libmongocrypt-helper 1.12.0.0.1001 → 1.13.2.0.1001

data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c

@@ -23,43 +23,9 @@
 #include "mc-reader-private.h"
 #include "mc-tokens-private.h"
 #include "mc-writer-private.h"
+#include <mongocrypt-util-private.h>
 #include <stdint.h>
 
-typedef enum {
-    kTypeInit,
-    kTypeEquality,
-    kTypeRange,
-} _mc_fle2_iev_v2_type;
-
-struct _mc_FLE2IndexedEncryptedValueV2_t {
-    // Raw payload values
-    uint8_t fle_blob_subtype;
-    uint8_t bson_value_type;
-    uint8_t edge_count;
-    _mongocrypt_buffer_t S_KeyId;
-    _mongocrypt_buffer_t ServerEncryptedValue;
-
-    // Decode State
-    _mc_fle2_iev_v2_type type;
-    bool ClientEncryptedValueDecoded;
-    bool ClientValueDecoded;
-
-    // Populated during _add_S_Key
-    // DecryptedServerEncryptedValue := DecryptCTR(S_Key, ServerEncryptedValue)
-    _mongocrypt_buffer_t DecryptedServerEncryptedValue;
-
-    // Views on DecryptedServerEncryptedValue (DSEV)
-    _mongocrypt_buffer_t K_KeyId;              // First 16 octets, UUID
-    _mongocrypt_buffer_t ClientEncryptedValue; // Remainder of DSEV
-
-    // Populated during _add_K_Key
-    // ClientValue := DecryptCBCAEAD(K_Key, ClientEncryptedValue, AD=K_KeyId)
-    _mongocrypt_buffer_t ClientValue;
-
-    mc_FLE2TagAndEncryptedMetadataBlock_t *metadata;
-};
-
-#define kMetadataLen 96U                // encCount(32) + tag(32) + encZeros(32)
 #define kMinServerEncryptedValueLen 17U // IV(16) + EncryptCTR(1byte)
 #define kMinSEVAndMetadataLen (kMinServerEncryptedValueLen + kMetadataLen)
 
@@ -76,7 +42,7 @@ bson_type_t mc_FLE2IndexedEncryptedValueV2_get_bson_value_type(const mc_FLE2Inde
                                                                mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(iev);
 
-    if (iev->type == kTypeInit) {
+    if (iev->type == kFLE2IEVTypeInitV2) {
         CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_bson_value_type "
                    "must be called after "
                    "mc_FLE2IndexedEncryptedValueV2_parse");
@@ -90,7 +56,7 @@ const _mongocrypt_buffer_t *mc_FLE2IndexedEncryptedValueV2_get_S_KeyId(const mc_
                                                                        mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(iev);
 
-    if (iev->type == kTypeInit) {
+    if (iev->type == kFLE2IEVTypeInitV2) {
         CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_S_KeyId "
                    "must be called after "
                    "mc_FLE2IndexedEncryptedValueV2_parse");
@@ -109,7 +75,7 @@ bool mc_FLE2IndexedEncryptedValueV2_add_S_Key(_mongocrypt_crypto_t *crypto,
     BSON_ASSERT_PARAM(S_Key);
     BSON_ASSERT_PARAM(status);
 
-    if (iev->type == kTypeInit) {
+    if (iev->type == kFLE2IEVTypeInitV2) {
         CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_add_S_Key must "
                    "be called after "
                    "mc_FLE2IndexedEncryptedValueV2_parse");
@@ -301,7 +267,7 @@ void mc_FLE2IndexedEncryptedValueV2_destroy(mc_FLE2IndexedEncryptedValueV2_t *ie
     _mongocrypt_buffer_cleanup(&iev->ServerEncryptedValue);
     _mongocrypt_buffer_cleanup(&iev->S_KeyId);
 
-    for (int i = 0; i < iev->edge_count; i++) {
+    for (uint32_t i = 0; i < iev->edge_count; i++) {
         mc_FLE2TagAndEncryptedMetadataBlock_cleanup(&iev->metadata[i]);
     }
 
@@ -311,46 +277,113 @@ void mc_FLE2IndexedEncryptedValueV2_destroy(mc_FLE2IndexedEncryptedValueV2_t *ie
     bson_free(iev);
 }
 
-uint8_t mc_FLE2IndexedEncryptedValueV2_get_edge_count(const mc_FLE2IndexedEncryptedValueV2_t *iev,
-                                                      mongocrypt_status_t *status) {
+uint32_t mc_FLE2IndexedEncryptedValueV2_get_edge_count(const mc_FLE2IndexedEncryptedValueV2_t *iev,
+                                                       mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(iev);
 
-    if (iev->type == kTypeInit) {
+    if (iev->type == kFLE2IEVTypeInitV2) {
         CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_edge_count "
                    "must be called after "
                    "mc_FLE2IndexedEncryptedValueV2_parse");
         return 0;
     }
 
-    if (iev->type != kTypeRange) {
-        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_edge_count must be called with type range");
+    if (!(iev->type == kFLE2IEVTypeRangeV2 || iev->type == kFLE2IEVTypeText)) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_edge_count must be called with type range or text");
         return 0;
     }
 
     return iev->edge_count;
 }
 
+bool mc_FLE2IndexedEncryptedValueV2_get_substr_tag_count(const mc_FLE2IndexedEncryptedValueV2_t *iev,
+                                                         uint32_t *count,
+                                                         mongocrypt_status_t *status) {
+    BSON_ASSERT_PARAM(iev);
+    BSON_ASSERT_PARAM(count);
+
+    if (iev->type == kFLE2IEVTypeInitV2) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_substr_tag_count "
+                   "must be called after "
+                   "mc_FLE2IndexedEncryptedValueV2_parse");
+        return false;
+    }
+
+    if (iev->type != kFLE2IEVTypeText) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_substr_tag_count must be called with type text");
+        return false;
+    }
+
+    *count = iev->substr_tag_count;
+    return true;
+}
+
+bool mc_FLE2IndexedEncryptedValueV2_get_suffix_tag_count(const mc_FLE2IndexedEncryptedValueV2_t *iev,
+                                                         uint32_t *count,
+                                                         mongocrypt_status_t *status) {
+    BSON_ASSERT_PARAM(iev);
+    BSON_ASSERT_PARAM(count);
+
+    if (iev->type == kFLE2IEVTypeInitV2) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_suffix_tag_count "
+                   "must be called after "
+                   "mc_FLE2IndexedEncryptedValueV2_parse");
+        return false;
+    }
+
+    if (iev->type != kFLE2IEVTypeText) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_suffix_tag_count must be called with type text");
+        return false;
+    }
+
+    *count = iev->suffix_tag_count;
+    return true;
+}
+
+bool mc_FLE2IndexedEncryptedValueV2_get_prefix_tag_count(const mc_FLE2IndexedEncryptedValueV2_t *iev,
+                                                         uint32_t *count,
+                                                         mongocrypt_status_t *status) {
+    BSON_ASSERT_PARAM(iev);
+    BSON_ASSERT_PARAM(count);
+
+    if (iev->type == kFLE2IEVTypeInitV2) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_prefix_tag_count "
+                   "must be called after "
+                   "mc_FLE2IndexedEncryptedValueV2_parse");
+        return false;
+    }
+
+    if (iev->type != kFLE2IEVTypeText) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_prefix_tag_count must be called with type text");
+        return false;
+    }
+
+    *count = (uint32_t)(iev->edge_count - iev->substr_tag_count - iev->suffix_tag_count - 1);
+    return true;
+}
+
 bool mc_FLE2IndexedEncryptedValueV2_get_edge(const mc_FLE2IndexedEncryptedValueV2_t *iev,
                                              mc_FLE2TagAndEncryptedMetadataBlock_t *out,
-                                             const uint8_t edge_index,
+                                             const uint32_t edge_index,
                                              mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(iev);
     BSON_ASSERT_PARAM(out);
 
-    if (iev->type == kTypeInit) {
+    if (iev->type == kFLE2IEVTypeInitV2) {
         CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_edge "
                    "must be called after "
                    "mc_FLE2IndexedEncryptedValueV2_parse");
         return false;
     }
 
-    if (iev->type != kTypeRange) {
+    if (iev->type != kFLE2IEVTypeRangeV2 && iev->type != kFLE2IEVTypeText) {
         CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_edge must be called with type range");
         return false;
     }
 
     if (edge_index >= iev->edge_count) {
-        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_edge must be called with index edge_index less than edge count");
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_edge must be called with index edge_index less "
+                   "than edge count");
         return false;
     }
 
@@ -365,14 +398,14 @@ bool mc_FLE2IndexedEncryptedValueV2_get_metadata(const mc_FLE2IndexedEncryptedVa
     BSON_ASSERT_PARAM(iev);
     BSON_ASSERT_PARAM(out);
 
-    if (iev->type == kTypeInit) {
+    if (iev->type == kFLE2IEVTypeInitV2) {
         CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_metadata "
                    "must be called after "
                    "mc_FLE2IndexedEncryptedValueV2_parse");
         return false;
     }
 
-    if (iev->type != kTypeEquality) {
+    if (iev->type != kFLE2IEVTypeEqualityV2) {
         CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_metadata must be called with type equality");
         return false;
     }
@@ -382,6 +415,112 @@ bool mc_FLE2IndexedEncryptedValueV2_get_metadata(const mc_FLE2IndexedEncryptedVa
     return true;
 }
 
+bool mc_FLE2IndexedEncryptedValueV2_get_exact_metadata(const mc_FLE2IndexedEncryptedValueV2_t *iev,
+                                                       mc_FLE2TagAndEncryptedMetadataBlock_t *out,
+                                                       mongocrypt_status_t *status) {
+    BSON_ASSERT_PARAM(iev);
+    BSON_ASSERT_PARAM(out);
+
+    if (iev->type == kFLE2IEVTypeInitV2) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_exact_metadata "
+                   "must be called after "
+                   "mc_FLE2IndexedEncryptedValueV2_parse");
+        return false;
+    }
+
+    if (iev->type != kFLE2IEVTypeText) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_exact_metadata must be called with type text");
+        return false;
+    }
+
+    // Write edge into out struct
+    *out = iev->metadata[0];
+    return true;
+}
+
+bool mc_FLE2IndexedEncryptedValueV2_get_substr_metadata(const mc_FLE2IndexedEncryptedValueV2_t *iev,
+                                                        mc_FLE2TagAndEncryptedMetadataBlock_t *out,
+                                                        const uint32_t block_index,
+                                                        mongocrypt_status_t *status) {
+    BSON_ASSERT_PARAM(iev);
+    BSON_ASSERT_PARAM(out);
+
+    if (iev->type == kFLE2IEVTypeInitV2) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_substr_metadata "
+                   "must be called after "
+                   "mc_FLE2IndexedEncryptedValueV2_parse");
+        return false;
+    }
+
+    if (iev->type != kFLE2IEVTypeText) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_substr_metadata must be called with type text");
+        return false;
+    }
+
+    if (block_index >= iev->substr_tag_count) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_substr_metadata must be called with index block_index less "
+                   "than substr tag count");
+        return false;
+    }
+
+    // Write edge into out struct
+    *out = iev->metadata[block_index + 1 /* exact block */];
+    return true;
+}
+
+bool mc_FLE2IndexedEncryptedValueV2_get_suffix_metadata(const mc_FLE2IndexedEncryptedValueV2_t *iev,
+                                                        mc_FLE2TagAndEncryptedMetadataBlock_t *out,
+                                                        const uint32_t block_index,
+                                                        mongocrypt_status_t *status) {
+    BSON_ASSERT_PARAM(iev);
+    BSON_ASSERT_PARAM(out);
+
+    if (iev->type == kFLE2IEVTypeInitV2) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_suffix_metadata "
+                   "must be called after "
+                   "mc_FLE2IndexedEncryptedValueV2_parse");
+        return false;
+    }
+
+    if (iev->type != kFLE2IEVTypeText) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_suffix_metadata must be called with type text");
+        return false;
+    }
+
+    if (block_index >= iev->suffix_tag_count) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_suffix_metadata must be called with index block_index less "
+                   "than suffix tag count");
+        return false;
+    }
+
+    // Write edge into out struct
+    *out = iev->metadata[block_index + iev->substr_tag_count + 1 /* exact block */];
+    return true;
+}
+
+bool mc_FLE2IndexedEncryptedValueV2_get_prefix_metadata(const mc_FLE2IndexedEncryptedValueV2_t *iev,
+                                                        mc_FLE2TagAndEncryptedMetadataBlock_t *out,
+                                                        const uint32_t block_index,
+                                                        mongocrypt_status_t *status) {
+    BSON_ASSERT_PARAM(iev);
+    BSON_ASSERT_PARAM(out);
+
+    // We can skip the check for text type because get_prefix_tag_count does it for us.
+    uint32_t prefix_tag_count;
+    if (!mc_FLE2IndexedEncryptedValueV2_get_prefix_tag_count(iev, &prefix_tag_count, status)) {
+        return false;
+    }
+    if (block_index >= prefix_tag_count) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_get_prefix_metadata must be called with index block_index less "
+                   "than prefix tag count");
+        return false;
+    }
+
+    // Write edge into out struct
+    *out = iev->metadata[block_index + iev->suffix_tag_count + iev->substr_tag_count + 1 /* exact block */];
+    return true;
+}
+
 bool mc_FLE2IndexedEncryptedValueV2_parse(mc_FLE2IndexedEncryptedValueV2_t *iev,
                                           const _mongocrypt_buffer_t *buf,
                                           mongocrypt_status_t *status) {
@@ -393,7 +532,7 @@ bool mc_FLE2IndexedEncryptedValueV2_parse(mc_FLE2IndexedEncryptedValueV2_t *iev,
         return false;
     }
 
-    if (iev->type != kTypeInit) {
+    if (iev->type != kFLE2IEVTypeInitV2) {
         CLIENT_ERR("mc_FLE2IndexedRangeEncryptedValueV2_parse must not be "
                    "called twice");
         return false;
@@ -405,12 +544,14 @@ bool mc_FLE2IndexedEncryptedValueV2_parse(mc_FLE2IndexedEncryptedValueV2_t *iev,
     CHECK_AND_RETURN(mc_reader_read_u8(&reader, &iev->fle_blob_subtype, status));
 
     if (iev->fle_blob_subtype == MC_SUBTYPE_FLE2IndexedEqualityEncryptedValueV2) {
-        iev->type = kTypeEquality;
+        iev->type = kFLE2IEVTypeEqualityV2;
     } else if (iev->fle_blob_subtype == MC_SUBTYPE_FLE2IndexedRangeEncryptedValueV2) {
-        iev->type = kTypeRange;
+        iev->type = kFLE2IEVTypeRangeV2;
+    } else if (iev->fle_blob_subtype == MC_SUBTYPE_FLE2IndexedTextEncryptedValue) {
+        iev->type = kFLE2IEVTypeText;
     } else {
         CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_parse expected "
-                   "fle_blob_subtype MC_SUBTYPE_FLE2Indexed(Equality|Range)EncryptedValueV2 got: %" PRIu8,
+                   "fle_blob_subtype MC_SUBTYPE_FLE2Indexed(Equality|Range|Text)EncryptedValue[V2] got: %" PRIu8,
                    iev->fle_blob_subtype);
         return false;
     }
@@ -421,16 +562,42 @@ bool mc_FLE2IndexedEncryptedValueV2_parse(mc_FLE2IndexedEncryptedValueV2_t *iev,
     /* Read original_bson_type. */
     CHECK_AND_RETURN(mc_reader_read_u8(&reader, &iev->bson_value_type, status));
 
-    /* Read edge_count */
+    /* Read edge_count, substr_tag_count, suffix_tag_count */
     // Set equality edge_count to 1 as it doesn't technically exist but
     // there will be a singular metadata block
-    if (iev->type == kTypeEquality) {
+    // Set substr/suffix_tag_count to 0 for all types besides text
+    iev->substr_tag_count = 0;
+    iev->suffix_tag_count = 0;
+    if (iev->type == kFLE2IEVTypeEqualityV2) {
         iev->edge_count = 1;
     } else {
-        CHECK_AND_RETURN(mc_reader_read_u8(&reader, &iev->edge_count, status));
-    }
-
-    // Maximum edge_count(255) times kMetadataLen(96) fits easily without
+        if (iev->type == kFLE2IEVTypeRangeV2) {
+            uint8_t ec;
+            CHECK_AND_RETURN(mc_reader_read_u8(&reader, &ec, status));
+            if (ec == 0) {
+                CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_parse edge count must not be 0 for type "
+                           "range, but found edge count is 0.");
+                return false;
+            }
+            iev->edge_count = (uint32_t)ec;
+        } else if (iev->type == kFLE2IEVTypeText) {
+            CHECK_AND_RETURN(mc_reader_read_u32(&reader, &iev->edge_count, status));
+            CHECK_AND_RETURN(mc_reader_read_u32(&reader, &iev->substr_tag_count, status));
+            CHECK_AND_RETURN(mc_reader_read_u32(&reader, &iev->suffix_tag_count, status));
+            // Upconvert so that addition doesn't overflow
+            if ((uint64_t)iev->edge_count < (uint64_t)iev->substr_tag_count + (uint64_t)iev->suffix_tag_count + 1) {
+                CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_parse for text type expected edge count to be "
+                           "at least substr_tag_count + suffix_count + 1, but: %" PRIu32 " < %" PRIu32 " + %" PRIu32
+                           " + 1",
+                           iev->edge_count,
+                           iev->substr_tag_count,
+                           iev->suffix_tag_count);
+                return false;
+            }
+        }
+    }
+
+    // Maximum edge_count(4294967295) times kMetadataLen(96) fits easily without
     // overflow.
     const uint64_t metadata_len = iev->edge_count * kMetadataLen;
 
@@ -449,8 +616,8 @@ bool mc_FLE2IndexedEncryptedValueV2_parse(mc_FLE2IndexedEncryptedValueV2_t *iev,
     iev->metadata = (mc_FLE2TagAndEncryptedMetadataBlock_t *)bson_malloc0(
         iev->edge_count * sizeof(mc_FLE2TagAndEncryptedMetadataBlock_t));
 
-    // Read each metadata element
-    for (uint8_t i = 0; i < iev->edge_count; i++) {
+    // Read each metadata element in buff
+    for (uint32_t i = 0; i < iev->edge_count; i++) {
         _mongocrypt_buffer_t tmp_buf;
 
         CHECK_AND_RETURN(mc_reader_read_buffer(&reader, &tmp_buf, kMetadataLen, status));
@@ -462,18 +629,32 @@ bool mc_FLE2IndexedEncryptedValueV2_parse(mc_FLE2IndexedEncryptedValueV2_t *iev,
     return true;
 }
 
+static inline uint32_t mc_FLE2IndexedEncryptedValueV2_serialized_length(const mc_FLE2IndexedEncryptedValueV2_t *iev) {
+    // fle_blob_subtype: 1 byte
+    // S_KeyId: UUID_LEN bytes
+    // bson_value_type: 1 byte
+    // if range: edge_count: 1 byte
+    // if text: edge + tag counts: 12 bytes
+    // ServerEncryptedValue: ServerEncryptedValue.len bytes
+    // metadata: edge_count * kMetadataLen bytes
+    return iev->ServerEncryptedValue.len + 1 + UUID_LEN + 1 + (iev->type == kFLE2IEVTypeRangeV2 ? 1 : 0)
+         + (iev->type == kFLE2IEVTypeText ? 12 : 0) + iev->edge_count * kMetadataLen;
+}
+
 bool mc_FLE2IndexedEncryptedValueV2_serialize(const mc_FLE2IndexedEncryptedValueV2_t *iev,
                                               _mongocrypt_buffer_t *buf,
                                               mongocrypt_status_t *status) {
     BSON_ASSERT_PARAM(iev);
     BSON_ASSERT_PARAM(buf);
 
-    if (iev->type != kTypeRange && iev->type != kTypeEquality) {
-        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_serialize must be called with type equality or range");
+    if (iev->type != kFLE2IEVTypeRangeV2 && iev->type != kFLE2IEVTypeEqualityV2 && iev->type != kFLE2IEVTypeText) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_serialize must be called with type equality, range, or text");
         return false;
     }
 
+    uint32_t expected_len = mc_FLE2IndexedEncryptedValueV2_serialized_length(iev);
     mc_writer_t writer;
+    _mongocrypt_buffer_resize(buf, expected_len);
     mc_writer_init_from_buffer(&writer, buf, __FUNCTION__);
 
     // Serialize fle_blob_subtype
@@ -485,9 +666,14 @@ bool mc_FLE2IndexedEncryptedValueV2_serialize(const mc_FLE2IndexedEncryptedValue
     // Serialize bson_value_type
     CHECK_AND_RETURN(mc_writer_write_u8(&writer, iev->bson_value_type, status));
 
-    // Serialize edge_count (only serialized for type range)
-    if (iev->type == kTypeRange) {
-        CHECK_AND_RETURN(mc_writer_write_u8(&writer, iev->edge_count, status));
+    if (iev->type == kFLE2IEVTypeRangeV2) {
+        // Serialize edge_count (only serialized for types range and text)
+        CHECK_AND_RETURN(mc_writer_write_u8(&writer, (uint8_t)iev->edge_count, status));
+    } else if (iev->type == kFLE2IEVTypeText) {
+        // Serialize substr/suffix_tag_count (only serialized for text)
+        CHECK_AND_RETURN(mc_writer_write_u32(&writer, iev->edge_count, status));
+        CHECK_AND_RETURN(mc_writer_write_u32(&writer, iev->substr_tag_count, status));
+        CHECK_AND_RETURN(mc_writer_write_u32(&writer, iev->suffix_tag_count, status));
     }
 
     // Serialize encrypted value
@@ -495,9 +681,9 @@ bool mc_FLE2IndexedEncryptedValueV2_serialize(const mc_FLE2IndexedEncryptedValue
         mc_writer_write_buffer(&writer, &iev->ServerEncryptedValue, iev->ServerEncryptedValue.len, status));
 
     // Serialize metadata
-    for (int i = 0; i < iev->edge_count; ++i) {
+    for (uint32_t i = 0; i < iev->edge_count; ++i) {
         _mongocrypt_buffer_t tmp_buf;
-        _mongocrypt_buffer_init_size(&tmp_buf, kMetadataLen);
+        _mongocrypt_buffer_init(&tmp_buf);
 
         CHECK_AND_RETURN(mc_FLE2TagAndEncryptedMetadataBlock_serialize(&iev->metadata[i], &tmp_buf, status));
         CHECK_AND_RETURN(mc_writer_write_buffer(&writer, &tmp_buf, kMetadataLen, status));
@@ -506,4 +692,129 @@ bool mc_FLE2IndexedEncryptedValueV2_serialize(const mc_FLE2IndexedEncryptedValue
     }
 
     return true;
-}
+}
+
+static bool is_fle2_equality_indexed_supported_type(int bson_type) {
+    switch (bson_type) {
+    case BSON_TYPE_BINARY:
+    case BSON_TYPE_CODE:
+    case BSON_TYPE_REGEX:
+    case BSON_TYPE_UTF8:
+
+    case BSON_TYPE_INT32:
+    case BSON_TYPE_INT64:
+    case BSON_TYPE_BOOL:
+    case BSON_TYPE_TIMESTAMP:
+    case BSON_TYPE_DATE_TIME:
+    case BSON_TYPE_OID:
+
+    case BSON_TYPE_SYMBOL:
+    case BSON_TYPE_DBPOINTER: return true;
+    default: // All other defined types are non-deterministic or singletons.
+        return false;
+    }
+}
+
+static bool is_fle2_range_indexed_supported_type(int bson_type) {
+    switch (bson_type) {
+    case BSON_TYPE_INT32:
+    case BSON_TYPE_INT64:
+    case BSON_TYPE_DATE_TIME:
+    case BSON_TYPE_DOUBLE:
+#if MONGOCRYPT_HAVE_DECIMAL128_SUPPORT
+    case BSON_TYPE_DECIMAL128:
+#endif
+        return true;
+    default: return false;
+    }
+}
+
+static bool is_fle2_text_indexed_supported_type(int bson_type) {
+    return bson_type == BSON_TYPE_UTF8;
+}
+
+#define CHECK(condition, msg)                                                                                          \
+    do {                                                                                                               \
+        if (!(condition)) {                                                                                            \
+            CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_validate failed: " msg);                                        \
+            return false;                                                                                              \
+        }                                                                                                              \
+    } while (0)
+
+static bool validate_for_equality(const mc_FLE2IndexedEncryptedValueV2_t *iev, mongocrypt_status_t *status) {
+    CHECK(iev->fle_blob_subtype == MC_SUBTYPE_FLE2IndexedEqualityEncryptedValueV2,
+          "fle_blob_subtype does not match type");
+    CHECK(is_fle2_equality_indexed_supported_type(iev->bson_value_type), "bson_value_type is invalid");
+    CHECK(iev->edge_count == 1, "edge_count must be 1 for equality");
+    return true;
+}
+
+static bool validate_for_range(const mc_FLE2IndexedEncryptedValueV2_t *iev, mongocrypt_status_t *status) {
+    CHECK(iev->fle_blob_subtype == MC_SUBTYPE_FLE2IndexedRangeEncryptedValueV2, "fle_blob_subtype does not match type");
+    CHECK(is_fle2_range_indexed_supported_type(iev->bson_value_type), "bson_value_type is invalid");
+    if (iev->edge_count > (uint32_t)UINT8_MAX) {
+        CLIENT_ERR("mc_FLE2IndexedEncryptedValueV2_validate failed: edge count for range encrypted value "
+                   "must be less than max uint8_t. Got: %" PRIu32,
+                   iev->edge_count);
+    }
+    return true;
+}
+
+static bool validate_for_text(const mc_FLE2IndexedEncryptedValueV2_t *iev, mongocrypt_status_t *status) {
+    CHECK(iev->fle_blob_subtype == MC_SUBTYPE_FLE2IndexedTextEncryptedValue, "fle_blob_subtype does not match type");
+    CHECK(is_fle2_text_indexed_supported_type(iev->bson_value_type), "bson_value_type is invalid");
+    CHECK((uint64_t)iev->edge_count >= (uint64_t)iev->substr_tag_count + (uint64_t)iev->suffix_tag_count + 1,
+          "edge_count is smaller than substr_tag_count + suffix_tag_count + 1");
+    return true;
+}
+
+bool mc_FLE2IndexedEncryptedValueV2_validate(const mc_FLE2IndexedEncryptedValueV2_t *iev, mongocrypt_status_t *status) {
+    BSON_ASSERT_PARAM(iev);
+    CHECK(iev->type == kFLE2IEVTypeEqualityV2 || iev->type == kFLE2IEVTypeRangeV2 || iev->type == kFLE2IEVTypeText,
+          "type was init or unknown");
+
+    if (iev->type == kFLE2IEVTypeEqualityV2) {
+        validate_for_equality(iev, status);
+    } else if (iev->type == kFLE2IEVTypeRangeV2) {
+        validate_for_range(iev, status);
+    } else {
+        validate_for_text(iev, status);
+    }
+
+    if (!mongocrypt_status_ok(status)) {
+        return false;
+    }
+
+    CHECK(iev->ServerEncryptedValue.len >= kMinServerEncryptedValueLen, "SEV.len is less than minimum");
+    CHECK(iev->S_KeyId.len == UUID_LEN, "S_KeyId is not the correct length for a UUID");
+
+    CHECK(!iev->ClientValueDecoded || iev->ClientEncryptedValueDecoded,
+          "Found decrypted client value without encrypted client value");
+    if (iev->ClientEncryptedValueDecoded) {
+        const _mongocrypt_value_encryption_algorithm_t *fle2alg = _mcFLE2Algorithm();
+        const uint32_t DecryptedServerEncryptedValueLen =
+            fle2alg->get_plaintext_len(iev->ServerEncryptedValue.len, status);
+        if (!mongocrypt_status_ok(status)) {
+            return false;
+        }
+        CHECK(iev->DecryptedServerEncryptedValue.len == DecryptedServerEncryptedValueLen, "DSEV.len was unexpected");
+        CHECK(iev->ClientEncryptedValue.len == iev->DecryptedServerEncryptedValue.len - UUID_LEN,
+              "CEV.len was unexpected");
+        CHECK(iev->K_KeyId.len == UUID_LEN, "K_KeyId is not the correct length for a UUID");
+    }
+    if (iev->ClientValueDecoded) {
+        const _mongocrypt_value_encryption_algorithm_t *fle2v2aead = _mcFLE2v2AEADAlgorithm();
+        const uint32_t ClientValueLen = fle2v2aead->get_plaintext_len(iev->ClientEncryptedValue.len, status);
+        if (!mongocrypt_status_ok(status)) {
+            return false;
+        }
+        CHECK(iev->ClientValue.len == ClientValueLen, "ClientValue.len was unexpected");
+    }
+    CHECK(iev->edge_count > 0, "edge_count must be at least 1");
+    for (uint32_t i = 0; i < iev->edge_count; i++) {
+        if (!mc_FLE2TagAndEncryptedMetadataBlock_validate(&iev->metadata[i], status)) {
+            return false;
+        }
+    }
+    return true;
+}

data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block-private.h

@@ -21,7 +21,9 @@
 #include "mc-writer-private.h"
 #include "mongocrypt-private.h"
 
-typedef struct {
+#define kMetadataLen 96U // encCount(32) + tag(32) + encZeros(32)
+
+typedef struct _mc_FLE2TagAndEncryptedMetadataBlock_t {
     _mongocrypt_buffer_t encryptedCount;
     _mongocrypt_buffer_t tag;
     _mongocrypt_buffer_t encryptedZeros;
@@ -41,4 +43,7 @@ bool mc_FLE2TagAndEncryptedMetadataBlock_serialize(const mc_FLE2TagAndEncryptedM
                                                    _mongocrypt_buffer_t *buf,
                                                    mongocrypt_status_t *status);
 
-#endif /* MC_FLE2_TAG_AND_ENCRYPTED_METADATA_BLOCK_H */
+bool mc_FLE2TagAndEncryptedMetadataBlock_validate(const mc_FLE2TagAndEncryptedMetadataBlock_t *metadata,
+                                                  mongocrypt_status_t *status);
+
+#endif /* MC_FLE2_TAG_AND_ENCRYPTED_METADATA_BLOCK_H */

data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c

@@ -68,6 +68,7 @@ bool mc_FLE2TagAndEncryptedMetadataBlock_serialize(const mc_FLE2TagAndEncryptedM
     BSON_ASSERT_PARAM(metadata);
     BSON_ASSERT_PARAM(buf);
 
+    _mongocrypt_buffer_resize(buf, kMetadataLen);
     mc_writer_t writer;
     mc_writer_init_from_buffer(&writer, buf, __FUNCTION__);
 
@@ -79,3 +80,19 @@ bool mc_FLE2TagAndEncryptedMetadataBlock_serialize(const mc_FLE2TagAndEncryptedM
 
     return true;
 }
+
+#define CHECK(condition, msg)                                                                                          \
+    do {                                                                                                               \
+        if (!(condition)) {                                                                                            \
+            CLIENT_ERR("mc_FLE2TagAndEncryptedMetadataBlock_validate failed: " msg);                                   \
+            return false;                                                                                              \
+        }                                                                                                              \
+    } while (0)
+
+bool mc_FLE2TagAndEncryptedMetadataBlock_validate(const mc_FLE2TagAndEncryptedMetadataBlock_t *metadata,
+                                                  mongocrypt_status_t *status) {
+    CHECK(metadata->encryptedCount.len == kFieldLen, "Length of encrypted count was unexpected");
+    CHECK(metadata->tag.len == kFieldLen, "Length of tag was unexpected");
+    CHECK(metadata->encryptedZeros.len == kFieldLen, "Length of encrypted zeros was unexpected");
+    return true;
+}