libmongocrypt-helper 1.12.0.0.1001 → 1.13.2.0.1001
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +19 -0
- data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +10 -0
- data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -4
- data/ext/libmongocrypt/libmongocrypt/CONTRIBUTING.md +14 -0
- data/ext/libmongocrypt/libmongocrypt/Earthfile +49 -50
- data/ext/libmongocrypt/libmongocrypt/README.md +8 -17
- data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +6 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +39 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +32 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +8 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +0 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +11 -11
- data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +4 -2
- data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +3 -5
- data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +14 -27
- data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +9 -9
- data/ext/libmongocrypt/libmongocrypt/etc/format.sh +0 -2
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-in-functions.patch +158 -0
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +3 -3
- data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/integrating.md +42 -11
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_windows.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +25 -8
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +12 -10
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +35 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +4 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +79 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +226 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +34 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +165 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private-v2.h +105 -7
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +381 -70
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block-private.h +7 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +17 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +126 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +1075 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +95 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +304 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +45 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +248 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +112 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +166 -2
- data/ext/libmongocrypt/libmongocrypt/src/mlib/windows-lean.h +2 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +11 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +36 -3
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +8 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +430 -857
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +5 -19
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +516 -523
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +7 -12
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +6 -9
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +17 -0
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1434 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +2884 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +139 -0
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.h +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/missing-key-id/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +20 -21
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-extraField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-missingKeyId.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-badVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField-goodVersionSet.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-badVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields-goodVersionSet.json +48 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-textSearchFields.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-twoFields.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-field-config-map.json +1 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1DeterministicEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE1RandomEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EncryptionPlaceholder.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2FindEqualityPayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedEqualityEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2IndexedRangeEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges-V2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayload-with-edges.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/insert-indexed.json → explicit-decrypt/FLE2InsertUpdatePayload.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValue.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2UnindexedEncryptedValueV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/find-with-encryptionInformation.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/collinfo.json +2 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-collinfo.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-bad-str-encode-version/bad-create-cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/int32/encrypted-field-map.json → fle2-bad-str-encode-version/bad-encrypted-field-config-map.json} +7 -12
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-bad-str-encode-version}/encrypted-payload.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-field-config-map.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd-to-mongocryptd.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/cmd.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-equality/encrypted-field-map.json → fle2-create-encrypted-collection/encrypted-field-config-map.json} +9 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/encrypted-payload.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection/mongocryptd-reply.json +50 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/cmd-to-mongocryptd.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-encrypted-fields-unset-str-encode-version/mongocryptd-reply.json +51 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/cmd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload-v2.json +57 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/mongocryptd-reply.json +63 -64
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-field-config-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload-v2.json +64 -66
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/mongocryptd-reply.json +69 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd-to-mongocryptd.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/collinfo.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/encrypted-payload.json +2 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/mongocryptd-reply.json +1 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongod.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/reply-from-mongocryptd.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-field-map.json +0 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/date → fle2-insert-text-search}/encrypted-field-map.json +10 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-find-range/double → fle2-insert-text-search-with-str-encode-version}/encrypted-field-map.json +12 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-text-search-with-str-encode-version/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/encrypted-field-map.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2-with-str-encode-version/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-v2-with-str-encode-version}/mongocryptd-reply.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd-to-mongocryptd.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/cmd.json +22 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-field-config-map.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection/mongocryptd-reply.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd-to-mongocryptd.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/cmd.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-field-config-map.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-text-search-create-encrypted-collection-with-str-encode-version/mongocryptd-reply.json +62 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneText.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneTextLarge.json +930 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-facet/cmd.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/collection-info.json → test/data/lookup/csfle-mismatch/collInfo-c1.json} +13 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-mismatch/collInfo-c3.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-nested/cmd.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-only-schemaMap/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd-to-mongocryptd.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-schemaMap/schemaMap.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd-to-mongocryptd.json +34 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-self/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd-to-mongocryptd.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/collInfo-c2.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-sibling/reply-from-mongocryptd.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-unionWith/cmd.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/csfle-view/collInfo-v1.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/{bindings/java/mongocrypt/src/test/resources/keys/ABCDEFAB123498761234123456789012-local-document.json → test/data/lookup/mixed/csfle/csfle/key-doc.json} +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/no-schema/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c1.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/csfle/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongocryptd.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd-to-mongod.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/csfle/reply-from-mongocryptd.json +33 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongocryptd.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd-to-mongod.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/no-schema/reply-from-mongocryptd.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd-to-mongod.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c1.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/no-schema/qe/reply-from-mongocryptd.json +65 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd-to-mongocryptd.json +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/csfle/collInfo-c2.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongocryptd.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd-to-mongod.json +56 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/collInfo-c2.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/no-schema/reply-from-mongocryptd.json +63 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/mixed/qe/qe/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongocryptd.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd-to-mongod.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/cmd.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe/reply-from-mongocryptd.json +68 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd-to-mongod.json +71 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert-unindexed/encrypted-field-map.json → lookup/qe-encryptedFieldsMap/encryptedFieldsMap.json} +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-encryptedFieldsMap/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongocryptd.json +46 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd-to-mongod.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-self/reply-from-mongocryptd.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongocryptd.json +66 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd-to-mongod.json +75 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/cmd.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c1.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/collInfo-c2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/key-doc.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/lookup/qe-with-payload/reply-from-mongocryptd.json +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-create/mongocryptd-ismaster.json → mongocryptd-ismaster-17.json} +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-ismaster-26.json +12 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-encryptedFields2.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-jsonSchema.json +43 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/collinfo-noSchema.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/create-with-jsonSchema.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFields2.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/encryptedFieldsMap.json +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/jsonSchema2.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/schema-broker/schemaMap.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +28 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +70 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +468 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +20 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev-v2.c +286 -24
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +23 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +24 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-tag-and-encrypted-metadata-block.c +36 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +32 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +58 -66
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-schema-broker.c +1124 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +1207 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +144 -37
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +13 -14
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +21 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +37 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +226 -146
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +1330 -1200
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +6 -6
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +744 -106
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +119 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +27 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +97 -0
- data/lib/libmongocrypt_helper/version.rb +2 -2
- metadata +207 -157
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/README.md +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +0 -28
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +0 -217
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +0 -24
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +0 -354
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +0 -5
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +0 -234
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +0 -89
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/BinaryHolder.java +0 -45
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +0 -1165
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +0 -96
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +0 -92
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/DisposableMemory.java +0 -31
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/JULLogger.java +0 -130
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Logger.java +0 -144
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Loggers.java +0 -50
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MacCallback.java +0 -60
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MessageDigestCallback.java +0 -55
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoAwsKmsProviderOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypt.java +0 -100
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContext.java +0 -137
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContextImpl.java +0 -164
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptException.java +0 -67
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +0 -423
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptOptions.java +0 -284
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypts.java +0 -38
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoDataKeyOptions.java +0 -125
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +0 -227
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptor.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptorImpl.java +0 -105
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoLocalKmsProviderOptions.java +0 -83
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoRewrapManyDataKeyOptions.java +0 -104
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SLF4JLogger.java +0 -110
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SecureRandomCallback.java +0 -51
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SigningRSAESPKCSCallback.java +0 -76
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/package-info.java +0 -18
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +0 -180
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +0 -134
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +0 -389
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command-reply.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command-reply.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-value.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/rangeopts.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/value-to-encrypt.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/json-schema.json +0 -15
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-document.json +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter-keyAltName.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/kms-reply.txt +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/list-collections-filter.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-command.json +0 -22
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-reply.json +0 -18
- data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +0 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +0 -20
- data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-schema.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +0 -47
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/collinfo.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/ismaster-to-mongocryptd.json +0 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload.json +0 -91
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload.json +0 -98
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-payload.json +0 -41
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/mongocryptd-reply.json +0 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/cmd.json +0 -10
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-payload.json +0 -51
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/mongocryptd-reply.json +0 -59
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/cmd.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-payload.json +0 -42
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/mongocryptd-reply.json +0 -50
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload.json +0 -16
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/cmd.json +0 -13
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-payload.json +0 -54
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/mongocryptd-reply.json +0 -62
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-field-map.json +0 -31
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-payload.json +0 -48
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/mongocryptd-reply.json +0 -56
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/cmd.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-field-map.json +0 -28
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-payload.json +0 -45
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/mongocryptd-reply.json +0 -53
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload-v2.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/cmd.json +0 -9
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-payload.json +0 -14
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/mongocryptd-reply.json +0 -46
- data/ext/libmongocrypt/libmongocrypt/test/data/schema.json +0 -19
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-explicit/find-indexed.json → explicit-decrypt/FLE2FindEqualityPayload.json} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{fle2-insert → fle2-insert-text-search-with-str-encode-version}/cmd.json +0 -0
@@ -26,6 +26,7 @@
|
|
26
26
|
#include "test-mongocrypt-assert.h"
|
27
27
|
#include "test-mongocrypt.h"
|
28
28
|
#include <stdbool.h>
|
29
|
+
#include <string.h>
|
29
30
|
|
30
31
|
/* Create a basis marking buffer with valid values for the given fields. */
|
31
32
|
static void _make_marking(bson_t *bson, _mongocrypt_buffer_t *buf) {
|
@@ -849,9 +850,9 @@ static void test_mc_get_mincover_from_FLE2RangeFindSpec(_mongocrypt_tester_t *te
|
|
849
850
|
mongocrypt_status_t *status = mongocrypt_status_new();
|
850
851
|
|
851
852
|
if (test->description) {
|
852
|
-
|
853
|
+
TEST_PRINTF(" %zu: %s\n", i, test->description);
|
853
854
|
} else {
|
854
|
-
|
855
|
+
TEST_PRINTF(" %zu\n", i);
|
855
856
|
}
|
856
857
|
|
857
858
|
bson_t *findSpecVal = bson_new_from_json((const uint8_t *)test->findSpecJSON, -1, &error);
|
@@ -907,27 +908,29 @@ static void test_mc_get_mincover_from_FLE2RangeFindSpec(_mongocrypt_tester_t *te
|
|
907
908
|
}
|
908
909
|
}
|
909
910
|
|
910
|
-
//
|
911
|
-
static void
|
912
|
-
|
913
|
-
|
914
|
-
|
911
|
+
// Helper for get_ciphertext_from_marking_json when we don't want to use extra test buffer space.
|
912
|
+
static void get_ciphertext_from_marking_json_with_bufs(mongocrypt_t *crypt,
|
913
|
+
bson_t *marking_bson,
|
914
|
+
_mongocrypt_ciphertext_t *out,
|
915
|
+
mongocrypt_binary_t *cmd,
|
916
|
+
mongocrypt_binary_t *keyIdSpace,
|
917
|
+
mongocrypt_binary_t *kiSpace,
|
918
|
+
mongocrypt_binary_t *kuSpace) {
|
915
919
|
mongocrypt_status_t *status = mongocrypt_status_new();
|
916
920
|
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
917
921
|
// Set up encryption environment
|
918
|
-
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1,
|
922
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, cmd), ctx);
|
919
923
|
// Add a test key
|
920
924
|
_mongocrypt_buffer_t keyId;
|
921
|
-
_mongocrypt_buffer_from_binary(&keyId,
|
925
|
+
_mongocrypt_buffer_from_binary(&keyId, keyIdSpace);
|
922
926
|
keyId.subtype = BSON_SUBTYPE_UUID;
|
923
927
|
_mongocrypt_key_broker_add_test_key(&ctx->kb, &keyId);
|
924
928
|
|
925
929
|
_mongocrypt_buffer_t marking_buf;
|
926
930
|
_mongocrypt_marking_t marking;
|
927
|
-
bson_t *marking_bson = TMP_BSON(markingJSON);
|
928
931
|
// Add key identifier info to the marking
|
929
|
-
BSON_APPEND_BINARY(marking_bson, "ki", BSON_SUBTYPE_UUID, (
|
930
|
-
BSON_APPEND_BINARY(marking_bson, "ku", BSON_SUBTYPE_UUID, (
|
932
|
+
BSON_APPEND_BINARY(marking_bson, "ki", BSON_SUBTYPE_UUID, (kiSpace)->data, 16);
|
933
|
+
BSON_APPEND_BINARY(marking_bson, "ku", BSON_SUBTYPE_UUID, (kuSpace)->data, 16);
|
931
934
|
_make_marking(marking_bson, &marking_buf);
|
932
935
|
// Use FLE2 as the subtype (default is FLE1)
|
933
936
|
marking_buf.data[0] = MC_SUBTYPE_FLE2EncryptionPlaceholder;
|
@@ -941,57 +944,190 @@ static void get_ciphertext_from_marking_json(_mongocrypt_tester_t *tester,
|
|
941
944
|
mongocrypt_ctx_destroy(ctx);
|
942
945
|
}
|
943
946
|
|
944
|
-
//
|
945
|
-
|
946
|
-
static void assert_correctness_of_ciphertext(_mongocrypt_ciphertext_t *ciphertext,
|
947
|
+
// Runs _mongocrypt_marking_to_ciphertext to compute the ciphertext for the given marking.
|
948
|
+
static void get_ciphertext_from_marking_json(_mongocrypt_tester_t *tester,
|
947
949
|
mongocrypt_t *crypt,
|
948
|
-
|
949
|
-
|
950
|
-
|
951
|
-
|
952
|
-
|
950
|
+
const char *markingJSON,
|
951
|
+
_mongocrypt_ciphertext_t *out) {
|
952
|
+
get_ciphertext_from_marking_json_with_bufs(crypt,
|
953
|
+
TMP_BSON(markingJSON),
|
954
|
+
out,
|
955
|
+
TEST_FILE("./test/example/cmd.json"),
|
956
|
+
TEST_BIN(16),
|
957
|
+
TEST_BIN(16),
|
958
|
+
TEST_BIN(16));
|
959
|
+
}
|
960
|
+
|
961
|
+
// Get the ECOC token to use in decryption.
|
962
|
+
static mc_ECOCToken_t *getECOCToken(mongocrypt_t *crypt) {
|
953
963
|
mongocrypt_status_t *status = mongocrypt_status_new();
|
964
|
+
// Test token key that we added earlier is all zeros.
|
965
|
+
_mongocrypt_buffer_t tokenKey;
|
966
|
+
_mongocrypt_buffer_init_size(&tokenKey, MONGOCRYPT_TOKEN_KEY_LEN);
|
967
|
+
memset(tokenKey.data, 0, MONGOCRYPT_TOKEN_KEY_LEN);
|
968
|
+
|
969
|
+
mc_CollectionsLevel1Token_t *collectionsLevel1Token =
|
970
|
+
mc_CollectionsLevel1Token_new(crypt->crypto, &tokenKey, status);
|
971
|
+
mc_ECOCToken_t *ecocToken = mc_ECOCToken_new(crypt->crypto, collectionsLevel1Token, status);
|
972
|
+
ASSERT(mongocrypt_status_ok(status));
|
973
|
+
|
974
|
+
mc_CollectionsLevel1Token_destroy(collectionsLevel1Token);
|
975
|
+
_mongocrypt_buffer_cleanup(&tokenKey);
|
976
|
+
mongocrypt_status_destroy(status);
|
977
|
+
return ecocToken;
|
978
|
+
}
|
979
|
+
|
980
|
+
static mc_ServerDataEncryptionLevel1Token_t *getSDEL1Token(mongocrypt_t *crypt) {
|
981
|
+
mongocrypt_status_t *status = mongocrypt_status_new();
|
982
|
+
// Test token key that we added earlier is all zeros.
|
983
|
+
_mongocrypt_buffer_t tokenKey;
|
984
|
+
_mongocrypt_buffer_init_size(&tokenKey, MONGOCRYPT_TOKEN_KEY_LEN);
|
985
|
+
memset(tokenKey.data, 0, MONGOCRYPT_TOKEN_KEY_LEN);
|
986
|
+
|
987
|
+
mc_ServerDataEncryptionLevel1Token_t *token =
|
988
|
+
mc_ServerDataEncryptionLevel1Token_new(crypt->crypto, &tokenKey, status);
|
989
|
+
ASSERT(mongocrypt_status_ok(status));
|
990
|
+
_mongocrypt_buffer_cleanup(&tokenKey);
|
991
|
+
mongocrypt_status_destroy(status);
|
992
|
+
return token;
|
993
|
+
}
|
994
|
+
|
995
|
+
static void
|
996
|
+
validate_and_get_bindata(bson_t *obj, const char *field, bson_subtype_t expected_type, mongocrypt_binary_t *bin_out) {
|
997
|
+
bson_iter_t iter;
|
998
|
+
ASSERT(bson_iter_init_find(&iter, obj, field));
|
999
|
+
ASSERT(BSON_ITER_HOLDS_BINARY(&iter));
|
1000
|
+
|
1001
|
+
uint32_t bin_len;
|
1002
|
+
const uint8_t *bin = NULL;
|
1003
|
+
bson_subtype_t bin_subtype;
|
1004
|
+
bson_iter_binary(&iter, &bin_subtype, &bin_len, &bin);
|
1005
|
+
ASSERT(bin_subtype == expected_type);
|
1006
|
+
bin_out->data = (void *)bin;
|
1007
|
+
bin_out->len = bin_len;
|
1008
|
+
}
|
1009
|
+
|
1010
|
+
static void validate_encrypted_token(mongocrypt_t *crypt,
|
1011
|
+
mongocrypt_binary_t *encrypted_token_bin,
|
1012
|
+
mongocrypt_binary_t *expected_esc_token,
|
1013
|
+
bool expect_is_leaf,
|
1014
|
+
uint8_t *is_leaf_out) {
|
1015
|
+
mongocrypt_status_t *status = mongocrypt_status_new();
|
1016
|
+
mc_ECOCToken_t *ecocToken = getECOCToken(crypt);
|
1017
|
+
const _mongocrypt_value_encryption_algorithm_t *fle2alg = _mcFLE2Algorithm();
|
1018
|
+
|
1019
|
+
_mongocrypt_buffer_t p_buf, decrypt_buf;
|
1020
|
+
uint32_t expect_decrypt_size = expected_esc_token->len + (expect_is_leaf ? 1 : 0);
|
1021
|
+
ASSERT(_mongocrypt_buffer_copy_from_data_and_size(&p_buf, encrypted_token_bin->data, encrypted_token_bin->len));
|
1022
|
+
|
1023
|
+
_mongocrypt_buffer_init_size(&decrypt_buf, expect_decrypt_size);
|
1024
|
+
|
1025
|
+
uint32_t decrypt_size;
|
1026
|
+
ASSERT_OK_STATUS(
|
1027
|
+
fle2alg
|
1028
|
+
->do_decrypt(crypt->crypto, NULL, mc_ECOCToken_get(ecocToken), &p_buf, &decrypt_buf, &decrypt_size, status),
|
1029
|
+
status);
|
1030
|
+
ASSERT_CMPUINT32(decrypt_size, ==, decrypt_buf.len);
|
1031
|
+
ASSERT_CMPUINT32(decrypt_size, ==, expect_decrypt_size);
|
1032
|
+
|
1033
|
+
ASSERT(0 == memcmp(decrypt_buf.data, expected_esc_token->data, expected_esc_token->len));
|
1034
|
+
|
1035
|
+
if (expect_is_leaf && is_leaf_out) {
|
1036
|
+
*is_leaf_out = decrypt_buf.data[decrypt_buf.len - 1];
|
1037
|
+
}
|
1038
|
+
|
1039
|
+
_mongocrypt_buffer_cleanup(&decrypt_buf);
|
1040
|
+
_mongocrypt_buffer_cleanup(&p_buf);
|
1041
|
+
mc_ECOCToken_destroy(ecocToken);
|
1042
|
+
mongocrypt_status_destroy(status);
|
1043
|
+
}
|
1044
|
+
|
1045
|
+
typedef struct {
|
1046
|
+
mongocrypt_binary_t d;
|
1047
|
+
mongocrypt_binary_t s;
|
1048
|
+
mongocrypt_binary_t p;
|
1049
|
+
mongocrypt_binary_t u;
|
1050
|
+
mongocrypt_binary_t v;
|
1051
|
+
mongocrypt_binary_t e;
|
1052
|
+
mongocrypt_binary_t l;
|
1053
|
+
uint32_t t;
|
1054
|
+
uint64_t k;
|
1055
|
+
} iupv2_fields_common;
|
1056
|
+
|
1057
|
+
static iupv2_fields_common validate_iupv2_common(bson_t *iup_bson) {
|
1058
|
+
iupv2_fields_common res;
|
1059
|
+
memset(&res, 0, sizeof(res));
|
1060
|
+
|
1061
|
+
bson_iter_t iter;
|
1062
|
+
#define ASSERT_EXISTS_BINDATA_OF_SUBTYPE(Field, Subtype) validate_and_get_bindata(iup_bson, #Field, Subtype, &res.Field)
|
1063
|
+
|
1064
|
+
#define ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(Field, Subtype, Len) \
|
1065
|
+
ASSERT_EXISTS_BINDATA_OF_SUBTYPE(Field, Subtype); \
|
1066
|
+
ASSERT(res.Field.len == Len)
|
1067
|
+
|
1068
|
+
ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(d, BSON_SUBTYPE_BINARY, MONGOCRYPT_HMAC_SHA256_LEN);
|
1069
|
+
ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(s, BSON_SUBTYPE_BINARY, MONGOCRYPT_HMAC_SHA256_LEN);
|
1070
|
+
ASSERT_EXISTS_BINDATA_OF_SUBTYPE(p, BSON_SUBTYPE_BINARY);
|
1071
|
+
ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(u, BSON_SUBTYPE_UUID, 16);
|
1072
|
+
ASSERT_EXISTS_BINDATA_OF_SUBTYPE(v, BSON_SUBTYPE_BINARY);
|
1073
|
+
ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(e, BSON_SUBTYPE_BINARY, MONGOCRYPT_HMAC_SHA256_LEN);
|
1074
|
+
ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN(l, BSON_SUBTYPE_BINARY, MONGOCRYPT_HMAC_SHA256_LEN);
|
1075
|
+
|
1076
|
+
#undef ASSERT_EXISTS_BINDATA_OF_SUBTYPE_AND_LEN
|
1077
|
+
#undef ASSERT_EXISTS_AND_BINDATA_OF_LEN
|
1078
|
+
|
1079
|
+
ASSERT(bson_iter_init_find(&iter, iup_bson, "t"));
|
1080
|
+
ASSERT(BSON_ITER_HOLDS_INT32(&iter));
|
1081
|
+
res.t = bson_iter_int32(&iter);
|
1082
|
+
|
1083
|
+
ASSERT(bson_iter_init_find(&iter, iup_bson, "k"));
|
1084
|
+
ASSERT(BSON_ITER_HOLDS_INT64(&iter));
|
1085
|
+
res.k = bson_iter_int64(&iter);
|
1086
|
+
|
1087
|
+
return res;
|
1088
|
+
}
|
1089
|
+
|
1090
|
+
// Assert that the encryptedTokens fields in V2 insert/update ciphertext matches our expectations. Specifically, checks
|
1091
|
+
// that the length of these fields are what we expect, and that the "isLeaf" token is appended when using range V2.
|
1092
|
+
static void validate_range_ciphertext(_mongocrypt_ciphertext_t *ciphertext,
|
1093
|
+
mongocrypt_t *crypt,
|
1094
|
+
bool useRangeV2,
|
1095
|
+
uint32_t expectedEdges) {
|
1096
|
+
uint32_t expectedPLength = useRangeV2 ? (MONGOCRYPT_HMAC_SHA256_LEN + 1) : MONGOCRYPT_HMAC_SHA256_LEN;
|
954
1097
|
|
955
1098
|
bson_t ciphertextBSON;
|
956
1099
|
bson_iter_t iter;
|
957
1100
|
ASSERT(_mongocrypt_buffer_to_bson(&ciphertext->data, &ciphertextBSON));
|
958
1101
|
|
1102
|
+
ASSERT(ciphertext->blob_subtype == MC_SUBTYPE_FLE2InsertUpdatePayloadV2);
|
1103
|
+
ASSERT(ciphertext->original_bson_type == 0); // unset
|
1104
|
+
ASSERT(ciphertext->key_id.len == 0); // unset
|
1105
|
+
|
1106
|
+
iupv2_fields_common res = validate_iupv2_common(&ciphertextBSON);
|
1107
|
+
|
959
1108
|
// 'p' field should be available, length should be 16 bytes of IV + expected bytes
|
960
|
-
|
961
|
-
ASSERT(BSON_ITER_HOLDS_BINARY(&iter));
|
962
|
-
uint32_t p_len;
|
963
|
-
const uint8_t *p_data;
|
964
|
-
bson_iter_binary(&iter, NULL, &p_len, &p_data);
|
965
|
-
ASSERT_CMPUINT32(p_len, ==, 16 + expectedPLength);
|
1109
|
+
ASSERT(res.p.len == 16 + expectedPLength);
|
966
1110
|
|
1111
|
+
// validate crypto of 'p'
|
967
1112
|
if (useRangeV2) {
|
968
|
-
|
969
|
-
|
970
|
-
|
971
|
-
|
972
|
-
|
973
|
-
|
974
|
-
NULL,
|
975
|
-
mc_ECOCToken_get(ecocToken),
|
976
|
-
&p_buf,
|
977
|
-
&decrypted_buf,
|
978
|
-
&decryptedBytes,
|
979
|
-
status),
|
980
|
-
status);
|
981
|
-
ASSERT_CMPUINT32(decryptedBytes, ==, expectedPLength);
|
982
|
-
ASSERT_CMPUINT8(decrypted_buf.data[decrypted_buf.len - 1], ==, 0);
|
983
|
-
_mongocrypt_buffer_cleanup(&decrypted_buf);
|
984
|
-
_mongocrypt_buffer_cleanup(&p_buf);
|
1113
|
+
uint8_t is_leaf = 255;
|
1114
|
+
validate_encrypted_token(crypt, &res.p, &res.s, true, &is_leaf);
|
1115
|
+
// isLeaf byte should be 0.
|
1116
|
+
ASSERT(is_leaf == 0);
|
1117
|
+
} else {
|
1118
|
+
validate_encrypted_token(crypt, &res.p, &res.s, false, NULL);
|
985
1119
|
}
|
986
1120
|
|
987
1121
|
// 'g' field should be available
|
988
|
-
bson_iter_init_find(&iter, &ciphertextBSON, "g");
|
1122
|
+
ASSERT(bson_iter_init_find(&iter, &ciphertextBSON, "g"));
|
989
1123
|
ASSERT(BSON_ITER_HOLDS_ARRAY(&iter));
|
990
|
-
uint32_t g_buf_len;
|
991
|
-
const uint8_t *g_buf;
|
992
1124
|
bson_t g_arr;
|
993
|
-
|
994
|
-
|
1125
|
+
{
|
1126
|
+
uint32_t g_buf_len;
|
1127
|
+
const uint8_t *g_buf;
|
1128
|
+
bson_iter_array(&iter, &g_buf_len, &g_buf);
|
1129
|
+
ASSERT(bson_init_static(&g_arr, g_buf, g_buf_len));
|
1130
|
+
}
|
995
1131
|
|
996
1132
|
bson_iter_t g_iter;
|
997
1133
|
bson_iter_init(&g_iter, &g_arr);
|
@@ -1000,42 +1136,31 @@ static void assert_correctness_of_ciphertext(_mongocrypt_ciphertext_t *ciphertex
|
|
1000
1136
|
while (bson_iter_next(&g_iter)) {
|
1001
1137
|
g_count++;
|
1002
1138
|
ASSERT(BSON_ITER_HOLDS_DOCUMENT(&g_iter));
|
1003
|
-
uint32_t subdoc_len;
|
1004
|
-
const uint8_t *subdoc_buf;
|
1005
1139
|
bson_t subdoc;
|
1006
|
-
|
1007
|
-
|
1140
|
+
{
|
1141
|
+
uint32_t subdoc_len;
|
1142
|
+
const uint8_t *subdoc_buf;
|
1143
|
+
bson_iter_document(&g_iter, &subdoc_len, &subdoc_buf);
|
1144
|
+
ASSERT(bson_init_static(&subdoc, subdoc_buf, subdoc_len));
|
1145
|
+
}
|
1008
1146
|
|
1009
|
-
|
1010
|
-
|
1011
|
-
|
1012
|
-
|
1013
|
-
ASSERT_CMPUINT32(
|
1147
|
+
mongocrypt_binary_t encrypted_token_bin, esc_token_bin;
|
1148
|
+
validate_and_get_bindata(&subdoc, "p", BSON_SUBTYPE_BINARY, &encrypted_token_bin);
|
1149
|
+
validate_and_get_bindata(&subdoc, "s", BSON_SUBTYPE_BINARY, &esc_token_bin);
|
1150
|
+
ASSERT_CMPUINT32(encrypted_token_bin.len, ==, 16 + expectedPLength);
|
1151
|
+
ASSERT_CMPUINT32(esc_token_bin.len, ==, MONGOCRYPT_HMAC_SHA256_LEN);
|
1014
1152
|
|
1015
1153
|
if (useRangeV2) {
|
1016
|
-
|
1017
|
-
|
1018
|
-
|
1019
|
-
|
1020
|
-
// Decrypt p. If useRangeV2, the last byte should be 0 or 1, depending on whether isLeaf.
|
1021
|
-
uint32_t decrypted_bytes;
|
1022
|
-
ASSERT_OK_STATUS(fle2alg->do_decrypt(crypt->crypto,
|
1023
|
-
NULL,
|
1024
|
-
mc_ECOCToken_get(ecocToken),
|
1025
|
-
&p_buf,
|
1026
|
-
&decrypted_buf,
|
1027
|
-
&decrypted_bytes,
|
1028
|
-
status),
|
1029
|
-
status);
|
1030
|
-
ASSERT_CMPUINT32(decrypted_bytes, ==, expectedPLength);
|
1031
|
-
if (decrypted_buf.data[decrypted_buf.len - 1] == 1) {
|
1154
|
+
uint8_t is_leaf = 255;
|
1155
|
+
validate_encrypted_token(crypt, &encrypted_token_bin, &esc_token_bin, true, &is_leaf);
|
1156
|
+
// isLeaf byte should be either 0 or 1.
|
1157
|
+
if (is_leaf == 1) {
|
1032
1158
|
leaf_count++;
|
1033
1159
|
} else {
|
1034
|
-
ASSERT_CMPUINT8(
|
1160
|
+
ASSERT_CMPUINT8(is_leaf, ==, 0)
|
1035
1161
|
}
|
1036
|
-
|
1037
|
-
|
1038
|
-
_mongocrypt_buffer_cleanup(&p_buf);
|
1162
|
+
} else {
|
1163
|
+
validate_encrypted_token(crypt, &encrypted_token_bin, &esc_token_bin, false, NULL);
|
1039
1164
|
}
|
1040
1165
|
}
|
1041
1166
|
ASSERT_CMPSIZE_T(g_count, ==, expectedEdges);
|
@@ -1044,31 +1169,11 @@ static void assert_correctness_of_ciphertext(_mongocrypt_ciphertext_t *ciphertex
|
|
1044
1169
|
ASSERT_CMPSIZE_T(leaf_count, ==, 1);
|
1045
1170
|
}
|
1046
1171
|
bson_destroy(&ciphertextBSON);
|
1047
|
-
mongocrypt_status_destroy(status);
|
1048
|
-
}
|
1049
|
-
|
1050
|
-
// Get the ECOC token to use in decryption.
|
1051
|
-
static mc_ECOCToken_t *getECOCToken(mongocrypt_t *crypt) {
|
1052
|
-
mongocrypt_status_t *status = mongocrypt_status_new();
|
1053
|
-
// Test token key that we added earlier is all zeros.
|
1054
|
-
_mongocrypt_buffer_t tokenKey;
|
1055
|
-
_mongocrypt_buffer_init_size(&tokenKey, MONGOCRYPT_TOKEN_KEY_LEN);
|
1056
|
-
memset(tokenKey.data, 0, MONGOCRYPT_TOKEN_KEY_LEN);
|
1057
|
-
|
1058
|
-
mc_CollectionsLevel1Token_t *collectionsLevel1Token =
|
1059
|
-
mc_CollectionsLevel1Token_new(crypt->crypto, &tokenKey, status);
|
1060
|
-
mc_ECOCToken_t *ecocToken = mc_ECOCToken_new(crypt->crypto, collectionsLevel1Token, status);
|
1061
|
-
ASSERT(mongocrypt_status_ok(status));
|
1062
|
-
|
1063
|
-
mc_CollectionsLevel1Token_destroy(collectionsLevel1Token);
|
1064
|
-
_mongocrypt_buffer_cleanup(&tokenKey);
|
1065
|
-
mongocrypt_status_destroy(status);
|
1066
|
-
return ecocToken;
|
1067
1172
|
}
|
1068
1173
|
|
1069
|
-
static void
|
1174
|
+
static void test_mc_marking_to_ciphertext_fle2_range(_mongocrypt_tester_t *tester) {
|
1070
1175
|
if (!_aes_ctr_is_supported_by_os) {
|
1071
|
-
|
1176
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
1072
1177
|
return;
|
1073
1178
|
}
|
1074
1179
|
|
@@ -1087,10 +1192,8 @@ static void test_mc_marking_to_ciphertext(_mongocrypt_tester_t *tester) {
|
|
1087
1192
|
|
1088
1193
|
get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
|
1089
1194
|
|
1090
|
-
|
1091
|
-
assert_correctness_of_ciphertext(&ciphertext, crypt, ecocToken, false, 4);
|
1195
|
+
validate_range_ciphertext(&ciphertext, crypt, false, 4);
|
1092
1196
|
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1093
|
-
mc_ECOCToken_destroy(ecocToken);
|
1094
1197
|
mongocrypt_destroy(crypt);
|
1095
1198
|
}
|
1096
1199
|
{
|
@@ -1107,17 +1210,552 @@ static void test_mc_marking_to_ciphertext(_mongocrypt_tester_t *tester) {
|
|
1107
1210
|
|
1108
1211
|
get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
|
1109
1212
|
|
1110
|
-
|
1111
|
-
assert_correctness_of_ciphertext(&ciphertext, crypt, ecocToken, true, 4);
|
1213
|
+
validate_range_ciphertext(&ciphertext, crypt, true, 4);
|
1112
1214
|
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1113
|
-
mc_ECOCToken_destroy(ecocToken);
|
1114
1215
|
|
1115
1216
|
mongocrypt_destroy(crypt);
|
1116
1217
|
}
|
1117
1218
|
}
|
1118
1219
|
|
1220
|
+
static void validate_text_search_token_set_common(bson_iter_t *iter_at_token_set_obj, mongocrypt_t *crypt) {
|
1221
|
+
ASSERT(BSON_ITER_HOLDS_DOCUMENT(iter_at_token_set_obj));
|
1222
|
+
bson_t ts_bson;
|
1223
|
+
{
|
1224
|
+
uint32_t len;
|
1225
|
+
const uint8_t *buf;
|
1226
|
+
bson_iter_document(iter_at_token_set_obj, &len, &buf);
|
1227
|
+
ASSERT(bson_init_static(&ts_bson, buf, len));
|
1228
|
+
}
|
1229
|
+
|
1230
|
+
mongocrypt_binary_t token_bin;
|
1231
|
+
mongocrypt_binary_t esc_token_bin;
|
1232
|
+
mongocrypt_binary_t encrypted_token_bin;
|
1233
|
+
|
1234
|
+
validate_and_get_bindata(&ts_bson, "d", BSON_SUBTYPE_BINARY, &token_bin);
|
1235
|
+
ASSERT_CMPUINT32(token_bin.len, ==, MONGOCRYPT_HMAC_SHA256_LEN);
|
1236
|
+
|
1237
|
+
validate_and_get_bindata(&ts_bson, "l", BSON_SUBTYPE_BINARY, &token_bin);
|
1238
|
+
ASSERT_CMPUINT32(token_bin.len, ==, MONGOCRYPT_HMAC_SHA256_LEN);
|
1239
|
+
|
1240
|
+
validate_and_get_bindata(&ts_bson, "s", BSON_SUBTYPE_BINARY, &esc_token_bin);
|
1241
|
+
ASSERT_CMPUINT32(esc_token_bin.len, ==, MONGOCRYPT_HMAC_SHA256_LEN);
|
1242
|
+
|
1243
|
+
validate_and_get_bindata(&ts_bson, "p", BSON_SUBTYPE_BINARY, &encrypted_token_bin);
|
1244
|
+
ASSERT_CMPUINT32(encrypted_token_bin.len, ==, (16 + MONGOCRYPT_HMAC_SHA256_LEN));
|
1245
|
+
|
1246
|
+
// validate crypto of p
|
1247
|
+
validate_encrypted_token(crypt, &encrypted_token_bin, &esc_token_bin, false, NULL);
|
1248
|
+
}
|
1249
|
+
|
1250
|
+
static size_t validate_text_search_token_set_array_common(bson_iter_t *iter_at_array, mongocrypt_t *crypt) {
|
1251
|
+
ASSERT(BSON_ITER_HOLDS_ARRAY(iter_at_array));
|
1252
|
+
bson_t arr_bson;
|
1253
|
+
{
|
1254
|
+
uint32_t subdoc_len;
|
1255
|
+
const uint8_t *subdoc_buf;
|
1256
|
+
bson_iter_array(iter_at_array, &subdoc_len, &subdoc_buf);
|
1257
|
+
ASSERT(bson_init_static(&arr_bson, subdoc_buf, subdoc_len));
|
1258
|
+
}
|
1259
|
+
|
1260
|
+
bson_iter_t iter;
|
1261
|
+
bson_iter_init(&iter, &arr_bson);
|
1262
|
+
|
1263
|
+
size_t count = 0;
|
1264
|
+
while (bson_iter_next(&iter)) {
|
1265
|
+
count++;
|
1266
|
+
validate_text_search_token_set_common(&iter, crypt);
|
1267
|
+
}
|
1268
|
+
return count;
|
1269
|
+
}
|
1270
|
+
|
1271
|
+
typedef struct {
|
1272
|
+
size_t substrings;
|
1273
|
+
size_t suffixes;
|
1274
|
+
size_t prefixes;
|
1275
|
+
} text_search_expected_token_counts;
|
1276
|
+
|
1277
|
+
// Assert that the fields in a insert/update payload V2 for text search match our expectations.
|
1278
|
+
// Specifically, checks that the length of these fields, and the values of deterministic fields,
|
1279
|
+
// are what we expect.
|
1280
|
+
static void validate_text_search_ciphertext(_mongocrypt_tester_t *tester,
|
1281
|
+
_mongocrypt_ciphertext_t *ciphertext,
|
1282
|
+
mongocrypt_t *crypt,
|
1283
|
+
const char *text_value,
|
1284
|
+
mongocrypt_fle2_placeholder_type_t type,
|
1285
|
+
uint64_t contention_max,
|
1286
|
+
text_search_expected_token_counts expected_tag_counts) {
|
1287
|
+
bson_t iup_bson;
|
1288
|
+
bson_iter_t iter;
|
1289
|
+
ASSERT(_mongocrypt_buffer_to_bson(&ciphertext->data, &iup_bson));
|
1290
|
+
|
1291
|
+
mc_ServerDataEncryptionLevel1Token_t *sdel1Token = getSDEL1Token(crypt);
|
1292
|
+
const mongocrypt_binary_t *keyId = TEST_BIN(16); // don't free!
|
1293
|
+
|
1294
|
+
if (type == MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT) {
|
1295
|
+
ASSERT_CMPUINT8(ciphertext->blob_subtype, ==, MC_SUBTYPE_FLE2InsertUpdatePayloadV2);
|
1296
|
+
ASSERT_CMPUINT8(ciphertext->original_bson_type, ==, 0); // unset
|
1297
|
+
ASSERT_CMPUINT32(ciphertext->key_id.len, ==, 0); // unset
|
1298
|
+
|
1299
|
+
iupv2_fields_common res = validate_iupv2_common(&iup_bson);
|
1300
|
+
|
1301
|
+
// validate u, t, k have correct values
|
1302
|
+
ASSERT_CMPBYTES(keyId->data, keyId->len, res.u.data, res.u.len);
|
1303
|
+
ASSERT_CMPUINT32(res.t, ==, BSON_TYPE_UTF8);
|
1304
|
+
ASSERT_CMPUINT64(res.k, <=, contention_max);
|
1305
|
+
|
1306
|
+
// validate e is ServerDataEncryptionLevel1Token = HMAC(RootKey, 3)
|
1307
|
+
ASSERT_CMPUINT32(res.e.len, ==, mc_ServerDataEncryptionLevel1Token_get(sdel1Token)->len);
|
1308
|
+
ASSERT(memcmp(res.e.data, mc_ServerDataEncryptionLevel1Token_get(sdel1Token)->data, res.e.len) == 0);
|
1309
|
+
|
1310
|
+
// validate crypto of p
|
1311
|
+
ASSERT(res.p.len == 16 + MONGOCRYPT_HMAC_SHA256_LEN);
|
1312
|
+
validate_encrypted_token(crypt, &res.p, &res.s, false, NULL);
|
1313
|
+
|
1314
|
+
// validate v decrypts cleanly
|
1315
|
+
{
|
1316
|
+
mongocrypt_status_t *status = mongocrypt_status_new();
|
1317
|
+
|
1318
|
+
const _mongocrypt_value_encryption_algorithm_t *fle2alg = _mcFLE2v2AEADAlgorithm();
|
1319
|
+
// assert first 16 bytes == userKeyId == indexKeyId
|
1320
|
+
ASSERT_CMPUINT32(res.v.len, >, 16);
|
1321
|
+
ASSERT_CMPBYTES(keyId->data, keyId->len, res.v.data, 16);
|
1322
|
+
|
1323
|
+
_mongocrypt_buffer_t key, aad, ctext, ptext;
|
1324
|
+
_mongocrypt_buffer_init_size(&key, MONGOCRYPT_KEY_LEN);
|
1325
|
+
memset(key.data, 0, key.len);
|
1326
|
+
ASSERT(_mongocrypt_buffer_copy_from_data_and_size(&aad, res.v.data, 16));
|
1327
|
+
ASSERT(_mongocrypt_buffer_copy_from_data_and_size(&ctext, ((uint8_t *)res.v.data) + 16, res.v.len - 16));
|
1328
|
+
uint32_t plen = fle2alg->get_plaintext_len(res.v.len - 16, status);
|
1329
|
+
_mongocrypt_buffer_init_size(&ptext, plen);
|
1330
|
+
|
1331
|
+
uint32_t pbytes;
|
1332
|
+
ASSERT_OK_STATUS(fle2alg->do_decrypt(crypt->crypto, &aad, &key, &ctext, &ptext, &pbytes, status), status);
|
1333
|
+
|
1334
|
+
// BSON strings have 5 (4 for size + 1 null terminator) bytes of overhead
|
1335
|
+
ASSERT_CMPUINT32(pbytes, >=, 5);
|
1336
|
+
ASSERT_CMPSIZE_T(strlen(text_value), ==, (pbytes - 5));
|
1337
|
+
ASSERT_STREQUAL(text_value, ((char *)(ptext.data + 4)));
|
1338
|
+
|
1339
|
+
_mongocrypt_buffer_cleanup(&ptext);
|
1340
|
+
_mongocrypt_buffer_cleanup(&ctext);
|
1341
|
+
_mongocrypt_buffer_cleanup(&aad);
|
1342
|
+
_mongocrypt_buffer_cleanup(&key);
|
1343
|
+
mongocrypt_status_destroy(status);
|
1344
|
+
}
|
1345
|
+
|
1346
|
+
// assert b exists with correct fields
|
1347
|
+
ASSERT(bson_iter_init_find(&iter, &iup_bson, "b"));
|
1348
|
+
ASSERT(BSON_ITER_HOLDS_DOCUMENT(&iter));
|
1349
|
+
|
1350
|
+
bson_t b_bson;
|
1351
|
+
bson_iter_t b_iter;
|
1352
|
+
{
|
1353
|
+
uint32_t subdoc_len;
|
1354
|
+
const uint8_t *subdoc_buf;
|
1355
|
+
bson_iter_document(&iter, &subdoc_len, &subdoc_buf);
|
1356
|
+
ASSERT(bson_init_static(&b_bson, subdoc_buf, subdoc_len));
|
1357
|
+
}
|
1358
|
+
|
1359
|
+
ASSERT(bson_iter_init_find(&b_iter, &b_bson, "e"));
|
1360
|
+
validate_text_search_token_set_common(&b_iter, crypt);
|
1361
|
+
|
1362
|
+
size_t tscount = 0;
|
1363
|
+
ASSERT(bson_iter_init_find(&b_iter, &b_bson, "s"));
|
1364
|
+
tscount = validate_text_search_token_set_array_common(&b_iter, crypt);
|
1365
|
+
ASSERT_CMPSIZE_T(expected_tag_counts.substrings, ==, tscount);
|
1366
|
+
|
1367
|
+
ASSERT(bson_iter_init_find(&b_iter, &b_bson, "u"));
|
1368
|
+
tscount = validate_text_search_token_set_array_common(&b_iter, crypt);
|
1369
|
+
ASSERT_CMPSIZE_T(expected_tag_counts.suffixes, ==, tscount);
|
1370
|
+
|
1371
|
+
ASSERT(bson_iter_init_find(&b_iter, &b_bson, "p"));
|
1372
|
+
tscount = validate_text_search_token_set_array_common(&b_iter, crypt);
|
1373
|
+
ASSERT_CMPSIZE_T(expected_tag_counts.prefixes, ==, tscount);
|
1374
|
+
}
|
1375
|
+
|
1376
|
+
mc_ServerDataEncryptionLevel1Token_destroy(sdel1Token);
|
1377
|
+
bson_destroy(&iup_bson);
|
1378
|
+
}
|
1379
|
+
|
1380
|
+
static size_t calculate_expected_substring_tag_count(size_t beta, size_t mlen, size_t ub, size_t lb) {
|
1381
|
+
ASSERT_CMPSIZE_T(beta, <=, (SIZE_MAX - 15));
|
1382
|
+
ASSERT_CMPSIZE_T(lb, <=, ub);
|
1383
|
+
ASSERT_CMPSIZE_T(mlen, >=, ub);
|
1384
|
+
|
1385
|
+
size_t padded_len = 16 * ((beta + 5 + 15) / 16) - 5;
|
1386
|
+
if (beta > mlen || lb > padded_len) {
|
1387
|
+
return 0;
|
1388
|
+
}
|
1389
|
+
size_t maxkgram1 = 0;
|
1390
|
+
size_t maxkgram2 = 0;
|
1391
|
+
for (size_t j = lb; j <= ub; j++) {
|
1392
|
+
maxkgram1 += (mlen - j + 1);
|
1393
|
+
}
|
1394
|
+
for (size_t j = lb; j <= BSON_MIN(ub, padded_len); j++) {
|
1395
|
+
maxkgram2 += (padded_len - j + 1);
|
1396
|
+
}
|
1397
|
+
return BSON_MIN(maxkgram1, maxkgram2); // msize
|
1398
|
+
}
|
1399
|
+
|
1400
|
+
static size_t calculate_expected_nfix_tag_count(size_t beta, size_t ub, size_t lb) {
|
1401
|
+
ASSERT_CMPSIZE_T(beta, <=, (SIZE_MAX - 15));
|
1402
|
+
ASSERT_CMPSIZE_T(lb, <=, ub);
|
1403
|
+
size_t padded_len = 16 * ((beta + 5 + 15) / 16) - 5;
|
1404
|
+
if (lb > padded_len) {
|
1405
|
+
return 0;
|
1406
|
+
}
|
1407
|
+
return BSON_MIN(ub, padded_len) - lb + 1;
|
1408
|
+
}
|
1409
|
+
|
1410
|
+
// Runs _mongocrypt_marking_to_ciphertext to compute the ciphertext for the given marking.
|
1411
|
+
static bool test_text_search_insert_marking_to_ciphertext(_mongocrypt_tester_t *tester,
|
1412
|
+
mongocrypt_t *crypt,
|
1413
|
+
_mongocrypt_ciphertext_t *out,
|
1414
|
+
const char *test_string,
|
1415
|
+
int test_string_len,
|
1416
|
+
int mlen,
|
1417
|
+
mongocrypt_status_t *status) {
|
1418
|
+
ASSERT_CMPINT(mlen, >, 0);
|
1419
|
+
|
1420
|
+
mongocrypt_ctx_t *ctx = mongocrypt_ctx_new(crypt);
|
1421
|
+
// Set up encryption environment
|
1422
|
+
ASSERT_OK(mongocrypt_ctx_encrypt_init(ctx, "test", -1, TEST_FILE("./test/example/cmd.json")), ctx);
|
1423
|
+
// Add a test key
|
1424
|
+
_mongocrypt_buffer_t keyId;
|
1425
|
+
_mongocrypt_buffer_from_binary(&keyId, TEST_BIN(16));
|
1426
|
+
keyId.subtype = BSON_SUBTYPE_UUID;
|
1427
|
+
_mongocrypt_key_broker_add_test_key(&ctx->kb, &keyId);
|
1428
|
+
|
1429
|
+
_mongocrypt_buffer_t marking_buf;
|
1430
|
+
_mongocrypt_marking_t marking;
|
1431
|
+
|
1432
|
+
bson_t *marking_bson = bson_new();
|
1433
|
+
BSON_APPEND_INT32(marking_bson, "t", 1);
|
1434
|
+
BSON_APPEND_INT32(marking_bson, "a", 4);
|
1435
|
+
BSON_APPEND_INT64(marking_bson, "cm", 2);
|
1436
|
+
bson_t text_spec;
|
1437
|
+
BSON_APPEND_DOCUMENT_BEGIN(marking_bson, "v", &text_spec);
|
1438
|
+
bson_append_utf8(&text_spec, "v", 1, test_string, test_string_len);
|
1439
|
+
BSON_APPEND_BOOL(&text_spec, "casef", false);
|
1440
|
+
BSON_APPEND_BOOL(&text_spec, "diacf", false);
|
1441
|
+
bson_t subspec;
|
1442
|
+
BSON_APPEND_DOCUMENT_BEGIN(&text_spec, "substr", &subspec);
|
1443
|
+
BSON_APPEND_INT32(&subspec, "mlen", mlen);
|
1444
|
+
BSON_APPEND_INT32(&subspec, "ub", 1);
|
1445
|
+
BSON_APPEND_INT32(&subspec, "lb", 1);
|
1446
|
+
ASSERT(bson_append_document_end(&text_spec, &subspec));
|
1447
|
+
ASSERT(bson_append_document_end(marking_bson, &text_spec));
|
1448
|
+
|
1449
|
+
// Add key identifier info to the marking
|
1450
|
+
BSON_APPEND_BINARY(marking_bson, "ki", BSON_SUBTYPE_UUID, (TEST_BIN(16))->data, 16);
|
1451
|
+
BSON_APPEND_BINARY(marking_bson, "ku", BSON_SUBTYPE_UUID, (TEST_BIN(16))->data, 16);
|
1452
|
+
_make_marking(marking_bson, &marking_buf);
|
1453
|
+
// Use FLE2 as the subtype (default is FLE1)
|
1454
|
+
marking_buf.data[0] = MC_SUBTYPE_FLE2EncryptionPlaceholder;
|
1455
|
+
_parse_ok(&marking_buf, &marking);
|
1456
|
+
|
1457
|
+
bool result = _mongocrypt_marking_to_ciphertext((void *)&ctx->kb, &marking, out, status);
|
1458
|
+
|
1459
|
+
_mongocrypt_buffer_cleanup(&marking_buf);
|
1460
|
+
bson_destroy(marking_bson);
|
1461
|
+
_mongocrypt_marking_cleanup(&marking);
|
1462
|
+
mongocrypt_ctx_destroy(ctx);
|
1463
|
+
return result;
|
1464
|
+
}
|
1465
|
+
|
1466
|
+
static void test_mc_marking_to_ciphertext_fle2_text_search(_mongocrypt_tester_t *tester) {
|
1467
|
+
if (!_aes_ctr_is_supported_by_os) {
|
1468
|
+
TEST_PRINTF("Common Crypto with no CTR support detected. Skipping.");
|
1469
|
+
return;
|
1470
|
+
}
|
1471
|
+
|
1472
|
+
// Test substring
|
1473
|
+
{
|
1474
|
+
const char *markingJSON = RAW_STRING({
|
1475
|
+
't' : 1,
|
1476
|
+
'a' : 4,
|
1477
|
+
'v' : {
|
1478
|
+
'v' : "foobar",
|
1479
|
+
'casef' : false,
|
1480
|
+
'diacf' : false,
|
1481
|
+
'substr' :
|
1482
|
+
{'mlen' : {'$numberInt' : '1000'}, 'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '10'}}
|
1483
|
+
},
|
1484
|
+
'cm' : {'$numberLong' : '2'}
|
1485
|
+
});
|
1486
|
+
_mongocrypt_ciphertext_t ciphertext;
|
1487
|
+
_mongocrypt_ciphertext_init(&ciphertext);
|
1488
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
1489
|
+
text_search_expected_token_counts counts = {0};
|
1490
|
+
counts.substrings = calculate_expected_substring_tag_count(6, 1000, 100, 10);
|
1491
|
+
|
1492
|
+
get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
|
1493
|
+
validate_text_search_ciphertext(tester,
|
1494
|
+
&ciphertext,
|
1495
|
+
crypt,
|
1496
|
+
"foobar",
|
1497
|
+
MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT,
|
1498
|
+
2,
|
1499
|
+
counts);
|
1500
|
+
|
1501
|
+
mongocrypt_destroy(crypt);
|
1502
|
+
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1503
|
+
}
|
1504
|
+
|
1505
|
+
// Test suffix + prefix
|
1506
|
+
{
|
1507
|
+
const char *markingJSON = RAW_STRING({
|
1508
|
+
't' : 1,
|
1509
|
+
'a' : 4,
|
1510
|
+
'v' : {
|
1511
|
+
'v' : "foobar",
|
1512
|
+
'casef' : false,
|
1513
|
+
'diacf' : false,
|
1514
|
+
'suffix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '10'}},
|
1515
|
+
'prefix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '10'}}
|
1516
|
+
},
|
1517
|
+
'cm' : {'$numberLong' : '2'}
|
1518
|
+
});
|
1519
|
+
_mongocrypt_ciphertext_t ciphertext;
|
1520
|
+
_mongocrypt_ciphertext_init(&ciphertext);
|
1521
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
1522
|
+
text_search_expected_token_counts counts = {0};
|
1523
|
+
counts.suffixes = counts.prefixes = calculate_expected_nfix_tag_count(6, 100, 10);
|
1524
|
+
|
1525
|
+
get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
|
1526
|
+
validate_text_search_ciphertext(tester,
|
1527
|
+
&ciphertext,
|
1528
|
+
crypt,
|
1529
|
+
"foobar",
|
1530
|
+
MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT,
|
1531
|
+
2,
|
1532
|
+
counts);
|
1533
|
+
|
1534
|
+
mongocrypt_destroy(crypt);
|
1535
|
+
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1536
|
+
}
|
1537
|
+
|
1538
|
+
// Test empty string
|
1539
|
+
{
|
1540
|
+
const char *markingJSON = RAW_STRING({
|
1541
|
+
't' : 1,
|
1542
|
+
'a' : 4,
|
1543
|
+
'v' : {
|
1544
|
+
'v' : "",
|
1545
|
+
'casef' : false,
|
1546
|
+
'diacf' : false,
|
1547
|
+
'prefix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '10'}}
|
1548
|
+
},
|
1549
|
+
'cm' : {'$numberLong' : '2'}
|
1550
|
+
});
|
1551
|
+
_mongocrypt_ciphertext_t ciphertext;
|
1552
|
+
_mongocrypt_ciphertext_init(&ciphertext);
|
1553
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
1554
|
+
text_search_expected_token_counts counts = {0};
|
1555
|
+
|
1556
|
+
// beta is 1 for empty strings
|
1557
|
+
counts.prefixes = calculate_expected_nfix_tag_count(1, 100, 10);
|
1558
|
+
|
1559
|
+
get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
|
1560
|
+
validate_text_search_ciphertext(tester,
|
1561
|
+
&ciphertext,
|
1562
|
+
crypt,
|
1563
|
+
"",
|
1564
|
+
MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT,
|
1565
|
+
2,
|
1566
|
+
counts);
|
1567
|
+
mongocrypt_destroy(crypt);
|
1568
|
+
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1569
|
+
}
|
1570
|
+
|
1571
|
+
// Test string cbc-padded length is less than lb (ie. substring/suffix/prefix tag sets will be
|
1572
|
+
// empty)
|
1573
|
+
{
|
1574
|
+
const char *markingJSON = RAW_STRING({
|
1575
|
+
't' : 1,
|
1576
|
+
'a' : 4,
|
1577
|
+
'v' : {
|
1578
|
+
'v' : "foobar",
|
1579
|
+
'casef' : false,
|
1580
|
+
'diacf' : false,
|
1581
|
+
'substr' :
|
1582
|
+
{'mlen' : {'$numberInt' : '1000'}, 'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '20'}},
|
1583
|
+
'prefix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '20'}},
|
1584
|
+
'suffix' : {'ub' : {'$numberInt' : '100'}, 'lb' : {'$numberInt' : '20'}}
|
1585
|
+
},
|
1586
|
+
'cm' : {'$numberLong' : '2'}
|
1587
|
+
});
|
1588
|
+
_mongocrypt_ciphertext_t ciphertext;
|
1589
|
+
_mongocrypt_ciphertext_init(&ciphertext);
|
1590
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
1591
|
+
text_search_expected_token_counts counts = {0};
|
1592
|
+
|
1593
|
+
get_ciphertext_from_marking_json(tester, crypt, markingJSON, &ciphertext);
|
1594
|
+
validate_text_search_ciphertext(tester,
|
1595
|
+
&ciphertext,
|
1596
|
+
crypt,
|
1597
|
+
"foobar",
|
1598
|
+
MONGOCRYPT_FLE2_PLACEHOLDER_TYPE_INSERT,
|
1599
|
+
2,
|
1600
|
+
counts);
|
1601
|
+
mongocrypt_destroy(crypt);
|
1602
|
+
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1603
|
+
}
|
1604
|
+
|
1605
|
+
// Test string exceeds mlen
|
1606
|
+
{
|
1607
|
+
_mongocrypt_ciphertext_t ciphertext;
|
1608
|
+
_mongocrypt_ciphertext_init(&ciphertext);
|
1609
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
1610
|
+
mongocrypt_status_t *status = mongocrypt_status_new();
|
1611
|
+
|
1612
|
+
ASSERT_FAILS_STATUS(
|
1613
|
+
test_text_search_insert_marking_to_ciphertext(tester, crypt, &ciphertext, "foobar", 6, 3, status),
|
1614
|
+
status,
|
1615
|
+
"longer than the maximum length for substring indexing");
|
1616
|
+
|
1617
|
+
mongocrypt_status_destroy(status);
|
1618
|
+
mongocrypt_destroy(crypt);
|
1619
|
+
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1620
|
+
}
|
1621
|
+
|
1622
|
+
// Test string is not valid utf-8
|
1623
|
+
{
|
1624
|
+
_mongocrypt_ciphertext_t ciphertext;
|
1625
|
+
_mongocrypt_ciphertext_init(&ciphertext);
|
1626
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
1627
|
+
const char *expected_msg = "String passed in was not valid UTF-8";
|
1628
|
+
mongocrypt_status_t *status = mongocrypt_status_new();
|
1629
|
+
|
1630
|
+
// invalid utf-8 byte 0xff
|
1631
|
+
ASSERT_FAILS_STATUS(test_text_search_insert_marking_to_ciphertext(tester,
|
1632
|
+
crypt,
|
1633
|
+
&ciphertext,
|
1634
|
+
"foob\xffr",
|
1635
|
+
6,
|
1636
|
+
INT32_MAX,
|
1637
|
+
status),
|
1638
|
+
status,
|
1639
|
+
expected_msg);
|
1640
|
+
_mongocrypt_status_reset(status);
|
1641
|
+
// embedded null byte
|
1642
|
+
ASSERT_FAILS_STATUS(test_text_search_insert_marking_to_ciphertext(tester,
|
1643
|
+
crypt,
|
1644
|
+
&ciphertext,
|
1645
|
+
"foob\x00r",
|
1646
|
+
6,
|
1647
|
+
INT32_MAX,
|
1648
|
+
status),
|
1649
|
+
status,
|
1650
|
+
expected_msg);
|
1651
|
+
_mongocrypt_status_reset(status);
|
1652
|
+
// overlong encoding of 'a' (\x61)
|
1653
|
+
ASSERT_FAILS_STATUS(test_text_search_insert_marking_to_ciphertext(tester,
|
1654
|
+
crypt,
|
1655
|
+
&ciphertext,
|
1656
|
+
"foob\xE0\x81\xA1r",
|
1657
|
+
8,
|
1658
|
+
INT32_MAX,
|
1659
|
+
status),
|
1660
|
+
status,
|
1661
|
+
expected_msg);
|
1662
|
+
|
1663
|
+
mongocrypt_status_destroy(status);
|
1664
|
+
mongocrypt_destroy(crypt);
|
1665
|
+
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1666
|
+
}
|
1667
|
+
|
1668
|
+
// test string is too large
|
1669
|
+
{
|
1670
|
+
_mongocrypt_ciphertext_t ciphertext;
|
1671
|
+
_mongocrypt_ciphertext_init(&ciphertext);
|
1672
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
1673
|
+
const char *expected_msg = "String passed in was too long";
|
1674
|
+
mongocrypt_status_t *status = mongocrypt_status_new();
|
1675
|
+
|
1676
|
+
int len = (16 * 1024 * 1024) + 2;
|
1677
|
+
char *large_str = bson_malloc(len);
|
1678
|
+
memset(large_str, 'a', len);
|
1679
|
+
large_str[len - 1] = '\0';
|
1680
|
+
|
1681
|
+
ASSERT_FAILS_STATUS(test_text_search_insert_marking_to_ciphertext(tester,
|
1682
|
+
crypt,
|
1683
|
+
&ciphertext,
|
1684
|
+
large_str,
|
1685
|
+
len - 1,
|
1686
|
+
INT32_MAX,
|
1687
|
+
status),
|
1688
|
+
status,
|
1689
|
+
expected_msg);
|
1690
|
+
bson_free(large_str);
|
1691
|
+
mongocrypt_status_destroy(status);
|
1692
|
+
mongocrypt_destroy(crypt);
|
1693
|
+
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1694
|
+
}
|
1695
|
+
}
|
1696
|
+
|
1697
|
+
static void test_ciphertext_len_steps_fle2_text_search(_mongocrypt_tester_t *tester) {
|
1698
|
+
const char *markingJSONFormat = RAW_STRING({
|
1699
|
+
't' : 1,
|
1700
|
+
'a' : 4,
|
1701
|
+
'v' : {
|
1702
|
+
'v' : "%s",
|
1703
|
+
'casef' : false,
|
1704
|
+
'diacf' : false,
|
1705
|
+
'suffix' : {'ub' : {'$numberInt' : '2'}, 'lb' : {'$numberInt' : '1'}}
|
1706
|
+
},
|
1707
|
+
'cm' : {'$numberLong' : '2'}
|
1708
|
+
});
|
1709
|
+
size_t last_len = 0;
|
1710
|
+
mongocrypt_binary_t *cmd = TEST_FILE("./test/example/cmd.json");
|
1711
|
+
mongocrypt_binary_t *key_file = TEST_BIN(16);
|
1712
|
+
mongocrypt_binary_t *ki = TEST_BIN(16);
|
1713
|
+
mongocrypt_binary_t *ku = TEST_BIN(16);
|
1714
|
+
|
1715
|
+
for (size_t str_len = 0; str_len < 256; str_len++) {
|
1716
|
+
char *v = bson_malloc0(str_len + 1);
|
1717
|
+
memset(v, 'a', str_len);
|
1718
|
+
size_t bufsize = snprintf(NULL, 0, markingJSONFormat, v) + 1;
|
1719
|
+
char *markingJSON = bson_malloc(bufsize);
|
1720
|
+
sprintf(markingJSON, markingJSONFormat, v);
|
1721
|
+
bson_t *marking_bson = TMP_BSON(markingJSON);
|
1722
|
+
|
1723
|
+
_mongocrypt_ciphertext_t ciphertext;
|
1724
|
+
_mongocrypt_ciphertext_init(&ciphertext);
|
1725
|
+
mongocrypt_t *crypt = _mongocrypt_tester_mongocrypt(TESTER_MONGOCRYPT_DEFAULT);
|
1726
|
+
|
1727
|
+
get_ciphertext_from_marking_json_with_bufs(crypt, marking_bson, &ciphertext, cmd, key_file, ki, ku);
|
1728
|
+
|
1729
|
+
// Get res.v, and make sure its size steps when we expect.
|
1730
|
+
bson_t ciphertext_bson;
|
1731
|
+
ASSERT(_mongocrypt_buffer_to_bson(&ciphertext.data, &ciphertext_bson));
|
1732
|
+
iupv2_fields_common res = validate_iupv2_common(&ciphertext_bson);
|
1733
|
+
if (str_len != 0) {
|
1734
|
+
// We expect a step in ciphertext len iff str_len + 5 goes from 16k-1 to 16k. 5 is the number of overhead
|
1735
|
+
// bytes from the BSON header + null byte.
|
1736
|
+
if ((str_len + 5) % 16 == 0) {
|
1737
|
+
ASSERT_CMPSIZE_T(res.v.len, ==, last_len + 16);
|
1738
|
+
} else {
|
1739
|
+
ASSERT_CMPSIZE_T(res.v.len, ==, last_len);
|
1740
|
+
}
|
1741
|
+
}
|
1742
|
+
last_len = res.v.len;
|
1743
|
+
|
1744
|
+
bson_destroy(&ciphertext_bson);
|
1745
|
+
bson_free(markingJSON);
|
1746
|
+
bson_free(v);
|
1747
|
+
mongocrypt_destroy(crypt);
|
1748
|
+
_mongocrypt_ciphertext_cleanup(&ciphertext);
|
1749
|
+
// Clean up marking_bson and decrement the tester bson_count so we can reuse the space.
|
1750
|
+
bson_destroy(marking_bson);
|
1751
|
+
tester->bson_count--;
|
1752
|
+
}
|
1753
|
+
}
|
1754
|
+
|
1119
1755
|
void _mongocrypt_tester_install_marking(_mongocrypt_tester_t *tester) {
|
1120
1756
|
INSTALL_TEST(test_mongocrypt_marking_parse);
|
1121
1757
|
INSTALL_TEST(test_mc_get_mincover_from_FLE2RangeFindSpec);
|
1122
|
-
INSTALL_TEST(
|
1758
|
+
INSTALL_TEST(test_mc_marking_to_ciphertext_fle2_range);
|
1759
|
+
INSTALL_TEST(test_mc_marking_to_ciphertext_fle2_text_search);
|
1760
|
+
INSTALL_TEST(test_ciphertext_len_steps_fle2_text_search);
|
1123
1761
|
}
|