libmongocrypt-helper 1.12.0.0.1001 → 1.13.2.0.1001

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (491) hide show
  1. checksums.yaml +4 -4
  2. data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +19 -0
  3. data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +10 -0
  4. data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -4
  5. data/ext/libmongocrypt/libmongocrypt/CONTRIBUTING.md +14 -0
  6. data/ext/libmongocrypt/libmongocrypt/Earthfile +49 -50
  7. data/ext/libmongocrypt/libmongocrypt/README.md +8 -17
  8. data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +6 -0
  9. data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +1 -1
  10. data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -1
  11. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +39 -1
  12. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +32 -0
  13. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
  14. data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +1 -1
  15. data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +8 -8
  16. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-field-config-map.json +0 -1
  17. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +0 -2
  18. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +11 -11
  19. data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +4 -2
  20. data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +3 -5
  21. data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +14 -27
  22. data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +9 -9
  23. data/ext/libmongocrypt/libmongocrypt/etc/format.sh +0 -2
  24. data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-in-functions.patch +158 -0
  25. data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +3 -3
  26. data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +1 -1
  27. data/ext/libmongocrypt/libmongocrypt/integrating.md +42 -11
  28. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_windows.c +2 -2
  29. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message.c +1 -1
  30. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +2 -2
  31. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +3 -3
  32. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +5 -5
  33. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +25 -8
  34. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +2 -2
  35. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +3 -3
  36. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +12 -10
  37. data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +5 -0
  38. data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +35 -1
  39. data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +4 -1
  40. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +79 -0
  41. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +226 -2
  42. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +0 -1
  43. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +0 -1
  44. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +34 -0
  45. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +165 -1
  46. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +0 -1
  47. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private-v2.h +105 -7
  48. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +381 -70
  49. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block-private.h +7 -2
  50. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +17 -0
  51. data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +126 -0
  52. data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +1075 -0
  53. data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +95 -0
  54. data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +304 -0
  55. data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +45 -0
  56. data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +248 -0
  57. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +112 -2
  58. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +166 -2
  59. data/ext/libmongocrypt/libmongocrypt/src/mlib/windows-lean.h +2 -0
  60. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +11 -0
  61. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +36 -3
  62. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +8 -4
  63. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +430 -857
  64. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +5 -19
  65. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +1 -1
  66. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +516 -523
  67. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -4
  68. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +7 -12
  69. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +1 -1
  70. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +3 -1
  71. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +6 -9
  72. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +17 -0
  73. data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +3 -1
  74. data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1434 -0
  75. data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +2884 -0
  76. data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +139 -0
  77. data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.h +58 -0
  78. data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +2 -2
  79. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +1 -0
  80. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +1 -0
  81. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +1 -0
  82. data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +1 -1
  83. data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +20 -21
  84. data/ext/libmongocrypt/libmongocrypt/test/data/compact/missing-key-id/collinfo.json +2 -2
  85. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/collinfo.json +1 -1
  86. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +1 -1
  87. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +1 -1
  88. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +0 -1
  89. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +20 -21
  90. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd-to-mongocryptd.json +1 -2
  91. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/collinfo.json +2 -2
  92. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/encrypted-payload.json +2 -3
  93. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/mongocryptd-reply.json +1 -2
  94. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd-to-mongocryptd.json +1 -2
  95. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/collinfo.json +2 -2
  96. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/encrypted-payload.json +2 -3
  97. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/mongocryptd-reply.json +1 -2
  98. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd-to-mongocryptd.json +1 -2
  99. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/collinfo.json +2 -2
  100. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/mongocryptd-reply.json +1 -2
  101. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/collinfo.json +2 -1
  102. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-extraField.json +0 -1
  103. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-missingKeyId.json +0 -1
  104. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-badVersionSet.json +23 -0
  105. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-goodVersionSet.json +23 -0
  106. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField.json +0 -1
  107. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-badVersionSet.json +48 -0
  108. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-goodVersionSet.json +48 -0
  109. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields.json +47 -0
  110. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-twoFields.json +0 -1
  111. data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-field-config-map.json +1 -3
  112. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1DeterministicEncryptedValue.json +8 -0
  113. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1EncryptionPlaceholder.json +8 -0
  114. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1RandomEncryptedValue.json +8 -0
  115. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EncryptionPlaceholder.json +8 -0
  116. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +8 -0
  117. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2FindEqualityPayloadV2.json +8 -0
  118. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValue.json +8 -0
  119. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValueV2.json +8 -0
  120. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValue.json +8 -0
  121. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValueV2.json +8 -0
  122. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges-V2.json +8 -0
  123. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges.json +8 -0
  124. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/insert-indexed.json → explicit-decrypt/FLE2InsertUpdatePayload.json} +1 -1
  125. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2.json +8 -0
  126. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +8 -0
  127. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValue.json +8 -0
  128. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValueV2.json +8 -0
  129. data/ext/libmongocrypt/libmongocrypt/test/data/find-with-encryptionInformation.json +0 -1
  130. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/collinfo.json +2 -1
  131. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/collinfo.json +2 -1
  132. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-collinfo.json +26 -0
  133. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json +51 -0
  134. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json +45 -0
  135. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd.json +18 -0
  136. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/int32/encrypted-field-map.json → fle2-bad-str-encode-version/bad-encrypted-field-config-map.json} +7 -12
  137. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-bad-str-encode-version}/encrypted-payload.json +4 -4
  138. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd-to-mongocryptd.json +1 -2
  139. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-field-config-map.json +1 -2
  140. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd-to-mongocryptd.json +44 -0
  141. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd.json +17 -0
  142. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-equality/encrypted-field-map.json → fle2-create-encrypted-collection/encrypted-field-config-map.json} +9 -8
  143. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/encrypted-payload.json +17 -0
  144. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/mongocryptd-reply.json +50 -0
  145. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/cmd-to-mongocryptd.json +45 -0
  146. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/mongocryptd-reply.json +51 -0
  147. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +46 -0
  148. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json +18 -0
  149. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +25 -0
  150. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +18 -0
  151. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +52 -0
  152. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/collinfo.json +1 -1
  153. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-field-config-map.json +0 -1
  154. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload-v2.json +57 -59
  155. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/mongocryptd-reply.json +63 -64
  156. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/collinfo.json +1 -1
  157. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-field-config-map.json +0 -1
  158. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload-v2.json +64 -66
  159. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/mongocryptd-reply.json +69 -70
  160. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +1 -1
  161. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +1 -2
  162. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd-to-mongocryptd.json +1 -2
  163. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/collinfo.json +2 -2
  164. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/encrypted-payload.json +2 -3
  165. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/mongocryptd-reply.json +1 -2
  166. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongocryptd.json +0 -1
  167. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongod.json +0 -1
  168. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/reply-from-mongocryptd.json +0 -1
  169. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-field-map.json +0 -1
  170. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/cmd.json +9 -0
  171. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/date → fle2-insert-text-search}/encrypted-field-map.json +10 -9
  172. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/encrypted-payload.json +47 -0
  173. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/mongocryptd-reply.json +55 -0
  174. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/double → fle2-insert-text-search-with-str-encode-version}/encrypted-field-map.json +12 -10
  175. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/encrypted-payload.json +47 -0
  176. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/mongocryptd-reply.json +55 -0
  177. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/cmd.json +9 -0
  178. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/encrypted-field-map.json +2 -2
  179. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/encrypted-payload.json +40 -0
  180. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/mongocryptd-reply.json +2 -2
  181. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd-to-mongocryptd.json +55 -0
  182. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd.json +22 -0
  183. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-field-config-map.json +29 -0
  184. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-payload.json +23 -0
  185. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/mongocryptd-reply.json +61 -0
  186. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +56 -0
  187. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd.json +23 -0
  188. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +30 -0
  189. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +23 -0
  190. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +62 -0
  191. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneText.json +20 -0
  192. data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneTextLarge.json +930 -0
  193. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd-to-mongocryptd.json +60 -0
  194. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd.json +14 -0
  195. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c1.json +39 -0
  196. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c2.json +39 -0
  197. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-facet/cmd.json +20 -0
  198. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/cmd.json +14 -0
  199. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c1.json} +13 -11
  200. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/collInfo-c3.json +39 -0
  201. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-nested/cmd.json +24 -0
  202. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd-to-mongocryptd.json +60 -0
  203. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd.json +14 -0
  204. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/schemaMap.json +40 -0
  205. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd-to-mongocryptd.json +60 -0
  206. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd.json +14 -0
  207. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/collInfo-c1.json +39 -0
  208. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/schemaMap.json +21 -0
  209. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd-to-mongocryptd.json +34 -0
  210. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd.json +14 -0
  211. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/collInfo-c1.json +39 -0
  212. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd-to-mongocryptd.json +49 -0
  213. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd.json +14 -0
  214. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c1.json +39 -0
  215. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c2.json +29 -0
  216. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/reply-from-mongocryptd.json +18 -0
  217. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-unionWith/cmd.json +21 -0
  218. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/cmd.json +14 -0
  219. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-c1.json +39 -0
  220. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-v1.json +11 -0
  221. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongocryptd.json +65 -0
  222. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongod.json +26 -0
  223. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd.json +19 -0
  224. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c1.json +39 -0
  225. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c2.json +39 -0
  226. data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/keys/ABCDEFAB123498761234123456789012-local-document.json → test/data/lookup/mixed/csfle/csfle/key-doc.json} +4 -4
  227. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/reply-from-mongocryptd.json +33 -0
  228. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongocryptd.json +47 -0
  229. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongod.json +26 -0
  230. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd.json +19 -0
  231. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c1.json +39 -0
  232. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c2.json +17 -0
  233. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/key-doc.json +30 -0
  234. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/reply-from-mongocryptd.json +33 -0
  235. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd-to-mongocryptd.json +70 -0
  236. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd.json +19 -0
  237. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c1.json +39 -0
  238. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c2.json +42 -0
  239. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongocryptd.json +47 -0
  240. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongod.json +26 -0
  241. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd.json +19 -0
  242. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c1.json +17 -0
  243. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c2.json +39 -0
  244. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/key-doc.json +30 -0
  245. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/reply-from-mongocryptd.json +33 -0
  246. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongocryptd.json +29 -0
  247. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongod.json +19 -0
  248. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd.json +19 -0
  249. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c1.json +17 -0
  250. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c2.json +17 -0
  251. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/reply-from-mongocryptd.json +26 -0
  252. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongocryptd.json +53 -0
  253. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongod.json +58 -0
  254. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd.json +19 -0
  255. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c1.json +17 -0
  256. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c2.json +42 -0
  257. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/key-doc.json +30 -0
  258. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/reply-from-mongocryptd.json +65 -0
  259. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd-to-mongocryptd.json +70 -0
  260. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd.json +19 -0
  261. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c1.json +42 -0
  262. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c2.json +39 -0
  263. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongocryptd.json +53 -0
  264. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongod.json +56 -0
  265. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd.json +19 -0
  266. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c1.json +42 -0
  267. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c2.json +17 -0
  268. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/key-doc.json +30 -0
  269. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/reply-from-mongocryptd.json +63 -0
  270. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongocryptd.json +66 -0
  271. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongod.json +71 -0
  272. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd.json +19 -0
  273. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c1.json +42 -0
  274. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c2.json +42 -0
  275. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/key-doc.json +30 -0
  276. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/reply-from-mongocryptd.json +78 -0
  277. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongocryptd.json +61 -0
  278. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongod.json +14 -0
  279. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd.json +14 -0
  280. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c1.json +42 -0
  281. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c2.json +42 -0
  282. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/reply-from-mongocryptd.json +68 -0
  283. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongocryptd.json +66 -0
  284. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongod.json +71 -0
  285. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd.json +19 -0
  286. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/collInfo-c1.json +42 -0
  287. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert-unindexed/encrypted-field-map.json → lookup/qe-encryptedFieldsMap/encryptedFieldsMap.json} +6 -7
  288. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/key-doc.json +30 -0
  289. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/reply-from-mongocryptd.json +78 -0
  290. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongocryptd.json +46 -0
  291. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongod.json +53 -0
  292. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd.json +19 -0
  293. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/collInfo-c1.json +42 -0
  294. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/key-doc.json +30 -0
  295. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/reply-from-mongocryptd.json +58 -0
  296. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongocryptd.json +66 -0
  297. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongod.json +75 -0
  298. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd.json +19 -0
  299. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c1.json +42 -0
  300. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c2.json +42 -0
  301. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/key-doc.json +30 -0
  302. data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/reply-from-mongocryptd.json +78 -0
  303. data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-create/mongocryptd-ismaster.json → mongocryptd-ismaster-17.json} +1 -1
  304. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-ismaster-26.json +12 -0
  305. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields.json +42 -0
  306. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields2.json +42 -0
  307. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-jsonSchema.json +43 -0
  308. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-noSchema.json +21 -0
  309. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/create-with-jsonSchema.json +24 -0
  310. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields.json +20 -0
  311. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields2.json +20 -0
  312. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFieldsMap.json +42 -0
  313. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema.json +19 -0
  314. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema2.json +19 -0
  315. data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/schemaMap.json +40 -0
  316. data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +28 -2
  317. data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +28 -2
  318. data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +70 -0
  319. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +468 -0
  320. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +20 -1
  321. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev-v2.c +286 -24
  322. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +1 -1
  323. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +23 -1
  324. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +24 -1
  325. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +2 -2
  326. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +2 -2
  327. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-tag-and-encrypted-metadata-block.c +36 -1
  328. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -7
  329. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +32 -33
  330. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +58 -66
  331. data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +2 -2
  332. data/ext/libmongocrypt/libmongocrypt/test/test-mc-schema-broker.c +1124 -0
  333. data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +1207 -0
  334. data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +144 -37
  335. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +13 -14
  336. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +21 -4
  337. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +25 -0
  338. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +3 -2
  339. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +1 -1
  340. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +37 -7
  341. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +21 -0
  342. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +226 -146
  343. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +1330 -1200
  344. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +1 -1
  345. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +6 -6
  346. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +2 -2
  347. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +744 -106
  348. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +119 -33
  349. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +27 -4
  350. data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +97 -0
  351. data/lib/libmongocrypt_helper/version.rb +2 -2
  352. metadata +207 -157
  353. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/README.md +0 -36
  354. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +0 -28
  355. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +0 -217
  356. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +0 -24
  357. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +0 -354
  358. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
  359. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +0 -5
  360. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +0 -234
  361. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +0 -89
  362. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +0 -1
  363. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/BinaryHolder.java +0 -45
  364. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +0 -1165
  365. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +0 -96
  366. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +0 -92
  367. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/DisposableMemory.java +0 -31
  368. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/JULLogger.java +0 -130
  369. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Logger.java +0 -144
  370. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Loggers.java +0 -50
  371. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MacCallback.java +0 -60
  372. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MessageDigestCallback.java +0 -55
  373. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoAwsKmsProviderOptions.java +0 -104
  374. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypt.java +0 -100
  375. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContext.java +0 -137
  376. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContextImpl.java +0 -164
  377. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptException.java +0 -67
  378. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +0 -423
  379. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptOptions.java +0 -284
  380. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypts.java +0 -38
  381. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoDataKeyOptions.java +0 -125
  382. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +0 -227
  383. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptor.java +0 -76
  384. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptorImpl.java +0 -105
  385. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoLocalKmsProviderOptions.java +0 -83
  386. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoRewrapManyDataKeyOptions.java +0 -104
  387. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SLF4JLogger.java +0 -110
  388. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SecureRandomCallback.java +0 -51
  389. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SigningRSAESPKCSCallback.java +0 -76
  390. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/package-info.java +0 -18
  391. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +0 -180
  392. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +0 -134
  393. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +0 -389
  394. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command-reply.json +0 -13
  395. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command.json +0 -6
  396. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command-reply.json +0 -16
  397. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command.json +0 -11
  398. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-value.json +0 -6
  399. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +0 -26
  400. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/key-filter.json +0 -19
  401. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/rangeopts.json +0 -14
  402. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/value-to-encrypt.json +0 -20
  403. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/json-schema.json +0 -15
  404. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-document.json +0 -36
  405. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter-keyAltName.json +0 -14
  406. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter.json +0 -19
  407. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/kms-reply.txt +0 -6
  408. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/list-collections-filter.json +0 -3
  409. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-command.json +0 -22
  410. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-reply.json +0 -18
  411. data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +0 -70
  412. data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +0 -20
  413. data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-schema.json +0 -19
  414. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +0 -47
  415. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/cmd.json +0 -8
  416. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/collinfo.json +0 -9
  417. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/ismaster-to-mongocryptd.json +0 -3
  418. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload.json +0 -91
  419. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload.json +0 -98
  420. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1.json +0 -8
  421. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1.json +0 -8
  422. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key.json +0 -8
  423. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/cmd.json +0 -6
  424. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-payload.json +0 -41
  425. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/mongocryptd-reply.json +0 -19
  426. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/cmd.json +0 -10
  427. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-payload.json +0 -42
  428. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/mongocryptd-reply.json +0 -50
  429. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/cmd.json +0 -6
  430. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-field-map.json +0 -28
  431. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-payload.json +0 -42
  432. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/mongocryptd-reply.json +0 -50
  433. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/cmd.json +0 -6
  434. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-field-map.json +0 -31
  435. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-payload.json +0 -51
  436. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/mongocryptd-reply.json +0 -59
  437. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/cmd.json +0 -8
  438. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-payload.json +0 -42
  439. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/mongocryptd-reply.json +0 -50
  440. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/cmd.json +0 -8
  441. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-field-map.json +0 -31
  442. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-payload.json +0 -45
  443. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/mongocryptd-reply.json +0 -53
  444. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/cmd.json +0 -8
  445. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-payload.json +0 -42
  446. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/mongocryptd-reply.json +0 -50
  447. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/cmd.json +0 -8
  448. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-field-map.json +0 -28
  449. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-payload.json +0 -42
  450. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/mongocryptd-reply.json +0 -50
  451. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload.json +0 -26
  452. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload.json +0 -26
  453. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
  454. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -26
  455. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload.json +0 -16
  456. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/cmd.json +0 -13
  457. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-field-map.json +0 -28
  458. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-payload.json +0 -45
  459. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/mongocryptd-reply.json +0 -53
  460. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/cmd.json +0 -9
  461. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-field-map.json +0 -28
  462. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-payload.json +0 -45
  463. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/mongocryptd-reply.json +0 -53
  464. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/cmd.json +0 -9
  465. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-field-map.json +0 -31
  466. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-payload.json +0 -54
  467. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/mongocryptd-reply.json +0 -62
  468. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/cmd.json +0 -11
  469. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-field-map.json +0 -28
  470. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-payload.json +0 -45
  471. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/mongocryptd-reply.json +0 -53
  472. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/cmd.json +0 -11
  473. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-field-map.json +0 -31
  474. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-payload.json +0 -48
  475. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/mongocryptd-reply.json +0 -56
  476. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-payload.json +0 -45
  477. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/mongocryptd-reply.json +0 -53
  478. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/cmd.json +0 -11
  479. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-field-map.json +0 -28
  480. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-payload.json +0 -45
  481. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/mongocryptd-reply.json +0 -53
  482. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload.json +0 -8
  483. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload.json +0 -8
  484. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -8
  485. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload.json +0 -8
  486. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/cmd.json +0 -9
  487. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-payload.json +0 -14
  488. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/mongocryptd-reply.json +0 -46
  489. data/ext/libmongocrypt/libmongocrypt/test/data/schema.json +0 -19
  490. /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/find-indexed.json → explicit-decrypt/FLE2FindEqualityPayload.json} +0 -0
  491. /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-text-search-with-str-encode-version}/cmd.json +0 -0
@@ -26,6 +26,7 @@
26
26
  #include "test-mongocrypt-assert.h"
27
27
  #include "test-mongocrypt.h"
28
28
  #include <stdbool.h>
29
+ #include <string.h>
29
30
 
30
31
  /* Create a basis marking buffer with valid values for the given fields. */
31
32
  static void _make_marking(bson_t *bson, _mongocrypt_buffer_t *buf) {
@@ -849,9 +850,9 @@ static void test_mc_get_mincover_from_FLE2RangeFindSpec(_mongocrypt_tester_t *te
849
850
  mongocrypt_status_t *status = mongocrypt_status_new();
850
851
 
851
852
  if (test->description) {
852
- printf(" %zu: %s\n", i, test->description);
853
+ TEST_PRINTF(" %zu: %s\n", i, test->description);
853
854
  } else {
854
- printf(" %zu\n", i);
855
+ TEST_PRINTF(" %zu\n", i);
855
856
  }
856
857
 
857
858
  bson_t *findSpecVal = bson_new_from_json((const uint8_t *)test->findSpecJSON, -1, &error);
@@ -907,27 +908,29 @@ static void test_mc_get_mincover_from_FLE2RangeFindSpec(_mongocrypt_tester_t *te
907
908
  }
908
909
  }
909
910
 
910
- // Runs _mongocrypt_marking_to_ciphertext to compute the ciphertext for the given marking.
911
- static void get_ciphertext_from_marking_json(_mongocrypt_tester_t *tester,
912
- mongocrypt_t *crypt,
913
- const char *markingJSON,
914
- _mongocrypt_ciphertext_t *out) {
911
+ // Helper for get_ciphertext_from_marking_json when we don't want to use extra test buffer space.
912
+ static void get_ciphertext_from_marking_json_with_bufs(mongocrypt_t *crypt,
913
+ bson_t *marking_bson,
914
+ _mongocrypt_ciphertext_t *out,
915
+ mongocrypt_binary_t *cmd,
916
+ mongocrypt_binary_t *keyIdSpace,
917
+ mongocrypt_binary_t *kiSpace,
918
+ mongocrypt_binary_t *kuSpace) {
915
919
  mongocrypt_status_t *status = mongocrypt_status_new();
916
920
  mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
917
921
  // Set up encryption environment
918
- ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
922
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, cmd), ctx);
919
923
  // Add a test key
920
924
  _mongocrypt_buffer_t keyId;
921
- _mongocrypt_buffer_from_binary(&keyId, TEST_BIN(16));
925
+ _mongocrypt_buffer_from_binary(&keyId, keyIdSpace);
922
926
  keyId.subtype = BSON_SUBTYPE_UUID;
923
927
  _mongocrypt_key_broker_add_test_key(&ctx->kb, &keyId);
924
928
 
925
929
  _mongocrypt_buffer_t marking_buf;
926
930
  _mongocrypt_marking_t marking;
927
- bson_t *marking_bson = TMP_BSON(markingJSON);
928
931
  // Add key identifier info to the marking
929
- BSON_APPEND_BINARY(marking_bson, "ki", BSON_SUBTYPE_UUID, (TEST_BIN(16))->data, 16);
930
- BSON_APPEND_BINARY(marking_bson, "ku", BSON_SUBTYPE_UUID, (TEST_BIN(16))->data, 16);
932
+ BSON_APPEND_BINARY(marking_bson, "ki", BSON_SUBTYPE_UUID, (kiSpace)->data, 16);
933
+ BSON_APPEND_BINARY(marking_bson, "ku", BSON_SUBTYPE_UUID, (kuSpace)->data, 16);
931
934
  _make_marking(marking_bson, &marking_buf);
932
935
  // Use FLE2 as the subtype (default is FLE1)
933
936
  marking_buf.data[0] = MC_SUBTYPE_FLE2EncryptionPlaceholder;
@@ -941,57 +944,190 @@ static void get_ciphertext_from_marking_json(_mongocrypt_tester_t *tester,
941
944
  mongocrypt_ctx_destroy(ctx);
942
945
  }
943
946
 
944
- // Assert that the encryptedTokens fields in V2 insert/update ciphertext matches our expectations. Specifically, checks
945
- // that the length of these fields are what we expect, and that the "isLeaf" token is appended when using range V2.
946
- static void assert_correctness_of_ciphertext(_mongocrypt_ciphertext_t *ciphertext,
947
+ // Runs _mongocrypt_marking_to_ciphertext to compute the ciphertext for the given marking.
948
+ static void get_ciphertext_from_marking_json(_mongocrypt_tester_t *tester,
947
949
  mongocrypt_t *crypt,
948
- mc_ECOCToken_t *ecocToken,
949
- bool useRangeV2,
950
- uint32_t expectedEdges) {
951
- uint32_t expectedPLength = useRangeV2 ? 33 : 32;
952
- const _mongocrypt_value_encryption_algorithm_t *fle2alg = _mcFLE2Algorithm();
950
+ const char *markingJSON,
951
+ _mongocrypt_ciphertext_t *out) {
952
+ get_ciphertext_from_marking_json_with_bufs(crypt,
953
+ TMP_BSON(markingJSON),
954
+ out,
955
+ TEST_FILE("./test/example/cmd.json"),
956
+ TEST_BIN(16),
957
+ TEST_BIN(16),
958
+ TEST_BIN(16));
959
+ }
960
+
961
+ // Get the ECOC token to use in decryption.
962
+ static mc_ECOCToken_t *getECOCToken(mongocrypt_t *crypt) {
953
963
  mongocrypt_status_t *status = mongocrypt_status_new();
964
+ // Test token key that we added earlier is all zeros.
965
+ _mongocrypt_buffer_t tokenKey;
966
+ _mongocrypt_buffer_init_size(&tokenKey, MONGOCRYPT_TOKEN_KEY_LEN);
967
+ memset(tokenKey.data, 0, MONGOCRYPT_TOKEN_KEY_LEN);
968
+
969
+ mc_CollectionsLevel1Token_t *collectionsLevel1Token =
970
+ mc_CollectionsLevel1Token_new(crypt->crypto, &tokenKey, status);
971
+ mc_ECOCToken_t *ecocToken = mc_ECOCToken_new(crypt->crypto, collectionsLevel1Token, status);
972
+ ASSERT(mongocrypt_status_ok(status));
973
+
974
+ mc_CollectionsLevel1Token_destroy(collectionsLevel1Token);
975
+ _mongocrypt_buffer_cleanup(&tokenKey);
976
+ mongocrypt_status_destroy(status);
977
+ return ecocToken;
978
+ }
979
+
980
+ static mc_ServerDataEncryptionLevel1Token_t *getSDEL1Token(mongocrypt_t *crypt) {
981
+ mongocrypt_status_t *status = mongocrypt_status_new();
982
+ // Test token key that we added earlier is all zeros.
983
+ _mongocrypt_buffer_t tokenKey;
984
+ _mongocrypt_buffer_init_size(&tokenKey, MONGOCRYPT_TOKEN_KEY_LEN);
985
+ memset(tokenKey.data, 0, MONGOCRYPT_TOKEN_KEY_LEN);
986
+
987
+ mc_ServerDataEncryptionLevel1Token_t *token =
988
+ mc_ServerDataEncryptionLevel1Token_new(crypt->crypto, &tokenKey, status);
989
+ ASSERT(mongocrypt_status_ok(status));
990
+ _mongocrypt_buffer_cleanup(&tokenKey);
991
+ mongocrypt_status_destroy(status);
992
+ return token;
993
+ }
994
+
995
+ static void
996
+ validate_and_get_bindata(bson_t *obj, const char *field, bson_subtype_t expected_type, mongocrypt_binary_t *bin_out) {
997
+ bson_iter_t iter;
998
+ ASSERT(bson_iter_init_find(&iter, obj, field));
999
+ ASSERT(BSON_ITER_HOLDS_BINARY(&iter));
1000
+
1001
+ uint32_t bin_len;
1002
+ const uint8_t *bin = NULL;
1003
+ bson_subtype_t bin_subtype;
1004
+ bson_iter_binary(&iter, &bin_subtype, &bin_len, &bin);
1005
+ ASSERT(bin_subtype == expected_type);
1006
+ bin_out->data = (void *)bin;
1007
+ bin_out->len = bin_len;
1008
+ }
1009
+
1010
+ static void validate_encrypted_token(mongocrypt_t *crypt,
1011
+ mongocrypt_binary_t *encrypted_token_bin,
1012
+ mongocrypt_binary_t *expected_esc_token,
1013
+ bool expect_is_leaf,
1014
+ uint8_t *is_leaf_out) {
1015
+ mongocrypt_status_t *status = mongocrypt_status_new();
1016
+ mc_ECOCToken_t *ecocToken = getECOCToken(crypt);
1017
+ const _mongocrypt_value_encryption_algorithm_t *fle2alg = _mcFLE2Algorithm();
1018
+
1019
+ _mongocrypt_buffer_t p_buf, decrypt_buf;
1020
+ uint32_t expect_decrypt_size = expected_esc_token->len + (expect_is_leaf ? 1 : 0);
1021
+ ASSERT(_mongocrypt_buffer_copy_from_data_and_size(&p_buf, encrypted_token_bin->data, encrypted_token_bin->len));
1022
+
1023
+ _mongocrypt_buffer_init_size(&decrypt_buf, expect_decrypt_size);
1024
+
1025
+ uint32_t decrypt_size;
1026
+ ASSERT_OK_STATUS(
1027
+ fle2alg
1028
+ ->do_decrypt(crypt->crypto, NULL, mc_ECOCToken_get(ecocToken), &p_buf, &decrypt_buf, &decrypt_size, status),
1029
+ status);
1030
+ ASSERT_CMPUINT32(decrypt_size, ==, decrypt_buf.len);
1031
+ ASSERT_CMPUINT32(decrypt_size, ==, expect_decrypt_size);
1032
+
1033
+ ASSERT(0 == memcmp(decrypt_buf.data, expected_esc_token->data, expected_esc_token->len));
1034
+
1035
+ if (expect_is_leaf && is_leaf_out) {
1036
+ *is_leaf_out = decrypt_buf.data[decrypt_buf.len - 1];
1037
+ }
1038
+
1039
+ _mongocrypt_buffer_cleanup(&decrypt_buf);
1040
+ _mongocrypt_buffer_cleanup(&p_buf);
1041
+ mc_ECOCToken_destroy(ecocToken);
1042
+ mongocrypt_status_destroy(status);
1043
+ }
1044
+
1045
+ typedef struct {
1046
+ mongocrypt_binary_t d;
1047
+ mongocrypt_binary_t s;
1048
+ mongocrypt_binary_t p;
1049
+ mongocrypt_binary_t u;
1050
+ mongocrypt_binary_t v;
1051
+ mongocrypt_binary_t e;
1052
+ mongocrypt_binary_t l;
1053
+ uint32_t t;
1054
+ uint64_t k;
1055
+ } iupv2_fields_common;
1056
+
1057
+ static iupv2_fields_common validate_iupv2_common(bson_t *iup_bson) {
1058
+ iupv2_fields_common res;
1059
+ memset(&res, 0, sizeof(res));
1060
+
1061
+ bson_iter_t iter;
1062
+ #define ASSERT_EXISTS_BINDATA_OF_SUBTYPE(Field, Subtype) validate_and_get_bindata(iup_bson, #Field, Subtype, &res.Field)
1063
+
1064
+ #define ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(Field, Subtype, Len) \
1065
+ ASSERT_EXISTS_BINDATA_OF_SUBTYPE(Field, Subtype); \
1066
+ ASSERT(res.Field.len == Len)
1067
+
1068
+ ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(d, BSON_SUBTYPE_BINARY, MONGOCRYPT_HMAC_SHA256_LEN);
1069
+ ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(s, BSON_SUBTYPE_BINARY, MONGOCRYPT_HMAC_SHA256_LEN);
1070
+ ASSERT_EXISTS_BINDATA_OF_SUBTYPE(p, BSON_SUBTYPE_BINARY);
1071
+ ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(u, BSON_SUBTYPE_UUID, 16);
1072
+ ASSERT_EXISTS_BINDATA_OF_SUBTYPE(v, BSON_SUBTYPE_BINARY);
1073
+ ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(e, BSON_SUBTYPE_BINARY, MONGOCRYPT_HMAC_SHA256_LEN);
1074
+ ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(l, BSON_SUBTYPE_BINARY, MONGOCRYPT_HMAC_SHA256_LEN);
1075
+
1076
+ #undef ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN
1077
+ #undef ASSERT_EXISTS_AND_BINDATA_OF_LEN
1078
+
1079
+ ASSERT(bson_iter_init_find(&iter, iup_bson, "t"));
1080
+ ASSERT(BSON_ITER_HOLDS_INT32(&iter));
1081
+ res.t = bson_iter_int32(&iter);
1082
+
1083
+ ASSERT(bson_iter_init_find(&iter, iup_bson, "k"));
1084
+ ASSERT(BSON_ITER_HOLDS_INT64(&iter));
1085
+ res.k = bson_iter_int64(&iter);
1086
+
1087
+ return res;
1088
+ }
1089
+
1090
+ // Assert that the encryptedTokens fields in V2 insert/update ciphertext matches our expectations. Specifically, checks
1091
+ // that the length of these fields are what we expect, and that the "isLeaf" token is appended when using range V2.
1092
+ static void validate_range_ciphertext(_mongocrypt_ciphertext_t *ciphertext,
1093
+ mongocrypt_t *crypt,
1094
+ bool useRangeV2,
1095
+ uint32_t expectedEdges) {
1096
+ uint32_t expectedPLength = useRangeV2 ? (MONGOCRYPT_HMAC_SHA256_LEN + 1) : MONGOCRYPT_HMAC_SHA256_LEN;
954
1097
 
955
1098
  bson_t ciphertextBSON;
956
1099
  bson_iter_t iter;
957
1100
  ASSERT(_mongocrypt_buffer_to_bson(&ciphertext->data, &ciphertextBSON));
958
1101
 
1102
+ ASSERT(ciphertext->blob_subtype == MC_SUBTYPE_FLE2InsertUpdatePayloadV2);
1103
+ ASSERT(ciphertext->original_bson_type == 0); // unset
1104
+ ASSERT(ciphertext->key_id.len == 0); // unset
1105
+
1106
+ iupv2_fields_common res = validate_iupv2_common(&ciphertextBSON);
1107
+
959
1108
  // 'p' field should be available, length should be 16 bytes of IV + expected bytes
960
- bson_iter_init_find(&iter, &ciphertextBSON, "p");
961
- ASSERT(BSON_ITER_HOLDS_BINARY(&iter));
962
- uint32_t p_len;
963
- const uint8_t *p_data;
964
- bson_iter_binary(&iter, NULL, &p_len, &p_data);
965
- ASSERT_CMPUINT32(p_len, ==, 16 + expectedPLength);
1109
+ ASSERT(res.p.len == 16 + expectedPLength);
966
1110
 
1111
+ // validate crypto of 'p'
967
1112
  if (useRangeV2) {
968
- _mongocrypt_buffer_t p_buf, decrypted_buf;
969
- ASSERT(_mongocrypt_buffer_copy_from_data_and_size(&p_buf, p_data, p_len));
970
- _mongocrypt_buffer_init_size(&decrypted_buf, expectedPLength);
971
- uint32_t decryptedBytes;
972
- // Decrypt p. When using range V2, last byte should be 0.
973
- ASSERT_OK_STATUS(fle2alg->do_decrypt(crypt->crypto,
974
- NULL,
975
- mc_ECOCToken_get(ecocToken),
976
- &p_buf,
977
- &decrypted_buf,
978
- &decryptedBytes,
979
- status),
980
- status);
981
- ASSERT_CMPUINT32(decryptedBytes, ==, expectedPLength);
982
- ASSERT_CMPUINT8(decrypted_buf.data[decrypted_buf.len - 1], ==, 0);
983
- _mongocrypt_buffer_cleanup(&decrypted_buf);
984
- _mongocrypt_buffer_cleanup(&p_buf);
1113
+ uint8_t is_leaf = 255;
1114
+ validate_encrypted_token(crypt, &res.p, &res.s, true, &is_leaf);
1115
+ // isLeaf byte should be 0.
1116
+ ASSERT(is_leaf == 0);
1117
+ } else {
1118
+ validate_encrypted_token(crypt, &res.p, &res.s, false, NULL);
985
1119
  }
986
1120
 
987
1121
  // 'g' field should be available
988
- bson_iter_init_find(&iter, &ciphertextBSON, "g");
1122
+ ASSERT(bson_iter_init_find(&iter, &ciphertextBSON, "g"));
989
1123
  ASSERT(BSON_ITER_HOLDS_ARRAY(&iter));
990
- uint32_t g_buf_len;
991
- const uint8_t *g_buf;
992
1124
  bson_t g_arr;
993
- bson_iter_array(&iter, &g_buf_len, &g_buf);
994
- ASSERT(bson_init_static(&g_arr, g_buf, g_buf_len));
1125
+ {
1126
+ uint32_t g_buf_len;
1127
+ const uint8_t *g_buf;
1128
+ bson_iter_array(&iter, &g_buf_len, &g_buf);
1129
+ ASSERT(bson_init_static(&g_arr, g_buf, g_buf_len));
1130
+ }
995
1131
 
996
1132
  bson_iter_t g_iter;
997
1133
  bson_iter_init(&g_iter, &g_arr);
@@ -1000,42 +1136,31 @@ static void assert_correctness_of_ciphertext(_mongocrypt_ciphertext_t *ciphertex
1000
1136
  while (bson_iter_next(&g_iter)) {
1001
1137
  g_count++;
1002
1138
  ASSERT(BSON_ITER_HOLDS_DOCUMENT(&g_iter));
1003
- uint32_t subdoc_len;
1004
- const uint8_t *subdoc_buf;
1005
1139
  bson_t subdoc;
1006
- bson_iter_document(&g_iter, &subdoc_len, &subdoc_buf);
1007
- ASSERT(bson_init_static(&subdoc, subdoc_buf, subdoc_len));
1140
+ {
1141
+ uint32_t subdoc_len;
1142
+ const uint8_t *subdoc_buf;
1143
+ bson_iter_document(&g_iter, &subdoc_len, &subdoc_buf);
1144
+ ASSERT(bson_init_static(&subdoc, subdoc_buf, subdoc_len));
1145
+ }
1008
1146
 
1009
- bson_iter_t sub_iter;
1010
- bson_iter_init_find(&sub_iter, &subdoc, "p");
1011
- ASSERT(BSON_ITER_HOLDS_BINARY(&sub_iter));
1012
- bson_iter_binary(&sub_iter, NULL, &p_len, &p_data);
1013
- ASSERT_CMPUINT32(p_len, ==, 16 + expectedPLength);
1147
+ mongocrypt_binary_t encrypted_token_bin, esc_token_bin;
1148
+ validate_and_get_bindata(&subdoc, "p", BSON_SUBTYPE_BINARY, &encrypted_token_bin);
1149
+ validate_and_get_bindata(&subdoc, "s", BSON_SUBTYPE_BINARY, &esc_token_bin);
1150
+ ASSERT_CMPUINT32(encrypted_token_bin.len, ==, 16 + expectedPLength);
1151
+ ASSERT_CMPUINT32(esc_token_bin.len, ==, MONGOCRYPT_HMAC_SHA256_LEN);
1014
1152
 
1015
1153
  if (useRangeV2) {
1016
- _mongocrypt_buffer_t p_buf, decrypted_buf;
1017
- ASSERT(_mongocrypt_buffer_copy_from_data_and_size(&p_buf, p_data, p_len));
1018
- _mongocrypt_buffer_init_size(&decrypted_buf, expectedPLength);
1019
-
1020
- // Decrypt p. If useRangeV2, the last byte should be 0 or 1, depending on whether isLeaf.
1021
- uint32_t decrypted_bytes;
1022
- ASSERT_OK_STATUS(fle2alg->do_decrypt(crypt->crypto,
1023
- NULL,
1024
- mc_ECOCToken_get(ecocToken),
1025
- &p_buf,
1026
- &decrypted_buf,
1027
- &decrypted_bytes,
1028
- status),
1029
- status);
1030
- ASSERT_CMPUINT32(decrypted_bytes, ==, expectedPLength);
1031
- if (decrypted_buf.data[decrypted_buf.len - 1] == 1) {
1154
+ uint8_t is_leaf = 255;
1155
+ validate_encrypted_token(crypt, &encrypted_token_bin, &esc_token_bin, true, &is_leaf);
1156
+ // isLeaf byte should be either 0 or 1.
1157
+ if (is_leaf == 1) {
1032
1158
  leaf_count++;
1033
1159
  } else {
1034
- ASSERT_CMPUINT8(decrypted_buf.data[decrypted_buf.len - 1], ==, 0)
1160
+ ASSERT_CMPUINT8(is_leaf, ==, 0)
1035
1161
  }
1036
-
1037
- _mongocrypt_buffer_cleanup(&decrypted_buf);
1038
- _mongocrypt_buffer_cleanup(&p_buf);
1162
+ } else {
1163
+ validate_encrypted_token(crypt, &encrypted_token_bin, &esc_token_bin, false, NULL);
1039
1164
  }
1040
1165
  }
1041
1166
  ASSERT_CMPSIZE_T(g_count, ==, expectedEdges);
@@ -1044,31 +1169,11 @@ static void assert_correctness_of_ciphertext(_mongocrypt_ciphertext_t *ciphertex
1044
1169
  ASSERT_CMPSIZE_T(leaf_count, ==, 1);
1045
1170
  }
1046
1171
  bson_destroy(&ciphertextBSON);
1047
- mongocrypt_status_destroy(status);
1048
- }
1049
-
1050
- // Get the ECOC token to use in decryption.
1051
- static mc_ECOCToken_t *getECOCToken(mongocrypt_t *crypt) {
1052
- mongocrypt_status_t *status = mongocrypt_status_new();
1053
- // Test token key that we added earlier is all zeros.
1054
- _mongocrypt_buffer_t tokenKey;
1055
- _mongocrypt_buffer_init_size(&tokenKey, MONGOCRYPT_TOKEN_KEY_LEN);
1056
- memset(tokenKey.data, 0, MONGOCRYPT_TOKEN_KEY_LEN);
1057
-
1058
- mc_CollectionsLevel1Token_t *collectionsLevel1Token =
1059
- mc_CollectionsLevel1Token_new(crypt->crypto, &tokenKey, status);
1060
- mc_ECOCToken_t *ecocToken = mc_ECOCToken_new(crypt->crypto, collectionsLevel1Token, status);
1061
- ASSERT(mongocrypt_status_ok(status));
1062
-
1063
- mc_CollectionsLevel1Token_destroy(collectionsLevel1Token);
1064
- _mongocrypt_buffer_cleanup(&tokenKey);
1065
- mongocrypt_status_destroy(status);
1066
- return ecocToken;
1067
1172
  }
1068
1173
 
1069
- static void test_mc_marking_to_ciphertext(_mongocrypt_tester_t *tester) {
1174
+ static void test_mc_marking_to_ciphertext_fle2_range(_mongocrypt_tester_t *tester) {
1070
1175
  if (!_aes_ctr_is_supported_by_os) {
1071
- printf("Common Crypto with no CTR support detected. Skipping.");
1176
+ TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
1072
1177
  return;
1073
1178
  }
1074
1179
 
@@ -1087,10 +1192,8 @@ static void test_mc_marking_to_ciphertext(_mongocrypt_tester_t *tester) {
1087
1192
 
1088
1193
  get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
1089
1194
 
1090
- mc_ECOCToken_t *ecocToken = getECOCToken(crypt);
1091
- assert_correctness_of_ciphertext(&ciphertext, crypt, ecocToken, false, 4);
1195
+ validate_range_ciphertext(&ciphertext, crypt, false, 4);
1092
1196
  _mongocrypt_ciphertext_cleanup(&ciphertext);
1093
- mc_ECOCToken_destroy(ecocToken);
1094
1197
  mongocrypt_destroy(crypt);
1095
1198
  }
1096
1199
  {
@@ -1107,17 +1210,552 @@ static void test_mc_marking_to_ciphertext(_mongocrypt_tester_t *tester) {
1107
1210
 
1108
1211
  get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
1109
1212
 
1110
- mc_ECOCToken_t *ecocToken = getECOCToken(crypt);
1111
- assert_correctness_of_ciphertext(&ciphertext, crypt, ecocToken, true, 4);
1213
+ validate_range_ciphertext(&ciphertext, crypt, true, 4);
1112
1214
  _mongocrypt_ciphertext_cleanup(&ciphertext);
1113
- mc_ECOCToken_destroy(ecocToken);
1114
1215
 
1115
1216
  mongocrypt_destroy(crypt);
1116
1217
  }
1117
1218
  }
1118
1219
 
1220
+ static void validate_text_search_token_set_common(bson_iter_t *iter_at_token_set_obj, mongocrypt_t *crypt) {
1221
+ ASSERT(BSON_ITER_HOLDS_DOCUMENT(iter_at_token_set_obj));
1222
+ bson_t ts_bson;
1223
+ {
1224
+ uint32_t len;
1225
+ const uint8_t *buf;
1226
+ bson_iter_document(iter_at_token_set_obj, &len, &buf);
1227
+ ASSERT(bson_init_static(&ts_bson, buf, len));
1228
+ }
1229
+
1230
+ mongocrypt_binary_t token_bin;
1231
+ mongocrypt_binary_t esc_token_bin;
1232
+ mongocrypt_binary_t encrypted_token_bin;
1233
+
1234
+ validate_and_get_bindata(&ts_bson, "d", BSON_SUBTYPE_BINARY, &token_bin);
1235
+ ASSERT_CMPUINT32(token_bin.len, ==, MONGOCRYPT_HMAC_SHA256_LEN);
1236
+
1237
+ validate_and_get_bindata(&ts_bson, "l", BSON_SUBTYPE_BINARY, &token_bin);
1238
+ ASSERT_CMPUINT32(token_bin.len, ==, MONGOCRYPT_HMAC_SHA256_LEN);
1239
+
1240
+ validate_and_get_bindata(&ts_bson, "s", BSON_SUBTYPE_BINARY, &esc_token_bin);
1241
+ ASSERT_CMPUINT32(esc_token_bin.len, ==, MONGOCRYPT_HMAC_SHA256_LEN);
1242
+
1243
+ validate_and_get_bindata(&ts_bson, "p", BSON_SUBTYPE_BINARY, &encrypted_token_bin);
1244
+ ASSERT_CMPUINT32(encrypted_token_bin.len, ==, (16 + MONGOCRYPT_HMAC_SHA256_LEN));
1245
+
1246
+ // validate crypto of p
1247
+ validate_encrypted_token(crypt, &encrypted_token_bin, &esc_token_bin, false, NULL);
1248
+ }
1249
+
1250
+ static size_t validate_text_search_token_set_array_common(bson_iter_t *iter_at_array, mongocrypt_t *crypt) {
1251
+ ASSERT(BSON_ITER_HOLDS_ARRAY(iter_at_array));
1252
+ bson_t arr_bson;
1253
+ {
1254
+ uint32_t subdoc_len;
1255
+ const uint8_t *subdoc_buf;
1256
+ bson_iter_array(iter_at_array, &subdoc_len, &subdoc_buf);
1257
+ ASSERT(bson_init_static(&arr_bson, subdoc_buf, subdoc_len));
1258
+ }
1259
+
1260
+ bson_iter_t iter;
1261
+ bson_iter_init(&iter, &arr_bson);
1262
+
1263
+ size_t count = 0;
1264
+ while (bson_iter_next(&iter)) {
1265
+ count++;
1266
+ validate_text_search_token_set_common(&iter, crypt);
1267
+ }
1268
+ return count;
1269
+ }
1270
+
1271
+ typedef struct {
1272
+ size_t substrings;
1273
+ size_t suffixes;
1274
+ size_t prefixes;
1275
+ } text_search_expected_token_counts;
1276
+
1277
+ // Assert that the fields in a insert/update payload V2 for text search match our expectations.
1278
+ // Specifically, checks that the length of these fields, and the values of deterministic fields,
1279
+ // are what we expect.
1280
+ static void validate_text_search_ciphertext(_mongocrypt_tester_t *tester,
1281
+ _mongocrypt_ciphertext_t *ciphertext,
1282
+ mongocrypt_t *crypt,
1283
+ const char *text_value,
1284
+ mongocrypt_fle2_placeholder_type_t type,
1285
+ uint64_t contention_max,
1286
+ text_search_expected_token_counts expected_tag_counts) {
1287
+ bson_t iup_bson;
1288
+ bson_iter_t iter;
1289
+ ASSERT(_mongocrypt_buffer_to_bson(&ciphertext->data, &iup_bson));
1290
+
1291
+ mc_ServerDataEncryptionLevel1Token_t *sdel1Token = getSDEL1Token(crypt);
1292
+ const mongocrypt_binary_t *keyId = TEST_BIN(16); // don't free!
1293
+
1294
+ if (type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT) {
1295
+ ASSERT_CMPUINT8(ciphertext->blob_subtype, ==, MC_SUBTYPE_FLE2InsertUpdatePayloadV2);
1296
+ ASSERT_CMPUINT8(ciphertext->original_bson_type, ==, 0); // unset
1297
+ ASSERT_CMPUINT32(ciphertext->key_id.len, ==, 0); // unset
1298
+
1299
+ iupv2_fields_common res = validate_iupv2_common(&iup_bson);
1300
+
1301
+ // validate u, t, k have correct values
1302
+ ASSERT_CMPBYTES(keyId->data, keyId->len, res.u.data, res.u.len);
1303
+ ASSERT_CMPUINT32(res.t, ==, BSON_TYPE_UTF8);
1304
+ ASSERT_CMPUINT64(res.k, <=, contention_max);
1305
+
1306
+ // validate e is ServerDataEncryptionLevel1Token = HMAC(RootKey, 3)
1307
+ ASSERT_CMPUINT32(res.e.len, ==, mc_ServerDataEncryptionLevel1Token_get(sdel1Token)->len);
1308
+ ASSERT(memcmp(res.e.data, mc_ServerDataEncryptionLevel1Token_get(sdel1Token)->data, res.e.len) == 0);
1309
+
1310
+ // validate crypto of p
1311
+ ASSERT(res.p.len == 16 + MONGOCRYPT_HMAC_SHA256_LEN);
1312
+ validate_encrypted_token(crypt, &res.p, &res.s, false, NULL);
1313
+
1314
+ // validate v decrypts cleanly
1315
+ {
1316
+ mongocrypt_status_t *status = mongocrypt_status_new();
1317
+
1318
+ const _mongocrypt_value_encryption_algorithm_t *fle2alg = _mcFLE2v2AEADAlgorithm();
1319
+ // assert first 16 bytes == userKeyId == indexKeyId
1320
+ ASSERT_CMPUINT32(res.v.len, >, 16);
1321
+ ASSERT_CMPBYTES(keyId->data, keyId->len, res.v.data, 16);
1322
+
1323
+ _mongocrypt_buffer_t key, aad, ctext, ptext;
1324
+ _mongocrypt_buffer_init_size(&key, MONGOCRYPT_KEY_LEN);
1325
+ memset(key.data, 0, key.len);
1326
+ ASSERT(_mongocrypt_buffer_copy_from_data_and_size(&aad, res.v.data, 16));
1327
+ ASSERT(_mongocrypt_buffer_copy_from_data_and_size(&ctext, ((uint8_t *)res.v.data) + 16, res.v.len - 16));
1328
+ uint32_t plen = fle2alg->get_plaintext_len(res.v.len - 16, status);
1329
+ _mongocrypt_buffer_init_size(&ptext, plen);
1330
+
1331
+ uint32_t pbytes;
1332
+ ASSERT_OK_STATUS(fle2alg->do_decrypt(crypt->crypto, &aad, &key, &ctext, &ptext, &pbytes, status), status);
1333
+
1334
+ // BSON strings have 5 (4 for size + 1 null terminator) bytes of overhead
1335
+ ASSERT_CMPUINT32(pbytes, >=, 5);
1336
+ ASSERT_CMPSIZE_T(strlen(text_value), ==, (pbytes - 5));
1337
+ ASSERT_STREQUAL(text_value, ((char *)(ptext.data + 4)));
1338
+
1339
+ _mongocrypt_buffer_cleanup(&ptext);
1340
+ _mongocrypt_buffer_cleanup(&ctext);
1341
+ _mongocrypt_buffer_cleanup(&aad);
1342
+ _mongocrypt_buffer_cleanup(&key);
1343
+ mongocrypt_status_destroy(status);
1344
+ }
1345
+
1346
+ // assert b exists with correct fields
1347
+ ASSERT(bson_iter_init_find(&iter, &iup_bson, "b"));
1348
+ ASSERT(BSON_ITER_HOLDS_DOCUMENT(&iter));
1349
+
1350
+ bson_t b_bson;
1351
+ bson_iter_t b_iter;
1352
+ {
1353
+ uint32_t subdoc_len;
1354
+ const uint8_t *subdoc_buf;
1355
+ bson_iter_document(&iter, &subdoc_len, &subdoc_buf);
1356
+ ASSERT(bson_init_static(&b_bson, subdoc_buf, subdoc_len));
1357
+ }
1358
+
1359
+ ASSERT(bson_iter_init_find(&b_iter, &b_bson, "e"));
1360
+ validate_text_search_token_set_common(&b_iter, crypt);
1361
+
1362
+ size_t tscount = 0;
1363
+ ASSERT(bson_iter_init_find(&b_iter, &b_bson, "s"));
1364
+ tscount = validate_text_search_token_set_array_common(&b_iter, crypt);
1365
+ ASSERT_CMPSIZE_T(expected_tag_counts.substrings, ==, tscount);
1366
+
1367
+ ASSERT(bson_iter_init_find(&b_iter, &b_bson, "u"));
1368
+ tscount = validate_text_search_token_set_array_common(&b_iter, crypt);
1369
+ ASSERT_CMPSIZE_T(expected_tag_counts.suffixes, ==, tscount);
1370
+
1371
+ ASSERT(bson_iter_init_find(&b_iter, &b_bson, "p"));
1372
+ tscount = validate_text_search_token_set_array_common(&b_iter, crypt);
1373
+ ASSERT_CMPSIZE_T(expected_tag_counts.prefixes, ==, tscount);
1374
+ }
1375
+
1376
+ mc_ServerDataEncryptionLevel1Token_destroy(sdel1Token);
1377
+ bson_destroy(&iup_bson);
1378
+ }
1379
+
1380
+ static size_t calculate_expected_substring_tag_count(size_t beta, size_t mlen, size_t ub, size_t lb) {
1381
+ ASSERT_CMPSIZE_T(beta, <=, (SIZE_MAX - 15));
1382
+ ASSERT_CMPSIZE_T(lb, <=, ub);
1383
+ ASSERT_CMPSIZE_T(mlen, >=, ub);
1384
+
1385
+ size_t padded_len = 16 * ((beta + 5 + 15) / 16) - 5;
1386
+ if (beta > mlen || lb > padded_len) {
1387
+ return 0;
1388
+ }
1389
+ size_t maxkgram1 = 0;
1390
+ size_t maxkgram2 = 0;
1391
+ for (size_t j = lb; j <= ub; j++) {
1392
+ maxkgram1 += (mlen - j + 1);
1393
+ }
1394
+ for (size_t j = lb; j <= BSON_MIN(ub, padded_len); j++) {
1395
+ maxkgram2 += (padded_len - j + 1);
1396
+ }
1397
+ return BSON_MIN(maxkgram1, maxkgram2); // msize
1398
+ }
1399
+
1400
+ static size_t calculate_expected_nfix_tag_count(size_t beta, size_t ub, size_t lb) {
1401
+ ASSERT_CMPSIZE_T(beta, <=, (SIZE_MAX - 15));
1402
+ ASSERT_CMPSIZE_T(lb, <=, ub);
1403
+ size_t padded_len = 16 * ((beta + 5 + 15) / 16) - 5;
1404
+ if (lb > padded_len) {
1405
+ return 0;
1406
+ }
1407
+ return BSON_MIN(ub, padded_len) - lb + 1;
1408
+ }
1409
+
1410
+ // Runs _mongocrypt_marking_to_ciphertext to compute the ciphertext for the given marking.
1411
+ static bool test_text_search_insert_marking_to_ciphertext(_mongocrypt_tester_t *tester,
1412
+ mongocrypt_t *crypt,
1413
+ _mongocrypt_ciphertext_t *out,
1414
+ const char *test_string,
1415
+ int test_string_len,
1416
+ int mlen,
1417
+ mongocrypt_status_t *status) {
1418
+ ASSERT_CMPINT(mlen, >, 0);
1419
+
1420
+ mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
1421
+ // Set up encryption environment
1422
+ ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
1423
+ // Add a test key
1424
+ _mongocrypt_buffer_t keyId;
1425
+ _mongocrypt_buffer_from_binary(&keyId, TEST_BIN(16));
1426
+ keyId.subtype = BSON_SUBTYPE_UUID;
1427
+ _mongocrypt_key_broker_add_test_key(&ctx->kb, &keyId);
1428
+
1429
+ _mongocrypt_buffer_t marking_buf;
1430
+ _mongocrypt_marking_t marking;
1431
+
1432
+ bson_t *marking_bson = bson_new();
1433
+ BSON_APPEND_INT32(marking_bson, "t", 1);
1434
+ BSON_APPEND_INT32(marking_bson, "a", 4);
1435
+ BSON_APPEND_INT64(marking_bson, "cm", 2);
1436
+ bson_t text_spec;
1437
+ BSON_APPEND_DOCUMENT_BEGIN(marking_bson, "v", &text_spec);
1438
+ bson_append_utf8(&text_spec, "v", 1, test_string, test_string_len);
1439
+ BSON_APPEND_BOOL(&text_spec, "casef", false);
1440
+ BSON_APPEND_BOOL(&text_spec, "diacf", false);
1441
+ bson_t subspec;
1442
+ BSON_APPEND_DOCUMENT_BEGIN(&text_spec, "substr", &subspec);
1443
+ BSON_APPEND_INT32(&subspec, "mlen", mlen);
1444
+ BSON_APPEND_INT32(&subspec, "ub", 1);
1445
+ BSON_APPEND_INT32(&subspec, "lb", 1);
1446
+ ASSERT(bson_append_document_end(&text_spec, &subspec));
1447
+ ASSERT(bson_append_document_end(marking_bson, &text_spec));
1448
+
1449
+ // Add key identifier info to the marking
1450
+ BSON_APPEND_BINARY(marking_bson, "ki", BSON_SUBTYPE_UUID, (TEST_BIN(16))->data, 16);
1451
+ BSON_APPEND_BINARY(marking_bson, "ku", BSON_SUBTYPE_UUID, (TEST_BIN(16))->data, 16);
1452
+ _make_marking(marking_bson, &marking_buf);
1453
+ // Use FLE2 as the subtype (default is FLE1)
1454
+ marking_buf.data[0] = MC_SUBTYPE_FLE2EncryptionPlaceholder;
1455
+ _parse_ok(&marking_buf, &marking);
1456
+
1457
+ bool result = _mongocrypt_marking_to_ciphertext((void *)&ctx->kb, &marking, out, status);
1458
+
1459
+ _mongocrypt_buffer_cleanup(&marking_buf);
1460
+ bson_destroy(marking_bson);
1461
+ _mongocrypt_marking_cleanup(&marking);
1462
+ mongocrypt_ctx_destroy(ctx);
1463
+ return result;
1464
+ }
1465
+
1466
+ static void test_mc_marking_to_ciphertext_fle2_text_search(_mongocrypt_tester_t *tester) {
1467
+ if (!_aes_ctr_is_supported_by_os) {
1468
+ TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
1469
+ return;
1470
+ }
1471
+
1472
+ // Test substring
1473
+ {
1474
+ const char *markingJSON = RAW_STRING({
1475
+ 't' : 1,
1476
+ 'a' : 4,
1477
+ 'v' : {
1478
+ 'v' : "foobar",
1479
+ 'casef' : false,
1480
+ 'diacf' : false,
1481
+ 'substr' :
1482
+ {'mlen' : {'$numberInt' : '1000'}, 'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '10'}}
1483
+ },
1484
+ 'cm' : {'$numberLong' : '2'}
1485
+ });
1486
+ _mongocrypt_ciphertext_t ciphertext;
1487
+ _mongocrypt_ciphertext_init(&ciphertext);
1488
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
1489
+ text_search_expected_token_counts counts = {0};
1490
+ counts.substrings = calculate_expected_substring_tag_count(6, 1000, 100, 10);
1491
+
1492
+ get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
1493
+ validate_text_search_ciphertext(tester,
1494
+ &ciphertext,
1495
+ crypt,
1496
+ "foobar",
1497
+ MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT,
1498
+ 2,
1499
+ counts);
1500
+
1501
+ mongocrypt_destroy(crypt);
1502
+ _mongocrypt_ciphertext_cleanup(&ciphertext);
1503
+ }
1504
+
1505
+ // Test suffix + prefix
1506
+ {
1507
+ const char *markingJSON = RAW_STRING({
1508
+ 't' : 1,
1509
+ 'a' : 4,
1510
+ 'v' : {
1511
+ 'v' : "foobar",
1512
+ 'casef' : false,
1513
+ 'diacf' : false,
1514
+ 'suffix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '10'}},
1515
+ 'prefix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '10'}}
1516
+ },
1517
+ 'cm' : {'$numberLong' : '2'}
1518
+ });
1519
+ _mongocrypt_ciphertext_t ciphertext;
1520
+ _mongocrypt_ciphertext_init(&ciphertext);
1521
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
1522
+ text_search_expected_token_counts counts = {0};
1523
+ counts.suffixes = counts.prefixes = calculate_expected_nfix_tag_count(6, 100, 10);
1524
+
1525
+ get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
1526
+ validate_text_search_ciphertext(tester,
1527
+ &ciphertext,
1528
+ crypt,
1529
+ "foobar",
1530
+ MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT,
1531
+ 2,
1532
+ counts);
1533
+
1534
+ mongocrypt_destroy(crypt);
1535
+ _mongocrypt_ciphertext_cleanup(&ciphertext);
1536
+ }
1537
+
1538
+ // Test empty string
1539
+ {
1540
+ const char *markingJSON = RAW_STRING({
1541
+ 't' : 1,
1542
+ 'a' : 4,
1543
+ 'v' : {
1544
+ 'v' : "",
1545
+ 'casef' : false,
1546
+ 'diacf' : false,
1547
+ 'prefix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '10'}}
1548
+ },
1549
+ 'cm' : {'$numberLong' : '2'}
1550
+ });
1551
+ _mongocrypt_ciphertext_t ciphertext;
1552
+ _mongocrypt_ciphertext_init(&ciphertext);
1553
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
1554
+ text_search_expected_token_counts counts = {0};
1555
+
1556
+ // beta is 1 for empty strings
1557
+ counts.prefixes = calculate_expected_nfix_tag_count(1, 100, 10);
1558
+
1559
+ get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
1560
+ validate_text_search_ciphertext(tester,
1561
+ &ciphertext,
1562
+ crypt,
1563
+ "",
1564
+ MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT,
1565
+ 2,
1566
+ counts);
1567
+ mongocrypt_destroy(crypt);
1568
+ _mongocrypt_ciphertext_cleanup(&ciphertext);
1569
+ }
1570
+
1571
+ // Test string cbc-padded length is less than lb (ie. substring/suffix/prefix tag sets will be
1572
+ // empty)
1573
+ {
1574
+ const char *markingJSON = RAW_STRING({
1575
+ 't' : 1,
1576
+ 'a' : 4,
1577
+ 'v' : {
1578
+ 'v' : "foobar",
1579
+ 'casef' : false,
1580
+ 'diacf' : false,
1581
+ 'substr' :
1582
+ {'mlen' : {'$numberInt' : '1000'}, 'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '20'}},
1583
+ 'prefix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '20'}},
1584
+ 'suffix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '20'}}
1585
+ },
1586
+ 'cm' : {'$numberLong' : '2'}
1587
+ });
1588
+ _mongocrypt_ciphertext_t ciphertext;
1589
+ _mongocrypt_ciphertext_init(&ciphertext);
1590
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
1591
+ text_search_expected_token_counts counts = {0};
1592
+
1593
+ get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
1594
+ validate_text_search_ciphertext(tester,
1595
+ &ciphertext,
1596
+ crypt,
1597
+ "foobar",
1598
+ MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT,
1599
+ 2,
1600
+ counts);
1601
+ mongocrypt_destroy(crypt);
1602
+ _mongocrypt_ciphertext_cleanup(&ciphertext);
1603
+ }
1604
+
1605
+ // Test string exceeds mlen
1606
+ {
1607
+ _mongocrypt_ciphertext_t ciphertext;
1608
+ _mongocrypt_ciphertext_init(&ciphertext);
1609
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
1610
+ mongocrypt_status_t *status = mongocrypt_status_new();
1611
+
1612
+ ASSERT_FAILS_STATUS(
1613
+ test_text_search_insert_marking_to_ciphertext(tester, crypt, &ciphertext, "foobar", 6, 3, status),
1614
+ status,
1615
+ "longer than the maximum length for substring indexing");
1616
+
1617
+ mongocrypt_status_destroy(status);
1618
+ mongocrypt_destroy(crypt);
1619
+ _mongocrypt_ciphertext_cleanup(&ciphertext);
1620
+ }
1621
+
1622
+ // Test string is not valid utf-8
1623
+ {
1624
+ _mongocrypt_ciphertext_t ciphertext;
1625
+ _mongocrypt_ciphertext_init(&ciphertext);
1626
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
1627
+ const char *expected_msg = "String passed in was not valid UTF-8";
1628
+ mongocrypt_status_t *status = mongocrypt_status_new();
1629
+
1630
+ // invalid utf-8 byte 0xff
1631
+ ASSERT_FAILS_STATUS(test_text_search_insert_marking_to_ciphertext(tester,
1632
+ crypt,
1633
+ &ciphertext,
1634
+ "foob\xffr",
1635
+ 6,
1636
+ INT32_MAX,
1637
+ status),
1638
+ status,
1639
+ expected_msg);
1640
+ _mongocrypt_status_reset(status);
1641
+ // embedded null byte
1642
+ ASSERT_FAILS_STATUS(test_text_search_insert_marking_to_ciphertext(tester,
1643
+ crypt,
1644
+ &ciphertext,
1645
+ "foob\x00r",
1646
+ 6,
1647
+ INT32_MAX,
1648
+ status),
1649
+ status,
1650
+ expected_msg);
1651
+ _mongocrypt_status_reset(status);
1652
+ // overlong encoding of 'a' (\x61)
1653
+ ASSERT_FAILS_STATUS(test_text_search_insert_marking_to_ciphertext(tester,
1654
+ crypt,
1655
+ &ciphertext,
1656
+ "foob\xE0\x81\xA1r",
1657
+ 8,
1658
+ INT32_MAX,
1659
+ status),
1660
+ status,
1661
+ expected_msg);
1662
+
1663
+ mongocrypt_status_destroy(status);
1664
+ mongocrypt_destroy(crypt);
1665
+ _mongocrypt_ciphertext_cleanup(&ciphertext);
1666
+ }
1667
+
1668
+ // test string is too large
1669
+ {
1670
+ _mongocrypt_ciphertext_t ciphertext;
1671
+ _mongocrypt_ciphertext_init(&ciphertext);
1672
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
1673
+ const char *expected_msg = "String passed in was too long";
1674
+ mongocrypt_status_t *status = mongocrypt_status_new();
1675
+
1676
+ int len = (16 * 1024 * 1024) + 2;
1677
+ char *large_str = bson_malloc(len);
1678
+ memset(large_str, 'a', len);
1679
+ large_str[len - 1] = '\0';
1680
+
1681
+ ASSERT_FAILS_STATUS(test_text_search_insert_marking_to_ciphertext(tester,
1682
+ crypt,
1683
+ &ciphertext,
1684
+ large_str,
1685
+ len - 1,
1686
+ INT32_MAX,
1687
+ status),
1688
+ status,
1689
+ expected_msg);
1690
+ bson_free(large_str);
1691
+ mongocrypt_status_destroy(status);
1692
+ mongocrypt_destroy(crypt);
1693
+ _mongocrypt_ciphertext_cleanup(&ciphertext);
1694
+ }
1695
+ }
1696
+
1697
+ static void test_ciphertext_len_steps_fle2_text_search(_mongocrypt_tester_t *tester) {
1698
+ const char *markingJSONFormat = RAW_STRING({
1699
+ 't' : 1,
1700
+ 'a' : 4,
1701
+ 'v' : {
1702
+ 'v' : "%s",
1703
+ 'casef' : false,
1704
+ 'diacf' : false,
1705
+ 'suffix' : {'ub' : {'$numberInt' : '2'}, 'lb' : {'$numberInt' : '1'}}
1706
+ },
1707
+ 'cm' : {'$numberLong' : '2'}
1708
+ });
1709
+ size_t last_len = 0;
1710
+ mongocrypt_binary_t *cmd = TEST_FILE("./test/example/cmd.json");
1711
+ mongocrypt_binary_t *key_file = TEST_BIN(16);
1712
+ mongocrypt_binary_t *ki = TEST_BIN(16);
1713
+ mongocrypt_binary_t *ku = TEST_BIN(16);
1714
+
1715
+ for (size_t str_len = 0; str_len < 256; str_len++) {
1716
+ char *v = bson_malloc0(str_len + 1);
1717
+ memset(v, 'a', str_len);
1718
+ size_t bufsize = snprintf(NULL, 0, markingJSONFormat, v) + 1;
1719
+ char *markingJSON = bson_malloc(bufsize);
1720
+ sprintf(markingJSON, markingJSONFormat, v);
1721
+ bson_t *marking_bson = TMP_BSON(markingJSON);
1722
+
1723
+ _mongocrypt_ciphertext_t ciphertext;
1724
+ _mongocrypt_ciphertext_init(&ciphertext);
1725
+ mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
1726
+
1727
+ get_ciphertext_from_marking_json_with_bufs(crypt, marking_bson, &ciphertext, cmd, key_file, ki, ku);
1728
+
1729
+ // Get res.v, and make sure its size steps when we expect.
1730
+ bson_t ciphertext_bson;
1731
+ ASSERT(_mongocrypt_buffer_to_bson(&ciphertext.data, &ciphertext_bson));
1732
+ iupv2_fields_common res = validate_iupv2_common(&ciphertext_bson);
1733
+ if (str_len != 0) {
1734
+ // We expect a step in ciphertext len iff str_len + 5 goes from 16k-1 to 16k. 5 is the number of overhead
1735
+ // bytes from the BSON header + null byte.
1736
+ if ((str_len + 5) % 16 == 0) {
1737
+ ASSERT_CMPSIZE_T(res.v.len, ==, last_len + 16);
1738
+ } else {
1739
+ ASSERT_CMPSIZE_T(res.v.len, ==, last_len);
1740
+ }
1741
+ }
1742
+ last_len = res.v.len;
1743
+
1744
+ bson_destroy(&ciphertext_bson);
1745
+ bson_free(markingJSON);
1746
+ bson_free(v);
1747
+ mongocrypt_destroy(crypt);
1748
+ _mongocrypt_ciphertext_cleanup(&ciphertext);
1749
+ // Clean up marking_bson and decrement the tester bson_count so we can reuse the space.
1750
+ bson_destroy(marking_bson);
1751
+ tester->bson_count--;
1752
+ }
1753
+ }
1754
+
1119
1755
  void _mongocrypt_tester_install_marking(_mongocrypt_tester_t *tester) {
1120
1756
  INSTALL_TEST(test_mongocrypt_marking_parse);
1121
1757
  INSTALL_TEST(test_mc_get_mincover_from_FLE2RangeFindSpec);
1122
- INSTALL_TEST(test_mc_marking_to_ciphertext);
1758
+ INSTALL_TEST(test_mc_marking_to_ciphertext_fle2_range);
1759
+ INSTALL_TEST(test_mc_marking_to_ciphertext_fle2_text_search);
1760
+ INSTALL_TEST(test_ciphertext_len_steps_fle2_text_search);
1123
1761
  }