411
|
+
continue;
|
|
412
|
+
}
|
|
413
|
+
|
|
414
|
+
bool loop_ok = false;
|
|
415
|
+
char *ns = bson_strdup_printf("%s.%s", sb->db, it->coll);
|
|
416
|
+
bson_iter_t iter;
|
|
417
|
+
|
|
418
|
+
if (bson_iter_init_find(&iter, ef_map, ns)) {
|
|
419
|
+
if (!_mongocrypt_buffer_copy_from_document_iter(&it->encryptedFields.buf, &iter)) {
|
|
420
|
+
CLIENT_ERR("failed to read encryptedFields from encryptedFields map for collection: %s", ns);
|
|
421
|
+
goto loop_fail;
|
|
422
|
+
}
|
|
423
|
+
|
|
424
|
+
if (!_mongocrypt_buffer_to_bson(&it->encryptedFields.buf, &it->encryptedFields.bson)) {
|
|
425
|
+
CLIENT_ERR("failed to create BSON from encryptedFields map for collection: %s", ns);
|
|
426
|
+
goto loop_fail;
|
|
427
|
+
}
|
|
428
|
+
|
|
429
|
+
if (!mc_EncryptedFieldConfig_parse(&it->encryptedFields.efc,
|
|
430
|
+
&it->encryptedFields.bson,
|
|
431
|
+
status,
|
|
432
|
+
sb->use_range_v2)) {
|
|
433
|
+
goto loop_fail;
|
|
434
|
+
}
|
|
435
|
+
|
|
436
|
+
BSON_ASSERT(!it->encryptedFields.set);
|
|
437
|
+
it->encryptedFields.set = true;
|
|
438
|
+
it->satisfied = true;
|
|
439
|
+
}
|
|
440
|
+
|
|
441
|
+
loop_ok = true;
|
|
442
|
+
loop_fail:
|
|
443
|
+
bson_free(ns);
|
|
444
|
+
if (!loop_ok) {
|
|
445
|
+
return false;
|
|
446
|
+
}
|
|
447
|
+
}
|
|
448
|
+
|
|
449
|
+
return true;
|
|
450
|
+
}
|
|
451
|
+
|
|
452
|
+
bool mc_schema_broker_satisfy_from_cache(mc_schema_broker_t *sb,
|
|
453
|
+
_mongocrypt_cache_t *listCollections_cache,
|
|
454
|
+
mongocrypt_status_t *status) {
|
|
455
|
+
BSON_ASSERT_PARAM(sb);
|
|
456
|
+
BSON_ASSERT_PARAM(listCollections_cache);
|
|
457
|
+
|
|
458
|
+
for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
459
|
+
if (it->satisfied) {
|
|
460
|
+
continue;
|
|
461
|
+
}
|
|
462
|
+
char *ns = bson_strdup_printf("%s.%s", sb->db, it->coll);
|
|
463
|
+
|
|
464
|
+
// Check if there is a listCollections result cached.
|
|
465
|
+
bool loop_ok = false;
|
|
466
|
+
bson_t *collinfo = NULL;
|
|
467
|
+
if (!_mongocrypt_cache_get(listCollections_cache, ns, (void **)&collinfo)) {
|
|
468
|
+
CLIENT_ERR("failed to retrieve from listCollections cache for entry: %s", ns);
|
|
469
|
+
goto loop_fail;
|
|
470
|
+
}
|
|
471
|
+
|
|
472
|
+
if (!collinfo) {
|
|
473
|
+
goto loop_skip;
|
|
474
|
+
}
|
|
475
|
+
|
|
476
|
+
if (!mc_schema_entry_satisfy_from_collinfo(it, collinfo, sb->db, it->coll, sb->use_range_v2, status)) {
|
|
477
|
+
goto loop_fail;
|
|
478
|
+
}
|
|
479
|
+
|
|
480
|
+
loop_skip:
|
|
481
|
+
loop_ok = true;
|
|
482
|
+
loop_fail:
|
|
483
|
+
bson_destroy(collinfo);
|
|
484
|
+
bson_free(ns);
|
|
485
|
+
if (!loop_ok) {
|
|
486
|
+
return false;
|
|
487
|
+
}
|
|
488
|
+
}
|
|
489
|
+
return true;
|
|
490
|
+
}
|
|
491
|
+
|
|
492
|
+
bool mc_schema_broker_satisfy_from_create_or_collMod(mc_schema_broker_t *sb,
|
|
493
|
+
const bson_t *cmd,
|
|
494
|
+
mongocrypt_status_t *status) {
|
|
495
|
+
BSON_ASSERT_PARAM(sb);
|
|
496
|
+
BSON_ASSERT_PARAM(cmd);
|
|
497
|
+
|
|
498
|
+
bson_iter_t iter;
|
|
499
|
+
if (!bson_iter_init(&iter, cmd) || !bson_iter_next(&iter)) {
|
|
500
|
+
CLIENT_ERR("Failed to get command name");
|
|
501
|
+
return false;
|
|
502
|
+
}
|
|
503
|
+
|
|
504
|
+
const char *cmd_name = bson_iter_key(&iter);
|
|
505
|
+
if (0 != strcmp(cmd_name, "create") && 0 != strcmp(cmd_name, "collMod")) {
|
|
506
|
+
// Ignore other commands.
|
|
507
|
+
return true;
|
|
508
|
+
}
|
|
509
|
+
|
|
510
|
+
if (!BSON_ITER_HOLDS_UTF8(&iter)) {
|
|
511
|
+
CLIENT_ERR("Failed to get collection name from command");
|
|
512
|
+
return false;
|
|
513
|
+
}
|
|
514
|
+
const char *coll = bson_iter_utf8(&iter, NULL);
|
|
515
|
+
|
|
516
|
+
// Check if schema was requested.
|
|
517
|
+
mc_schema_entry_t *found = NULL;
|
|
518
|
+
for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
519
|
+
if (0 == strcmp(it->coll, coll)) {
|
|
520
|
+
found = it;
|
|
521
|
+
break;
|
|
522
|
+
}
|
|
523
|
+
}
|
|
524
|
+
|
|
525
|
+
if (!found) {
|
|
526
|
+
// Command is for a collection that is not needed.
|
|
527
|
+
return true;
|
|
528
|
+
}
|
|
529
|
+
|
|
530
|
+
if (found->satisfied) {
|
|
531
|
+
return true;
|
|
532
|
+
}
|
|
533
|
+
|
|
534
|
+
if (bson_iter_find_descendant(&iter, "validator.$jsonSchema", &iter)) {
|
|
535
|
+
if (!_mongocrypt_buffer_copy_from_document_iter(&found->jsonSchema.buf, &iter)) {
|
|
536
|
+
CLIENT_ERR("failed to read schema from schema map for collection: %s", coll);
|
|
537
|
+
return false;
|
|
538
|
+
}
|
|
539
|
+
|
|
540
|
+
if (!_mongocrypt_buffer_to_bson(&found->jsonSchema.buf, &found->jsonSchema.bson)) {
|
|
541
|
+
CLIENT_ERR("unable to create BSON from schema map for collection: %s", coll);
|
|
542
|
+
return false;
|
|
543
|
+
}
|
|
544
|
+
|
|
545
|
+
found->jsonSchema.set = true;
|
|
546
|
+
found->jsonSchema.is_remote = true; // Mark remote. Schema may have non-CSFLE validators.
|
|
547
|
+
found->satisfied = true;
|
|
548
|
+
return true;
|
|
549
|
+
}
|
|
550
|
+
|
|
551
|
+
// Command does not have a schema. Not an error.
|
|
552
|
+
return true;
|
|
553
|
+
}
|
|
554
|
+
|
|
555
|
+
bool mc_schema_broker_satisfy_remaining_with_empty_schemas(mc_schema_broker_t *sb,
|
|
556
|
+
_mongocrypt_cache_t *collinfo_cache /* may be NULL */,
|
|
557
|
+
mongocrypt_status_t *status) {
|
|
558
|
+
BSON_ASSERT_PARAM(sb);
|
|
559
|
+
|
|
560
|
+
for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
561
|
+
if (it->satisfied) {
|
|
562
|
+
continue;
|
|
563
|
+
}
|
|
564
|
+
|
|
565
|
+
// Cache the received collinfo.
|
|
566
|
+
if (collinfo_cache) {
|
|
567
|
+
char *ns = bson_strdup_printf("%s.%s", sb->db, it->coll);
|
|
568
|
+
bson_t empty = BSON_INITIALIZER;
|
|
569
|
+
if (!_mongocrypt_cache_add_copy(collinfo_cache, ns, &empty, status)) {
|
|
570
|
+
bson_destroy(&empty);
|
|
571
|
+
bson_free(ns);
|
|
572
|
+
return false;
|
|
573
|
+
}
|
|
574
|
+
bson_destroy(&empty);
|
|
575
|
+
bson_free(ns);
|
|
576
|
+
}
|
|
577
|
+
|
|
578
|
+
it->satisfied = true;
|
|
579
|
+
}
|
|
580
|
+
|
|
581
|
+
return true;
|
|
582
|
+
}
|
|
583
|
+
|
|
584
|
+
bool mc_schema_broker_need_more_schemas(const mc_schema_broker_t *sb) {
|
|
585
|
+
BSON_ASSERT_PARAM(sb);
|
|
586
|
+
for (const mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
587
|
+
if (!it->satisfied) {
|
|
588
|
+
return true;
|
|
589
|
+
}
|
|
590
|
+
}
|
|
591
|
+
return false;
|
|
592
|
+
}
|
|
593
|
+
|
|
594
|
+
const mc_EncryptedFieldConfig_t *
|
|
595
|
+
mc_schema_broker_get_encryptedFields(const mc_schema_broker_t *sb, const char *coll, mongocrypt_status_t *status) {
|
|
596
|
+
BSON_ASSERT_PARAM(sb);
|
|
597
|
+
BSON_ASSERT_PARAM(coll);
|
|
598
|
+
|
|
599
|
+
for (const mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
600
|
+
BSON_ASSERT(it->satisfied);
|
|
601
|
+
if (0 != strcmp(it->coll, coll)) {
|
|
602
|
+
continue;
|
|
603
|
+
}
|
|
604
|
+
if (!it->encryptedFields.set) {
|
|
605
|
+
CLIENT_ERR("Expected encryptedFields for '%s', but none set", coll);
|
|
606
|
+
return NULL;
|
|
607
|
+
}
|
|
608
|
+
return &it->encryptedFields.efc;
|
|
609
|
+
}
|
|
610
|
+
CLIENT_ERR("Expected encryptedFields for '%s', but did not find entry", coll);
|
|
611
|
+
return NULL;
|
|
612
|
+
}
|
|
613
|
+
|
|
614
|
+
static bool append_encryptedFields(const bson_t *encryptedFields,
|
|
615
|
+
const char *coll,
|
|
616
|
+
uint8_t default_strEncodeVersion,
|
|
617
|
+
bson_t *out,
|
|
618
|
+
mongocrypt_status_t *status) {
|
|
619
|
+
BSON_ASSERT_PARAM(encryptedFields); // May be an empty BSON document.
|
|
620
|
+
BSON_ASSERT_PARAM(out);
|
|
621
|
+
BSON_ASSERT_PARAM(coll);
|
|
622
|
+
|
|
623
|
+
bool ok = false;
|
|
624
|
+
|
|
625
|
+
bool has_escCollection = false;
|
|
626
|
+
bool has_ecocCollection = false;
|
|
627
|
+
bool has_fields = false;
|
|
628
|
+
bool has_strEncodeVersion = false;
|
|
629
|
+
|
|
630
|
+
char *default_escCollection = NULL;
|
|
631
|
+
char *default_ecocCollection = NULL;
|
|
632
|
+
|
|
633
|
+
bson_iter_t iter;
|
|
634
|
+
TRY_BSON_OR(bson_iter_init(&iter, encryptedFields)) {
|
|
635
|
+
goto fail;
|
|
636
|
+
}
|
|
637
|
+
|
|
638
|
+
// Copy all values. Check if state collections are present.
|
|
639
|
+
while (bson_iter_next(&iter)) {
|
|
640
|
+
if (strcmp(bson_iter_key(&iter), "escCollection") == 0) {
|
|
641
|
+
has_escCollection = true;
|
|
642
|
+
}
|
|
643
|
+
if (strcmp(bson_iter_key(&iter), "ecocCollection") == 0) {
|
|
644
|
+
has_ecocCollection = true;
|
|
645
|
+
}
|
|
646
|
+
if (strcmp(bson_iter_key(&iter), "fields") == 0) {
|
|
647
|
+
has_fields = true;
|
|
648
|
+
}
|
|
649
|
+
if (strcmp(bson_iter_key(&iter), "strEncodeVersion") == 0) {
|
|
650
|
+
has_strEncodeVersion = true;
|
|
651
|
+
}
|
|
652
|
+
TRY_BSON_OR(BSON_APPEND_VALUE(out, bson_iter_key(&iter), bson_iter_value(&iter))) {
|
|
653
|
+
goto fail;
|
|
654
|
+
}
|
|
655
|
+
}
|
|
656
|
+
|
|
657
|
+
if (!has_escCollection) {
|
|
658
|
+
default_escCollection = bson_strdup_printf("enxcol_.%s.esc", coll);
|
|
659
|
+
TRY_BSON_OR(BSON_APPEND_UTF8(out, "escCollection", default_escCollection)) {
|
|
660
|
+
goto fail;
|
|
661
|
+
}
|
|
662
|
+
}
|
|
663
|
+
|
|
664
|
+
if (!has_ecocCollection) {
|
|
665
|
+
default_ecocCollection = bson_strdup_printf("enxcol_.%s.ecoc", coll);
|
|
666
|
+
TRY_BSON_OR(BSON_APPEND_UTF8(out, "ecocCollection", default_ecocCollection)) {
|
|
667
|
+
goto fail;
|
|
668
|
+
}
|
|
669
|
+
}
|
|
670
|
+
|
|
671
|
+
if (!has_fields) {
|
|
672
|
+
bson_t empty = BSON_INITIALIZER;
|
|
673
|
+
TRY_BSON_OR(BSON_APPEND_ARRAY(out, "fields", &empty)) {
|
|
674
|
+
goto fail;
|
|
675
|
+
}
|
|
676
|
+
}
|
|
677
|
+
|
|
678
|
+
if (!has_strEncodeVersion && default_strEncodeVersion != 0) {
|
|
679
|
+
// 0 indicates encryptedFields has no text fields and no set strEncodeVersion.
|
|
680
|
+
// Only add strEncodeVersion if needed since older server components do not recognize it.
|
|
681
|
+
TRY_BSON_OR(BSON_APPEND_INT32(out, "strEncodeVersion", (int32_t)default_strEncodeVersion)) {
|
|
682
|
+
goto fail;
|
|
683
|
+
}
|
|
684
|
+
}
|
|
685
|
+
|
|
686
|
+
ok = true;
|
|
687
|
+
fail:
|
|
688
|
+
bson_free(default_escCollection);
|
|
689
|
+
bson_free(default_ecocCollection);
|
|
690
|
+
return ok;
|
|
691
|
+
}
|
|
692
|
+
|
|
693
|
+
static bool append_encryptionInformation(const mc_schema_broker_t *sb,
|
|
694
|
+
const char *cmd_name,
|
|
695
|
+
bson_t *out,
|
|
696
|
+
mongocrypt_status_t *status) {
|
|
697
|
+
BSON_ASSERT_PARAM(sb);
|
|
698
|
+
BSON_ASSERT_PARAM(cmd_name);
|
|
699
|
+
BSON_ASSERT_PARAM(out);
|
|
700
|
+
|
|
701
|
+
bson_t encryption_information_bson;
|
|
702
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(out, "encryptionInformation", &encryption_information_bson)) {
|
|
703
|
+
return false;
|
|
704
|
+
}
|
|
705
|
+
TRY_BSON_OR(BSON_APPEND_INT32(&encryption_information_bson, "type", 1)) {
|
|
706
|
+
return false;
|
|
707
|
+
}
|
|
708
|
+
|
|
709
|
+
bson_t schema_bson;
|
|
710
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(&encryption_information_bson, "schema", &schema_bson)) {
|
|
711
|
+
return false;
|
|
712
|
+
}
|
|
713
|
+
|
|
714
|
+
for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
|
|
715
|
+
BSON_ASSERT(se->satisfied);
|
|
716
|
+
bool loop_ok = false;
|
|
717
|
+
char *ns = bson_strdup_printf("%s.%s", sb->db, se->coll);
|
|
718
|
+
bson_t ns_to_schema_bson;
|
|
719
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(&schema_bson, ns, &ns_to_schema_bson)) {
|
|
720
|
+
goto loop_fail;
|
|
721
|
+
}
|
|
722
|
+
|
|
723
|
+
bson_t empty_encryptedFields = BSON_INITIALIZER; // Use empty encryptedFields if none set.
|
|
724
|
+
const bson_t *encryptedFields = &empty_encryptedFields;
|
|
725
|
+
uint8_t default_strEncodeVersion = 0;
|
|
726
|
+
if (se->encryptedFields.set) {
|
|
727
|
+
encryptedFields = &se->encryptedFields.bson;
|
|
728
|
+
default_strEncodeVersion = se->encryptedFields.efc.str_encode_version;
|
|
729
|
+
}
|
|
730
|
+
if (!append_encryptedFields(encryptedFields, se->coll, default_strEncodeVersion, &ns_to_schema_bson, status)) {
|
|
731
|
+
goto loop_fail;
|
|
732
|
+
}
|
|
733
|
+
|
|
734
|
+
TRY_BSON_OR(bson_append_document_end(&schema_bson, &ns_to_schema_bson)) {
|
|
735
|
+
goto loop_fail;
|
|
736
|
+
}
|
|
737
|
+
loop_ok = true;
|
|
738
|
+
loop_fail:
|
|
739
|
+
bson_free(ns);
|
|
740
|
+
bson_destroy(&empty_encryptedFields);
|
|
741
|
+
if (!loop_ok) {
|
|
742
|
+
return false;
|
|
743
|
+
}
|
|
744
|
+
}
|
|
745
|
+
TRY_BSON_OR(bson_append_document_end(&encryption_information_bson, &schema_bson)) {
|
|
746
|
+
return false;
|
|
747
|
+
}
|
|
748
|
+
TRY_BSON_OR(bson_append_document_end(out, &encryption_information_bson)) {
|
|
749
|
+
return false;
|
|
750
|
+
}
|
|
751
|
+
return true;
|
|
752
|
+
}
|
|
753
|
+
|
|
754
|
+
static const char *get_cmd_name(const bson_t *cmd, mongocrypt_status_t *status) {
|
|
755
|
+
bson_iter_t iter;
|
|
756
|
+
const char *cmd_name;
|
|
757
|
+
|
|
758
|
+
BSON_ASSERT_PARAM(cmd);
|
|
759
|
+
|
|
760
|
+
if (!bson_iter_init(&iter, cmd)) {
|
|
761
|
+
CLIENT_ERR("unable to iterate over command BSON");
|
|
762
|
+
return NULL;
|
|
763
|
+
}
|
|
764
|
+
|
|
765
|
+
/* The command name is the first key. */
|
|
766
|
+
if (!bson_iter_next(&iter)) {
|
|
767
|
+
CLIENT_ERR("unexpected empty BSON for command");
|
|
768
|
+
return NULL;
|
|
769
|
+
}
|
|
770
|
+
|
|
771
|
+
cmd_name = bson_iter_key(&iter);
|
|
772
|
+
if (!cmd_name) {
|
|
773
|
+
CLIENT_ERR("unable to get command name from BSON");
|
|
774
|
+
return NULL;
|
|
775
|
+
}
|
|
776
|
+
return cmd_name;
|
|
777
|
+
}
|
|
778
|
+
|
|
779
|
+
static bool insert_encryptionInformation(const mc_schema_broker_t *sb,
|
|
780
|
+
const char *cmd_name,
|
|
781
|
+
bson_t *cmd /* in and out */,
|
|
782
|
+
mc_cmd_target_t cmd_target,
|
|
783
|
+
mongocrypt_status_t *status) {
|
|
784
|
+
BSON_ASSERT_PARAM(sb);
|
|
785
|
+
BSON_ASSERT_PARAM(cmd_name);
|
|
786
|
+
BSON_ASSERT_PARAM(cmd);
|
|
787
|
+
|
|
788
|
+
bson_t out = BSON_INITIALIZER;
|
|
789
|
+
bson_t explain = BSON_INITIALIZER;
|
|
790
|
+
bson_iter_t iter;
|
|
791
|
+
bool ok = false;
|
|
792
|
+
|
|
793
|
+
// For `bulkWrite`, append `encryptionInformation` inside the `nsInfo.0` document.
|
|
794
|
+
if (0 == strcmp(cmd_name, "bulkWrite")) {
|
|
795
|
+
// Get the single `nsInfo` document from the input command.
|
|
796
|
+
bson_t nsInfo; // Non-owning.
|
|
797
|
+
{
|
|
798
|
+
bson_iter_t nsInfo_iter;
|
|
799
|
+
if (!bson_iter_init(&nsInfo_iter, cmd)) {
|
|
800
|
+
CLIENT_ERR("failed to iterate command");
|
|
801
|
+
goto fail;
|
|
802
|
+
}
|
|
803
|
+
if (!bson_iter_find_descendant(&nsInfo_iter, "nsInfo.0", &nsInfo_iter)) {
|
|
804
|
+
CLIENT_ERR("expected one namespace in `bulkWrite`, but found zero.");
|
|
805
|
+
goto fail;
|
|
806
|
+
}
|
|
807
|
+
if (bson_has_field(cmd, "nsInfo.1")) {
|
|
808
|
+
CLIENT_ERR("expected one namespace in `bulkWrite`, but found more than one. Only one namespace is "
|
|
809
|
+
"supported.");
|
|
810
|
+
goto fail;
|
|
811
|
+
}
|
|
812
|
+
if (!mc_iter_document_as_bson(&nsInfo_iter, &nsInfo, status)) {
|
|
813
|
+
goto fail;
|
|
814
|
+
}
|
|
815
|
+
// Ensure `nsInfo` does not already have an `encryptionInformation` field.
|
|
816
|
+
if (bson_has_field(&nsInfo, "encryptionInformation")) {
|
|
817
|
+
CLIENT_ERR("unexpected `encryptionInformation` present in input `nsInfo`.");
|
|
818
|
+
goto fail;
|
|
819
|
+
}
|
|
820
|
+
}
|
|
821
|
+
|
|
822
|
+
// Copy input and append `encryptionInformation` to `nsInfo`.
|
|
823
|
+
{
|
|
824
|
+
// Append everything from input except `nsInfo`.
|
|
825
|
+
bson_copy_to_excluding_noinit(cmd, &out, "nsInfo", NULL);
|
|
826
|
+
// Append `nsInfo` array.
|
|
827
|
+
bson_t nsInfo_array;
|
|
828
|
+
if (!BSON_APPEND_ARRAY_BEGIN(&out, "nsInfo", &nsInfo_array)) {
|
|
829
|
+
CLIENT_ERR("unable to begin appending 'nsInfo' array");
|
|
830
|
+
goto fail;
|
|
831
|
+
}
|
|
832
|
+
bson_t nsInfo_array_0;
|
|
833
|
+
if (!BSON_APPEND_DOCUMENT_BEGIN(&nsInfo_array, "0", &nsInfo_array_0)) {
|
|
834
|
+
CLIENT_ERR("unable to append 'nsInfo.0' document");
|
|
835
|
+
goto fail;
|
|
836
|
+
}
|
|
837
|
+
// Copy everything from input `nsInfo`.
|
|
838
|
+
if (!bson_concat(&nsInfo_array_0, &nsInfo)) {
|
|
839
|
+
CLIENT_ERR("unable to concat to 'nsInfo.0' document");
|
|
840
|
+
goto fail;
|
|
841
|
+
}
|
|
842
|
+
// And append `encryptionInformation`.
|
|
843
|
+
if (!append_encryptionInformation(sb, cmd_name, &nsInfo_array_0, status)) {
|
|
844
|
+
goto fail;
|
|
845
|
+
}
|
|
846
|
+
if (!bson_append_document_end(&nsInfo_array, &nsInfo_array_0)) {
|
|
847
|
+
CLIENT_ERR("unable to end appending 'nsInfo' document in array");
|
|
848
|
+
}
|
|
849
|
+
if (!bson_append_array_end(&out, &nsInfo_array)) {
|
|
850
|
+
CLIENT_ERR("unable to end appending 'nsInfo' array");
|
|
851
|
+
goto fail;
|
|
852
|
+
}
|
|
853
|
+
// Overwrite `cmd`.
|
|
854
|
+
bson_destroy(cmd);
|
|
855
|
+
if (!bson_steal(cmd, &out)) {
|
|
856
|
+
CLIENT_ERR("failed to steal BSON with encryptionInformation");
|
|
857
|
+
goto fail;
|
|
858
|
+
}
|
|
859
|
+
}
|
|
860
|
+
|
|
861
|
+
goto success;
|
|
862
|
+
}
|
|
863
|
+
|
|
864
|
+
if (0 == strcmp(cmd_name, "explain")
|
|
865
|
+
&& (cmd_target == MC_CMD_SCHEMAS_FOR_CRYPT_SHARED || cmd_target == MC_CMD_SCHEMAS_FOR_SERVER)) {
|
|
866
|
+
// The "explain" command is a special case when sent to crypt_shared or the server, which expect
|
|
867
|
+
// "encryptionInformation" nested in the "explain" document instead of at top-level. Example:
|
|
868
|
+
// {
|
|
869
|
+
// "explain": {
|
|
870
|
+
// "find": "to-crypt_shared-or-server"
|
|
871
|
+
// "encryptionInformation": {}
|
|
872
|
+
// }
|
|
873
|
+
// }
|
|
874
|
+
if (!bson_iter_init_find(&iter, cmd, "explain")) {
|
|
875
|
+
CLIENT_ERR("expected to find 'explain' field");
|
|
876
|
+
goto fail;
|
|
877
|
+
}
|
|
878
|
+
|
|
879
|
+
if (!BSON_ITER_HOLDS_DOCUMENT(&iter)) {
|
|
880
|
+
CLIENT_ERR("expected 'explain' to be document");
|
|
881
|
+
goto fail;
|
|
882
|
+
}
|
|
883
|
+
|
|
884
|
+
{
|
|
885
|
+
bson_t tmp;
|
|
886
|
+
if (!mc_iter_document_as_bson(&iter, &tmp, status)) {
|
|
887
|
+
goto fail;
|
|
888
|
+
}
|
|
889
|
+
bson_destroy(&explain);
|
|
890
|
+
bson_copy_to(&tmp, &explain);
|
|
891
|
+
}
|
|
892
|
+
|
|
893
|
+
if (!append_encryptionInformation(sb, cmd_name, &explain, status)) {
|
|
894
|
+
goto fail;
|
|
895
|
+
}
|
|
896
|
+
|
|
897
|
+
if (!BSON_APPEND_DOCUMENT(&out, "explain", &explain)) {
|
|
898
|
+
CLIENT_ERR("unable to append 'explain' document");
|
|
899
|
+
goto fail;
|
|
900
|
+
}
|
|
901
|
+
|
|
902
|
+
bson_copy_to_excluding_noinit(cmd, &out, "explain", NULL);
|
|
903
|
+
bson_destroy(cmd);
|
|
904
|
+
if (!bson_steal(cmd, &out)) {
|
|
905
|
+
CLIENT_ERR("failed to steal BSON with encryptionInformation");
|
|
906
|
+
goto fail;
|
|
907
|
+
}
|
|
908
|
+
goto success;
|
|
909
|
+
}
|
|
910
|
+
|
|
911
|
+
// Default case: append "encryptionInformation" at top-level. Example:
|
|
912
|
+
// {
|
|
913
|
+
// "<command name>": { ... }
|
|
914
|
+
// "encryptionInformation": {}
|
|
915
|
+
// }
|
|
916
|
+
if (!append_encryptionInformation(sb, cmd_name, cmd, status)) {
|
|
917
|
+
goto fail;
|
|
918
|
+
}
|
|
919
|
+
|
|
920
|
+
success:
|
|
921
|
+
ok = true;
|
|
922
|
+
fail:
|
|
923
|
+
bson_destroy(&explain);
|
|
924
|
+
if (!ok) {
|
|
925
|
+
bson_destroy(&out);
|
|
926
|
+
}
|
|
927
|
+
return ok;
|
|
928
|
+
}
|
|
929
|
+
|
|
930
|
+
// insert_csfleEncryptionSchemas appends schema information to a command for CSFLE.
|
|
931
|
+
// Only consumed by query analysis (mongocryptd/crypt_shared).
|
|
932
|
+
// For one JSON schema, use `jsonSchema` for backwards compatibility.
|
|
933
|
+
// For multiple JSON schemas, use `csfleEncryptionSchemas` (added in server 8.2).
|
|
934
|
+
static bool insert_csfleEncryptionSchemas(const mc_schema_broker_t *sb,
|
|
935
|
+
bson_t *cmd /* in/out */,
|
|
936
|
+
mc_cmd_target_t cmd_target,
|
|
937
|
+
mongocrypt_status_t *status) {
|
|
938
|
+
BSON_ASSERT_PARAM(sb);
|
|
939
|
+
BSON_ASSERT_PARAM(cmd);
|
|
940
|
+
|
|
941
|
+
if (cmd_target != MC_CMD_SCHEMAS_FOR_CRYPT_SHARED && cmd_target != MC_CMD_SCHEMAS_FOR_MONGOCRYPTD) {
|
|
942
|
+
// CSFLE schemas are only used for query analysis.
|
|
943
|
+
return true;
|
|
944
|
+
}
|
|
945
|
+
|
|
946
|
+
if (sb->ll_len == 1) {
|
|
947
|
+
// Append the only jsonSchema with the "jsonSchema" field.
|
|
948
|
+
const mc_schema_entry_t *se = sb->ll;
|
|
949
|
+
BSON_ASSERT(se);
|
|
950
|
+
BSON_ASSERT(!se->next);
|
|
951
|
+
BSON_ASSERT(se->satisfied);
|
|
952
|
+
if (se->jsonSchema.set) {
|
|
953
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT(cmd, "jsonSchema", &se->jsonSchema.bson)) {
|
|
954
|
+
return false;
|
|
955
|
+
}
|
|
956
|
+
TRY_BSON_OR(BSON_APPEND_BOOL(cmd, "isRemoteSchema", se->jsonSchema.is_remote)) {
|
|
957
|
+
return false;
|
|
958
|
+
}
|
|
959
|
+
} else {
|
|
960
|
+
bson_t empty = BSON_INITIALIZER;
|
|
961
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT(cmd, "jsonSchema", &empty)) {
|
|
962
|
+
return false;
|
|
963
|
+
}
|
|
964
|
+
// Append isRemoteSchema:true to preserve existing value. But I expect it can/should be false.
|
|
965
|
+
TRY_BSON_OR(BSON_APPEND_BOOL(cmd, "isRemoteSchema", true)) {
|
|
966
|
+
return false;
|
|
967
|
+
}
|
|
968
|
+
}
|
|
969
|
+
return true;
|
|
970
|
+
}
|
|
971
|
+
|
|
972
|
+
// Append multiple schemas as "csfleEncryptionSchemas"
|
|
973
|
+
bson_t csfleEncryptionSchemas;
|
|
974
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(cmd, "csfleEncryptionSchemas", &csfleEncryptionSchemas)) {
|
|
975
|
+
return false;
|
|
976
|
+
}
|
|
977
|
+
|
|
978
|
+
for (mc_schema_entry_t *se = sb->ll; se != NULL; se = se->next) {
|
|
979
|
+
BSON_ASSERT(se->satisfied);
|
|
980
|
+
|
|
981
|
+
char *ns = bson_strdup_printf("%s.%s", sb->db, se->coll);
|
|
982
|
+
bson_t ns_to_doc;
|
|
983
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT_BEGIN(&csfleEncryptionSchemas, ns, &ns_to_doc)) {
|
|
984
|
+
bson_free(ns);
|
|
985
|
+
return false;
|
|
986
|
+
}
|
|
987
|
+
bson_free(ns);
|
|
988
|
+
|
|
989
|
+
if (!se->jsonSchema.set) {
|
|
990
|
+
// Append as an empty document.
|
|
991
|
+
bson_t empty = BSON_INITIALIZER;
|
|
992
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT(&ns_to_doc, "jsonSchema", &empty)) {
|
|
993
|
+
return false;
|
|
994
|
+
}
|
|
995
|
+
TRY_BSON_OR(BSON_APPEND_BOOL(&ns_to_doc, "isRemoteSchema", false)) {
|
|
996
|
+
return false;
|
|
997
|
+
}
|
|
998
|
+
} else {
|
|
999
|
+
TRY_BSON_OR(BSON_APPEND_DOCUMENT(&ns_to_doc, "jsonSchema", &se->jsonSchema.bson)) {
|
|
1000
|
+
return false;
|
|
1001
|
+
}
|
|
1002
|
+
TRY_BSON_OR(BSON_APPEND_BOOL(&ns_to_doc, "isRemoteSchema", se->jsonSchema.is_remote)) {
|
|
1003
|
+
return false;
|
|
1004
|
+
}
|
|
1005
|
+
}
|
|
1006
|
+
TRY_BSON_OR(bson_append_document_end(&csfleEncryptionSchemas, &ns_to_doc)) {
|
|
1007
|
+
return false;
|
|
1008
|
+
}
|
|
1009
|
+
}
|
|
1010
|
+
|
|
1011
|
+
TRY_BSON_OR(bson_append_document_end(cmd, &csfleEncryptionSchemas)) {
|
|
1012
|
+
return false;
|
|
1013
|
+
}
|
|
1014
|
+
|
|
1015
|
+
return true;
|
|
1016
|
+
}
|
|
1017
|
+
|
|
1018
|
+
bool mc_schema_broker_add_schemas_to_cmd(const mc_schema_broker_t *sb,
|
|
1019
|
+
bson_t *cmd /* in and out */,
|
|
1020
|
+
mc_cmd_target_t cmd_target,
|
|
1021
|
+
mongocrypt_status_t *status) {
|
|
1022
|
+
BSON_ASSERT_PARAM(sb);
|
|
1023
|
+
BSON_ASSERT_PARAM(cmd);
|
|
1024
|
+
|
|
1025
|
+
const char *cmd_name = get_cmd_name(cmd, status);
|
|
1026
|
+
if (!cmd_name) {
|
|
1027
|
+
return false;
|
|
1028
|
+
}
|
|
1029
|
+
|
|
1030
|
+
bool has_encryptedFields = false;
|
|
1031
|
+
bool has_jsonSchema = false;
|
|
1032
|
+
const char *coll_with_encryptedFields = NULL;
|
|
1033
|
+
const char *coll_with_jsonSchema = NULL;
|
|
1034
|
+
for (mc_schema_entry_t *it = sb->ll; it != NULL; it = it->next) {
|
|
1035
|
+
BSON_ASSERT(it->satisfied);
|
|
1036
|
+
if (it->encryptedFields.set) {
|
|
1037
|
+
has_encryptedFields = true;
|
|
1038
|
+
coll_with_encryptedFields = it->coll;
|
|
1039
|
+
} else if (it->jsonSchema.set) {
|
|
1040
|
+
has_jsonSchema = true;
|
|
1041
|
+
coll_with_jsonSchema = it->coll;
|
|
1042
|
+
}
|
|
1043
|
+
}
|
|
1044
|
+
|
|
1045
|
+
if (has_encryptedFields && has_jsonSchema) {
|
|
1046
|
+
// If any collection has encryptedFields, error if any collection only has a JSON Schema.
|
|
1047
|
+
CLIENT_ERR("Collection '%s' has an encryptedFields configured, but collection '%s' has a JSON schema "
|
|
1048
|
+
"configured. This is currently not supported. To ignore the JSON schema, add an empty entry for "
|
|
1049
|
+
"'%s' to AutoEncryptionOpts.encryptedFieldsMap: \"%s\": { \"fields\": [] }",
|
|
1050
|
+
coll_with_encryptedFields,
|
|
1051
|
+
coll_with_jsonSchema,
|
|
1052
|
+
coll_with_jsonSchema,
|
|
1053
|
+
coll_with_jsonSchema);
|
|
1054
|
+
return false;
|
|
1055
|
+
}
|
|
1056
|
+
|
|
1057
|
+
if (has_encryptedFields) {
|
|
1058
|
+
// Use encryptionInformation.
|
|
1059
|
+
return insert_encryptionInformation(sb, cmd_name, cmd, cmd_target, status);
|
|
1060
|
+
}
|
|
1061
|
+
|
|
1062
|
+
if (has_jsonSchema) {
|
|
1063
|
+
// Use csfleEncryptionSchemas / jsonSchema only.
|
|
1064
|
+
return insert_csfleEncryptionSchemas(sb, cmd, cmd_target, status);
|
|
1065
|
+
}
|
|
1066
|
+
|
|
1067
|
+
// Collections have no QE or CSFLE schemas.
|
|
1068
|
+
if (0 == strcmp(cmd_name, "bulkWrite")) {
|
|
1069
|
+
// "bulkWrite" does not support the jsonSchema field. Use encryptionInformation with empty schemas.
|
|
1070
|
+
return insert_encryptionInformation(sb, cmd_name, cmd, cmd_target, status);
|
|
1071
|
+
}
|
|
1072
|
+
|
|
1073
|
+
// Use csfleEncryptionSchemas / jsonSchema with empty schemas.
|
|
1074
|
+
return insert_csfleEncryptionSchemas(sb, cmd, cmd_target, status);
|
|
1075
|
+
}
|