libmongocrypt-helper 1.12.0.0.1001 → 1.13.2.0.1001
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +19 -0
- data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +10 -0
- data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -4
- data/ext/libmongocrypt/libmongocrypt/CONTRIBUTING.md +14 -0
- data/ext/libmongocrypt/libmongocrypt/Earthfile +49 -50
- data/ext/libmongocrypt/libmongocrypt/README.md +8 -17
- data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +6 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +39 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +32 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +8 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +0 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +11 -11
- data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +4 -2
- data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +3 -5
- data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +14 -27
- data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +9 -9
- data/ext/libmongocrypt/libmongocrypt/etc/format.sh +0 -2
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-in-functions.patch +158 -0
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +3 -3
- data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/integrating.md +42 -11
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_windows.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +25 -8
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +12 -10
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +35 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +4 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +79 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +226 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +34 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +165 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private-v2.h +105 -7
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +381 -70
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block-private.h +7 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +17 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +126 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +1075 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +95 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +304 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +45 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +248 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +112 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +166 -2
- data/ext/libmongocrypt/libmongocrypt/src/mlib/windows-lean.h +2 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +11 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +36 -3
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +8 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +430 -857
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +5 -19
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +516 -523
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +7 -12
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +6 -9
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +17 -0
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1434 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +2884 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +139 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.h +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/missing-key-id/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-extraField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-missingKeyId.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-badVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-goodVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-badVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-goodVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-twoFields.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-field-config-map.json +1 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1DeterministicEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1RandomEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2FindEqualityPayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges-V2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/insert-indexed.json → explicit-decrypt/FLE2InsertUpdatePayload.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/find-with-encryptionInformation.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-collinfo.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/int32/encrypted-field-map.json → fle2-bad-str-encode-version/bad-encrypted-field-config-map.json} +7 -12
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-bad-str-encode-version}/encrypted-payload.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-field-config-map.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd-to-mongocryptd.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-equality/encrypted-field-map.json → fle2-create-encrypted-collection/encrypted-field-config-map.json} +9 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/encrypted-payload.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/mongocryptd-reply.json +50 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload-v2.json +57 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/mongocryptd-reply.json +63 -64
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload-v2.json +64 -66
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/mongocryptd-reply.json +69 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongod.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/reply-from-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-field-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/date → fle2-insert-text-search}/encrypted-field-map.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/double → fle2-insert-text-search-with-str-encode-version}/encrypted-field-map.json +12 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/encrypted-field-map.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/mongocryptd-reply.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd-to-mongocryptd.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd.json +22 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-field-config-map.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/mongocryptd-reply.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +62 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneText.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneTextLarge.json +930 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-facet/cmd.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c1.json} +13 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/collInfo-c3.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-nested/cmd.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/schemaMap.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd-to-mongocryptd.json +34 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd-to-mongocryptd.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c2.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/reply-from-mongocryptd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-unionWith/cmd.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-v1.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/keys/ABCDEFAB123498761234123456789012-local-document.json → test/data/lookup/mixed/csfle/csfle/key-doc.json} +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongocryptd.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongod.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/reply-from-mongocryptd.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongod.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/reply-from-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongod.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/reply-from-mongocryptd.json +63 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongocryptd.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongod.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/reply-from-mongocryptd.json +68 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert-unindexed/encrypted-field-map.json → lookup/qe-encryptedFieldsMap/encryptedFieldsMap.json} +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongod.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/reply-from-mongocryptd.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongod.json +75 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-create/mongocryptd-ismaster.json → mongocryptd-ismaster-17.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-ismaster-26.json +12 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-jsonSchema.json +43 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-noSchema.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/create-with-jsonSchema.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields2.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFieldsMap.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema2.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +468 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +20 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev-v2.c +286 -24
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +23 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +24 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-tag-and-encrypted-metadata-block.c +36 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +32 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +58 -66
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-schema-broker.c +1124 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +1207 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +144 -37
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +13 -14
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +21 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +37 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +226 -146
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +1330 -1200
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +6 -6
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +744 -106
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +119 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +27 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +97 -0
- data/lib/libmongocrypt_helper/version.rb +2 -2
- metadata +207 -157
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/README.md +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +0 -28
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +0 -217
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +0 -24
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +0 -354
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +0 -5
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +0 -234
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +0 -89
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/BinaryHolder.java +0 -45
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +0 -1165
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +0 -96
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +0 -92
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/DisposableMemory.java +0 -31
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/JULLogger.java +0 -130
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Logger.java +0 -144
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Loggers.java +0 -50
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MacCallback.java +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MessageDigestCallback.java +0 -55
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoAwsKmsProviderOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypt.java +0 -100
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContext.java +0 -137
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContextImpl.java +0 -164
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptException.java +0 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +0 -423
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptOptions.java +0 -284
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypts.java +0 -38
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoDataKeyOptions.java +0 -125
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +0 -227
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptor.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptorImpl.java +0 -105
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoLocalKmsProviderOptions.java +0 -83
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoRewrapManyDataKeyOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SLF4JLogger.java +0 -110
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SecureRandomCallback.java +0 -51
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SigningRSAESPKCSCallback.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/package-info.java +0 -18
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +0 -180
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +0 -134
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +0 -389
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command-reply.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command-reply.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-value.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/rangeopts.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/value-to-encrypt.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/json-schema.json +0 -15
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-document.json +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter-keyAltName.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/kms-reply.txt +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/list-collections-filter.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-command.json +0 -22
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-reply.json +0 -18
- data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +0 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-schema.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +0 -47
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/collinfo.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/ismaster-to-mongocryptd.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload.json +0 -91
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload.json +0 -98
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-payload.json +0 -41
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/mongocryptd-reply.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/cmd.json +0 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-payload.json +0 -51
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/mongocryptd-reply.json +0 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/cmd.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-payload.json +0 -54
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/mongocryptd-reply.json +0 -62
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-payload.json +0 -48
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/mongocryptd-reply.json +0 -56
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-payload.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/mongocryptd-reply.json +0 -46
- data/ext/libmongocrypt/libmongocrypt/test/data/schema.json +0 -19
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/find-indexed.json → explicit-decrypt/FLE2FindEqualityPayload.json} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-text-search-with-str-encode-version}/cmd.json +0 -0
@@ -20,6 +20,7 @@
|
|
20
20
|
#include "mongocrypt-crypto-private.h" // MONGOCRYPT_KEY_LEN
|
21
21
|
#include "mongocrypt.h"
|
22
22
|
#include "test-mongocrypt-assert-match-bson.h"
|
23
|
+
#include "test-mongocrypt-assert.h"
|
23
24
|
#include "test-mongocrypt-crypto-std-hooks.h"
|
24
25
|
#include "test-mongocrypt.h"
|
25
26
|
|
@@ -508,9 +509,7 @@ static void _test_encrypt_need_markings(_mongocrypt_tester_t *tester) {
|
|
508
509
|
|
509
510
|
static void _test_encrypt_csfle_no_needs_markings(_mongocrypt_tester_t *tester) {
|
510
511
|
if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
|
511
|
-
|
512
|
-
"_test_encrypt_csfle_no_needs_markings test is a no-op.",
|
513
|
-
stderr);
|
512
|
+
TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
|
514
513
|
return;
|
515
514
|
}
|
516
515
|
|
@@ -617,7 +616,7 @@ static void _test_view(_mongocrypt_tester_t *tester) {
|
|
617
616
|
|
618
617
|
crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
619
618
|
ctx = mongocrypt_ctx_new(crypt);
|
620
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1,
|
619
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_BSON(BSON_STR({"find" : "v", "filter" : {}}))), ctx);
|
621
620
|
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
622
621
|
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/collection-info-view.json")),
|
623
622
|
ctx,
|
@@ -763,7 +762,9 @@ static void _test_encrypt_cache_expiration(_mongocrypt_tester_t *tester) {
|
|
763
762
|
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_DONE);
|
764
763
|
mongocrypt_ctx_destroy(ctx);
|
765
764
|
|
766
|
-
|
765
|
+
// Sleep to trigger cache expiration.
|
766
|
+
// Cache entries expire after 1ms, but use 20ms to avoid timing errors observed on Windows distros: CDRIVER-4526
|
767
|
+
_usleep(20 * 1000);
|
767
768
|
/* The next context requests keys again
|
768
769
|
*/
|
769
770
|
ctx = mongocrypt_ctx_new(crypt);
|
@@ -1004,28 +1005,8 @@ static void _test_encrypt_invalid_siblings(_mongocrypt_tester_t *tester) {
|
|
1004
1005
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
1005
1006
|
|
1006
1007
|
BSON_ASSERT(MONGOCRYPT_CTX_NEED_MONGO_MARKINGS == mongocrypt_ctx_state(ctx));
|
1007
|
-
|
1008
|
-
|
1009
|
-
"JSON schema validator has siblings");
|
1010
|
-
|
1011
|
-
mongocrypt_ctx_destroy(ctx);
|
1012
|
-
mongocrypt_destroy(crypt);
|
1013
|
-
}
|
1014
|
-
|
1015
|
-
static void _test_encrypt_dupe_jsonschema(_mongocrypt_tester_t *tester) {
|
1016
|
-
mongocrypt_t *crypt;
|
1017
|
-
mongocrypt_ctx_t *ctx;
|
1018
|
-
|
1019
|
-
crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
1020
|
-
ctx = mongocrypt_ctx_new(crypt);
|
1021
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
|
1022
|
-
|
1023
|
-
BSON_ASSERT(MONGOCRYPT_CTX_NEED_MONGO_COLLINFO == mongocrypt_ctx_state(ctx));
|
1024
|
-
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx,
|
1025
|
-
TEST_BSON("{'options': {'validator': { '$jsonSchema': {}, "
|
1026
|
-
"'$jsonSchema': {} } } }")),
|
1027
|
-
ctx,
|
1028
|
-
"duplicate $jsonSchema");
|
1008
|
+
// MONGOCRYPT-771 removes checks for sibling validators.
|
1009
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/example/mongocryptd-reply.json")), ctx);
|
1029
1010
|
|
1030
1011
|
mongocrypt_ctx_destroy(ctx);
|
1031
1012
|
mongocrypt_destroy(crypt);
|
@@ -1327,9 +1308,6 @@ static void _test_encrypt_with_encrypted_field_config_map(_mongocrypt_tester_t *
|
|
1327
1308
|
mongocrypt_setopt_kms_providers(crypt, TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
1328
1309
|
crypt);
|
1329
1310
|
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_BSON("{'db.coll': {'fields': []}}")), crypt);
|
1330
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1331
|
-
// QEv1 is still supported.
|
1332
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1333
1311
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1334
1312
|
|
1335
1313
|
/* Test encrypting a command on a collection present in the encrypted field
|
@@ -1437,9 +1415,6 @@ static void _test_encrypt_remote_encryptedfields(_mongocrypt_tester_t *tester) {
|
|
1437
1415
|
ASSERT_OK(
|
1438
1416
|
mongocrypt_setopt_kms_providers(crypt, TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
1439
1417
|
crypt);
|
1440
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1441
|
-
// QEv1 is still supported.
|
1442
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1443
1418
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1444
1419
|
/* Test success. */
|
1445
1420
|
{
|
@@ -1502,9 +1477,6 @@ static void _test_encrypt_remote_encryptedfields(_mongocrypt_tester_t *tester) {
|
|
1502
1477
|
mongocrypt_setopt_kms_providers(crypt,
|
1503
1478
|
TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
1504
1479
|
crypt);
|
1505
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1506
|
-
// QEv1 is still supported.
|
1507
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1508
1480
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1509
1481
|
ctx = mongocrypt_ctx_new(crypt);
|
1510
1482
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-find-explicit/cmd.json")),
|
@@ -1552,9 +1524,6 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
|
|
1552
1524
|
crypt);
|
1553
1525
|
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_BSON("{'db.coll': {'fields': []}}")), crypt);
|
1554
1526
|
mongocrypt_setopt_bypass_query_analysis(crypt);
|
1555
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1556
|
-
// QEv1 is still supported.
|
1557
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1558
1527
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1559
1528
|
|
1560
1529
|
ctx = mongocrypt_ctx_new(crypt);
|
@@ -1584,9 +1553,6 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
|
|
1584
1553
|
TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
1585
1554
|
crypt);
|
1586
1555
|
mongocrypt_setopt_bypass_query_analysis(crypt);
|
1587
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
1588
|
-
// QEv1 is still supported.
|
1589
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
1590
1556
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
1591
1557
|
|
1592
1558
|
ctx = mongocrypt_ctx_new(crypt);
|
@@ -1595,7 +1561,9 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
|
|
1595
1561
|
|
1596
1562
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
1597
1563
|
{
|
1598
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(
|
1564
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(
|
1565
|
+
ctx,
|
1566
|
+
TEST_BSON("{'name': 'coll', 'options': {'encryptedFields': {'fields': []}}}")),
|
1599
1567
|
ctx);
|
1600
1568
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
1601
1569
|
}
|
@@ -1615,301 +1583,6 @@ static void _test_encrypt_with_bypassqueryanalysis(_mongocrypt_tester_t *tester)
|
|
1615
1583
|
}
|
1616
1584
|
}
|
1617
1585
|
|
1618
|
-
static void _test_FLE2EncryptionPlaceholder_parse(_mongocrypt_tester_t *tester) {
|
1619
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1620
|
-
bson_t as_bson;
|
1621
|
-
mongocrypt_status_t *status;
|
1622
|
-
_mongocrypt_buffer_t buf;
|
1623
|
-
|
1624
|
-
status = mongocrypt_status_new();
|
1625
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1626
|
-
"03610000001074000100000010610002000000056b690010000000041234567812349876"
|
1627
|
-
"1234123456789012056b75001000000004abcdefab123498761234123456789012027600"
|
1628
|
-
"0900000076616c75653132330012636d00000000000000000000");
|
1629
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1630
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1631
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1632
|
-
|
1633
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
|
1634
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_EQUALITY);
|
1635
|
-
ASSERT(BSON_ITER_HOLDS_UTF8(&placeholder.v_iter));
|
1636
|
-
ASSERT_STREQUAL(bson_iter_utf8(&placeholder.v_iter, NULL), "value123");
|
1637
|
-
|
1638
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1639
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1640
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1641
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1642
|
-
|
1643
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1644
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1645
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1646
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1647
|
-
|
1648
|
-
ASSERT(placeholder.maxContentionFactor == 0);
|
1649
|
-
|
1650
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1651
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1652
|
-
mongocrypt_status_destroy(status);
|
1653
|
-
}
|
1654
|
-
|
1655
|
-
static void _test_FLE2EncryptionPlaceholder_range_parse(_mongocrypt_tester_t *tester) {
|
1656
|
-
// Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT.
|
1657
|
-
{
|
1658
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1659
|
-
bson_t as_bson;
|
1660
|
-
mongocrypt_status_t *status;
|
1661
|
-
_mongocrypt_buffer_t buf;
|
1662
|
-
|
1663
|
-
status = mongocrypt_status_new();
|
1664
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1665
|
-
"037d0000001074000100000010610003000000056b690010000000041234567812349"
|
1666
|
-
"8761234123456789012056b75001000000004abcdefab123498761234123456789012"
|
1667
|
-
"0376001e00000010760040e20100106d696e0000000000106d61780087d6120000126"
|
1668
|
-
"36d000000000000000000127300010000000000000000");
|
1669
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1670
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1671
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1672
|
-
|
1673
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
|
1674
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
|
1675
|
-
|
1676
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1677
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1678
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1679
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1680
|
-
|
1681
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1682
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1683
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1684
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1685
|
-
|
1686
|
-
ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
|
1687
|
-
|
1688
|
-
// Parse FLE2RangeInsertSpec.
|
1689
|
-
{
|
1690
|
-
mc_FLE2RangeInsertSpec_t spec;
|
1691
|
-
|
1692
|
-
ASSERT_OK_STATUS(mc_FLE2RangeInsertSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
|
1693
|
-
status);
|
1694
|
-
|
1695
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.v));
|
1696
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.v), ==, 123456);
|
1697
|
-
|
1698
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.min));
|
1699
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.min), ==, 0);
|
1700
|
-
|
1701
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.max));
|
1702
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.max), ==, 1234567);
|
1703
|
-
}
|
1704
|
-
|
1705
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1706
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1707
|
-
mongocrypt_status_destroy(status);
|
1708
|
-
}
|
1709
|
-
|
1710
|
-
// Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND.
|
1711
|
-
{
|
1712
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1713
|
-
bson_t as_bson;
|
1714
|
-
mongocrypt_status_t *status;
|
1715
|
-
_mongocrypt_buffer_t buf;
|
1716
|
-
|
1717
|
-
status = mongocrypt_status_new();
|
1718
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1719
|
-
"03ec0000001074000200000010610003000000056b690010000000041234567812349"
|
1720
|
-
"8761234123456789012056b75001000000004abcdefab123498761234123456789012"
|
1721
|
-
"0376008d000000036564676573496e666f005b000000106c6f776572426f756e64000"
|
1722
|
-
"0000000086c62496e636c756465640001107570706572426f756e640087d612000875"
|
1723
|
-
"62496e636c75646564000110696e6465784d696e000000000010696e6465784d61780"
|
1724
|
-
"087d6120000107061796c6f6164496400d20400001066697273744f70657261746f72"
|
1725
|
-
"00010000000012636d000000000000000000127300010000000000000000");
|
1726
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1727
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1728
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1729
|
-
|
1730
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
|
1731
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
|
1732
|
-
|
1733
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1734
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1735
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1736
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1737
|
-
|
1738
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1739
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1740
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1741
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1742
|
-
|
1743
|
-
ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
|
1744
|
-
|
1745
|
-
// Parse FLE2RangeFindSpec.
|
1746
|
-
{
|
1747
|
-
mc_FLE2RangeFindSpec_t spec;
|
1748
|
-
|
1749
|
-
ASSERT_OK_STATUS(mc_FLE2RangeFindSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
|
1750
|
-
status);
|
1751
|
-
|
1752
|
-
ASSERT(spec.edgesInfo.set);
|
1753
|
-
|
1754
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.lowerBound));
|
1755
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.lowerBound), ==, 0);
|
1756
|
-
ASSERT(spec.edgesInfo.value.lbIncluded);
|
1757
|
-
|
1758
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.upperBound));
|
1759
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.upperBound), ==, 1234567);
|
1760
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1761
|
-
|
1762
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.indexMin));
|
1763
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.indexMin), ==, 0);
|
1764
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1765
|
-
|
1766
|
-
ASSERT(BSON_ITER_HOLDS_INT32(&spec.edgesInfo.value.indexMax));
|
1767
|
-
ASSERT_CMPINT32(bson_iter_int32(&spec.edgesInfo.value.indexMax), ==, 1234567);
|
1768
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1769
|
-
|
1770
|
-
ASSERT_CMPINT32(spec.payloadId, ==, 1234);
|
1771
|
-
|
1772
|
-
ASSERT_CMPINT(spec.firstOperator, ==, FLE2RangeOperator_kGt);
|
1773
|
-
ASSERT_CMPINT(spec.secondOperator, ==, FLE2RangeOperator_kNone);
|
1774
|
-
}
|
1775
|
-
|
1776
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1777
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1778
|
-
mongocrypt_status_destroy(status);
|
1779
|
-
}
|
1780
|
-
|
1781
|
-
// Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND with precision.
|
1782
|
-
{
|
1783
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1784
|
-
bson_t as_bson;
|
1785
|
-
mongocrypt_status_t *status;
|
1786
|
-
_mongocrypt_buffer_t buf;
|
1787
|
-
|
1788
|
-
status = mongocrypt_status_new();
|
1789
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1790
|
-
"030b0100001074000200000010610003000000056b690010000000041234567812349"
|
1791
|
-
"8761234123456789012056b75001000000004abcdefab123498761234123456789012"
|
1792
|
-
"037600ac000000036564676573496e666f007a000000016c6f776572426f756e64000"
|
1793
|
-
"000000000000000086c62496e636c756465640001017570706572426f756e64000000"
|
1794
|
-
"000000006940087562496e636c75646564000110707265636973696f6e00020000000"
|
1795
|
-
"1696e6465784d696e00000000000000000001696e6465784d61780000000000000069"
|
1796
|
-
"4000107061796c6f6164496400d20400001066697273744f70657261746f720001000"
|
1797
|
-
"0000012636d000000000000000000127300010000000000000000");
|
1798
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1799
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1800
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1801
|
-
|
1802
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_FIND);
|
1803
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
|
1804
|
-
|
1805
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1806
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1807
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1808
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1809
|
-
|
1810
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1811
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1812
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1813
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1814
|
-
|
1815
|
-
ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
|
1816
|
-
|
1817
|
-
// Parse FLE2RangeFindSpec.
|
1818
|
-
{
|
1819
|
-
mc_FLE2RangeFindSpec_t spec;
|
1820
|
-
|
1821
|
-
ASSERT_OK_STATUS(mc_FLE2RangeFindSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
|
1822
|
-
status);
|
1823
|
-
|
1824
|
-
ASSERT(spec.edgesInfo.set);
|
1825
|
-
|
1826
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.lowerBound));
|
1827
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.lowerBound), ==, 0.0);
|
1828
|
-
ASSERT(spec.edgesInfo.value.lbIncluded);
|
1829
|
-
|
1830
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.upperBound));
|
1831
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.upperBound), ==, 200.0);
|
1832
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1833
|
-
|
1834
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.indexMin));
|
1835
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.indexMin), ==, 0);
|
1836
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1837
|
-
|
1838
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.edgesInfo.value.indexMax));
|
1839
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.edgesInfo.value.indexMax), ==, 200.0);
|
1840
|
-
ASSERT(spec.edgesInfo.value.ubIncluded);
|
1841
|
-
|
1842
|
-
ASSERT_CMPDOUBLE(spec.payloadId, ==, 1234);
|
1843
|
-
|
1844
|
-
ASSERT_CMPINT(spec.firstOperator, ==, FLE2RangeOperator_kGt);
|
1845
|
-
ASSERT(spec.edgesInfo.value.precision.set);
|
1846
|
-
ASSERT_CMPUINT32(spec.edgesInfo.value.precision.value, ==, 2);
|
1847
|
-
}
|
1848
|
-
|
1849
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1850
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1851
|
-
mongocrypt_status_destroy(status);
|
1852
|
-
}
|
1853
|
-
|
1854
|
-
// Test type=MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT with precision.
|
1855
|
-
{
|
1856
|
-
mc_FLE2EncryptionPlaceholder_t placeholder;
|
1857
|
-
bson_t as_bson;
|
1858
|
-
mongocrypt_status_t *status;
|
1859
|
-
_mongocrypt_buffer_t buf;
|
1860
|
-
|
1861
|
-
status = mongocrypt_status_new();
|
1862
|
-
_mongocrypt_buffer_copy_from_hex(&buf,
|
1863
|
-
"03980000001074000100000010610003000000056b690010000000041234567812349"
|
1864
|
-
"8761234123456789012056b75001000000004abcdefab123498761234123456789012"
|
1865
|
-
"0376003900000001760077be9f1a2fdd5e40016d696e000000000000000000016d617"
|
1866
|
-
"800000000000000694010707265636973696f6e00020000000012636d000000000000"
|
1867
|
-
"000000127300010000000000000000");
|
1868
|
-
ASSERT(bson_init_static(&as_bson, buf.data + 1, buf.len - 1));
|
1869
|
-
mc_FLE2EncryptionPlaceholder_init(&placeholder);
|
1870
|
-
ASSERT_OK_STATUS(mc_FLE2EncryptionPlaceholder_parse(&placeholder, &as_bson, status), status);
|
1871
|
-
|
1872
|
-
ASSERT(placeholder.type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT);
|
1873
|
-
ASSERT(placeholder.algorithm == MONGOCRYPT_FLE2_ALGORITHM_RANGE);
|
1874
|
-
|
1875
|
-
_mongocrypt_buffer_t expect_index_key_id;
|
1876
|
-
_mongocrypt_buffer_copy_from_hex(&expect_index_key_id, "12345678123498761234123456789012");
|
1877
|
-
ASSERT_CMPBUF(placeholder.index_key_id, expect_index_key_id);
|
1878
|
-
_mongocrypt_buffer_cleanup(&expect_index_key_id);
|
1879
|
-
|
1880
|
-
_mongocrypt_buffer_t expect_user_key_id;
|
1881
|
-
_mongocrypt_buffer_copy_from_hex(&expect_user_key_id, "abcdefab123498761234123456789012");
|
1882
|
-
ASSERT_CMPBUF(placeholder.user_key_id, expect_user_key_id);
|
1883
|
-
_mongocrypt_buffer_cleanup(&expect_user_key_id);
|
1884
|
-
|
1885
|
-
ASSERT_CMPINT64(placeholder.sparsity, ==, 1);
|
1886
|
-
|
1887
|
-
// Parse FLE2RangeInsertSpec.
|
1888
|
-
{
|
1889
|
-
mc_FLE2RangeInsertSpec_t spec;
|
1890
|
-
|
1891
|
-
ASSERT_OK_STATUS(mc_FLE2RangeInsertSpec_parse(&spec, &placeholder.v_iter, false /* use_range_v2 */, status),
|
1892
|
-
status);
|
1893
|
-
|
1894
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.v));
|
1895
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.v), ==, 123.456);
|
1896
|
-
|
1897
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.min));
|
1898
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.min), ==, 0.0);
|
1899
|
-
|
1900
|
-
ASSERT(BSON_ITER_HOLDS_DOUBLE(&spec.max));
|
1901
|
-
ASSERT_CMPDOUBLE(bson_iter_double(&spec.max), ==, 200.0);
|
1902
|
-
|
1903
|
-
ASSERT(spec.precision.set);
|
1904
|
-
ASSERT_CMPUINT32(spec.precision.value, ==, 2);
|
1905
|
-
}
|
1906
|
-
|
1907
|
-
mc_FLE2EncryptionPlaceholder_cleanup(&placeholder);
|
1908
|
-
_mongocrypt_buffer_cleanup(&buf);
|
1909
|
-
mongocrypt_status_destroy(status);
|
1910
|
-
}
|
1911
|
-
}
|
1912
|
-
|
1913
1586
|
// Shared implementation for insert and find tests
|
1914
1587
|
typedef struct {
|
1915
1588
|
_mongocrypt_buffer_t buf;
|
@@ -1931,27 +1604,18 @@ static bool _test_rng_source(void *ctx, mongocrypt_binary_t *out, uint32_t count
|
|
1931
1604
|
|
1932
1605
|
typedef enum {
|
1933
1606
|
kFLE2v2Default,
|
1934
|
-
kFLE2v2Disable,
|
1935
1607
|
kFLE2v2Enable,
|
1936
1608
|
} _test_fle2v2_option;
|
1937
1609
|
|
1938
1610
|
#define TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, data_path, rng_source, v2_failure) \
|
1939
1611
|
{ \
|
1940
1612
|
(rng_source)->pos = 0; \
|
1941
|
-
_test_encrypt_fle2_encryption_placeholder(tester, data_path, rng_source,
|
1942
|
-
char v2path[4096]; \
|
1943
|
-
/* transitional: Use v1 data path if expecting failure */ \
|
1944
|
-
ASSERT(snprintf(v2path, sizeof(v2path), "%s%s", data_path, v2_failure ? "" : "-v2")); \
|
1945
|
-
(rng_source)->pos = 0; \
|
1946
|
-
_test_encrypt_fle2_encryption_placeholder(tester, v2path, rng_source, kFLE2v2Default, NULL); \
|
1947
|
-
(rng_source)->pos = 0; \
|
1948
|
-
_test_encrypt_fle2_encryption_placeholder(tester, v2path, rng_source, kFLE2v2Enable, v2_failure); \
|
1613
|
+
_test_encrypt_fle2_encryption_placeholder(tester, data_path, rng_source, NULL); \
|
1949
1614
|
}
|
1950
1615
|
|
1951
1616
|
static void _test_encrypt_fle2_encryption_placeholder(_mongocrypt_tester_t *tester,
|
1952
1617
|
const char *data_path,
|
1953
1618
|
_test_rng_data_source *rng_source,
|
1954
|
-
_test_fle2v2_option test_fle2v2_option,
|
1955
1619
|
const char *finalize_failure) {
|
1956
1620
|
mongocrypt_t *crypt;
|
1957
1621
|
char pathbuf[2048];
|
@@ -1964,7 +1628,7 @@ static void _test_encrypt_fle2_encryption_placeholder(_mongocrypt_tester_t *test
|
|
1964
1628
|
((void)0)
|
1965
1629
|
|
1966
1630
|
if (!_aes_ctr_is_supported_by_os) {
|
1967
|
-
|
1631
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
1968
1632
|
return;
|
1969
1633
|
}
|
1970
1634
|
|
@@ -1976,9 +1640,6 @@ static void _test_encrypt_fle2_encryption_placeholder(_mongocrypt_tester_t *test
|
|
1976
1640
|
mongocrypt_binary_t *localkey;
|
1977
1641
|
|
1978
1642
|
crypt = mongocrypt_new();
|
1979
|
-
if (test_fle2v2_option == kFLE2v2Disable) {
|
1980
|
-
ASSERT(mongocrypt_setopt_fle2v2(crypt, false));
|
1981
|
-
}
|
1982
1643
|
mongocrypt_setopt_log_handler(crypt, _mongocrypt_stdout_log_fn, NULL);
|
1983
1644
|
localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
|
1984
1645
|
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
@@ -2055,7 +1716,28 @@ static void _test_encrypt_fle2_insert_payload(_mongocrypt_tester_t *tester) {
|
|
2055
1716
|
uint8_t rng_data[] = RNG_DATA;
|
2056
1717
|
|
2057
1718
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2058
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert", &source, NULL)
|
1719
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-v2", &source, NULL)
|
1720
|
+
}
|
1721
|
+
|
1722
|
+
static void _test_encrypt_fle2_insert_payload_with_str_encode_version(_mongocrypt_tester_t *tester) {
|
1723
|
+
uint8_t rng_data[] = RNG_DATA;
|
1724
|
+
|
1725
|
+
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
1726
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-v2-with-str-encode-version", &source, NULL)
|
1727
|
+
}
|
1728
|
+
|
1729
|
+
static void _test_encrypt_fle2_insert_text_search_payload(_mongocrypt_tester_t *tester) {
|
1730
|
+
uint8_t rng_data[] = RNG_DATA;
|
1731
|
+
|
1732
|
+
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
1733
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-text-search", &source, NULL)
|
1734
|
+
}
|
1735
|
+
|
1736
|
+
static void _test_encrypt_fle2_insert_text_search_payload_with_str_encode_version(_mongocrypt_tester_t *tester) {
|
1737
|
+
uint8_t rng_data[] = RNG_DATA;
|
1738
|
+
|
1739
|
+
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
1740
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-text-search-with-str-encode-version", &source, NULL)
|
2059
1741
|
}
|
2060
1742
|
|
2061
1743
|
#undef RNG_DATA
|
@@ -2063,7 +1745,7 @@ static void _test_encrypt_fle2_insert_payload(_mongocrypt_tester_t *tester) {
|
|
2063
1745
|
// FLE2FindEqualityPayload only uses deterministic token generation.
|
2064
1746
|
static void _test_encrypt_fle2_find_payload(_mongocrypt_tester_t *tester) {
|
2065
1747
|
_test_rng_data_source source = {{0}};
|
2066
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-equality", &source, NULL)
|
1748
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-equality-v2", &source, NULL)
|
2067
1749
|
}
|
2068
1750
|
|
2069
1751
|
/* 16 bytes of random data are used for IV. This IV produces the expected test
|
@@ -2073,7 +1755,7 @@ static void _test_encrypt_fle2_find_payload(_mongocrypt_tester_t *tester) {
|
|
2073
1755
|
static void _test_encrypt_fle2_unindexed_encrypted_payload(_mongocrypt_tester_t *tester) {
|
2074
1756
|
uint8_t rng_data[] = RNG_DATA;
|
2075
1757
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2076
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-unindexed", &source, NULL);
|
1758
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-unindexed-v2", &source, NULL);
|
2077
1759
|
}
|
2078
1760
|
|
2079
1761
|
#undef RNG_DATA
|
@@ -2083,7 +1765,7 @@ static void _test_encrypt_fle2_unindexed_encrypted_payload(_mongocrypt_tester_t
|
|
2083
1765
|
static void _test_encrypt_fle2_insert_range_payload_int32(_mongocrypt_tester_t *tester) {
|
2084
1766
|
uint8_t rng_data[] = RNG_DATA;
|
2085
1767
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2086
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int32", &source, NULL)
|
1768
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int32-v2", &source, NULL)
|
2087
1769
|
}
|
2088
1770
|
|
2089
1771
|
#undef RNG_DATA
|
@@ -2093,7 +1775,7 @@ static void _test_encrypt_fle2_insert_range_payload_int32(_mongocrypt_tester_t *
|
|
2093
1775
|
static void _test_encrypt_fle2_insert_range_payload_int64(_mongocrypt_tester_t *tester) {
|
2094
1776
|
uint8_t rng_data[] = RNG_DATA;
|
2095
1777
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2096
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int64", &source, NULL)
|
1778
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/int64-v2", &source, NULL)
|
2097
1779
|
}
|
2098
1780
|
|
2099
1781
|
#undef RNG_DATA
|
@@ -2103,7 +1785,7 @@ static void _test_encrypt_fle2_insert_range_payload_int64(_mongocrypt_tester_t *
|
|
2103
1785
|
static void _test_encrypt_fle2_insert_range_payload_date(_mongocrypt_tester_t *tester) {
|
2104
1786
|
uint8_t rng_data[] = RNG_DATA;
|
2105
1787
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2106
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/date", &source, NULL)
|
1788
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/date-v2", &source, NULL)
|
2107
1789
|
}
|
2108
1790
|
|
2109
1791
|
#undef RNG_DATA
|
@@ -2113,7 +1795,7 @@ static void _test_encrypt_fle2_insert_range_payload_date(_mongocrypt_tester_t *t
|
|
2113
1795
|
static void _test_encrypt_fle2_insert_range_payload_double(_mongocrypt_tester_t *tester) {
|
2114
1796
|
uint8_t rng_data[] = RNG_DATA;
|
2115
1797
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2116
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double", &source, NULL)
|
1798
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double-v2", &source, NULL)
|
2117
1799
|
}
|
2118
1800
|
|
2119
1801
|
#undef RNG_DATA
|
@@ -2123,7 +1805,7 @@ static void _test_encrypt_fle2_insert_range_payload_double(_mongocrypt_tester_t
|
|
2123
1805
|
static void _test_encrypt_fle2_insert_range_payload_double_precision(_mongocrypt_tester_t *tester) {
|
2124
1806
|
uint8_t rng_data[] = RNG_DATA;
|
2125
1807
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2126
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double-precision", &source, NULL)
|
1808
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/double-precision-v2", &source, NULL)
|
2127
1809
|
}
|
2128
1810
|
|
2129
1811
|
#undef RNG_DATA
|
@@ -2134,7 +1816,7 @@ static void _test_encrypt_fle2_insert_range_payload_double_precision(_mongocrypt
|
|
2134
1816
|
static void _test_encrypt_fle2_insert_range_payload_decimal128(_mongocrypt_tester_t *tester) {
|
2135
1817
|
uint8_t rng_data[] = RNG_DATA;
|
2136
1818
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2137
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128", &source, NULL)
|
1819
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128-v2", &source, NULL)
|
2138
1820
|
}
|
2139
1821
|
|
2140
1822
|
#undef RNG_DATA
|
@@ -2144,7 +1826,7 @@ static void _test_encrypt_fle2_insert_range_payload_decimal128(_mongocrypt_teste
|
|
2144
1826
|
static void _test_encrypt_fle2_insert_range_payload_decimal128_precision(_mongocrypt_tester_t *tester) {
|
2145
1827
|
uint8_t rng_data[] = RNG_DATA;
|
2146
1828
|
_test_rng_data_source source = {.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2147
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128-precision", &source, NULL)
|
1829
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-insert-range/decimal128-precision-v2", &source, NULL)
|
2148
1830
|
}
|
2149
1831
|
|
2150
1832
|
#undef RNG_DATA
|
@@ -2153,48 +1835,48 @@ static void _test_encrypt_fle2_insert_range_payload_decimal128_precision(_mongoc
|
|
2153
1835
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2154
1836
|
static void _test_encrypt_fle2_find_range_payload_int32(_mongocrypt_tester_t *tester) {
|
2155
1837
|
_test_rng_data_source source = {{0}};
|
2156
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int32", &source, NULL)
|
1838
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int32-v2", &source, NULL)
|
2157
1839
|
}
|
2158
1840
|
|
2159
1841
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2160
1842
|
static void _test_encrypt_fle2_find_range_payload_int64(_mongocrypt_tester_t *tester) {
|
2161
1843
|
_test_rng_data_source source = {{0}};
|
2162
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int64", &source, NULL)
|
1844
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/int64-v2", &source, NULL)
|
2163
1845
|
}
|
2164
1846
|
|
2165
1847
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2166
1848
|
static void _test_encrypt_fle2_find_range_payload_date(_mongocrypt_tester_t *tester) {
|
2167
1849
|
_test_rng_data_source source = {{0}};
|
2168
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/date", &source, NULL)
|
1850
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/date-v2", &source, NULL)
|
2169
1851
|
}
|
2170
1852
|
|
2171
1853
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2172
1854
|
static void _test_encrypt_fle2_find_range_payload_double(_mongocrypt_tester_t *tester) {
|
2173
1855
|
_test_rng_data_source source = {{0}};
|
2174
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double", &source, NULL)
|
1856
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double-v2", &source, NULL)
|
2175
1857
|
}
|
2176
1858
|
|
2177
1859
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2178
1860
|
static void _test_encrypt_fle2_find_range_payload_double_precision(_mongocrypt_tester_t *tester) {
|
2179
1861
|
_test_rng_data_source source = {{0}};
|
2180
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double-precision", &source, NULL)
|
1862
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/double-precision-v2", &source, NULL)
|
2181
1863
|
}
|
2182
1864
|
|
2183
1865
|
#if MONGOCRYPT_HAVE_DECIMAL128_SUPPORT
|
2184
1866
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2185
1867
|
static void _test_encrypt_fle2_find_range_payload_decimal128(_mongocrypt_tester_t *tester) {
|
2186
1868
|
_test_rng_data_source source = {{0}};
|
2187
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128", &source, NULL)
|
1869
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128-v2", &source, NULL)
|
2188
1870
|
}
|
2189
1871
|
|
2190
1872
|
// FLE2FindRangePayload only uses deterministic token generation.
|
2191
1873
|
static void _test_encrypt_fle2_find_range_payload_decimal128_precision(_mongocrypt_tester_t *tester) {
|
2192
1874
|
_test_rng_data_source source = {{0}};
|
2193
|
-
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128-precision", &source, NULL)
|
1875
|
+
TEST_ENCRYPT_FLE2_ENCRYPTION_PLACEHOLDER(tester, "fle2-find-range/decimal128-precision-v2", &source, NULL)
|
2194
1876
|
}
|
2195
1877
|
#endif // MONGOCRYPT_HAVE_DECIMAL128_SUPPORT
|
2196
1878
|
|
2197
|
-
static mongocrypt_t *_crypt_with_rng(_test_rng_data_source *rng_source, bool
|
1879
|
+
static mongocrypt_t *_crypt_with_rng(_test_rng_data_source *rng_source, bool use_range_v2) {
|
2198
1880
|
mongocrypt_t *crypt;
|
2199
1881
|
mongocrypt_binary_t *localkey;
|
2200
1882
|
/* localkey_data is the KEK used to encrypt the keyMaterial
|
@@ -2216,9 +1898,6 @@ static mongocrypt_t *_crypt_with_rng(_test_rng_data_source *rng_source, bool use
|
|
2216
1898
|
crypt);
|
2217
1899
|
|
2218
1900
|
mongocrypt_binary_destroy(localkey);
|
2219
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
2220
|
-
// QEv1 is still supported.
|
2221
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, use_v2), crypt);
|
2222
1901
|
if (use_range_v2) {
|
2223
1902
|
ASSERT_OK(mongocrypt_setopt_use_range_v2(crypt), crypt);
|
2224
1903
|
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
@@ -2243,25 +1922,20 @@ typedef struct {
|
|
2243
1922
|
const char *expect_finalize_error;
|
2244
1923
|
const char *expect_init_error;
|
2245
1924
|
bool is_expression;
|
2246
|
-
bool use_v2;
|
2247
1925
|
bool use_range_v2;
|
2248
1926
|
} ee_testcase;
|
2249
1927
|
|
2250
1928
|
static void ee_testcase_run(ee_testcase *tc) {
|
2251
|
-
|
1929
|
+
TEST_PRINTF(" explicit_encryption_finalize test case: %s ... begin\n", tc->desc);
|
2252
1930
|
extern void mc_reset_payloadId_for_testing(void);
|
2253
1931
|
mc_reset_payloadId_for_testing();
|
2254
1932
|
mongocrypt_t *crypt;
|
2255
1933
|
if (tc->rng_data.buf.len > 0) {
|
2256
1934
|
// Use fixed data for random number generation to produce deterministic
|
2257
1935
|
// results.
|
2258
|
-
crypt = _crypt_with_rng(&tc->rng_data, tc->
|
1936
|
+
crypt = _crypt_with_rng(&tc->rng_data, tc->use_range_v2);
|
2259
1937
|
} else {
|
2260
1938
|
tester_mongocrypt_flags flags = TESTER_MONGOCRYPT_DEFAULT;
|
2261
|
-
// TODO(MONGOCRYPT-572): Remove tests cases for QEv1.
|
2262
|
-
if (!tc->use_v2) {
|
2263
|
-
flags |= TESTER_MONGOCRYPT_WITH_CRYPT_V1;
|
2264
|
-
}
|
2265
1939
|
if (tc->use_range_v2) {
|
2266
1940
|
flags |= TESTER_MONGOCRYPT_WITH_RANGE_V2;
|
2267
1941
|
}
|
@@ -2330,7 +2004,7 @@ static void ee_testcase_run(ee_testcase *tc) {
|
|
2330
2004
|
}
|
2331
2005
|
|
2332
2006
|
cleanup:
|
2333
|
-
|
2007
|
+
TEST_PRINTF(" explicit_encryption_finalize test case: %s ... end\n", tc->desc);
|
2334
2008
|
mongocrypt_ctx_destroy(ctx);
|
2335
2009
|
mongocrypt_destroy(crypt);
|
2336
2010
|
}
|
@@ -2341,7 +2015,7 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2341
2015
|
_mongocrypt_buffer_t key123_id;
|
2342
2016
|
|
2343
2017
|
if (!_aes_ctr_is_supported_by_os) {
|
2344
|
-
|
2018
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
2345
2019
|
return;
|
2346
2020
|
}
|
2347
2021
|
|
@@ -2355,26 +2029,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2355
2029
|
"12345678123498761234123456789012-local-"
|
2356
2030
|
"document.json");
|
2357
2031
|
|
2358
|
-
{
|
2359
|
-
ee_testcase tc = {0};
|
2360
|
-
tc.desc = "Unindexed";
|
2361
|
-
#define RNG_DATA "\x4d\x06\x95\x64\xf5\xa0\x5e\x9e\x35\x23\xb9\x8f\x57\x5a\xcb\x15"
|
2362
|
-
uint8_t rng_data[] = RNG_DATA;
|
2363
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2364
|
-
#undef RNG_DATA
|
2365
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_UNINDEXED_STR;
|
2366
|
-
tc.user_key_id = &keyABC_id;
|
2367
|
-
tc.index_key_id = &key123_id;
|
2368
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2369
|
-
tc.keys_to_feed[0] = keyABC;
|
2370
|
-
tc.keys_to_feed[1] = key123;
|
2371
|
-
tc.expect = TEST_BSON("{'v': { '$binary': { 'base64': "
|
2372
|
-
"'BqvN76sSNJh2EjQSNFZ4kBICTQaVZPWgXp41I7mPV1rLFTtw1tXzjc"
|
2373
|
-
"dSEyxpKKqujlko5TeizkB9hHQ009dVY1+fgIiDcefh+eQrm3CkhQ=='"
|
2374
|
-
", 'subType': '06' } }}");
|
2375
|
-
ee_testcase_run(&tc);
|
2376
|
-
}
|
2377
|
-
|
2378
2032
|
{
|
2379
2033
|
ee_testcase tc = {0};
|
2380
2034
|
tc.desc = "Unindexed (v2)";
|
@@ -2391,27 +2045,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2391
2045
|
tc.expect = TEST_BSON("{'v' : {'$binary' : {'base64': "
|
2392
2046
|
"'EKvN76sSNJh2EjQSNFZ4kBICTQaVZPWgXp41I7mPV1rLFVl3jjP90PgD4T+Mtubn/"
|
2393
2047
|
"mm4CKsKGaV1yxlic9Dty1Adef4Y+bsLGKhBbCa5eojM/A==','subType' : '06'}}}");
|
2394
|
-
tc.use_v2 = true;
|
2395
|
-
ee_testcase_run(&tc);
|
2396
|
-
}
|
2397
|
-
|
2398
|
-
{
|
2399
|
-
ee_testcase tc = {0};
|
2400
|
-
tc.desc = "Indexed";
|
2401
|
-
#define RNG_DATA \
|
2402
|
-
"\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
|
2403
|
-
"\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
|
2404
|
-
uint8_t rng_data[] = RNG_DATA;
|
2405
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2406
|
-
#undef RNG_DATA
|
2407
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2408
|
-
tc.user_key_id = &keyABC_id;
|
2409
|
-
tc.index_key_id = &key123_id;
|
2410
|
-
tc.contention_factor = OPT_I64(0);
|
2411
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2412
|
-
tc.keys_to_feed[0] = keyABC;
|
2413
|
-
tc.keys_to_feed[1] = key123;
|
2414
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed.json");
|
2415
2048
|
ee_testcase_run(&tc);
|
2416
2049
|
}
|
2417
2050
|
|
@@ -2432,32 +2065,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2432
2065
|
tc.keys_to_feed[0] = keyABC;
|
2433
2066
|
tc.keys_to_feed[1] = key123;
|
2434
2067
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed-v2.json");
|
2435
|
-
tc.use_v2 = true;
|
2436
|
-
ee_testcase_run(&tc);
|
2437
|
-
}
|
2438
|
-
|
2439
|
-
{
|
2440
|
-
ee_testcase tc = {0};
|
2441
|
-
tc.desc = "Indexed with non-zero ContentionFactor. Random number chosen is 0";
|
2442
|
-
/* First 8 bytes are for random ContentionFactor.
|
2443
|
-
* Second 16 bytes are IV for 'p' field in FLE2InsertUpdatePayload
|
2444
|
-
* Third 16 bytes are IV for 'v' field in FLE2InsertUpdatePayload
|
2445
|
-
*/
|
2446
|
-
#define RNG_DATA \
|
2447
|
-
"\x00\x00\x00\x00\x00\x00\x00\x00" \
|
2448
|
-
"\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
|
2449
|
-
"\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
|
2450
|
-
uint8_t rng_data[] = RNG_DATA;
|
2451
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2452
|
-
#undef RNG_DATA
|
2453
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2454
|
-
tc.user_key_id = &keyABC_id;
|
2455
|
-
tc.index_key_id = &key123_id;
|
2456
|
-
tc.contention_factor = OPT_I64(1);
|
2457
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2458
|
-
tc.keys_to_feed[0] = keyABC;
|
2459
|
-
tc.keys_to_feed[1] = key123;
|
2460
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed.json");
|
2461
2068
|
ee_testcase_run(&tc);
|
2462
2069
|
}
|
2463
2070
|
|
@@ -2483,33 +2090,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2483
2090
|
tc.keys_to_feed[0] = keyABC;
|
2484
2091
|
tc.keys_to_feed[1] = key123;
|
2485
2092
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/insert-indexed-v2.json");
|
2486
|
-
tc.use_v2 = true;
|
2487
|
-
ee_testcase_run(&tc);
|
2488
|
-
}
|
2489
|
-
|
2490
|
-
{
|
2491
|
-
ee_testcase tc = {0};
|
2492
|
-
tc.desc = "Indexed with non-zero ContentionFactor. Random number chosen is 1";
|
2493
|
-
/* First 8 bytes are for random ContentionFactor.
|
2494
|
-
* Second 16 bytes are IV for 'p' field in FLE2InsertUpdatePayload
|
2495
|
-
* Third 16 bytes are IV for 'v' field in FLE2InsertUpdatePayload
|
2496
|
-
*/
|
2497
|
-
#define RNG_DATA \
|
2498
|
-
"\x01\x00\x00\x00\x00\x00\x00\x00" \
|
2499
|
-
"\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
|
2500
|
-
"\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
|
2501
|
-
uint8_t rng_data[] = RNG_DATA;
|
2502
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2503
|
-
#undef RNG_DATA
|
2504
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2505
|
-
tc.user_key_id = &keyABC_id;
|
2506
|
-
tc.index_key_id = &key123_id;
|
2507
|
-
tc.contention_factor = OPT_I64(1);
|
2508
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2509
|
-
tc.keys_to_feed[0] = keyABC;
|
2510
|
-
tc.keys_to_feed[1] = key123;
|
2511
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/"
|
2512
|
-
"insert-indexed-contentionFactor1.json");
|
2513
2093
|
ee_testcase_run(&tc);
|
2514
2094
|
}
|
2515
2095
|
|
@@ -2536,26 +2116,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2536
2116
|
tc.keys_to_feed[1] = key123;
|
2537
2117
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/"
|
2538
2118
|
"insert-indexed-contentionFactor1-v2.json");
|
2539
|
-
tc.use_v2 = true;
|
2540
|
-
ee_testcase_run(&tc);
|
2541
|
-
}
|
2542
|
-
|
2543
|
-
{
|
2544
|
-
ee_testcase tc = {0};
|
2545
|
-
tc.desc = "omitted index_key_id defaults to using user_key_id";
|
2546
|
-
#define RNG_DATA \
|
2547
|
-
"\xc7\x43\xd6\x75\x76\x9e\xa7\x88\xd5\xe5\xc4\x40\xdb\x24\x0d\xf9" \
|
2548
|
-
"\x4c\xd9\x64\x10\x43\x81\xe6\x61\xfa\x1f\xa0\x5c\x49\x8e\xad\x21"
|
2549
|
-
uint8_t rng_data[] = RNG_DATA;
|
2550
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = rng_data, .len = sizeof(rng_data) - 1u}};
|
2551
|
-
#undef RNG_DATA
|
2552
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2553
|
-
tc.user_key_id = &keyABC_id;
|
2554
|
-
tc.contention_factor = OPT_I64(0);
|
2555
|
-
tc.msg = TEST_BSON("{'v': 'value123'}");
|
2556
|
-
tc.keys_to_feed[0] = keyABC;
|
2557
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/"
|
2558
|
-
"insert-indexed-same-user-and-index-key.json");
|
2559
2119
|
ee_testcase_run(&tc);
|
2560
2120
|
}
|
2561
2121
|
|
@@ -2575,22 +2135,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2575
2135
|
tc.keys_to_feed[0] = keyABC;
|
2576
2136
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/"
|
2577
2137
|
"insert-indexed-same-user-and-index-key-v2.json");
|
2578
|
-
tc.use_v2 = true;
|
2579
|
-
ee_testcase_run(&tc);
|
2580
|
-
}
|
2581
|
-
|
2582
|
-
{
|
2583
|
-
ee_testcase tc = {0};
|
2584
|
-
tc.desc = "algorithm='Indexed' with query type";
|
2585
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2586
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
|
2587
|
-
tc.user_key_id = &keyABC_id;
|
2588
|
-
tc.index_key_id = &key123_id;
|
2589
|
-
tc.contention_factor = OPT_I64(0);
|
2590
|
-
tc.msg = TEST_BSON("{'v': 123456}");
|
2591
|
-
tc.keys_to_feed[0] = keyABC;
|
2592
|
-
tc.keys_to_feed[1] = key123;
|
2593
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed.json");
|
2594
2138
|
ee_testcase_run(&tc);
|
2595
2139
|
}
|
2596
2140
|
|
@@ -2606,22 +2150,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2606
2150
|
tc.keys_to_feed[0] = keyABC;
|
2607
2151
|
tc.keys_to_feed[1] = key123;
|
2608
2152
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-v2.json");
|
2609
|
-
tc.use_v2 = true;
|
2610
|
-
ee_testcase_run(&tc);
|
2611
|
-
}
|
2612
|
-
|
2613
|
-
{
|
2614
|
-
ee_testcase tc = {0};
|
2615
|
-
tc.desc = "algorithm='Indexed' with query type and non-zero contention factor";
|
2616
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2617
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_EQUALITY_STR;
|
2618
|
-
tc.user_key_id = &keyABC_id;
|
2619
|
-
tc.index_key_id = &key123_id;
|
2620
|
-
tc.contention_factor = OPT_I64(1);
|
2621
|
-
tc.msg = TEST_BSON("{'v': 123456}");
|
2622
|
-
tc.keys_to_feed[0] = keyABC;
|
2623
|
-
tc.keys_to_feed[1] = key123;
|
2624
|
-
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-contentionFactor1.json");
|
2625
2153
|
ee_testcase_run(&tc);
|
2626
2154
|
}
|
2627
2155
|
|
@@ -2637,18 +2165,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2637
2165
|
tc.keys_to_feed[0] = keyABC;
|
2638
2166
|
tc.keys_to_feed[1] = key123;
|
2639
2167
|
tc.expect = TEST_FILE("./test/data/fle2-explicit/find-indexed-contentionFactor1-v2.json");
|
2640
|
-
tc.use_v2 = true;
|
2641
|
-
ee_testcase_run(&tc);
|
2642
|
-
}
|
2643
|
-
|
2644
|
-
{
|
2645
|
-
ee_testcase tc = {0};
|
2646
|
-
tc.desc = "Negative contention factor is an error on insert";
|
2647
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2648
|
-
tc.user_key_id = &keyABC_id;
|
2649
|
-
tc.contention_factor = OPT_I64(-1);
|
2650
|
-
tc.msg = TEST_BSON("{'v': 123456}");
|
2651
|
-
tc.expect_init_error = "contention must be non-negative";
|
2652
2168
|
ee_testcase_run(&tc);
|
2653
2169
|
}
|
2654
2170
|
|
@@ -2660,13 +2176,12 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2660
2176
|
tc.contention_factor = OPT_I64(-1);
|
2661
2177
|
tc.msg = TEST_BSON("{'v': 123456}");
|
2662
2178
|
tc.expect_init_error = "contention must be non-negative";
|
2663
|
-
tc.use_v2 = true;
|
2664
2179
|
ee_testcase_run(&tc);
|
2665
2180
|
}
|
2666
2181
|
|
2667
2182
|
{
|
2668
2183
|
ee_testcase tc = {0};
|
2669
|
-
tc.desc = "INT64_MAX contention factor is an error on insert";
|
2184
|
+
tc.desc = "INT64_MAX contention factor is an error on insert (v2)";
|
2670
2185
|
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2671
2186
|
tc.user_key_id = &keyABC_id;
|
2672
2187
|
tc.contention_factor = OPT_I64(INT64_MAX);
|
@@ -2675,39 +2190,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2675
2190
|
ee_testcase_run(&tc);
|
2676
2191
|
}
|
2677
2192
|
|
2678
|
-
{
|
2679
|
-
ee_testcase tc = {0};
|
2680
|
-
tc.desc = "INT64_MAX contention factor is an error on insert (v2)";
|
2681
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_INDEXED_STR;
|
2682
|
-
tc.user_key_id = &keyABC_id;
|
2683
|
-
tc.contention_factor = OPT_I64(INT64_MAX);
|
2684
|
-
tc.msg = TEST_BSON("{'v': 123456}");
|
2685
|
-
tc.expect_init_error = "contention must be < INT64_MAX";
|
2686
|
-
tc.use_v2 = true;
|
2687
|
-
ee_testcase_run(&tc);
|
2688
|
-
}
|
2689
|
-
|
2690
|
-
{
|
2691
|
-
ee_testcase tc = {0};
|
2692
|
-
tc.desc = "algorithm='Range' with int32";
|
2693
|
-
#include "./data/fle2-insert-range-explicit/int32/RNG_DATA.h"
|
2694
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
|
2695
|
-
#undef RNG_DATA
|
2696
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2697
|
-
tc.user_key_id = &keyABC_id;
|
2698
|
-
tc.index_key_id = &key123_id;
|
2699
|
-
tc.contention_factor = OPT_I64(0);
|
2700
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/"
|
2701
|
-
"int32/rangeopts.json");
|
2702
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/"
|
2703
|
-
"value-to-encrypt.json");
|
2704
|
-
tc.keys_to_feed[0] = keyABC;
|
2705
|
-
tc.keys_to_feed[1] = key123;
|
2706
|
-
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/"
|
2707
|
-
"encrypted-payload.json");
|
2708
|
-
ee_testcase_run(&tc);
|
2709
|
-
}
|
2710
|
-
|
2711
2193
|
{
|
2712
2194
|
ee_testcase tc = {0};
|
2713
2195
|
tc.desc = "algorithm='Range' with int32 (v2)";
|
@@ -2726,28 +2208,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2726
2208
|
tc.keys_to_feed[1] = key123;
|
2727
2209
|
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/"
|
2728
2210
|
"encrypted-payload-v2.json");
|
2729
|
-
tc.use_v2 = true;
|
2730
|
-
ee_testcase_run(&tc);
|
2731
|
-
}
|
2732
|
-
|
2733
|
-
{
|
2734
|
-
ee_testcase tc = {0};
|
2735
|
-
tc.desc = "algorithm='Range' with sparsity=2 with int32";
|
2736
|
-
#include "./data/fle2-insert-range-explicit/sparsity-2/RNG_DATA.h"
|
2737
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
|
2738
|
-
#undef RNG_DATA
|
2739
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2740
|
-
tc.user_key_id = &keyABC_id;
|
2741
|
-
tc.index_key_id = &key123_id;
|
2742
|
-
tc.contention_factor = OPT_I64(0);
|
2743
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/"
|
2744
|
-
"sparsity-2/rangeopts.json");
|
2745
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/sparsity-2/"
|
2746
|
-
"value-to-encrypt.json");
|
2747
|
-
tc.keys_to_feed[0] = keyABC;
|
2748
|
-
tc.keys_to_feed[1] = key123;
|
2749
|
-
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/sparsity-2/"
|
2750
|
-
"encrypted-payload.json");
|
2751
2211
|
ee_testcase_run(&tc);
|
2752
2212
|
}
|
2753
2213
|
|
@@ -2769,26 +2229,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2769
2229
|
tc.keys_to_feed[1] = key123;
|
2770
2230
|
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/sparsity-2/"
|
2771
2231
|
"encrypted-payload-v2.json");
|
2772
|
-
tc.use_v2 = true;
|
2773
|
-
ee_testcase_run(&tc);
|
2774
|
-
}
|
2775
|
-
|
2776
|
-
{
|
2777
|
-
ee_testcase tc = {0};
|
2778
|
-
tc.desc = "algorithm='Range' with query_type='range' with int32";
|
2779
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2780
|
-
tc.user_key_id = &keyABC_id;
|
2781
|
-
tc.index_key_id = &keyABC_id;
|
2782
|
-
tc.contention_factor = OPT_I64(4);
|
2783
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
2784
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
2785
|
-
"int32/rangeopts.json");
|
2786
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/int32/"
|
2787
|
-
"value-to-encrypt.json");
|
2788
|
-
tc.keys_to_feed[0] = keyABC;
|
2789
|
-
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/int32/"
|
2790
|
-
"encrypted-payload.json");
|
2791
|
-
tc.is_expression = true;
|
2792
2232
|
ee_testcase_run(&tc);
|
2793
2233
|
}
|
2794
2234
|
|
@@ -2808,20 +2248,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2808
2248
|
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/int32/"
|
2809
2249
|
"encrypted-payload-v2.json");
|
2810
2250
|
tc.is_expression = true;
|
2811
|
-
tc.use_v2 = true;
|
2812
|
-
ee_testcase_run(&tc);
|
2813
|
-
}
|
2814
|
-
|
2815
|
-
{
|
2816
|
-
ee_testcase tc = {0};
|
2817
|
-
tc.desc = "An unsupported range BSON type is an error";
|
2818
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2819
|
-
tc.user_key_id = &keyABC_id;
|
2820
|
-
tc.contention_factor = OPT_I64(0);
|
2821
|
-
tc.range_opts = TEST_BSON("{'min': 0, 'max': 1, 'sparsity': {'$numberLong': '1'}}");
|
2822
|
-
tc.msg = TEST_BSON("{'v': 'abc'}");
|
2823
|
-
tc.keys_to_feed[0] = keyABC;
|
2824
|
-
tc.expect_finalize_error = "expected matching 'min' and value type";
|
2825
2251
|
ee_testcase_run(&tc);
|
2826
2252
|
}
|
2827
2253
|
|
@@ -2835,28 +2261,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2835
2261
|
tc.msg = TEST_BSON("{'v': 'abc'}");
|
2836
2262
|
tc.keys_to_feed[0] = keyABC;
|
2837
2263
|
tc.expect_finalize_error = "expected matching 'min' and value type";
|
2838
|
-
tc.use_v2 = true;
|
2839
|
-
ee_testcase_run(&tc);
|
2840
|
-
}
|
2841
|
-
|
2842
|
-
{
|
2843
|
-
ee_testcase tc = {0};
|
2844
|
-
tc.desc = "algorithm='Range' with query_type='range' with double with "
|
2845
|
-
"precision";
|
2846
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2847
|
-
tc.user_key_id = &keyABC_id;
|
2848
|
-
tc.index_key_id = &key123_id;
|
2849
|
-
tc.contention_factor = OPT_I64(0);
|
2850
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
2851
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/double-precision/"
|
2852
|
-
"rangeopts.json");
|
2853
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
2854
|
-
"double-precision/value-to-encrypt.json");
|
2855
|
-
tc.keys_to_feed[0] = keyABC;
|
2856
|
-
tc.keys_to_feed[1] = key123;
|
2857
|
-
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
2858
|
-
"double-precision/encrypted-payload.json");
|
2859
|
-
tc.is_expression = true;
|
2860
2264
|
ee_testcase_run(&tc);
|
2861
2265
|
}
|
2862
2266
|
|
@@ -2878,28 +2282,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2878
2282
|
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
2879
2283
|
"double-precision/encrypted-payload-v2.json");
|
2880
2284
|
tc.is_expression = true;
|
2881
|
-
tc.use_v2 = true;
|
2882
|
-
ee_testcase_run(&tc);
|
2883
|
-
}
|
2884
|
-
|
2885
|
-
{
|
2886
|
-
ee_testcase tc = {0};
|
2887
|
-
tc.desc = "algorithm='Range' with double precision with precision";
|
2888
|
-
#include "./data/fle2-insert-range-explicit/double-precision/RNG_DATA.h"
|
2889
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
|
2890
|
-
#undef RNG_DATA
|
2891
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2892
|
-
tc.user_key_id = &keyABC_id;
|
2893
|
-
tc.index_key_id = &key123_id;
|
2894
|
-
tc.contention_factor = OPT_I64(0);
|
2895
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/double-precision/"
|
2896
|
-
"rangeopts.json");
|
2897
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/"
|
2898
|
-
"double-precision/value-to-encrypt.json");
|
2899
|
-
tc.keys_to_feed[0] = keyABC;
|
2900
|
-
tc.keys_to_feed[1] = key123;
|
2901
|
-
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double-precision/"
|
2902
|
-
"encrypted-payload.json");
|
2903
2285
|
ee_testcase_run(&tc);
|
2904
2286
|
}
|
2905
2287
|
|
@@ -2921,26 +2303,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2921
2303
|
tc.keys_to_feed[1] = key123;
|
2922
2304
|
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double-precision/"
|
2923
2305
|
"encrypted-payload-v2.json");
|
2924
|
-
tc.use_v2 = true;
|
2925
|
-
ee_testcase_run(&tc);
|
2926
|
-
}
|
2927
|
-
|
2928
|
-
{
|
2929
|
-
ee_testcase tc = {0};
|
2930
|
-
tc.desc = "algorithm='Range' with query_type='range' with double without "
|
2931
|
-
"precision";
|
2932
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2933
|
-
tc.user_key_id = &keyABC_id;
|
2934
|
-
tc.index_key_id = &key123_id;
|
2935
|
-
tc.contention_factor = OPT_I64(0);
|
2936
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
2937
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/double/"
|
2938
|
-
"rangeopts.json");
|
2939
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/double/value-to-encrypt.json");
|
2940
|
-
tc.keys_to_feed[0] = keyABC;
|
2941
|
-
tc.keys_to_feed[1] = key123;
|
2942
|
-
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/double/encrypted-payload.json");
|
2943
|
-
tc.is_expression = true;
|
2944
2306
|
ee_testcase_run(&tc);
|
2945
2307
|
}
|
2946
2308
|
|
@@ -2960,27 +2322,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
2960
2322
|
tc.keys_to_feed[1] = key123;
|
2961
2323
|
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/double/encrypted-payload-v2.json");
|
2962
2324
|
tc.is_expression = true;
|
2963
|
-
tc.use_v2 = true;
|
2964
|
-
ee_testcase_run(&tc);
|
2965
|
-
}
|
2966
|
-
|
2967
|
-
{
|
2968
|
-
ee_testcase tc = {0};
|
2969
|
-
tc.desc = "algorithm='Range' with double without precision";
|
2970
|
-
#include "./data/fle2-insert-range-explicit/double/RNG_DATA.h"
|
2971
|
-
tc.rng_data = (_test_rng_data_source){.buf = {.data = (uint8_t *)RNG_DATA, .len = sizeof(RNG_DATA) - 1}};
|
2972
|
-
#undef RNG_DATA
|
2973
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
2974
|
-
tc.user_key_id = &keyABC_id;
|
2975
|
-
tc.index_key_id = &key123_id;
|
2976
|
-
tc.contention_factor = OPT_I64(0);
|
2977
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-insert-range-explicit/double/"
|
2978
|
-
"rangeopts.json");
|
2979
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/double/value-to-encrypt.json");
|
2980
|
-
tc.keys_to_feed[0] = keyABC;
|
2981
|
-
tc.keys_to_feed[1] = key123;
|
2982
|
-
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double/"
|
2983
|
-
"encrypted-payload.json");
|
2984
2325
|
ee_testcase_run(&tc);
|
2985
2326
|
}
|
2986
2327
|
|
@@ -3001,20 +2342,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
3001
2342
|
tc.keys_to_feed[1] = key123;
|
3002
2343
|
tc.expect = TEST_FILE("./test/data/fle2-insert-range-explicit/double/"
|
3003
2344
|
"encrypted-payload-v2.json");
|
3004
|
-
tc.use_v2 = true;
|
3005
|
-
ee_testcase_run(&tc);
|
3006
|
-
}
|
3007
|
-
|
3008
|
-
{
|
3009
|
-
ee_testcase tc = {0};
|
3010
|
-
tc.desc = "min > max for insert";
|
3011
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
3012
|
-
tc.user_key_id = &keyABC_id;
|
3013
|
-
tc.contention_factor = OPT_I64(0);
|
3014
|
-
tc.range_opts = TEST_BSON("{'min': 1, 'max': 0, 'sparsity': {'$numberLong': '1'}}");
|
3015
|
-
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/value-to-encrypt.json");
|
3016
|
-
tc.keys_to_feed[0] = keyABC;
|
3017
|
-
tc.expect_finalize_error = "minimum value must be less than the maximum value";
|
3018
2345
|
ee_testcase_run(&tc);
|
3019
2346
|
}
|
3020
2347
|
|
@@ -3028,22 +2355,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
3028
2355
|
tc.msg = TEST_FILE("./test/data/fle2-insert-range-explicit/int32/value-to-encrypt.json");
|
3029
2356
|
tc.keys_to_feed[0] = keyABC;
|
3030
2357
|
tc.expect_finalize_error = "minimum value must be less than the maximum value";
|
3031
|
-
tc.use_v2 = true;
|
3032
|
-
ee_testcase_run(&tc);
|
3033
|
-
}
|
3034
|
-
|
3035
|
-
{
|
3036
|
-
ee_testcase tc = {0};
|
3037
|
-
tc.desc = "min > max for find";
|
3038
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
3039
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
3040
|
-
tc.user_key_id = &keyABC_id;
|
3041
|
-
tc.contention_factor = OPT_I64(0);
|
3042
|
-
tc.range_opts = TEST_BSON("{'min': 25, 'max': 24, 'sparsity': {'$numberLong': '1'}}");
|
3043
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/int32/value-to-encrypt.json");
|
3044
|
-
tc.keys_to_feed[0] = keyABC;
|
3045
|
-
tc.expect_finalize_error = "minimum value must be less than the maximum value";
|
3046
|
-
tc.is_expression = true;
|
3047
2358
|
ee_testcase_run(&tc);
|
3048
2359
|
}
|
3049
2360
|
|
@@ -3062,24 +2373,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
3062
2373
|
ee_testcase_run(&tc);
|
3063
2374
|
}
|
3064
2375
|
|
3065
|
-
{
|
3066
|
-
ee_testcase tc = {0};
|
3067
|
-
tc.desc = "open interval";
|
3068
|
-
tc.algorithm = MONGOCRYPT_ALGORITHM_RANGE_STR;
|
3069
|
-
tc.query_type = MONGOCRYPT_QUERY_TYPE_RANGE_STR;
|
3070
|
-
tc.user_key_id = &keyABC_id;
|
3071
|
-
tc.contention_factor = OPT_I64(0);
|
3072
|
-
tc.range_opts = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
3073
|
-
"int32-openinterval/rangeopts.json");
|
3074
|
-
tc.msg = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
3075
|
-
"int32-openinterval/value-to-encrypt.json");
|
3076
|
-
tc.keys_to_feed[0] = keyABC;
|
3077
|
-
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
3078
|
-
"int32-openinterval/encrypted-payload.json");
|
3079
|
-
tc.is_expression = true;
|
3080
|
-
ee_testcase_run(&tc);
|
3081
|
-
}
|
3082
|
-
|
3083
2376
|
{
|
3084
2377
|
ee_testcase tc = {0};
|
3085
2378
|
tc.desc = "open interval (v2)";
|
@@ -3095,7 +2388,6 @@ static void _test_encrypt_fle2_explicit(_mongocrypt_tester_t *tester) {
|
|
3095
2388
|
tc.expect = TEST_FILE("./test/data/fle2-find-range-explicit/"
|
3096
2389
|
"int32-openinterval/encrypted-payload-v2.json");
|
3097
2390
|
tc.is_expression = true;
|
3098
|
-
tc.use_v2 = true;
|
3099
2391
|
ee_testcase_run(&tc);
|
3100
2392
|
}
|
3101
2393
|
|
@@ -3179,17 +2471,13 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
|
|
3179
2471
|
TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
3180
2472
|
crypt);
|
3181
2473
|
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_BSON("{'db.coll': {'fields': []}}")), crypt);
|
3182
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note: decrypting
|
3183
|
-
// QEv1 is still supported.
|
3184
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
3185
2474
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3186
2475
|
ctx = mongocrypt_ctx_new(crypt);
|
3187
2476
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON("{'find': 'coll'}")), ctx);
|
3188
2477
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3189
2478
|
{
|
3190
2479
|
const char *expect_schema = "{ 'fields': [], 'escCollection': "
|
3191
|
-
"'enxcol_.coll.esc', '
|
3192
|
-
"'enxcol_.coll.ecc', 'ecocCollection': "
|
2480
|
+
"'enxcol_.coll.esc', 'ecocCollection': "
|
3193
2481
|
"'enxcol_.coll.ecoc' }";
|
3194
2482
|
mongocrypt_binary_t *cmd_to_mongocryptd;
|
3195
2483
|
|
@@ -3214,17 +2502,14 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
|
|
3214
2502
|
crypt);
|
3215
2503
|
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(
|
3216
2504
|
crypt,
|
3217
|
-
TEST_BSON("{'db.coll': { 'fields': [], 'escCollection': 'esc', "
|
3218
|
-
"'eccCollection': 'ecc', 'ecocCollection': 'ecoc'}}")),
|
2505
|
+
TEST_BSON("{'db.coll': { 'fields': [], 'escCollection': 'esc', 'ecocCollection': 'ecoc'}}")),
|
3219
2506
|
crypt);
|
3220
2507
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3221
2508
|
ctx = mongocrypt_ctx_new(crypt);
|
3222
2509
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON("{'find': 'coll'}")), ctx);
|
3223
2510
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3224
2511
|
{
|
3225
|
-
const char *expect_schema = "{'fields': [], 'escCollection': 'esc', "
|
3226
|
-
"'eccCollection': 'ecc', "
|
3227
|
-
"'ecocCollection': 'ecoc' }";
|
2512
|
+
const char *expect_schema = "{'fields': [], 'escCollection': 'esc', 'ecocCollection': 'ecoc' }";
|
3228
2513
|
mongocrypt_binary_t *cmd_to_mongocryptd;
|
3229
2514
|
|
3230
2515
|
cmd_to_mongocryptd = mongocrypt_binary_new();
|
@@ -3246,19 +2531,17 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
|
|
3246
2531
|
mongocrypt_setopt_kms_providers(crypt,
|
3247
2532
|
TEST_BSON("{'aws': {'accessKeyId': 'foo', 'secretAccessKey': 'bar'}}")),
|
3248
2533
|
crypt);
|
3249
|
-
ASSERT_OK(
|
3250
|
-
|
3251
|
-
|
3252
|
-
|
3253
|
-
crypt);
|
2534
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
|
2535
|
+
TEST_BSON("{'fields': [], 'db.coll': {'escCollection': "
|
2536
|
+
"'esc', 'fields': []}}")),
|
2537
|
+
crypt);
|
3254
2538
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3255
2539
|
ctx = mongocrypt_ctx_new(crypt);
|
3256
2540
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON("{'find': 'coll'}")), ctx);
|
3257
2541
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3258
2542
|
{
|
3259
|
-
const char *expect_schema =
|
3260
|
-
|
3261
|
-
"'ecocCollection': 'enxcol_.coll.ecoc' }";
|
2543
|
+
const char *expect_schema =
|
2544
|
+
"{'escCollection': 'esc', 'fields': [], 'ecocCollection': 'enxcol_.coll.ecoc' }";
|
3262
2545
|
mongocrypt_binary_t *cmd_to_mongocryptd;
|
3263
2546
|
|
3264
2547
|
cmd_to_mongocryptd = mongocrypt_binary_new();
|
@@ -3276,13 +2559,13 @@ static void _test_encrypt_applies_default_state_collections(_mongocrypt_tester_t
|
|
3276
2559
|
}
|
3277
2560
|
|
3278
2561
|
/* Test encrypting an empty 'delete' command without values to be encrypted.
|
3279
|
-
* Expect deleteTokens to be applied. */
|
3280
|
-
static void
|
2562
|
+
* Expect deleteTokens to not be applied. */
|
2563
|
+
static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
|
2564
|
+
tester_mongocrypt_flags flags = TESTER_MONGOCRYPT_DEFAULT;
|
2565
|
+
|
3281
2566
|
/* Test success. */
|
3282
2567
|
{
|
3283
|
-
|
3284
|
-
// QEv1 is still supported.
|
3285
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2568
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
|
3286
2569
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3287
2570
|
|
3288
2571
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/success/cmd.json")),
|
@@ -3312,10 +2595,6 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3312
2595
|
TEST_FILE("./test/data/keys/"
|
3313
2596
|
"12345678123498761234123456789012-local-document.json")),
|
3314
2597
|
ctx);
|
3315
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3316
|
-
TEST_FILE("./test/data/keys/"
|
3317
|
-
"12345678123498761234123456789013-local-document.json")),
|
3318
|
-
ctx);
|
3319
2598
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3320
2599
|
}
|
3321
2600
|
|
@@ -3323,7 +2602,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3323
2602
|
{
|
3324
2603
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3325
2604
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3326
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload.json"),
|
2605
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload-v2.json"),
|
3327
2606
|
out);
|
3328
2607
|
mongocrypt_binary_destroy(out);
|
3329
2608
|
}
|
@@ -3333,9 +2612,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3333
2612
|
}
|
3334
2613
|
/* Test with no encrypted values. */
|
3335
2614
|
{
|
3336
|
-
|
3337
|
-
// QEv1 is still supported.
|
3338
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2615
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
|
3339
2616
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3340
2617
|
|
3341
2618
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
|
@@ -3353,24 +2630,13 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3353
2630
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3354
2631
|
}
|
3355
2632
|
|
3356
|
-
|
3357
|
-
{
|
3358
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3359
|
-
TEST_FILE("./test/data/keys/"
|
3360
|
-
"12345678123498761234123456789012-local-document.json")),
|
3361
|
-
ctx);
|
3362
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3363
|
-
TEST_FILE("./test/data/keys/"
|
3364
|
-
"12345678123498761234123456789013-local-document.json")),
|
3365
|
-
ctx);
|
3366
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3367
|
-
}
|
3368
|
-
|
2633
|
+
/* We do not need delete tokens in v2 so we skip need keys state. */
|
3369
2634
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3370
2635
|
{
|
3371
2636
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3372
2637
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3373
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload.json"),
|
2638
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
|
2639
|
+
out);
|
3374
2640
|
mongocrypt_binary_destroy(out);
|
3375
2641
|
}
|
3376
2642
|
|
@@ -3378,7 +2644,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3378
2644
|
mongocrypt_destroy(crypt);
|
3379
2645
|
}
|
3380
2646
|
|
3381
|
-
/* deleteTokens are appended when bypassQueryAnalysis is true. */
|
2647
|
+
/* Test that deleteTokens are not appended when bypassQueryAnalysis is true in v2. */
|
3382
2648
|
{
|
3383
2649
|
mongocrypt_t *crypt = mongocrypt_new();
|
3384
2650
|
/* Configure crypt. */
|
@@ -3389,10 +2655,6 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3389
2655
|
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
3390
2656
|
mongocrypt_binary_destroy(localkey);
|
3391
2657
|
mongocrypt_setopt_bypass_query_analysis(crypt);
|
3392
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note:
|
3393
|
-
// decrypting
|
3394
|
-
// QEv1 is still supported.
|
3395
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
3396
2658
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3397
2659
|
}
|
3398
2660
|
|
@@ -3406,24 +2668,13 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3406
2668
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3407
2669
|
}
|
3408
2670
|
|
3409
|
-
|
3410
|
-
{
|
3411
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3412
|
-
TEST_FILE("./test/data/keys/"
|
3413
|
-
"12345678123498761234123456789012-local-document.json")),
|
3414
|
-
ctx);
|
3415
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3416
|
-
TEST_FILE("./test/data/keys/"
|
3417
|
-
"12345678123498761234123456789013-local-document.json")),
|
3418
|
-
ctx);
|
3419
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3420
|
-
}
|
3421
|
-
|
2671
|
+
/* We do not need delete tokens in v2 so we skip need keys state. */
|
3422
2672
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3423
2673
|
{
|
3424
2674
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3425
2675
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3426
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload.json"),
|
2676
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
|
2677
|
+
out);
|
3427
2678
|
mongocrypt_binary_destroy(out);
|
3428
2679
|
}
|
3429
2680
|
|
@@ -3431,8 +2682,8 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3431
2682
|
mongocrypt_destroy(crypt);
|
3432
2683
|
}
|
3433
2684
|
|
3434
|
-
/* Test that deleteTokens are appended when using an
|
3435
|
-
* encrypted_field_config_map. */
|
2685
|
+
/* Test that deleteTokens are not appended when using an
|
2686
|
+
* encrypted_field_config_map in v2. */
|
3436
2687
|
{
|
3437
2688
|
mongocrypt_t *crypt = mongocrypt_new();
|
3438
2689
|
/* Configure crypt. */
|
@@ -3446,10 +2697,6 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3446
2697
|
TEST_FILE("./test/data/fle2-delete/success/"
|
3447
2698
|
"encrypted-field-config-map.json")),
|
3448
2699
|
crypt);
|
3449
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note:
|
3450
|
-
// decrypting
|
3451
|
-
// QEv1 is still supported.
|
3452
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
3453
2700
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3454
2701
|
}
|
3455
2702
|
|
@@ -3476,10 +2723,6 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3476
2723
|
TEST_FILE("./test/data/keys/"
|
3477
2724
|
"12345678123498761234123456789012-local-document.json")),
|
3478
2725
|
ctx);
|
3479
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3480
|
-
TEST_FILE("./test/data/keys/"
|
3481
|
-
"12345678123498761234123456789013-local-document.json")),
|
3482
|
-
ctx);
|
3483
2726
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3484
2727
|
}
|
3485
2728
|
|
@@ -3487,7 +2730,7 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3487
2730
|
{
|
3488
2731
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3489
2732
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3490
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload.json"),
|
2733
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload-v2.json"),
|
3491
2734
|
out);
|
3492
2735
|
mongocrypt_binary_destroy(out);
|
3493
2736
|
}
|
@@ -3496,8 +2739,8 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3496
2739
|
mongocrypt_destroy(crypt);
|
3497
2740
|
}
|
3498
2741
|
|
3499
|
-
/* Test that deleteTokens are appended when using an
|
3500
|
-
* encrypted_field_config_map and bypass_query_analysis. */
|
2742
|
+
/* Test that deleteTokens are not appended when using an
|
2743
|
+
* encrypted_field_config_map and bypass_query_analysis in v2. */
|
3501
2744
|
{
|
3502
2745
|
mongocrypt_t *crypt = mongocrypt_new();
|
3503
2746
|
/* Configure crypt. */
|
@@ -3512,10 +2755,6 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3512
2755
|
"encrypted-field-config-map.json")),
|
3513
2756
|
crypt);
|
3514
2757
|
mongocrypt_setopt_bypass_query_analysis(crypt);
|
3515
|
-
// TODO(MONGOCRYPT-572): This test uses the QEv1 protocol. Update this test for QEv2 or remove. Note:
|
3516
|
-
// decrypting
|
3517
|
-
// QEv1 is still supported.
|
3518
|
-
ASSERT_OK(mongocrypt_setopt_fle2v2(crypt, false), crypt);
|
3519
2758
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3520
2759
|
}
|
3521
2760
|
|
@@ -3523,245 +2762,12 @@ static void _test_encrypt_fle2_delete_v1(_mongocrypt_tester_t *tester) {
|
|
3523
2762
|
|
3524
2763
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
|
3525
2764
|
|
3526
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
3527
|
-
{
|
3528
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3529
|
-
TEST_FILE("./test/data/keys/"
|
3530
|
-
"12345678123498761234123456789012-local-document.json")),
|
3531
|
-
ctx);
|
3532
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3533
|
-
TEST_FILE("./test/data/keys/"
|
3534
|
-
"12345678123498761234123456789013-local-document.json")),
|
3535
|
-
ctx);
|
3536
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3537
|
-
}
|
3538
|
-
|
3539
2765
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3540
2766
|
{
|
3541
2767
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3542
2768
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3543
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload.json"),
|
3544
|
-
|
3545
|
-
}
|
3546
|
-
|
3547
|
-
mongocrypt_ctx_destroy(ctx);
|
3548
|
-
mongocrypt_destroy(crypt);
|
3549
|
-
}
|
3550
|
-
}
|
3551
|
-
|
3552
|
-
/* Test encrypting an empty 'delete' command without values to be encrypted.
|
3553
|
-
* Expect deleteTokens to not be applied. */
|
3554
|
-
static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
|
3555
|
-
tester_mongocrypt_flags flags = TESTER_MONGOCRYPT_DEFAULT;
|
3556
|
-
|
3557
|
-
/* Test success. */
|
3558
|
-
{
|
3559
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
|
3560
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3561
|
-
|
3562
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/success/cmd.json")),
|
3563
|
-
ctx);
|
3564
|
-
|
3565
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
3566
|
-
{
|
3567
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/success/collinfo.json")), ctx);
|
3568
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3569
|
-
}
|
3570
|
-
|
3571
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3572
|
-
{
|
3573
|
-
ASSERT_OK(
|
3574
|
-
mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/success/mongocryptd-reply.json")),
|
3575
|
-
ctx);
|
3576
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3577
|
-
}
|
3578
|
-
|
3579
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
3580
|
-
{
|
3581
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3582
|
-
TEST_FILE("./test/data/keys/"
|
3583
|
-
"ABCDEFAB123498761234123456789012-local-document.json")),
|
3584
|
-
ctx);
|
3585
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3586
|
-
TEST_FILE("./test/data/keys/"
|
3587
|
-
"12345678123498761234123456789012-local-document.json")),
|
3588
|
-
ctx);
|
3589
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3590
|
-
}
|
3591
|
-
|
3592
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3593
|
-
{
|
3594
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3595
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3596
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload-v2.json"),
|
3597
|
-
out);
|
3598
|
-
mongocrypt_binary_destroy(out);
|
3599
|
-
}
|
3600
|
-
|
3601
|
-
mongocrypt_ctx_destroy(ctx);
|
3602
|
-
mongocrypt_destroy(crypt);
|
3603
|
-
}
|
3604
|
-
/* Test with no encrypted values. */
|
3605
|
-
{
|
3606
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(flags);
|
3607
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3608
|
-
|
3609
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
|
3610
|
-
|
3611
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
3612
|
-
{
|
3613
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/empty/collinfo.json")), ctx);
|
3614
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3615
|
-
}
|
3616
|
-
|
3617
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3618
|
-
{
|
3619
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/empty/mongocryptd-reply.json")),
|
3620
|
-
ctx);
|
3621
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3622
|
-
}
|
3623
|
-
|
3624
|
-
/* We do not need delete tokens in v2 so we skip need keys state. */
|
3625
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3626
|
-
{
|
3627
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3628
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3629
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
|
3630
|
-
out);
|
3631
|
-
mongocrypt_binary_destroy(out);
|
3632
|
-
}
|
3633
|
-
|
3634
|
-
mongocrypt_ctx_destroy(ctx);
|
3635
|
-
mongocrypt_destroy(crypt);
|
3636
|
-
}
|
3637
|
-
|
3638
|
-
/* Test that deleteTokens are no appended when bypassQueryAnalysis is true in v2. */
|
3639
|
-
{
|
3640
|
-
mongocrypt_t *crypt = mongocrypt_new();
|
3641
|
-
/* Configure crypt. */
|
3642
|
-
{
|
3643
|
-
char localkey_data[MONGOCRYPT_KEY_LEN] = {0};
|
3644
|
-
mongocrypt_binary_t *localkey;
|
3645
|
-
localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
|
3646
|
-
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
3647
|
-
mongocrypt_binary_destroy(localkey);
|
3648
|
-
mongocrypt_setopt_bypass_query_analysis(crypt);
|
3649
|
-
mongocrypt_setopt_fle2v2(crypt, true);
|
3650
|
-
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3651
|
-
}
|
3652
|
-
|
3653
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3654
|
-
|
3655
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
|
3656
|
-
|
3657
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
3658
|
-
{
|
3659
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/empty/collinfo.json")), ctx);
|
3660
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3661
|
-
}
|
3662
|
-
|
3663
|
-
/* We do not need delete tokens in v2 so we skip need keys state. */
|
3664
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3665
|
-
{
|
3666
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3667
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3668
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
|
3669
|
-
out);
|
3670
|
-
mongocrypt_binary_destroy(out);
|
3671
|
-
}
|
3672
|
-
|
3673
|
-
mongocrypt_ctx_destroy(ctx);
|
3674
|
-
mongocrypt_destroy(crypt);
|
3675
|
-
}
|
3676
|
-
|
3677
|
-
/* Test that deleteTokens are not appended when using an
|
3678
|
-
* encrypted_field_config_map in v2. */
|
3679
|
-
{
|
3680
|
-
mongocrypt_t *crypt = mongocrypt_new();
|
3681
|
-
/* Configure crypt. */
|
3682
|
-
{
|
3683
|
-
char localkey_data[MONGOCRYPT_KEY_LEN] = {0};
|
3684
|
-
mongocrypt_binary_t *localkey;
|
3685
|
-
localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
|
3686
|
-
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
3687
|
-
mongocrypt_binary_destroy(localkey);
|
3688
|
-
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
|
3689
|
-
TEST_FILE("./test/data/fle2-delete/success/"
|
3690
|
-
"encrypted-field-config-map.json")),
|
3691
|
-
crypt);
|
3692
|
-
mongocrypt_setopt_fle2v2(crypt, true);
|
3693
|
-
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3694
|
-
}
|
3695
|
-
|
3696
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3697
|
-
|
3698
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/success/cmd.json")),
|
3699
|
-
ctx);
|
3700
|
-
|
3701
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3702
|
-
{
|
3703
|
-
ASSERT_OK(
|
3704
|
-
mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-delete/success/mongocryptd-reply.json")),
|
3705
|
-
ctx);
|
3706
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3707
|
-
}
|
3708
|
-
|
3709
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
3710
|
-
{
|
3711
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3712
|
-
TEST_FILE("./test/data/keys/"
|
3713
|
-
"ABCDEFAB123498761234123456789012-local-document.json")),
|
3714
|
-
ctx);
|
3715
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
3716
|
-
TEST_FILE("./test/data/keys/"
|
3717
|
-
"12345678123498761234123456789012-local-document.json")),
|
3718
|
-
ctx);
|
3719
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
3720
|
-
}
|
3721
|
-
|
3722
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3723
|
-
{
|
3724
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3725
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3726
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/success/encrypted-payload-v2.json"),
|
3727
|
-
out);
|
3728
|
-
mongocrypt_binary_destroy(out);
|
3729
|
-
}
|
3730
|
-
|
3731
|
-
mongocrypt_ctx_destroy(ctx);
|
3732
|
-
mongocrypt_destroy(crypt);
|
3733
|
-
}
|
3734
|
-
|
3735
|
-
/* Test that deleteTokens are not appended when using an
|
3736
|
-
* encrypted_field_config_map and bypass_query_analysis in v2. */
|
3737
|
-
{
|
3738
|
-
mongocrypt_t *crypt = mongocrypt_new();
|
3739
|
-
/* Configure crypt. */
|
3740
|
-
{
|
3741
|
-
char localkey_data[MONGOCRYPT_KEY_LEN] = {0};
|
3742
|
-
mongocrypt_binary_t *localkey;
|
3743
|
-
localkey = mongocrypt_binary_new_from_data((uint8_t *)localkey_data, sizeof localkey_data);
|
3744
|
-
ASSERT_OK(mongocrypt_setopt_kms_provider_local(crypt, localkey), crypt);
|
3745
|
-
mongocrypt_binary_destroy(localkey);
|
3746
|
-
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
|
3747
|
-
TEST_FILE("./test/data/fle2-delete/empty/"
|
3748
|
-
"encrypted-field-config-map.json")),
|
3749
|
-
crypt);
|
3750
|
-
mongocrypt_setopt_bypass_query_analysis(crypt);
|
3751
|
-
mongocrypt_setopt_fle2v2(crypt, true);
|
3752
|
-
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
3753
|
-
}
|
3754
|
-
|
3755
|
-
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3756
|
-
|
3757
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-delete/empty/cmd.json")), ctx);
|
3758
|
-
|
3759
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3760
|
-
{
|
3761
|
-
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
3762
|
-
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
3763
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
|
3764
|
-
out);
|
2769
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle2-delete/empty/encrypted-payload-v2.json"),
|
2770
|
+
out);
|
3765
2771
|
mongocrypt_binary_destroy(out);
|
3766
2772
|
}
|
3767
2773
|
|
@@ -3771,7 +2777,6 @@ static void _test_encrypt_fle2_delete_v2(_mongocrypt_tester_t *tester) {
|
|
3771
2777
|
}
|
3772
2778
|
|
3773
2779
|
static void _test_encrypt_fle2_delete(_mongocrypt_tester_t *tester) {
|
3774
|
-
_test_encrypt_fle2_delete_v1(tester);
|
3775
2780
|
_test_encrypt_fle2_delete_v2(tester);
|
3776
2781
|
}
|
3777
2782
|
|
@@ -3781,9 +2786,7 @@ static void _test_encrypt_fle2_omits_encryptionInformation(_mongocrypt_tester_t
|
|
3781
2786
|
/* 'find' does not include 'encryptionInformation' if no fields are
|
3782
2787
|
* encrypted. */
|
3783
2788
|
{
|
3784
|
-
|
3785
|
-
// QEv1 is still supported.
|
3786
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2789
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
3787
2790
|
mongocrypt_ctx_t *ctx;
|
3788
2791
|
|
3789
2792
|
ctx = mongocrypt_ctx_new(crypt);
|
@@ -3826,9 +2829,7 @@ static void _test_encrypt_fle2_omits_encryptionInformation(_mongocrypt_tester_t
|
|
3826
2829
|
/* 'find' includes encryptionInformation if the initial command includes an
|
3827
2830
|
* explicitly encrypted payload. */
|
3828
2831
|
{
|
3829
|
-
|
3830
|
-
// QEv1 is still supported.
|
3831
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2832
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
3832
2833
|
mongocrypt_ctx_t *ctx;
|
3833
2834
|
|
3834
2835
|
ctx = mongocrypt_ctx_new(crypt);
|
@@ -3875,9 +2876,7 @@ static void _test_encrypt_fle2_explain_with_mongocryptd(_mongocrypt_tester_t *te
|
|
3875
2876
|
/* Test with an encrypted value. Otherwise 'encryptionInformation' is not
|
3876
2877
|
* appended. */
|
3877
2878
|
{
|
3878
|
-
|
3879
|
-
// QEv1 is still supported.
|
3880
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2879
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
3881
2880
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3882
2881
|
|
3883
2882
|
ASSERT_OK(
|
@@ -3939,17 +2938,14 @@ static void _test_encrypt_fle2_explain_with_mongocryptd(_mongocrypt_tester_t *te
|
|
3939
2938
|
|
3940
2939
|
static void _test_encrypt_fle2_explain_with_csfle(_mongocrypt_tester_t *tester) {
|
3941
2940
|
if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
|
3942
|
-
|
3943
|
-
"_test_encrypt_fle2_explain_with_csfle test is a no-op.",
|
3944
|
-
stderr);
|
2941
|
+
TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
|
3945
2942
|
return;
|
3946
2943
|
}
|
3947
2944
|
|
3948
2945
|
/* Test with an encrypted value. Otherwise 'encryptionInformation' is not
|
3949
2946
|
* appended. */
|
3950
2947
|
{
|
3951
|
-
mongocrypt_t *crypt =
|
3952
|
-
_mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_SHARED_LIB | TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
2948
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_SHARED_LIB);
|
3953
2949
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3954
2950
|
|
3955
2951
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-explain/with-csfle/cmd.json")),
|
@@ -4037,9 +3033,7 @@ static void _test_encrypt_fle1_explain_with_mongocryptd(_mongocrypt_tester_t *te
|
|
4037
3033
|
|
4038
3034
|
static void _test_encrypt_fle1_explain_with_csfle(_mongocrypt_tester_t *tester) {
|
4039
3035
|
if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
|
4040
|
-
|
4041
|
-
"_test_encrypt_fle1_explain_with_csfle test is a no-op.",
|
4042
|
-
stderr);
|
3036
|
+
TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
|
4043
3037
|
return;
|
4044
3038
|
}
|
4045
3039
|
|
@@ -4075,9 +3069,7 @@ static void _test_encrypt_fle1_explain_with_csfle(_mongocrypt_tester_t *tester)
|
|
4075
3069
|
// Test that an input command with $db preserves $db in the output.
|
4076
3070
|
static void _test_dollardb_preserved(_mongocrypt_tester_t *tester) {
|
4077
3071
|
/* Test with an encrypted value. */
|
4078
|
-
|
4079
|
-
// QEv1 is still supported.
|
4080
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
3072
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4081
3073
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4082
3074
|
|
4083
3075
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/dollardb/preserved/cmd.json")), ctx);
|
@@ -4180,9 +3172,7 @@ static void _test_dollardb_preserved_empty(_mongocrypt_tester_t *tester) {
|
|
4180
3172
|
|
4181
3173
|
// Test that an input command with no $db does not include $db in the output.
|
4182
3174
|
static void _test_dollardb_omitted(_mongocrypt_tester_t *tester) {
|
4183
|
-
|
4184
|
-
// QEv1 is still supported.
|
4185
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
3175
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4186
3176
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4187
3177
|
|
4188
3178
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/dollardb/omitted/cmd.json")), ctx);
|
@@ -4291,6 +3281,24 @@ static void _test_dollardb_preserved_fle1(_mongocrypt_tester_t *tester) {
|
|
4291
3281
|
mongocrypt_destroy(crypt);
|
4292
3282
|
}
|
4293
3283
|
|
3284
|
+
#define expect_mongo_op(ctx, expect) \
|
3285
|
+
if (1) { \
|
3286
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new(); \
|
3287
|
+
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, got), ctx); \
|
3288
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON((expect), got); \
|
3289
|
+
mongocrypt_binary_destroy(got); \
|
3290
|
+
} else \
|
3291
|
+
((void)0)
|
3292
|
+
|
3293
|
+
#define expect_and_reply_to_ismaster(ctx) \
|
3294
|
+
if (1) { \
|
3295
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS); \
|
3296
|
+
expect_mongo_op(ctx, TEST_BSON("{'isMaster': 1}")); \
|
3297
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/mongocryptd-ismaster-26.json")), ctx); \
|
3298
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx); \
|
3299
|
+
} else \
|
3300
|
+
((void)0)
|
3301
|
+
|
4294
3302
|
static void _test_fle1_create_without_schema(_mongocrypt_tester_t *tester) {
|
4295
3303
|
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4296
3304
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
@@ -4298,21 +3306,7 @@ static void _test_fle1_create_without_schema(_mongocrypt_tester_t *tester) {
|
|
4298
3306
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle1-create/without-schema/cmd.json")),
|
4299
3307
|
ctx);
|
4300
3308
|
|
4301
|
-
|
4302
|
-
{
|
4303
|
-
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4304
|
-
|
4305
|
-
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4306
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/"
|
4307
|
-
"ismaster-to-mongocryptd.json"),
|
4308
|
-
cmd_to_mongocryptd);
|
4309
|
-
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4310
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4311
|
-
TEST_FILE("./test/data/fle1-create/without-schema/"
|
4312
|
-
"mongocryptd-ismaster.json")),
|
4313
|
-
ctx);
|
4314
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4315
|
-
}
|
3309
|
+
expect_and_reply_to_ismaster(ctx);
|
4316
3310
|
|
4317
3311
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4318
3312
|
{
|
@@ -4356,38 +3350,24 @@ static void _test_fle1_create_with_schema(_mongocrypt_tester_t *tester) {
|
|
4356
3350
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle1-create/with-schema/cmd.json")),
|
4357
3351
|
ctx);
|
4358
3352
|
|
3353
|
+
expect_and_reply_to_ismaster(ctx);
|
3354
|
+
|
4359
3355
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4360
3356
|
{
|
4361
3357
|
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4362
3358
|
|
4363
3359
|
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4364
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/with-schema/"
|
4365
|
-
"ismaster-to-mongocryptd.json"),
|
3360
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/with-schema/cmd-to-mongocryptd.json"),
|
4366
3361
|
cmd_to_mongocryptd);
|
4367
3362
|
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4368
3363
|
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4369
3364
|
TEST_FILE("./test/data/fle1-create/with-schema/"
|
4370
|
-
"mongocryptd-
|
3365
|
+
"mongocryptd-reply.json")),
|
4371
3366
|
ctx);
|
4372
3367
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4373
3368
|
}
|
4374
3369
|
|
4375
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx),
|
4376
|
-
{
|
4377
|
-
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4378
|
-
|
4379
|
-
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4380
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/with-schema/cmd-to-mongocryptd.json"),
|
4381
|
-
cmd_to_mongocryptd);
|
4382
|
-
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4383
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4384
|
-
TEST_FILE("./test/data/fle1-create/with-schema/"
|
4385
|
-
"mongocryptd-reply.json")),
|
4386
|
-
ctx);
|
4387
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4388
|
-
}
|
4389
|
-
|
4390
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
3370
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
4391
3371
|
{
|
4392
3372
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
4393
3373
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
@@ -4409,21 +3389,7 @@ static void _test_fle1_create_with_cmd_schema(_mongocrypt_tester_t *tester) {
|
|
4409
3389
|
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle1-create/with-cmd-schema/cmd.json")),
|
4410
3390
|
ctx);
|
4411
3391
|
|
4412
|
-
|
4413
|
-
{
|
4414
|
-
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4415
|
-
|
4416
|
-
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4417
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/with-cmd-schema/"
|
4418
|
-
"ismaster-to-mongocryptd.json"),
|
4419
|
-
cmd_to_mongocryptd);
|
4420
|
-
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4421
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4422
|
-
TEST_FILE("./test/data/fle1-create/with-cmd-schema/"
|
4423
|
-
"mongocryptd-ismaster.json")),
|
4424
|
-
ctx);
|
4425
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4426
|
-
}
|
3392
|
+
expect_and_reply_to_ismaster(ctx);
|
4427
3393
|
|
4428
3394
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4429
3395
|
{
|
@@ -4494,9 +3460,7 @@ static void _test_fle1_create_old_mongocryptd(_mongocrypt_tester_t *tester) {
|
|
4494
3460
|
|
4495
3461
|
static void _test_fle1_create_with_csfle(_mongocrypt_tester_t *tester) {
|
4496
3462
|
if (!TEST_MONGOCRYPT_HAVE_REAL_CRYPT_SHARED_LIB) {
|
4497
|
-
|
4498
|
-
"_test_fle1_create_with_csfle test is a no-op.",
|
4499
|
-
stderr);
|
3463
|
+
TEST_STDERR_PRINTF("No 'real' csfle library is available. The %s test is a no-op.\n", BSON_FUNC);
|
4500
3464
|
return;
|
4501
3465
|
}
|
4502
3466
|
|
@@ -4519,45 +3483,32 @@ static void _test_fle1_create_with_csfle(_mongocrypt_tester_t *tester) {
|
|
4519
3483
|
mongocrypt_destroy(crypt);
|
4520
3484
|
}
|
4521
3485
|
|
4522
|
-
static void
|
3486
|
+
static void test_successful_fle2_create(_mongocrypt_tester_t *tester,
|
3487
|
+
const char *efc_map_path,
|
3488
|
+
const char *cmd_path,
|
3489
|
+
const char *cmd_to_cryptd_path,
|
3490
|
+
const char *cryptd_reply_path,
|
3491
|
+
const char *encrypted_payload_path) {
|
4523
3492
|
mongocrypt_t *crypt = mongocrypt_new();
|
4524
3493
|
|
4525
3494
|
ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
|
4526
|
-
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(
|
4527
|
-
crypt,
|
4528
|
-
TEST_FILE("./test/data/fle2-create/encrypted-field-config-map.json")),
|
4529
|
-
crypt);
|
3495
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TEST_FILE(efc_map_path)), crypt);
|
4530
3496
|
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
4531
3497
|
|
4532
3498
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4533
3499
|
|
4534
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE(
|
4535
|
-
|
4536
|
-
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4537
|
-
{
|
4538
|
-
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
3500
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE(cmd_path)), ctx);
|
4539
3501
|
|
4540
|
-
|
4541
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE("./test/data/fle1-create/without-schema/"
|
4542
|
-
"ismaster-to-mongocryptd.json"),
|
4543
|
-
cmd_to_mongocryptd);
|
4544
|
-
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4545
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx,
|
4546
|
-
TEST_FILE("./test/data/fle1-create/without-schema/"
|
4547
|
-
"mongocryptd-ismaster.json")),
|
4548
|
-
ctx);
|
4549
|
-
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4550
|
-
}
|
3502
|
+
expect_and_reply_to_ismaster(ctx);
|
4551
3503
|
|
4552
3504
|
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4553
3505
|
{
|
4554
3506
|
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4555
3507
|
|
4556
3508
|
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4557
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(
|
4558
|
-
cmd_to_mongocryptd);
|
3509
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(cmd_to_cryptd_path), cmd_to_mongocryptd);
|
4559
3510
|
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4560
|
-
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE(
|
3511
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE(cryptd_reply_path)), ctx);
|
4561
3512
|
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4562
3513
|
}
|
4563
3514
|
|
@@ -4565,7 +3516,7 @@ static void _test_fle2_create(_mongocrypt_tester_t *tester) {
|
|
4565
3516
|
{
|
4566
3517
|
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
4567
3518
|
ASSERT_OK(mongocrypt_ctx_finalize(ctx, out), ctx);
|
4568
|
-
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(
|
3519
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(TEST_FILE(encrypted_payload_path), out);
|
4569
3520
|
mongocrypt_binary_destroy(out);
|
4570
3521
|
}
|
4571
3522
|
|
@@ -4573,6 +3524,85 @@ static void _test_fle2_create(_mongocrypt_tester_t *tester) {
|
|
4573
3524
|
mongocrypt_destroy(crypt);
|
4574
3525
|
}
|
4575
3526
|
|
3527
|
+
#define TEST_SUCCESSFUL_FLE2_CREATE(efc_path, cmd_path, cryptd_path, payload_path) \
|
3528
|
+
test_successful_fle2_create(tester, \
|
3529
|
+
"./test/data/" efc_path "/encrypted-field-config-map.json", \
|
3530
|
+
"./test/data/" cmd_path "/cmd.json", \
|
3531
|
+
"./test/data/" cryptd_path "/cmd-to-mongocryptd.json", \
|
3532
|
+
"./test/data/" cryptd_path "/mongocryptd-reply.json", \
|
3533
|
+
"./test/data/" payload_path "/encrypted-payload.json")
|
3534
|
+
|
3535
|
+
#define TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR(path) TEST_SUCCESSFUL_FLE2_CREATE(path, path, path, path)
|
3536
|
+
|
3537
|
+
static void _test_fle2_create(_mongocrypt_tester_t *tester) {
|
3538
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-create");
|
3539
|
+
}
|
3540
|
+
|
3541
|
+
static void _test_fle2_create_with_encrypted_fields(_mongocrypt_tester_t *tester) {
|
3542
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-create-encrypted-collection");
|
3543
|
+
}
|
3544
|
+
|
3545
|
+
static void _test_fle2_create_with_encrypted_fields_and_str_encode_version(_mongocrypt_tester_t *tester) {
|
3546
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-create-encrypted-collection-with-str-encode-version");
|
3547
|
+
}
|
3548
|
+
|
3549
|
+
static void _test_fle2_create_with_encrypted_fields_unset_str_encode_version(_mongocrypt_tester_t *tester) {
|
3550
|
+
TEST_SUCCESSFUL_FLE2_CREATE("fle2-create-encrypted-collection-with-str-encode-version",
|
3551
|
+
"fle2-create-encrypted-collection",
|
3552
|
+
"fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version",
|
3553
|
+
"fle2-create-encrypted-collection-with-str-encode-version");
|
3554
|
+
}
|
3555
|
+
|
3556
|
+
static void _test_fle2_text_search_create_with_encrypted_fields(_mongocrypt_tester_t *tester) {
|
3557
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-text-search-create-encrypted-collection");
|
3558
|
+
}
|
3559
|
+
|
3560
|
+
static void _test_fle2_text_search_create_with_encrypted_fields_and_str_encode_version(_mongocrypt_tester_t *tester) {
|
3561
|
+
TEST_SUCCESSFUL_FLE2_CREATE_ONEDIR("fle2-text-search-create-encrypted-collection-with-str-encode-version");
|
3562
|
+
}
|
3563
|
+
|
3564
|
+
static void _test_fle2_text_search_create_with_encrypted_fields_unset_str_encode_version(_mongocrypt_tester_t *tester) {
|
3565
|
+
TEST_SUCCESSFUL_FLE2_CREATE("fle2-text-search-create-encrypted-collection-with-str-encode-version",
|
3566
|
+
"fle2-text-search-create-encrypted-collection",
|
3567
|
+
"fle2-text-search-create-encrypted-collection",
|
3568
|
+
"fle2-text-search-create-encrypted-collection-with-str-encode-version");
|
3569
|
+
}
|
3570
|
+
|
3571
|
+
static void
|
3572
|
+
_test_fle2_text_search_create_with_encrypted_fields_unmatching_str_encode_version(_mongocrypt_tester_t *tester) {
|
3573
|
+
TEST_SUCCESSFUL_FLE2_CREATE("fle2-text-search-create-encrypted-collection",
|
3574
|
+
"fle2-text-search-create-encrypted-collection-with-str-encode-version",
|
3575
|
+
"fle2-text-search-create-encrypted-collection-with-str-encode-version",
|
3576
|
+
"fle2-text-search-create-encrypted-collection-with-str-encode-version");
|
3577
|
+
}
|
3578
|
+
|
3579
|
+
// Test that the JSON Schema found from a "create" command is not cached.
|
3580
|
+
static void _test_fle2_create_does_not_cache_empty_schema(_mongocrypt_tester_t *tester) {
|
3581
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
3582
|
+
// Auto encrypt a "create" to "db.coll".
|
3583
|
+
{
|
3584
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3585
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-create/cmd.json")), ctx);
|
3586
|
+
expect_and_reply_to_ismaster(ctx);
|
3587
|
+
|
3588
|
+
// Expect MONGOCRYPT_CTX_NEED_MONGO_COLLINFO is skipped since no server-side schema is expected for "create".
|
3589
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
3590
|
+
mongocrypt_ctx_destroy(ctx);
|
3591
|
+
}
|
3592
|
+
|
3593
|
+
// Auto encrypt "find" to "db.coll". Expect server-side schema is requested.
|
3594
|
+
{
|
3595
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
3596
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON(BSON_STR({"find" : "coll", "filter" : {}}))),
|
3597
|
+
ctx);
|
3598
|
+
// The MONGOCRYPT_CTX_NEED_COLLINFO state is entered to request a server-side schema.
|
3599
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
3600
|
+
mongocrypt_ctx_destroy(ctx);
|
3601
|
+
}
|
3602
|
+
|
3603
|
+
mongocrypt_destroy(crypt);
|
3604
|
+
}
|
3605
|
+
|
4576
3606
|
/* Regression test for MONGOCRYPT-435 */
|
4577
3607
|
static void _test_fle2_create_bypass_query_analysis(_mongocrypt_tester_t *tester) {
|
4578
3608
|
mongocrypt_t *crypt = mongocrypt_new();
|
@@ -4607,15 +3637,13 @@ static void _test_encrypt_macos_no_ctr(_mongocrypt_tester_t *tester) {
|
|
4607
3637
|
_mongocrypt_buffer_t key_id;
|
4608
3638
|
|
4609
3639
|
if (_aes_ctr_is_supported_by_os) {
|
4610
|
-
|
3640
|
+
TEST_PRINTF("Common Crypto with CTR support detected. Skipping.");
|
4611
3641
|
return;
|
4612
3642
|
}
|
4613
3643
|
|
4614
3644
|
_mongocrypt_buffer_copy_from_hex(&key_id, "ABCDEFAB123498761234123456789012");
|
4615
3645
|
|
4616
|
-
|
4617
|
-
// QEv1 is still supported.
|
4618
|
-
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_WITH_CRYPT_V1);
|
3646
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4619
3647
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4620
3648
|
|
4621
3649
|
ASSERT_OK(mongocrypt_ctx_setopt_algorithm(ctx, MONGOCRYPT_ALGORITHM_UNINDEXED_STR, -1), ctx);
|
@@ -4688,7 +3716,7 @@ static void _test_fle1_collmod_without_jsonSchema(_mongocrypt_tester_t *tester)
|
|
4688
3716
|
|
4689
3717
|
static void _test_bulkWrite(_mongocrypt_tester_t *tester) {
|
4690
3718
|
if (!_aes_ctr_is_supported_by_os) {
|
4691
|
-
|
3719
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Required by QEv2 encryption. Skipping.");
|
4692
3720
|
return;
|
4693
3721
|
}
|
4694
3722
|
|
@@ -5160,11 +4188,11 @@ typedef struct {
|
|
5160
4188
|
|
5161
4189
|
static void autoencryption_test_run(autoencryption_test *aet) {
|
5162
4190
|
if (!_aes_ctr_is_supported_by_os) {
|
5163
|
-
|
4191
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
5164
4192
|
return;
|
5165
4193
|
}
|
5166
4194
|
|
5167
|
-
|
4195
|
+
TEST_PRINTF(" auto_encryption test: '%s' ... begin\n", aet->desc);
|
5168
4196
|
|
5169
4197
|
// Reset global counter for the `payloadId` to produce deterministic payloads.
|
5170
4198
|
extern void mc_reset_payloadId_for_testing(void);
|
@@ -5231,14 +4259,14 @@ static void autoencryption_test_run(autoencryption_test *aet) {
|
|
5231
4259
|
mongocrypt_binary_destroy(got);
|
5232
4260
|
}
|
5233
4261
|
|
5234
|
-
|
4262
|
+
TEST_PRINTF(" auto_encryption test: '%s' ... end\n", aet->desc);
|
5235
4263
|
mongocrypt_ctx_destroy(ctx);
|
5236
4264
|
mongocrypt_destroy(crypt);
|
5237
4265
|
}
|
5238
4266
|
|
5239
4267
|
static void _test_no_trimFactor(_mongocrypt_tester_t *tester) {
|
5240
4268
|
if (!_aes_ctr_is_supported_by_os) {
|
5241
|
-
|
4269
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
5242
4270
|
return;
|
5243
4271
|
}
|
5244
4272
|
|
@@ -5306,7 +4334,7 @@ static void lookup_payload_bson(mongocrypt_binary_t *result, char *path, bson_t
|
|
5306
4334
|
// Test that the crypto params added in SERVER-91889 are sent for "range" payloads.
|
5307
4335
|
static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
5308
4336
|
if (!_aes_ctr_is_supported_by_os) {
|
5309
|
-
|
4337
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
5310
4338
|
return;
|
5311
4339
|
}
|
5312
4340
|
|
@@ -5329,7 +4357,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5329
4357
|
tc.msg = TEST_BSON("{'v': 123456}");
|
5330
4358
|
tc.keys_to_feed[0] = key123;
|
5331
4359
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-insert-int32/expected.json");
|
5332
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5333
4360
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5334
4361
|
ee_testcase_run(&tc);
|
5335
4362
|
// Check the parameters are present in the final payload.
|
@@ -5355,7 +4382,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5355
4382
|
tc.msg = TEST_BSON("{'v': 123456}");
|
5356
4383
|
tc.keys_to_feed[0] = key123;
|
5357
4384
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-insert-int32-defaults/expected.json");
|
5358
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5359
4385
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5360
4386
|
ee_testcase_run(&tc);
|
5361
4387
|
// Check the parameters are present in the final payload.
|
@@ -5382,7 +4408,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5382
4408
|
tc.msg = TEST_BSON("{'v': 123456.0}");
|
5383
4409
|
tc.keys_to_feed[0] = key123;
|
5384
4410
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-insert-double/expected.json");
|
5385
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5386
4411
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5387
4412
|
ee_testcase_run(&tc);
|
5388
4413
|
// Check the parameters are present in the final payload.
|
@@ -5408,7 +4433,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5408
4433
|
tc.msg = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32-defaults/to-encrypt.json");
|
5409
4434
|
tc.keys_to_feed[0] = key123;
|
5410
4435
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32-defaults/expected.json");
|
5411
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5412
4436
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5413
4437
|
ee_testcase_run(&tc);
|
5414
4438
|
// Check the parameters are present in the final payload.
|
@@ -5434,7 +4458,6 @@ static void _test_range_sends_cryptoParams(_mongocrypt_tester_t *tester) {
|
|
5434
4458
|
tc.msg = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32/to-encrypt.json");
|
5435
4459
|
tc.keys_to_feed[0] = key123;
|
5436
4460
|
tc.expect = TEST_FILE("./test/data/range-sends-cryptoParams/explicit-find-int32/expected.json");
|
5437
|
-
tc.use_v2 = true; // Use QEv2 protocol.
|
5438
4461
|
tc.use_range_v2 = true; // Use RangeV2 protocol.
|
5439
4462
|
ee_testcase_run(&tc);
|
5440
4463
|
// Check the parameters are present in the final payload.
|
@@ -5674,6 +4697,1100 @@ static void _test_encrypt_retry(_mongocrypt_tester_t *tester) {
|
|
5674
4697
|
mongocrypt_ctx_destroy(ctx);
|
5675
4698
|
mongocrypt_destroy(crypt);
|
5676
4699
|
}
|
4700
|
+
|
4701
|
+
// Test network retry does not occur if not enabled.
|
4702
|
+
{
|
4703
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4704
|
+
ASSERT_OK(mongocrypt_setopt_kms_providers(
|
4705
|
+
crypt,
|
4706
|
+
TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
|
4707
|
+
crypt);
|
4708
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
4709
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4710
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
|
4711
|
+
_mongocrypt_tester_run_ctx_to(tester, ctx, MONGOCRYPT_CTX_NEED_KMS);
|
4712
|
+
mongocrypt_kms_ctx_t *kms_ctx = mongocrypt_ctx_next_kms_ctx(ctx);
|
4713
|
+
ASSERT_OK(kms_ctx, ctx); // Give a retryable network error. Expect error due to retry disabled.
|
4714
|
+
ASSERT_FAILS(mongocrypt_kms_ctx_fail(kms_ctx), kms_ctx, "KMS request failed due to network error");
|
4715
|
+
mongocrypt_ctx_destroy(ctx);
|
4716
|
+
mongocrypt_destroy(crypt);
|
4717
|
+
}
|
4718
|
+
}
|
4719
|
+
|
4720
|
+
static void capture_logs(mongocrypt_log_level_t level, const char *message, uint32_t message_len, void *ctx) {
|
4721
|
+
mc_array_t *log_msgs = ctx;
|
4722
|
+
char *message_copy = bson_strdup(message);
|
4723
|
+
_mc_array_append_val(log_msgs, message_copy);
|
4724
|
+
}
|
4725
|
+
|
4726
|
+
// Regression test for: MONGOCRYPT-770
|
4727
|
+
static void _test_does_not_warn_for_empty_local_schema(_mongocrypt_tester_t *tester) {
|
4728
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4729
|
+
ASSERT_OK(mongocrypt_setopt_kms_providers(
|
4730
|
+
crypt,
|
4731
|
+
TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}))),
|
4732
|
+
crypt);
|
4733
|
+
|
4734
|
+
mc_array_t log_msgs; // Array of char *;
|
4735
|
+
_mc_array_init(&log_msgs, sizeof(char *));
|
4736
|
+
ASSERT_OK(mongocrypt_setopt_log_handler(crypt, capture_logs, &log_msgs), crypt);
|
4737
|
+
|
4738
|
+
// Configure a local schema for "db.coll":
|
4739
|
+
ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TEST_BSON(BSON_STR({"db.coll" : {}}))), crypt);
|
4740
|
+
|
4741
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
4742
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4743
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_BSON(BSON_STR({"find" : "coll", "filter" : {}}))), ctx);
|
4744
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4745
|
+
|
4746
|
+
// Feed mongocryptd reply indicating `schemaRequiresEncryption: false`.
|
4747
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_BSON(BSON_STR({
|
4748
|
+
"hasEncryptionPlaceholders" : false,
|
4749
|
+
"schemaRequiresEncryption" : false,
|
4750
|
+
"result" : {"find" : "test", "filter" : {}},
|
4751
|
+
"ok" : {"$numberDouble" : "1.0"}
|
4752
|
+
}))),
|
4753
|
+
ctx);
|
4754
|
+
|
4755
|
+
// Expect no warning (passing an empty local schema is a valid use-case).
|
4756
|
+
if (log_msgs.len > 0) {
|
4757
|
+
TEST_STDERR_PRINTF("Got unexpected log messages:\n");
|
4758
|
+
for (size_t i = 0; i < log_msgs.len; i++) {
|
4759
|
+
TEST_STDERR_PRINTF("> %s\n", _mc_array_index(&log_msgs, char *, i));
|
4760
|
+
}
|
4761
|
+
abort();
|
4762
|
+
}
|
4763
|
+
|
4764
|
+
for (size_t i = 0; i < log_msgs.len; i++) {
|
4765
|
+
bson_free(_mc_array_index(&log_msgs, char *, i));
|
4766
|
+
}
|
4767
|
+
_mc_array_destroy(&log_msgs);
|
4768
|
+
mongocrypt_ctx_destroy(ctx);
|
4769
|
+
mongocrypt_destroy(crypt);
|
4770
|
+
}
|
4771
|
+
|
4772
|
+
static void _test_fle2_encrypted_field_config_with_bad_str_encode_version(_mongocrypt_tester_t *tester) {
|
4773
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4774
|
+
|
4775
|
+
ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
|
4776
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(
|
4777
|
+
crypt,
|
4778
|
+
TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-encrypted-field-config-map.json")),
|
4779
|
+
crypt);
|
4780
|
+
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
4781
|
+
|
4782
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4783
|
+
ASSERT_FAILS(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-insert-v2/cmd.json")),
|
4784
|
+
ctx,
|
4785
|
+
"'strEncodeVersion' of 99 is not supported");
|
4786
|
+
|
4787
|
+
mongocrypt_ctx_destroy(ctx);
|
4788
|
+
mongocrypt_destroy(crypt);
|
4789
|
+
}
|
4790
|
+
|
4791
|
+
static void _test_fle2_encrypted_fields_with_unmatching_str_encode_version(_mongocrypt_tester_t *tester) {
|
4792
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4793
|
+
|
4794
|
+
ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
|
4795
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt,
|
4796
|
+
TEST_FILE("./test/data/fle2-create-encrypted-collection/"
|
4797
|
+
"encrypted-field-config-map.json")),
|
4798
|
+
crypt);
|
4799
|
+
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
4800
|
+
|
4801
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4802
|
+
|
4803
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(
|
4804
|
+
ctx,
|
4805
|
+
"db",
|
4806
|
+
-1,
|
4807
|
+
TEST_FILE("./test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json")),
|
4808
|
+
ctx);
|
4809
|
+
|
4810
|
+
expect_and_reply_to_ismaster(ctx);
|
4811
|
+
|
4812
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4813
|
+
{
|
4814
|
+
mongocrypt_binary_t *cmd_to_mongocryptd = mongocrypt_binary_new();
|
4815
|
+
|
4816
|
+
ASSERT_OK(mongocrypt_ctx_mongo_op(ctx, cmd_to_mongocryptd), ctx);
|
4817
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(
|
4818
|
+
TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json"),
|
4819
|
+
cmd_to_mongocryptd);
|
4820
|
+
mongocrypt_binary_destroy(cmd_to_mongocryptd);
|
4821
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(
|
4822
|
+
ctx,
|
4823
|
+
TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json")),
|
4824
|
+
ctx);
|
4825
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4826
|
+
}
|
4827
|
+
|
4828
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
4829
|
+
{
|
4830
|
+
mongocrypt_binary_t *out = mongocrypt_binary_new();
|
4831
|
+
ASSERT_FAILS(mongocrypt_ctx_finalize(ctx, out),
|
4832
|
+
ctx,
|
4833
|
+
"'strEncodeVersion' of 1 does not match efc->str_encode_version of 0");
|
4834
|
+
mongocrypt_binary_destroy(out);
|
4835
|
+
}
|
4836
|
+
|
4837
|
+
mongocrypt_ctx_destroy(ctx);
|
4838
|
+
mongocrypt_destroy(crypt);
|
4839
|
+
}
|
4840
|
+
|
4841
|
+
static void _test_fle2_collinfo_with_bad_str_encode_version(_mongocrypt_tester_t *tester) {
|
4842
|
+
mongocrypt_t *crypt = mongocrypt_new();
|
4843
|
+
ASSERT_OK(mongocrypt_setopt_kms_provider_aws(crypt, "example", -1, "example", -1), crypt);
|
4844
|
+
ASSERT_OK(_mongocrypt_init_for_test(crypt), crypt);
|
4845
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4846
|
+
|
4847
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TEST_FILE("./test/data/fle2-insert-v2/cmd.json")), ctx);
|
4848
|
+
|
4849
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4850
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/fle2-bad-str-encode-version/bad-collinfo.json")),
|
4851
|
+
ctx,
|
4852
|
+
"'strEncodeVersion' of 99 is not supported");
|
4853
|
+
|
4854
|
+
mongocrypt_ctx_destroy(ctx);
|
4855
|
+
mongocrypt_destroy(crypt);
|
4856
|
+
}
|
4857
|
+
|
4858
|
+
static void _test_lookup(_mongocrypt_tester_t *tester) {
|
4859
|
+
// Test $lookup works.
|
4860
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
4861
|
+
{
|
4862
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4863
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4864
|
+
|
4865
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4866
|
+
|
4867
|
+
expect_and_reply_to_ismaster(ctx);
|
4868
|
+
|
4869
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4870
|
+
{
|
4871
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
4872
|
+
// Feed both needed schemas.
|
4873
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
4874
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
4875
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4876
|
+
}
|
4877
|
+
|
4878
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4879
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
4880
|
+
|
4881
|
+
mongocrypt_ctx_destroy(ctx);
|
4882
|
+
mongocrypt_destroy(crypt);
|
4883
|
+
}
|
4884
|
+
#undef TF
|
4885
|
+
|
4886
|
+
// Test $lookup errors if multiple-collection support is not opted-in.
|
4887
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
4888
|
+
{
|
4889
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4890
|
+
crypt->multiple_collinfo_enabled = false;
|
4891
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4892
|
+
ASSERT_FAILS(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")),
|
4893
|
+
ctx,
|
4894
|
+
"not configured to support encrypting a command with multiple collections");
|
4895
|
+
mongocrypt_ctx_destroy(ctx);
|
4896
|
+
mongocrypt_destroy(crypt);
|
4897
|
+
}
|
4898
|
+
#undef TF
|
4899
|
+
|
4900
|
+
// Test $lookup errors if mongocryptd is too old.
|
4901
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
4902
|
+
{
|
4903
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4904
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4905
|
+
|
4906
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4907
|
+
|
4908
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4909
|
+
{
|
4910
|
+
expect_mongo_op(ctx, TEST_BSON("{'isMaster': 1}"));
|
4911
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TEST_FILE("./test/data/mongocryptd-ismaster-17.json")), ctx);
|
4912
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_done(ctx), ctx, "Upgrade mongocryptd");
|
4913
|
+
}
|
4914
|
+
|
4915
|
+
mongocrypt_ctx_destroy(ctx);
|
4916
|
+
mongocrypt_destroy(crypt);
|
4917
|
+
}
|
4918
|
+
#undef TF
|
4919
|
+
|
4920
|
+
// Test nested $lookup.
|
4921
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-nested/" suffix)
|
4922
|
+
{
|
4923
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4924
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4925
|
+
|
4926
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4927
|
+
|
4928
|
+
expect_and_reply_to_ismaster(ctx);
|
4929
|
+
|
4930
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4931
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2", "c3" ]}})));
|
4932
|
+
|
4933
|
+
mongocrypt_ctx_destroy(ctx);
|
4934
|
+
mongocrypt_destroy(crypt);
|
4935
|
+
}
|
4936
|
+
#undef TF
|
4937
|
+
|
4938
|
+
// Test $lookup within $unionWith.
|
4939
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-unionWith/" suffix)
|
4940
|
+
{
|
4941
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4942
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4943
|
+
|
4944
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4945
|
+
|
4946
|
+
expect_and_reply_to_ismaster(ctx);
|
4947
|
+
|
4948
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4949
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2", "c3" ]}})));
|
4950
|
+
|
4951
|
+
mongocrypt_ctx_destroy(ctx);
|
4952
|
+
mongocrypt_destroy(crypt);
|
4953
|
+
}
|
4954
|
+
#undef TF
|
4955
|
+
|
4956
|
+
// Test $lookup within $facet.
|
4957
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-facet/" suffix)
|
4958
|
+
{
|
4959
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
4960
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4961
|
+
|
4962
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4963
|
+
|
4964
|
+
expect_and_reply_to_ismaster(ctx);
|
4965
|
+
|
4966
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4967
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
4968
|
+
|
4969
|
+
mongocrypt_ctx_destroy(ctx);
|
4970
|
+
mongocrypt_destroy(crypt);
|
4971
|
+
}
|
4972
|
+
#undef TF
|
4973
|
+
|
4974
|
+
// Test $lookup when one schema is in the schemaMap.
|
4975
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-schemaMap/" suffix)
|
4976
|
+
{
|
4977
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_SKIP_INIT);
|
4978
|
+
ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TF("schemaMap.json")), crypt);
|
4979
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
4980
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
4981
|
+
|
4982
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
4983
|
+
|
4984
|
+
expect_and_reply_to_ismaster(ctx);
|
4985
|
+
|
4986
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
4987
|
+
{
|
4988
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
4989
|
+
// Feed remote schema for "c1". "c2" is found in the schemaMap.
|
4990
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
4991
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
4992
|
+
}
|
4993
|
+
|
4994
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
4995
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
4996
|
+
|
4997
|
+
mongocrypt_ctx_destroy(ctx);
|
4998
|
+
mongocrypt_destroy(crypt);
|
4999
|
+
}
|
5000
|
+
#undef TF
|
5001
|
+
|
5002
|
+
// Test $lookup with a self-lookup.
|
5003
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-self/" suffix)
|
5004
|
+
{
|
5005
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5006
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5007
|
+
|
5008
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5009
|
+
|
5010
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5011
|
+
{
|
5012
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5013
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5014
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5015
|
+
}
|
5016
|
+
|
5017
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5018
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5019
|
+
|
5020
|
+
mongocrypt_ctx_destroy(ctx);
|
5021
|
+
mongocrypt_destroy(crypt);
|
5022
|
+
}
|
5023
|
+
#undef TF
|
5024
|
+
|
5025
|
+
// Test $lookup when one schema is already cached.
|
5026
|
+
{
|
5027
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5028
|
+
|
5029
|
+
// Do a self-lookup to add only "c1" to the cache.
|
5030
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-self/" suffix)
|
5031
|
+
{
|
5032
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5033
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5034
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5035
|
+
{
|
5036
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5037
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5038
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5039
|
+
}
|
5040
|
+
mongocrypt_ctx_destroy(ctx);
|
5041
|
+
}
|
5042
|
+
#undef TF
|
5043
|
+
|
5044
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
5045
|
+
// Expect "c1" schema is not requested again.
|
5046
|
+
{
|
5047
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5048
|
+
|
5049
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5050
|
+
expect_and_reply_to_ismaster(ctx);
|
5051
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5052
|
+
{
|
5053
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c2"})));
|
5054
|
+
// Feed remaining needed schema.
|
5055
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5056
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5057
|
+
}
|
5058
|
+
|
5059
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5060
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5061
|
+
|
5062
|
+
mongocrypt_ctx_destroy(ctx);
|
5063
|
+
}
|
5064
|
+
mongocrypt_destroy(crypt);
|
5065
|
+
}
|
5066
|
+
|
5067
|
+
#undef TF
|
5068
|
+
|
5069
|
+
// Test $lookup caches no collinfo results as empty schemas.
|
5070
|
+
{
|
5071
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5072
|
+
|
5073
|
+
// Do a self-lookup to add only "c1" to the cache.
|
5074
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
5075
|
+
{
|
5076
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5077
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5078
|
+
expect_and_reply_to_ismaster(ctx);
|
5079
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5080
|
+
// Feed no collinfo results. Expect "c1" and "c2" to be cached as empty schemas.
|
5081
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5082
|
+
mongocrypt_ctx_destroy(ctx);
|
5083
|
+
}
|
5084
|
+
#undef TF
|
5085
|
+
|
5086
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
5087
|
+
// Expect "c1" schema is not requested again.
|
5088
|
+
{
|
5089
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5090
|
+
|
5091
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5092
|
+
expect_and_reply_to_ismaster(ctx);
|
5093
|
+
// Expect no more schemas are needed (both empty).
|
5094
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5095
|
+
mongocrypt_ctx_destroy(ctx);
|
5096
|
+
}
|
5097
|
+
mongocrypt_destroy(crypt);
|
5098
|
+
}
|
5099
|
+
#undef TF
|
5100
|
+
// Test $lookup from a view.
|
5101
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-view/" suffix)
|
5102
|
+
{
|
5103
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5104
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5105
|
+
|
5106
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5107
|
+
expect_and_reply_to_ismaster(ctx);
|
5108
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5109
|
+
{
|
5110
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "v1" ]}})));
|
5111
|
+
|
5112
|
+
// Feed both needed schemas.
|
5113
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5114
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-v1.json")), ctx, "cannot auto encrypt a view");
|
5115
|
+
}
|
5116
|
+
|
5117
|
+
mongocrypt_ctx_destroy(ctx);
|
5118
|
+
mongocrypt_destroy(crypt);
|
5119
|
+
}
|
5120
|
+
#undef TF
|
5121
|
+
// Test $lookup with feeding the same schema twice.
|
5122
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle/" suffix)
|
5123
|
+
{
|
5124
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5125
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5126
|
+
|
5127
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5128
|
+
expect_and_reply_to_ismaster(ctx);
|
5129
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5130
|
+
{
|
5131
|
+
// Feed schema for "c2" twice.
|
5132
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5133
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5134
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx, "unexpected duplicate");
|
5135
|
+
}
|
5136
|
+
|
5137
|
+
mongocrypt_ctx_destroy(ctx);
|
5138
|
+
mongocrypt_destroy(crypt);
|
5139
|
+
}
|
5140
|
+
#undef TF
|
5141
|
+
|
5142
|
+
// Test $lookup with with feeding a non-matching schema.
|
5143
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-mismatch/" suffix)
|
5144
|
+
{
|
5145
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5146
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5147
|
+
|
5148
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5149
|
+
expect_and_reply_to_ismaster(ctx);
|
5150
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5151
|
+
{
|
5152
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5153
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c3.json")), ctx, "got unexpected collinfo");
|
5154
|
+
}
|
5155
|
+
|
5156
|
+
mongocrypt_ctx_destroy(ctx);
|
5157
|
+
mongocrypt_destroy(crypt);
|
5158
|
+
}
|
5159
|
+
#undef TF
|
5160
|
+
|
5161
|
+
// Test $lookup with only local schemas.
|
5162
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-only-schemaMap/" suffix)
|
5163
|
+
{
|
5164
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_SKIP_INIT);
|
5165
|
+
ASSERT_OK(mongocrypt_setopt_schema_map(crypt, TF("schemaMap.json")), crypt);
|
5166
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
5167
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5168
|
+
|
5169
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5170
|
+
expect_and_reply_to_ismaster(ctx);
|
5171
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5172
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5173
|
+
|
5174
|
+
mongocrypt_ctx_destroy(ctx);
|
5175
|
+
mongocrypt_destroy(crypt);
|
5176
|
+
}
|
5177
|
+
#undef TF
|
5178
|
+
|
5179
|
+
// Test $lookup from a collection that has no $jsonSchema configured.
|
5180
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/csfle-sibling/" suffix)
|
5181
|
+
{
|
5182
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5183
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5184
|
+
|
5185
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5186
|
+
expect_and_reply_to_ismaster(ctx);
|
5187
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5188
|
+
{
|
5189
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5190
|
+
// Feed both needed schemas.
|
5191
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5192
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5193
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5194
|
+
}
|
5195
|
+
|
5196
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5197
|
+
{
|
5198
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5199
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("reply-from-mongocryptd.json")), ctx);
|
5200
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5201
|
+
}
|
5202
|
+
|
5203
|
+
mongocrypt_ctx_destroy(ctx);
|
5204
|
+
mongocrypt_destroy(crypt);
|
5205
|
+
}
|
5206
|
+
#undef TF
|
5207
|
+
|
5208
|
+
// Test $lookup with QE.
|
5209
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe/" suffix)
|
5210
|
+
{
|
5211
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5212
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5213
|
+
|
5214
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5215
|
+
expect_and_reply_to_ismaster(ctx);
|
5216
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5217
|
+
{
|
5218
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5219
|
+
// Feed both needed schemas.
|
5220
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5221
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5222
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5223
|
+
}
|
5224
|
+
|
5225
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5226
|
+
{
|
5227
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5228
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5229
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5230
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5231
|
+
}
|
5232
|
+
|
5233
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5234
|
+
{
|
5235
|
+
// Expect no `encryptionInformation` since no encryption payloads.
|
5236
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5237
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5238
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5239
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5240
|
+
mongocrypt_binary_destroy(got);
|
5241
|
+
}
|
5242
|
+
|
5243
|
+
mongocrypt_ctx_destroy(ctx);
|
5244
|
+
mongocrypt_destroy(crypt);
|
5245
|
+
}
|
5246
|
+
#undef TF
|
5247
|
+
|
5248
|
+
// Test $lookup with QE with an encrypted payload.
|
5249
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-with-payload/" suffix)
|
5250
|
+
{
|
5251
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5252
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5253
|
+
|
5254
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5255
|
+
expect_and_reply_to_ismaster(ctx);
|
5256
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5257
|
+
{
|
5258
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5259
|
+
// Feed both needed schemas.
|
5260
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5261
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5262
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5263
|
+
}
|
5264
|
+
|
5265
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5266
|
+
{
|
5267
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5268
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5269
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5270
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5271
|
+
}
|
5272
|
+
|
5273
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5274
|
+
{
|
5275
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5276
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5277
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5278
|
+
}
|
5279
|
+
|
5280
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5281
|
+
{
|
5282
|
+
// Expect `encryptionInformation` since command has encryption payloads.
|
5283
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5284
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5285
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5286
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5287
|
+
mongocrypt_binary_destroy(got);
|
5288
|
+
}
|
5289
|
+
|
5290
|
+
mongocrypt_ctx_destroy(ctx);
|
5291
|
+
mongocrypt_destroy(crypt);
|
5292
|
+
}
|
5293
|
+
#undef TF
|
5294
|
+
|
5295
|
+
// Test $lookup with QE from encryptedFieldsMap.
|
5296
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-encryptedFieldsMap/" suffix)
|
5297
|
+
{
|
5298
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_SKIP_INIT);
|
5299
|
+
ASSERT_OK(mongocrypt_setopt_encrypted_field_config_map(crypt, TF("encryptedFieldsMap.json")), crypt);
|
5300
|
+
ASSERT_OK(mongocrypt_init(crypt), crypt);
|
5301
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5302
|
+
|
5303
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5304
|
+
expect_and_reply_to_ismaster(ctx);
|
5305
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5306
|
+
{
|
5307
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5308
|
+
// Only feed collinfo for c1. c2 is included in encryptedFieldsMap.
|
5309
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5310
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5311
|
+
}
|
5312
|
+
|
5313
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5314
|
+
{
|
5315
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5316
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5317
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5318
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5319
|
+
}
|
5320
|
+
|
5321
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5322
|
+
{
|
5323
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5324
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5325
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5326
|
+
}
|
5327
|
+
|
5328
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5329
|
+
{
|
5330
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5331
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5332
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5333
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5334
|
+
mongocrypt_binary_destroy(got);
|
5335
|
+
}
|
5336
|
+
|
5337
|
+
mongocrypt_ctx_destroy(ctx);
|
5338
|
+
mongocrypt_destroy(crypt);
|
5339
|
+
}
|
5340
|
+
#undef TF
|
5341
|
+
|
5342
|
+
// Test $lookup with QE with self-lookup.
|
5343
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-self/" suffix)
|
5344
|
+
{
|
5345
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5346
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5347
|
+
|
5348
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5349
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5350
|
+
{
|
5351
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5352
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5353
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5354
|
+
}
|
5355
|
+
|
5356
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5357
|
+
{
|
5358
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5359
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5360
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5361
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5362
|
+
}
|
5363
|
+
|
5364
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5365
|
+
{
|
5366
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5367
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5368
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5369
|
+
}
|
5370
|
+
|
5371
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5372
|
+
{
|
5373
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5374
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5375
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5376
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5377
|
+
mongocrypt_binary_destroy(got);
|
5378
|
+
}
|
5379
|
+
|
5380
|
+
mongocrypt_ctx_destroy(ctx);
|
5381
|
+
mongocrypt_destroy(crypt);
|
5382
|
+
}
|
5383
|
+
#undef TF
|
5384
|
+
|
5385
|
+
// Test $lookup with QE from from cache.
|
5386
|
+
{
|
5387
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5388
|
+
|
5389
|
+
// Do a self-lookup to add only "c1" to the cache.
|
5390
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-self/" suffix)
|
5391
|
+
{
|
5392
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5393
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5394
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5395
|
+
{
|
5396
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c1"})));
|
5397
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5398
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5399
|
+
}
|
5400
|
+
mongocrypt_ctx_destroy(ctx);
|
5401
|
+
}
|
5402
|
+
#undef TF
|
5403
|
+
|
5404
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/qe-with-payload/" suffix)
|
5405
|
+
// Expect "c1" schema is not requested again.
|
5406
|
+
{
|
5407
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5408
|
+
|
5409
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5410
|
+
expect_and_reply_to_ismaster(ctx);
|
5411
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5412
|
+
{
|
5413
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : "c2"})));
|
5414
|
+
// Feed remaining needed schema.
|
5415
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5416
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5417
|
+
}
|
5418
|
+
|
5419
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5420
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5421
|
+
|
5422
|
+
mongocrypt_ctx_destroy(ctx);
|
5423
|
+
}
|
5424
|
+
mongocrypt_destroy(crypt);
|
5425
|
+
}
|
5426
|
+
|
5427
|
+
#undef TF
|
5428
|
+
|
5429
|
+
// Test $lookup with mixed: QE + CSFLE
|
5430
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/qe/csfle/" suffix)
|
5431
|
+
{
|
5432
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5433
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5434
|
+
|
5435
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5436
|
+
expect_and_reply_to_ismaster(ctx);
|
5437
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5438
|
+
{
|
5439
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5440
|
+
|
5441
|
+
// Feed both needed schemas.
|
5442
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5443
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5444
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5445
|
+
}
|
5446
|
+
|
5447
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5448
|
+
{
|
5449
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5450
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_op(ctx, got), ctx, "currently not supported");
|
5451
|
+
mongocrypt_binary_destroy(got);
|
5452
|
+
}
|
5453
|
+
|
5454
|
+
mongocrypt_ctx_destroy(ctx);
|
5455
|
+
mongocrypt_destroy(crypt);
|
5456
|
+
}
|
5457
|
+
#undef TF
|
5458
|
+
|
5459
|
+
// Test $lookup with mixed: QE + no-schema
|
5460
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/qe/no-schema/" suffix)
|
5461
|
+
{
|
5462
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5463
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5464
|
+
|
5465
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5466
|
+
expect_and_reply_to_ismaster(ctx);
|
5467
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5468
|
+
{
|
5469
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5470
|
+
// Feed both needed schemas.
|
5471
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5472
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5473
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5474
|
+
}
|
5475
|
+
|
5476
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5477
|
+
{
|
5478
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5479
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5480
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5481
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5482
|
+
}
|
5483
|
+
|
5484
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5485
|
+
{
|
5486
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5487
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5488
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5489
|
+
}
|
5490
|
+
|
5491
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5492
|
+
{
|
5493
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5494
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5495
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5496
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5497
|
+
mongocrypt_binary_destroy(got);
|
5498
|
+
}
|
5499
|
+
|
5500
|
+
mongocrypt_ctx_destroy(ctx);
|
5501
|
+
mongocrypt_destroy(crypt);
|
5502
|
+
}
|
5503
|
+
#undef TF
|
5504
|
+
|
5505
|
+
// Test $lookup with mixed: QE + QE
|
5506
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/qe/qe/" suffix)
|
5507
|
+
{
|
5508
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5509
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5510
|
+
|
5511
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5512
|
+
expect_and_reply_to_ismaster(ctx);
|
5513
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5514
|
+
{
|
5515
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5516
|
+
// Feed both needed schemas.
|
5517
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5518
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5519
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5520
|
+
}
|
5521
|
+
|
5522
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5523
|
+
{
|
5524
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5525
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5526
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5527
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5528
|
+
}
|
5529
|
+
|
5530
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5531
|
+
{
|
5532
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5533
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5534
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5535
|
+
}
|
5536
|
+
|
5537
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5538
|
+
{
|
5539
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5540
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5541
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5542
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5543
|
+
mongocrypt_binary_destroy(got);
|
5544
|
+
}
|
5545
|
+
|
5546
|
+
mongocrypt_ctx_destroy(ctx);
|
5547
|
+
mongocrypt_destroy(crypt);
|
5548
|
+
}
|
5549
|
+
#undef TF
|
5550
|
+
|
5551
|
+
// Test $lookup with mixed: CSFLE + CSFLE.
|
5552
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/csfle/csfle/" suffix)
|
5553
|
+
{
|
5554
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5555
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5556
|
+
|
5557
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5558
|
+
expect_and_reply_to_ismaster(ctx);
|
5559
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5560
|
+
{
|
5561
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5562
|
+
// Feed both needed schemas.
|
5563
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5564
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5565
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5566
|
+
}
|
5567
|
+
|
5568
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5569
|
+
{
|
5570
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5571
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5572
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5573
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5574
|
+
}
|
5575
|
+
|
5576
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5577
|
+
{
|
5578
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5579
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5580
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5581
|
+
}
|
5582
|
+
|
5583
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5584
|
+
{
|
5585
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5586
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5587
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5588
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5589
|
+
mongocrypt_binary_destroy(got);
|
5590
|
+
}
|
5591
|
+
|
5592
|
+
mongocrypt_ctx_destroy(ctx);
|
5593
|
+
mongocrypt_destroy(crypt);
|
5594
|
+
}
|
5595
|
+
#undef TF
|
5596
|
+
|
5597
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/csfle/qe/" suffix)
|
5598
|
+
{
|
5599
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5600
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5601
|
+
|
5602
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5603
|
+
expect_and_reply_to_ismaster(ctx);
|
5604
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5605
|
+
{
|
5606
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5607
|
+
// Feed both needed schemas.
|
5608
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5609
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5610
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5611
|
+
}
|
5612
|
+
|
5613
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5614
|
+
{
|
5615
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5616
|
+
ASSERT_FAILS(mongocrypt_ctx_mongo_op(ctx, got), ctx, "This is currently not supported");
|
5617
|
+
mongocrypt_binary_destroy(got);
|
5618
|
+
}
|
5619
|
+
|
5620
|
+
mongocrypt_ctx_destroy(ctx);
|
5621
|
+
mongocrypt_destroy(crypt);
|
5622
|
+
}
|
5623
|
+
#undef TF
|
5624
|
+
|
5625
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/csfle/no-schema/" suffix)
|
5626
|
+
{
|
5627
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5628
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5629
|
+
|
5630
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5631
|
+
expect_and_reply_to_ismaster(ctx);
|
5632
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5633
|
+
{
|
5634
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5635
|
+
// Feed both needed schemas.
|
5636
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5637
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5638
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5639
|
+
}
|
5640
|
+
|
5641
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5642
|
+
{
|
5643
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5644
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5645
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5646
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5647
|
+
}
|
5648
|
+
|
5649
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5650
|
+
{
|
5651
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5652
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5653
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5654
|
+
}
|
5655
|
+
|
5656
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5657
|
+
{
|
5658
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5659
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5660
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5661
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5662
|
+
mongocrypt_binary_destroy(got);
|
5663
|
+
}
|
5664
|
+
|
5665
|
+
mongocrypt_ctx_destroy(ctx);
|
5666
|
+
mongocrypt_destroy(crypt);
|
5667
|
+
}
|
5668
|
+
#undef TF
|
5669
|
+
|
5670
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/no-schema/csfle/" suffix)
|
5671
|
+
{
|
5672
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5673
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5674
|
+
|
5675
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5676
|
+
expect_and_reply_to_ismaster(ctx);
|
5677
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5678
|
+
{
|
5679
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5680
|
+
// Feed both needed schemas.
|
5681
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5682
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5683
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5684
|
+
}
|
5685
|
+
|
5686
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5687
|
+
{
|
5688
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5689
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5690
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5691
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5692
|
+
}
|
5693
|
+
|
5694
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5695
|
+
{
|
5696
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5697
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5698
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5699
|
+
}
|
5700
|
+
|
5701
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5702
|
+
{
|
5703
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5704
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5705
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5706
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5707
|
+
mongocrypt_binary_destroy(got);
|
5708
|
+
}
|
5709
|
+
mongocrypt_ctx_destroy(ctx);
|
5710
|
+
mongocrypt_destroy(crypt);
|
5711
|
+
}
|
5712
|
+
#undef TF
|
5713
|
+
|
5714
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/no-schema/no-schema/" suffix)
|
5715
|
+
{
|
5716
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5717
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5718
|
+
|
5719
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5720
|
+
expect_and_reply_to_ismaster(ctx);
|
5721
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5722
|
+
{
|
5723
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5724
|
+
// Feed both needed schemas.
|
5725
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5726
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5727
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5728
|
+
}
|
5729
|
+
|
5730
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5731
|
+
{
|
5732
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5733
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5734
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5735
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5736
|
+
}
|
5737
|
+
|
5738
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5739
|
+
{
|
5740
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5741
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5742
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5743
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5744
|
+
mongocrypt_binary_destroy(got);
|
5745
|
+
}
|
5746
|
+
mongocrypt_ctx_destroy(ctx);
|
5747
|
+
mongocrypt_destroy(crypt);
|
5748
|
+
}
|
5749
|
+
#undef TF
|
5750
|
+
|
5751
|
+
#define TF(suffix) TEST_FILE("./test/data/lookup/mixed/no-schema/qe/" suffix)
|
5752
|
+
{
|
5753
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
5754
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
5755
|
+
|
5756
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "db", -1, TF("cmd.json")), ctx);
|
5757
|
+
expect_and_reply_to_ismaster(ctx);
|
5758
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_COLLINFO);
|
5759
|
+
{
|
5760
|
+
expect_mongo_op(ctx, TEST_BSON(BSON_STR({"name" : {"$in" : [ "c1", "c2" ]}})));
|
5761
|
+
// Feed both needed schemas.
|
5762
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c1.json")), ctx);
|
5763
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, TF("collInfo-c2.json")), ctx);
|
5764
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5765
|
+
}
|
5766
|
+
|
5767
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_MARKINGS);
|
5768
|
+
{
|
5769
|
+
expect_mongo_op(ctx, TF("cmd-to-mongocryptd.json"));
|
5770
|
+
mongocrypt_binary_t *to_feed = TF("reply-from-mongocryptd.json");
|
5771
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5772
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5773
|
+
}
|
5774
|
+
|
5775
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_NEED_MONGO_KEYS);
|
5776
|
+
{
|
5777
|
+
mongocrypt_binary_t *to_feed = TF("key-doc.json");
|
5778
|
+
ASSERT_OK(mongocrypt_ctx_mongo_feed(ctx, to_feed), ctx);
|
5779
|
+
ASSERT_OK(mongocrypt_ctx_mongo_done(ctx), ctx);
|
5780
|
+
}
|
5781
|
+
|
5782
|
+
ASSERT_STATE_EQUAL(mongocrypt_ctx_state(ctx), MONGOCRYPT_CTX_READY);
|
5783
|
+
{
|
5784
|
+
mongocrypt_binary_t *expect = TF("cmd-to-mongod.json");
|
5785
|
+
mongocrypt_binary_t *got = mongocrypt_binary_new();
|
5786
|
+
ASSERT_OK(mongocrypt_ctx_finalize(ctx, got), ctx);
|
5787
|
+
ASSERT_MONGOCRYPT_BINARY_EQUAL_BSON(expect, got);
|
5788
|
+
mongocrypt_binary_destroy(got);
|
5789
|
+
}
|
5790
|
+
mongocrypt_ctx_destroy(ctx);
|
5791
|
+
mongocrypt_destroy(crypt);
|
5792
|
+
}
|
5793
|
+
#undef TF
|
5677
5794
|
}
|
5678
5795
|
|
5679
5796
|
void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
@@ -5695,7 +5812,6 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
|
5695
5812
|
INSTALL_TEST(_test_encrypt_is_remote_schema);
|
5696
5813
|
INSTALL_TEST(_test_encrypt_init_each_cmd);
|
5697
5814
|
INSTALL_TEST(_test_encrypt_invalid_siblings);
|
5698
|
-
INSTALL_TEST(_test_encrypt_dupe_jsonschema);
|
5699
5815
|
INSTALL_TEST(_test_encrypting_with_explicit_encryption);
|
5700
5816
|
INSTALL_TEST(_test_explicit_encryption);
|
5701
5817
|
INSTALL_TEST(_test_encrypt_empty_aws);
|
@@ -5711,8 +5827,8 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
|
5711
5827
|
INSTALL_TEST(_test_encrypt_no_schema);
|
5712
5828
|
INSTALL_TEST(_test_encrypt_remote_encryptedfields);
|
5713
5829
|
INSTALL_TEST(_test_encrypt_with_bypassqueryanalysis);
|
5714
|
-
INSTALL_TEST(_test_FLE2EncryptionPlaceholder_parse);
|
5715
5830
|
INSTALL_TEST(_test_encrypt_fle2_insert_payload);
|
5831
|
+
INSTALL_TEST(_test_encrypt_fle2_insert_payload_with_str_encode_version);
|
5716
5832
|
INSTALL_TEST(_test_encrypt_fle2_find_payload);
|
5717
5833
|
INSTALL_TEST(_test_encrypt_fle2_unindexed_encrypted_payload);
|
5718
5834
|
INSTALL_TEST(_test_encrypt_fle2_explicit);
|
@@ -5733,11 +5849,18 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
|
5733
5849
|
INSTALL_TEST(_test_fle1_create_old_mongocryptd);
|
5734
5850
|
INSTALL_TEST(_test_fle1_create_with_csfle);
|
5735
5851
|
INSTALL_TEST(_test_fle2_create);
|
5852
|
+
INSTALL_TEST(_test_fle2_create_with_encrypted_fields);
|
5853
|
+
INSTALL_TEST(_test_fle2_create_with_encrypted_fields_and_str_encode_version);
|
5854
|
+
INSTALL_TEST(_test_fle2_create_with_encrypted_fields_unset_str_encode_version);
|
5855
|
+
INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields);
|
5856
|
+
INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields_and_str_encode_version);
|
5857
|
+
INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields_unset_str_encode_version);
|
5858
|
+
INSTALL_TEST(_test_fle2_text_search_create_with_encrypted_fields_unmatching_str_encode_version);
|
5859
|
+
INSTALL_TEST(_test_fle2_create_does_not_cache_empty_schema);
|
5736
5860
|
INSTALL_TEST(_test_fle2_create_bypass_query_analysis);
|
5737
5861
|
INSTALL_TEST(_test_encrypt_macos_no_ctr);
|
5738
5862
|
INSTALL_TEST(_test_fle1_collmod_with_jsonSchema);
|
5739
5863
|
INSTALL_TEST(_test_fle1_collmod_without_jsonSchema);
|
5740
|
-
INSTALL_TEST(_test_FLE2EncryptionPlaceholder_range_parse);
|
5741
5864
|
INSTALL_TEST(_test_encrypt_fle2_insert_range_payload_int32);
|
5742
5865
|
INSTALL_TEST(_test_encrypt_fle2_insert_range_payload_int64);
|
5743
5866
|
INSTALL_TEST(_test_encrypt_fle2_insert_range_payload_date);
|
@@ -5756,9 +5879,16 @@ void _mongocrypt_tester_install_ctx_encrypt(_mongocrypt_tester_t *tester) {
|
|
5756
5879
|
INSTALL_TEST(_test_encrypt_fle2_find_range_payload_decimal128);
|
5757
5880
|
INSTALL_TEST(_test_encrypt_fle2_find_range_payload_decimal128_precision);
|
5758
5881
|
#endif
|
5882
|
+
INSTALL_TEST(_test_encrypt_fle2_insert_text_search_payload);
|
5883
|
+
INSTALL_TEST(_test_encrypt_fle2_insert_text_search_payload_with_str_encode_version);
|
5759
5884
|
INSTALL_TEST(_test_bulkWrite);
|
5760
5885
|
INSTALL_TEST(_test_rangePreview_fails);
|
5761
5886
|
INSTALL_TEST(_test_no_trimFactor);
|
5762
5887
|
INSTALL_TEST(_test_range_sends_cryptoParams);
|
5763
5888
|
INSTALL_TEST(_test_encrypt_retry);
|
5889
|
+
INSTALL_TEST(_test_does_not_warn_for_empty_local_schema);
|
5890
|
+
INSTALL_TEST(_test_fle2_encrypted_field_config_with_bad_str_encode_version);
|
5891
|
+
INSTALL_TEST(_test_fle2_encrypted_fields_with_unmatching_str_encode_version);
|
5892
|
+
INSTALL_TEST(_test_fle2_collinfo_with_bad_str_encode_version);
|
5893
|
+
INSTALL_TEST(_test_lookup);
|
5764
5894
|
}
|