libmongocrypt-helper 1.13.2.0.1001 → 1.14.0.0.1001

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (250) hide show
  1. checksums.yaml +4 -4
  2. data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +8 -0
  3. data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +5 -1
  4. data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +4 -1
  5. data/ext/libmongocrypt/libmongocrypt/Earthfile +18 -17
  6. data/ext/libmongocrypt/libmongocrypt/README.md +8 -8
  7. data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +7 -0
  8. data/ext/libmongocrypt/libmongocrypt/bindings/python/CONTRIBUTING.md +34 -0
  9. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/state_machine.py +6 -2
  10. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +18 -2
  11. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +9 -1
  12. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/options.py +14 -0
  13. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/state_machine.py +6 -2
  14. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
  15. data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +8 -8
  16. data/ext/libmongocrypt/libmongocrypt/bindings/python/scripts/libmongocrypt-version.txt +1 -0
  17. data/ext/libmongocrypt/libmongocrypt/bindings/python/{release.sh → scripts/release.sh} +9 -3
  18. data/ext/libmongocrypt/libmongocrypt/bindings/python/{synchro.py → scripts/synchro.py} +16 -9
  19. data/ext/libmongocrypt/libmongocrypt/bindings/python/scripts/synchro.sh +8 -0
  20. data/ext/libmongocrypt/libmongocrypt/bindings/python/scripts/update-version.sh +27 -0
  21. data/ext/libmongocrypt/libmongocrypt/bindings/python/scripts/update_binding.py +78 -0
  22. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +15 -0
  23. data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +25 -18
  24. data/ext/libmongocrypt/libmongocrypt/etc/calc_release_version.py +39 -13
  25. data/ext/libmongocrypt/libmongocrypt/etc/calc_release_version_selftest.sh +1 -1
  26. data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +2 -2
  27. data/ext/libmongocrypt/libmongocrypt/kms-message/CMakeLists.txt +1 -1
  28. data/ext/libmongocrypt/libmongocrypt/kms-message/src/hexlify.c +5 -0
  29. data/ext/libmongocrypt/libmongocrypt/kms-message/src/hexlify.h +1 -1
  30. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_azure_request.c +1 -1
  31. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_gcp_request.c +1 -1
  32. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_reader_writer.c +4 -2
  33. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_request.c +1 -2
  34. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +5 -1
  35. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +1 -1
  36. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_opt.c +1 -1
  37. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_str.c +2 -8
  38. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_str.h +9 -0
  39. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_response_parser.c +0 -1
  40. data/ext/libmongocrypt/libmongocrypt/kms-message/src/sort.c +7 -3
  41. data/ext/libmongocrypt/libmongocrypt/kms-message/src/sort.h +2 -0
  42. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +8 -1
  43. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +5 -4
  44. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +1 -1
  45. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +1 -1
  46. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_kmip_request.c +4 -0
  47. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_kmip_response.c +3 -0
  48. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_kmip_response_parser.c +4 -0
  49. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_online_util.c +1 -1
  50. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_online_util.h +1 -1
  51. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +39 -39
  52. data/ext/libmongocrypt/libmongocrypt/src/crypto/libcrypto.c +235 -65
  53. data/ext/libmongocrypt/libmongocrypt/src/crypto/none.c +1 -1
  54. data/ext/libmongocrypt/libmongocrypt/src/csfle-markup.cpp +4 -2
  55. data/ext/libmongocrypt/libmongocrypt/src/mc-dec128.h +2 -2
  56. data/ext/libmongocrypt/libmongocrypt/src/mc-dec128.test.cpp +2 -2
  57. data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +1 -4
  58. data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +9 -11
  59. data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +1 -0
  60. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +10 -8
  61. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +167 -176
  62. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +6 -17
  63. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +6 -17
  64. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private-v2.h +1 -1
  65. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-v2.c +25 -26
  66. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload.c +2 -1
  67. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-text-payload-private.h +122 -0
  68. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-text-payload.c +477 -0
  69. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +1 -3
  70. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +28 -43
  71. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +6 -17
  72. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +6 -5
  73. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev.c +13 -10
  74. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev-common.c +3 -2
  75. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds.c +7 -6
  76. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +4 -3
  77. data/ext/libmongocrypt/libmongocrypt/src/mc-optional-private.h +1 -1
  78. data/ext/libmongocrypt/libmongocrypt/src/mc-parse-utils-private.h +27 -0
  79. data/ext/libmongocrypt/libmongocrypt/src/mc-parse-utils.c +48 -0
  80. data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation-private.h +5 -5
  81. data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +15 -20
  82. data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding-private.h +4 -6
  83. data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +9 -18
  84. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +4 -5
  85. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-private.h +5 -9
  86. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +14 -19
  87. data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +2 -4
  88. data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +109 -119
  89. data/ext/libmongocrypt/libmongocrypt/src/mc-reader-private.h +2 -2
  90. data/ext/libmongocrypt/libmongocrypt/src/mc-reader.c +4 -2
  91. data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +0 -3
  92. data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +4 -14
  93. data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +1 -1
  94. data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +3 -3
  95. data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +8 -1
  96. data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +78 -2
  97. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +34 -16
  98. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +66 -74
  99. data/ext/libmongocrypt/libmongocrypt/src/mc-writer-private.h +1 -1
  100. data/ext/libmongocrypt/libmongocrypt/src/mc-writer.c +4 -2
  101. data/ext/libmongocrypt/libmongocrypt/src/mlib/error.h +1 -1
  102. data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.h +12 -1
  103. data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.test.cpp +5 -0
  104. data/ext/libmongocrypt/libmongocrypt/src/mlib/path.h +5 -5
  105. data/ext/libmongocrypt/libmongocrypt/src/mlib/path.test.c +2 -5
  106. data/ext/libmongocrypt/libmongocrypt/src/mlib/str.h +65 -58
  107. data/ext/libmongocrypt/libmongocrypt/src/mlib/str.test.c +3 -3
  108. data/ext/libmongocrypt/libmongocrypt/src/mlib/thread.h +1 -1
  109. data/ext/libmongocrypt/libmongocrypt/src/mlib/user-check.h +1 -1
  110. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo-private.h +1 -1
  111. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c +4 -0
  112. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext-private.h +1 -1
  113. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto-private.h +4 -4
  114. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto.c +29 -25
  115. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +3 -2
  116. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +6 -3
  117. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +48 -58
  118. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-rewrap-many-datakey.c +12 -0
  119. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +5 -13
  120. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-dll-private.h +19 -2
  121. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +9 -9
  122. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +3 -4
  123. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +285 -89
  124. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -2
  125. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +0 -1
  126. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +1 -1
  127. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +4 -1
  128. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +47 -31
  129. data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +2 -0
  130. data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_mutex.c +1 -1
  131. data/ext/libmongocrypt/libmongocrypt/src/os_win/os_dll.c +3 -1
  132. data/ext/libmongocrypt/libmongocrypt/src/os_win/os_mutex.c +1 -1
  133. data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1 -1
  134. data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +1 -1
  135. data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +1 -1
  136. data/ext/libmongocrypt/libmongocrypt/test/crypt_shared-stub.cpp +0 -14
  137. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +6 -1
  138. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2-RangeV2.json +8 -0
  139. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/encrypted-field-map.json +1 -1
  140. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/encrypted-payload.json +6 -4
  141. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/mongocryptd-reply.json +1 -1
  142. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/encrypted-field-map.json +1 -1
  143. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/encrypted-payload.json +6 -4
  144. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/mongocryptd-reply.json +2 -2
  145. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/encrypted-field-map.json +1 -1
  146. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/encrypted-payload.json +6 -4
  147. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/mongocryptd-reply.json +1 -1
  148. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision-v2/encrypted-payload.json +14 -6
  149. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/encrypted-field-map.json +1 -1
  150. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/encrypted-payload.json +6 -4
  151. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/mongocryptd-reply.json +1 -1
  152. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/encrypted-field-map.json +1 -1
  153. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/encrypted-payload.json +6 -4
  154. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/mongocryptd-reply.json +1 -1
  155. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/encrypted-field-map.json +1 -1
  156. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/encrypted-payload.json +6 -4
  157. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/mongocryptd-reply.json +1 -1
  158. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload-v2.json +1 -1
  159. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload-v2.json +1 -1
  160. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload-v2.json +1 -1
  161. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload-v2.json +1 -1
  162. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/encrypted-field-map.json +1 -1
  163. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/encrypted-payload.json +6 -4
  164. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/mongocryptd-reply.json +1 -1
  165. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/encrypted-field-map.json +1 -1
  166. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/encrypted-payload.json +6 -4
  167. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/mongocryptd-reply.json +1 -1
  168. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/encrypted-field-map.json +1 -1
  169. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/encrypted-payload.json +6 -4
  170. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/mongocryptd-reply.json +1 -1
  171. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision-v2/encrypted-payload.json +14 -6
  172. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/encrypted-field-map.json +1 -1
  173. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/encrypted-payload.json +6 -4
  174. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/mongocryptd-reply.json +1 -1
  175. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/encrypted-field-map.json +1 -1
  176. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/encrypted-payload.json +3 -3
  177. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/mongocryptd-reply.json +1 -1
  178. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/encrypted-field-map.json +1 -1
  179. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/encrypted-payload.json +6 -4
  180. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/mongocryptd-reply.json +1 -1
  181. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload-v2.json +1 -1
  182. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload-v2.json +1 -1
  183. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32/encrypted-payload-v2.json +1 -1
  184. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload-v2.json +1 -1
  185. data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +8 -0
  186. data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +8 -0
  187. data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +5 -5
  188. data/ext/libmongocrypt/libmongocrypt/test/test-dll.cpp +11 -5
  189. data/ext/libmongocrypt/libmongocrypt/test/test-gcp-auth.c +2 -2
  190. data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +9 -11
  191. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +18 -29
  192. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +1 -1
  193. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-range-payload-v2.c +2 -18
  194. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-text-payload.c +320 -0
  195. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +2 -17
  196. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +1 -1
  197. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +8 -5
  198. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -10
  199. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +29 -33
  200. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +12 -20
  201. data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +5 -20
  202. data/ext/libmongocrypt/libmongocrypt/test/test-mc-reader.c +5 -5
  203. data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +147 -18
  204. data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +35 -14
  205. data/ext/libmongocrypt/libmongocrypt/test/test-mc-writer.c +10 -10
  206. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +3 -7
  207. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +36 -24
  208. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +4 -4
  209. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +2 -2
  210. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ciphertext.c +13 -13
  211. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cleanup.c +49 -55
  212. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-compact.c +64 -67
  213. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +18 -18
  214. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-std-hooks.c +4 -0
  215. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +4 -3
  216. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +13 -3
  217. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +31 -13
  218. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +35 -52
  219. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +28 -1
  220. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-setopt.c +50 -91
  221. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +1 -1
  222. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-dll.c +7 -4
  223. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-endpoint.c +1 -1
  224. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +1 -1
  225. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +3 -5
  226. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-ctx.c +2 -2
  227. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-local-kms.c +1 -1
  228. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-log.c +2 -2
  229. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +527 -225
  230. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-status.c +1 -1
  231. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +45 -56
  232. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +12 -3
  233. data/ext/libmongocrypt/libmongocrypt/test/test-named-kms-providers.c +11 -11
  234. data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +6 -2
  235. data/ext/libmongocrypt/libmongocrypt/test/util/HELP.autogen +1 -1
  236. data/ext/libmongocrypt/libmongocrypt/test/util/csfle.c +1 -1
  237. data/ext/libmongocrypt/libmongocrypt/test/util/util.c +5 -5
  238. data/ext/libmongocrypt/libmongocrypt/test/util/util.h +7 -6
  239. data/lib/libmongocrypt_helper/version.rb +2 -2
  240. metadata +17 -13
  241. data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +0 -1
  242. data/ext/libmongocrypt/libmongocrypt/bindings/python/strip_header.py +0 -50
  243. data/ext/libmongocrypt/libmongocrypt/bindings/python/update-sbom.sh +0 -14
  244. data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/encrypted-payload.json +0 -29
  245. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload.json +0 -29
  246. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +0 -8
  247. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +0 -8
  248. /data/ext/libmongocrypt/libmongocrypt/bindings/python/{build-manylinux-wheel.sh → scripts/build-manylinux-wheel.sh} +0 -0
  249. /data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/{FLE2InsertUpdatePayload-with-edges.json → FLE2InsertUpdatePayload-RangeV1.json} +0 -0
  250. /data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/{FLE2InsertUpdatePayload-with-edges-V2.json → FLE2InsertUpdatePayloadV2-RangeV1.json} +0 -0
@@ -0,0 +1,27 @@
1
+ #!/bin/bash
2
+
3
+ set -eu
4
+
5
+ SCRIPT_DIR=$(dirname ${BASH_SOURCE:-$0})
6
+
7
+ if [ -z "${1:-}" ]; then
8
+ echo "Provide the new version of libmongocrypt!"
9
+ exit 1
10
+ fi
11
+
12
+ LIBMONGOCRYPT_VERSION=$1
13
+
14
+ echo $LIBMONGOCRYPT_VERSION > $SCRIPT_DIR/libmongocrypt-version.txt
15
+
16
+ pushd $SCRIPT_DIR/..
17
+ if [ $(command -v podman) ]; then
18
+ DOCKER=podman
19
+ else
20
+ DOCKER=docker
21
+ fi
22
+
23
+ echo "pkg:github/mongodb/libmongocrypt@$LIBMONGOCRYPT_VERSION" > purls.txt
24
+ $DOCKER run --platform="linux/amd64" -it --rm -v $(pwd):$(pwd) artifactory.corp.mongodb.com/release-tools-container-registry-public-local/silkbomb:2.0 update --purls=$(pwd)/purls.txt -o $(pwd)/sbom.json
25
+ rm purls.txt
26
+
27
+ popd
@@ -0,0 +1,78 @@
1
+ # Copyright 2019-present MongoDB, Inc.
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+ """Update pymongocrypt/bindings.py using mongocrypt.h.
16
+ """
17
+
18
+ import re
19
+ from pathlib import Path
20
+
21
+ DROP_RE = re.compile(r"^\s*(#|MONGOCRYPT_EXPORT)")
22
+ HERE = Path(__file__).absolute().parent
23
+
24
+
25
+ # itertools.pairwise backport for Python 3.9 support.
26
+ def pairwise(iterable):
27
+ # pairwise('ABCDEFG') → AB BC CD DE EF FG
28
+
29
+ iterator = iter(iterable)
30
+ a = next(iterator, None)
31
+
32
+ for b in iterator:
33
+ yield a, b
34
+ a = b
35
+
36
+
37
+ def strip_file(content):
38
+ fold = content.replace("\\\n", " ")
39
+ all_lines = [*fold.split("\n"), ""]
40
+ keep_lines = (line for line in all_lines if not DROP_RE.match(line))
41
+ fin = ""
42
+ for line, peek in pairwise(keep_lines):
43
+ if peek == "" and line == "":
44
+ # Drop adjacent empty lines
45
+ continue
46
+ yield line
47
+ fin = peek
48
+ yield fin
49
+
50
+
51
+ def update_bindings():
52
+ header_file = HERE.parent.parent.parent / "src/mongocrypt.h"
53
+ with header_file.open(encoding="utf-8") as fp:
54
+ header_lines = strip_file(fp.read())
55
+
56
+ target = HERE.parent / "pymongocrypt/binding.py"
57
+ source_lines = target.read_text().splitlines()
58
+ new_lines = []
59
+ skip = False
60
+ for line in source_lines:
61
+ if not skip:
62
+ new_lines.append(line)
63
+ if line.strip() == "# Start embedding from update_binding.py":
64
+ skip = True
65
+ new_lines.append("ffi.cdef(")
66
+ new_lines.append('"""')
67
+ new_lines.extend(header_lines)
68
+ if line.strip() == "# End embedding from update_binding.py":
69
+ new_lines.append('"""')
70
+ new_lines.append(")")
71
+ new_lines.append(line)
72
+ skip = False
73
+ with target.open("w") as f:
74
+ f.write("\n".join(new_lines))
75
+
76
+
77
+ if __name__ == "__main__":
78
+ update_bindings()
@@ -143,6 +143,11 @@ class TestMongoCryptOptions(unittest.TestCase):
143
143
  )
144
144
  self.assertEqual(opts.encrypted_fields_map, encrypted_fields_map)
145
145
  self.assertTrue(opts.bypass_query_analysis)
146
+ for expiration in [0, 1, 1000000]:
147
+ opts = MongoCryptOptions(
148
+ valid[0][0], schema_map, key_expiration_ms=expiration
149
+ )
150
+ self.assertEqual(opts.key_expiration_ms, expiration)
146
151
 
147
152
  def test_mongocrypt_options_validation(self):
148
153
  with self.assertRaisesRegex(
@@ -192,6 +197,12 @@ class TestMongoCryptOptions(unittest.TestCase):
192
197
  TypeError, "encrypted_fields_map must be bytes or None"
193
198
  ):
194
199
  MongoCryptOptions(valid_kms, encrypted_fields_map={})
200
+ with self.assertRaisesRegex(TypeError, "key_expiration_ms must be int or None"):
201
+ MongoCryptOptions(valid_kms, key_expiration_ms="123")
202
+ with self.assertRaisesRegex(
203
+ ValueError, "key_expiration_ms must be >=0 or None"
204
+ ):
205
+ MongoCryptOptions(valid_kms, key_expiration_ms=-1)
195
206
 
196
207
 
197
208
  class TestMongoCrypt(unittest.TestCase):
@@ -507,6 +518,8 @@ class TestMongoCryptCallback(unittest.TestCase):
507
518
  os.getenv("TEST_CRYPT_SHARED"), "this test requires TEST_CRYPT_SHARED=1"
508
519
  )
509
520
  def test_crypt_shared(self):
521
+ if sys.platform == "darwin":
522
+ raise unittest.SkipTest("Skipping due to SERVER-101020")
510
523
  kms_providers = {
511
524
  "aws": {"accessKeyId": "example", "secretAccessKey": "example"},
512
525
  "local": {"key": b"\x00" * 96},
@@ -638,6 +651,8 @@ if sys.version_info >= (3, 8, 0): # noqa: UP036
638
651
  os.getenv("TEST_CRYPT_SHARED"), "this test requires TEST_CRYPT_SHARED=1"
639
652
  )
640
653
  async def test_crypt_shared(self):
654
+ if sys.platform == "darwin":
655
+ raise unittest.SkipTest("Skipping due to SERVER-101020")
641
656
  kms_providers = {
642
657
  "aws": {"accessKeyId": "example", "secretAccessKey": "example"},
643
658
  "local": {"key": b"\x00" * 96},
@@ -19,7 +19,7 @@ Go to [Snyk](https://app.snyk.io/) and select the `dev-prod` organization. If ac
19
19
 
20
20
  ##### Update Snyk
21
21
 
22
- Update the Snyk reference target tracking the to-be-released branch. For a patch release (e.g. x.y.z), check-out the `rx.y` branch and update the `rx.y` reference target. For a minor release (e.g. x.y.0), check out the `master` branch update the `master` reference target.
22
+ Update the Snyk reference target tracking the to-be-released branch. For a patch release (e.g. x.y.z), check-out the `rx.y` branch and update the `rx.y` reference target. For a non-patch release (e.g. x.y.0), check out the `master` branch and update the `master` reference target.
23
23
 
24
24
  Run `cmake` to ensure generated source files are present:
25
25
  ```bash
@@ -61,14 +61,14 @@ Check the contents of the "vulnerabilities" field (if present) in the Augmented
61
61
 
62
62
  Do the following when releasing:
63
63
  - If this is a feature release (e.g. `x.y.0` or `x.0.0`), follow these steps: [Creating SSDLC static analysis reports](https://docs.google.com/document/d/1rkFL8ymbkc0k8Apky9w5pTPbvKRm68wj17mPJt2_0yo/edit).
64
- - Check out the release branch. For a release `x.y.z`, the release branch is `rx.y`. If this is a new minor release (`x.y.0`), create the release branch.
64
+ - Check out the release branch. For a release `x.y.z`, the release branch is `rx.y`. If this is a new non-patch release (`x.y.0`), create the release branch.
65
65
  - Update CHANGELOG.md with the version being released.
66
66
  - Ensure `etc/purls.txt` is up-to-date.
67
67
  - Update `etc/third_party_vulnerabilities.md` with any updates to new or known vulnerabilities for third party dependencies that must be reported.
68
- - If this is a new minor release (e.g. `x.y.0`):
68
+ - If this is a new non-patch release (e.g. `x.y.0`):
69
69
  - Update the Linux distribution package installation instructions in [README.md](../README.md) to refer to the new version `x.y`.
70
70
  - Update the [libmongocrypt-release](https://spruce.mongodb.com/project/libmongocrypt-release/settings/general) Evergreen project (requires auth) to set `Branch Name` to `rx.y`.
71
- - Commit the changes on the `rx.y` branch with a message like "Update CHANGELOG.md for x.y.z".
71
+ - Commit the changes on the `rx.y` branch with a message like "Release x.y.z".
72
72
  - Tag the commit with `git tag -a <tag>`.
73
73
  - Push both the branch ref and tag ref in the same command: `git push origin master 1.8.0-alpha0` or `git push origin r1.8 1.8.4`
74
74
  - Pushing the branch ref and the tag ref in the same command eliminates the possibility of a race condition in Evergreen (for building resources based on the presence of a release tag)
@@ -77,20 +77,20 @@ Do the following when releasing:
77
77
  - `upload-all`
78
78
  - `windows-upload-release`
79
79
  - All `publish-packages` tasks.
80
- - If the `publish-packages` tasks fail with an error like `[curator] 2024/01/02 13:56:17 [p=emergency]: problem submitting repobuilder job: 404 (Not Found)`, this suggests the published path does not yet exist. Barque (the Linux package publishing service) has protection to avoid unintentional publishes. File a DEVPROD ticket ([example](https://jira.mongodb.org/browse/DEVPROD-4053)) and assign to the team called Release Infrastructure to request the path be created. Then re-run the failing `publish-packages` task. Ask in the slack channel `#devprod-release-tools` for further help with `Barque` or `curator`.
80
+ - If the `publish-packages` tasks fail with an error like `[curator] 2024/01/02 13:56:17 [p=emergency]: problem submitting repobuilder job: 404 (Not Found)`, this suggests the published path does not yet exist. Barque (the Linux package publishing service) has protection to avoid unintentional publishes. File a DEVPROD ticket ([example](https://jira.mongodb.org/browse/DEVPROD-15320)) and assign to the team called Release Infrastructure to request the path be created. Then re-run the failing `publish-packages` task. Ask in the slack channel `#ask-devprod-release-tools` for further help with `Barque` or `curator`.
81
81
  - Create the release from the GitHub releases page from the new tag.
82
- - Attach the tarball and signature file from the Files tab of the `windows-upload-release` task. [Example](https://github.com/mongodb/libmongocrypt/releases/tag/1.10.0).
82
+ - Attach the tarball and signature file from the Files tab of the `windows-upload-release` task. [Example](https://github.com/mongodb/libmongocrypt/releases/tag/1.13.0).
83
83
  - Attach the Augmented SBOM file to the release as `cyclonedx.augmented.sbom.json`.
84
84
  Download the Augmented SBOM from a recent execution of the `sbom` task in an Evergreen patch or commit build.
85
85
  - Attach `etc/third_party_vulnerabilities.md` to the release.
86
86
  - Attach `etc/ssdlc_compliance_report.md` to the release.
87
-
88
- - If this is a new minor release (e.g. `x.y.0`):
89
- - File a DOCSP ticket to update the installation instructions on [Install libmongocrypt](https://www.mongodb.com/docs/manual/core/csfle/reference/libmongocrypt/). ([Example](https://jira.mongodb.org/browse/DOCSP-36863))
90
- - Generate a new unique SBOM serial number for the next release:
91
- ```bash
92
- ./.evergreen/earthly.sh +sbom-generate-new-serial-number
93
- ```
87
+ - Check out the release branch (`rx.y`). Generate a new unique SBOM serial number for the next upcoming patch release (e.g. for `1.13.1` following the release of `1.13.0`):
88
+ ```bash
89
+ ./.evergreen/earthly.sh +sbom-generate-new-serial-number
90
+ ```
91
+ Commit resulting `etc/cyclonedx.sbom.json` and push to `rx.y`.
92
+ - If this is a new non-patch release (e.g. `x.y.0`):
93
+ - File a DOCSP ticket to update the installation instructions on [Install libmongocrypt](https://www.mongodb.com/docs/manual/core/csfle/reference/libmongocrypt/). ([Example](https://jira.mongodb.org/browse/DOCSP-47954))
94
94
  - Create a new Snyk reference target. The following instructions use the example branch `rx.y`:
95
95
 
96
96
  Run `cmake` to ensure generated source files are present:
@@ -118,20 +118,27 @@ Do the following when releasing:
118
118
  - Navigate to the [Webhook Settings](https://github.com/mongodb/libmongocrypt/settings/hooks).
119
119
  - Click `Edit` on the hook for `https://githook.mongodb.com/`.
120
120
  - Add the new release branch to the `Payload URL`. Remove unmaintained release branches.
121
- - Make a PR to apply the "Update CHANGELOG.md for x.y.z" commit to the `master` branch.
121
+ - Make a PR to to the `master` branch:
122
+ - Apply changes from the "Release x.y.z" commit.
123
+ - If this was a non-patch release (e.g. `x.y.0`), generate a new unique SBOM serial number for the next upcoming non-patch release (e.g. for `1.14.0` following the release of `1.13.0`):
124
+ ```bash
125
+ ./.evergreen/earthly.sh +sbom-generate-new-serial-number
126
+ ```
127
+ Commit resulting `etc/cyclonedx.sbom.json`.
122
128
  - Update the release on the [Jira releases page](https://jira.mongodb.org/projects/MONGOCRYPT/versions).
123
129
  - Record the release on [C/C++ Release Info](https://docs.google.com/spreadsheets/d/1yHfGmDnbA5-Qt8FX4tKWC5xk9AhzYZx1SKF4AD36ecY/edit?usp=sharing). This is done to meet SSDLC reporting requirements.
124
130
  - Add a link to the Evergreen waterfall for the tagged commit to [libmongocrypt Security Testing Summary](https://docs.google.com/document/d/1dc7uvBzu3okAIsA8LSW5sVQGkYIvwpBVdg5v4wb4c4s/edit#heading=h.5t79jwe4p0ss).
125
131
 
126
132
  ## Homebrew steps ##
127
- Submit a PR to update the Homebrew package https://github.com/mongodb/homebrew-brew/blob/master/Formula/libmongocrypt.rb. ([Example](https://github.com/mongodb/homebrew-brew/pull/208)). If not on macOS, request a team member to do this step.
133
+ Submit a PR to update the Homebrew package https://github.com/mongodb/homebrew-brew/blob/master/Formula/libmongocrypt.rb. ([Example](https://github.com/mongodb/homebrew-brew/pull/234)). If not on macOS, request a team member to do this step.
134
+ Request review by posting in #ask-devprod-build.
128
135
 
129
136
  ## Debian steps ##
130
137
  If you are not a Debian maintainer on the team, request a team member to do the steps in this section.
131
138
 
132
139
  Refer to the [Debian](https://github.com/mongodb/mongo-c-driver/blob/master/docs/dev/debian.rst) steps.
133
140
 
134
- For a minor release (e.g. x.y.0), submit a merge request to the [extrepo-data](https://salsa.debian.org/extrepo-team/extrepo-data) project in Debian to update the PPA. The change would look something like this:
141
+ For a non-patch release (e.g. x.y.0), submit a merge request to the [extrepo-data](https://salsa.debian.org/extrepo-team/extrepo-data) project in Debian to update the PPA. The change would look something like this:
135
142
 
136
143
  ```
137
144
  diff --git a/repos/debian/libmongocrypt.yaml b/repos/debian/libmongocrypt.yaml
@@ -142,8 +149,8 @@ index 609dc0b..f7530a9 100644
142
149
  source:
143
150
  Types: deb
144
151
  URIs: https://libmongocrypt.s3.amazonaws.com/apt/debian
145
- - Suites: <SUITE>/libmongocrypt/1.11
146
- + Suites: <SUITE>/libmongocrypt/1.12
152
+ - Suites: <SUITE>/libmongocrypt/1.12
153
+ + Suites: <SUITE>/libmongocrypt/1.13
147
154
  Components: main
148
155
  Architectures: amd64 arm64
149
156
  suites:
@@ -38,19 +38,45 @@ import datetime
38
38
  import re
39
39
  import subprocess
40
40
  import sys
41
- try:
42
- # Prefer newer `packaging` over deprecated packages.
43
- from packaging.version import Version as Version
44
- from packaging.version import parse as parse_version
45
- except ImportError:
46
- # Fallback to deprecated pkg_resources.
47
- try:
48
- from pkg_resources.extern.packaging.version import Version
49
- from pkg_resources import parse_version
50
- except ImportError:
51
- # Fallback to deprecated distutils.
52
- from distutils.version import LooseVersion as Version
53
- from distutils.version import LooseVersion as parse_version
41
+
42
+ class Version:
43
+ def __init__(self, s):
44
+ pat = r'(\d+)\.(\d+)\.(\d+)(\-\S+)?'
45
+ match = re.match(pat, s)
46
+ assert match, "Unrecognized version string %s" % s
47
+ self.major, self.minor, self.micro = (
48
+ map(int, (match.group(1), match.group(2), match.group(3))))
49
+
50
+ if match.group(4):
51
+ self.prerelease = match.group(4)[1:]
52
+ else:
53
+ self.prerelease = ''
54
+
55
+ def __lt__(self, other):
56
+ if self.major != other.major:
57
+ return self.major < other.major
58
+ if self.minor != other.minor:
59
+ return self.minor < other.minor
60
+ if self.micro != other.micro:
61
+ return self.micro < other.micro
62
+ if self.prerelease != other.prerelease:
63
+ if self.prerelease != '' and other.prerelease == '':
64
+ # Consider a prerelease less than non-prerelease.
65
+ return True
66
+ # For simplicity, compare prerelease versions lexicographically.
67
+ return self.prerelease < other.prerelease
68
+
69
+ # Versions are equal.
70
+ return False
71
+
72
+ def __eq__(self, other):
73
+ self_tuple = self.major, self.minor, self.micro, self.prerelease
74
+ other_tuple = other.major, other.minor, other.micro, other.prerelease
75
+ return self_tuple == other_tuple
76
+
77
+
78
+ def parse_version(ver):
79
+ return Version(ver)
54
80
 
55
81
  DEBUG = len(sys.argv) > 1 and '-d' in sys.argv
56
82
  if DEBUG:
@@ -66,7 +66,7 @@ echo "Test next minor version ... begin"
66
66
  # failed, then it is probably because a new major/minor release was made.
67
67
  # Update the expected output to represent the correct next version.
68
68
  # XXX NOTE XXX NOTE XXX
69
- assert_eq "$got" "1.9.0-$DATE+git$CURRENT_SHORTREF"
69
+ assert_eq "$got" "1.14.0-$DATE+git$CURRENT_SHORTREF"
70
70
  }
71
71
  echo "Test next minor version ... end"
72
72
 
@@ -57,7 +57,7 @@
57
57
  }
58
58
  ],
59
59
  "metadata": {
60
- "timestamp": "2025-04-08T13:06:37.750496+00:00",
60
+ "timestamp": "2025-04-08T15:21:23.237097+00:00",
61
61
  "tools": [
62
62
  {
63
63
  "externalReferences": [
@@ -100,7 +100,7 @@
100
100
  }
101
101
  ]
102
102
  },
103
- "serialNumber": "urn:uuid:1eeadd7e-be33-4e55-960c-02bac1da4cf7",
103
+ "serialNumber": "urn:uuid:9e8a6b86-64aa-4438-bd54-80fd66afce96",
104
104
  "version": 1,
105
105
  "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
106
106
  "bomFormat": "CycloneDX",
@@ -4,7 +4,7 @@ project (kms_message
4
4
  LANGUAGES C
5
5
  )
6
6
 
7
- set (CMAKE_C_STANDARD 90)
7
+ set (CMAKE_C_STANDARD 99)
8
8
 
9
9
  include (CheckCCompilerFlag)
10
10
  # All targets obey visibility, not just library targets.
@@ -14,7 +14,12 @@
14
14
  * limitations under the License.
15
15
  */
16
16
 
17
+ #include "hexlify.h"
18
+
19
+ //
20
+
17
21
  #include "kms_message_private.h"
22
+
18
23
  #include <stdint.h>
19
24
  #include <stdio.h>
20
25
  #include <stdlib.h>
@@ -21,4 +21,4 @@ char *
21
21
  hexlify (const uint8_t *buf, size_t len);
22
22
 
23
23
  int
24
- unhexlify (const char *in, size_t len);
24
+ unhexlify (const char *in, size_t len);
@@ -216,4 +216,4 @@ kms_azure_request_unwrapkey_new (const char *host,
216
216
  ciphertext,
217
217
  ciphertext_len,
218
218
  opt);
219
- }
219
+ }
@@ -283,4 +283,4 @@ kms_gcp_request_decrypt_new (const char *host,
283
283
  ciphertext,
284
284
  ciphertext_len,
285
285
  opt);
286
- }
286
+ }
@@ -279,7 +279,8 @@ kmip_reader_has_data (kmip_reader_t *reader)
279
279
  #define CHECK_REMAINING_BUFFER_AND_RET(read_size) \
280
280
  if ((reader->pos + (read_size)) > reader->len) { \
281
281
  return false; \
282
- }
282
+ } else \
283
+ ((void)0)
283
284
 
284
285
  bool
285
286
  kmip_reader_read_u8 (kmip_reader_t *reader, uint8_t *value)
@@ -346,7 +347,8 @@ kmip_reader_read_bytes (kmip_reader_t *reader, uint8_t **ptr, size_t length)
346
347
  #define CHECK_AND_RET(x) \
347
348
  if (!(x)) { \
348
349
  return false; \
349
- }
350
+ } else \
351
+ ((void)0)
350
352
 
351
353
  bool
352
354
  kmip_reader_read_tag (kmip_reader_t *reader, kmip_tag_type_t *tag)
@@ -83,7 +83,7 @@ kms_kmip_request_register_secretdata_new (void *reserved,
83
83
 
84
84
  if (len != KMS_KMIP_REQUEST_SECRETDATA_LENGTH) {
85
85
  KMS_ERROR (req,
86
- "expected SecretData length of %d, got %" PRIu32,
86
+ "expected SecretData length of %d, got %zu",
87
87
  KMS_KMIP_REQUEST_SECRETDATA_LENGTH,
88
88
  len);
89
89
  return req;
@@ -463,4 +463,3 @@ kms_kmip_request_decrypt_new (void *reserved, const char* unique_identifer, cons
463
463
  */
464
464
  return kmip_encrypt_decrypt(unique_identifer, ciphertext, len, iv_data, iv_len, false);
465
465
  }
466
-
@@ -124,6 +124,9 @@ struct _kms_response_parser_t {
124
124
  } \
125
125
  } while (0)
126
126
 
127
+ #ifdef __GNUC__
128
+ __attribute__((format(__printf__, 3, 4)))
129
+ #endif
127
130
  void
128
131
  kms_set_error (char *error, size_t size, const char *fmt, ...);
129
132
 
@@ -137,6 +140,7 @@ kms_set_error (char *error, size_t size, const char *fmt, ...);
137
140
  if (!(stmt)) { \
138
141
  fprintf (stderr, "%s failed\n", #stmt); \
139
142
  abort (); \
140
- }
143
+ } else \
144
+ ((void)0)
141
145
 
142
146
  #endif /* KMS_MESSAGE_PRIVATE_H */
@@ -744,7 +744,7 @@ done:
744
744
  return kms_request_str_detach (sig);
745
745
  }
746
746
 
747
- void
747
+ static void
748
748
  kms_request_validate (kms_request_t *request)
749
749
  {
750
750
  if (!check_and_prohibit_kmip (request)) {
@@ -85,4 +85,4 @@ kms_request_opt_set_crypto_hook_sign_rsaes_pkcs1_v1_5 (
85
85
  {
86
86
  opt->crypto.sign_rsaes_pkcs1_v1_5 = sign_rsaes_pkcs1_v1_5;
87
87
  opt->crypto.sign_ctx = sign_ctx;
88
- }
88
+ }
@@ -27,8 +27,8 @@
27
27
  #include <stdlib.h>
28
28
  #include <limits.h> /* CHAR_BIT */
29
29
 
30
- bool rfc_3986_tab[256] = {0};
31
- bool kms_initialized = false;
30
+ static bool rfc_3986_tab[256] = {0};
31
+ static bool kms_initialized = false;
32
32
 
33
33
  static void
34
34
  tables_init (void)
@@ -126,12 +126,6 @@ kms_request_str_detach (kms_request_str_t *str)
126
126
  return r;
127
127
  }
128
128
 
129
- const char *
130
- kms_request_str_get (kms_request_str_t *str)
131
- {
132
- return str->str;
133
- }
134
-
135
129
  bool
136
130
  kms_request_str_reserve (kms_request_str_t *str, size_t size)
137
131
  {
@@ -64,10 +64,19 @@ kms_request_str_append_newline (kms_request_str_t *str);
64
64
  KMS_MSG_EXPORT (void)
65
65
  kms_request_str_append_lowercase (kms_request_str_t *str,
66
66
  kms_request_str_t *appended);
67
+
68
+ #ifdef __GNUC__
69
+ __attribute__((format(__printf__, 2, 3)))
70
+ #endif
67
71
  KMS_MSG_EXPORT (void)
68
72
  kms_request_str_appendf (kms_request_str_t *str, const char *format, ...);
73
+
74
+ #ifdef __GNUC__
75
+ __attribute__((format(__printf__, 2, 3)))
76
+ #endif
69
77
  KMS_MSG_EXPORT (void)
70
78
  kms_request_strdupf (kms_request_str_t *str, const char *format, ...);
79
+
71
80
  KMS_MSG_EXPORT (void)
72
81
  kms_request_str_append_escaped (kms_request_str_t *str,
73
82
  kms_request_str_t *appended,
@@ -81,7 +81,6 @@ kms_response_parser_wants_bytes (kms_response_parser_t *parser, int32_t max)
81
81
  default:
82
82
  KMS_ASSERT (false && "Invalid kms_response_parser HTTP state");
83
83
  }
84
- return -1;
85
84
  }
86
85
 
87
86
  static bool
@@ -37,6 +37,10 @@
37
37
  * https://github.com/freebsd/freebsd/blob/e7c6cef9514d3bb1f14a30a5ee871231523e43db/lib/libc/stdlib/merge.c
38
38
  */
39
39
 
40
+ #include "sort.h"
41
+
42
+ //
43
+
40
44
  #include <stddef.h>
41
45
 
42
46
  /*
@@ -44,10 +48,9 @@
44
48
  * last 4 elements.
45
49
  */
46
50
 
47
- typedef int (*cmp_t) (const void *, const void *);
48
51
  #define CMP(x, y) cmp (x, y)
49
52
  #define swap(a, b) \
50
- { \
53
+ if (1) { \
51
54
  s = b; \
52
55
  i = size; \
53
56
  do { \
@@ -56,7 +59,8 @@ typedef int (*cmp_t) (const void *, const void *);
56
59
  *s++ = tmp; \
57
60
  } while (--i); \
58
61
  a -= size; \
59
- }
62
+ } else \
63
+ ((void)0)
60
64
 
61
65
  void
62
66
  insertionsort (unsigned char *a, size_t n, size_t size, cmp_t cmp)
@@ -15,6 +15,8 @@
15
15
  * limitations under the License.
16
16
  */
17
17
 
18
+ #include <stddef.h>
19
+
18
20
  typedef int (*cmp_t) (const void *, const void *);
19
21
 
20
22
  void
@@ -6,7 +6,7 @@
6
6
  * You may obtain a copy of the License at
7
7
  *
8
8
  * http://www.apache.org/licenses/LICENSE-2.0
9
- *
9
+
10
10
  * Unless required by applicable law or agreed to in writing, software
11
11
  * distributed under the License is distributed on an "AS IS" BASIS,
12
12
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -54,6 +54,7 @@ kms_kmip_writer_test_evaluate (kmip_writer_t *writer,
54
54
  free (expected_hex);
55
55
  }
56
56
 
57
+ void kms_kmip_writer_test (void); // -Wmissing-prototypes: for testing only.
57
58
  void
58
59
  kms_kmip_writer_test (void)
59
60
  {
@@ -140,6 +141,7 @@ kms_kmip_writer_test (void)
140
141
  kmip_writer_destroy (writer);
141
142
  }
142
143
 
144
+ void kms_kmip_reader_test (void); // -Wmissing-prototypes: for testing only.
143
145
  void
144
146
  kms_kmip_reader_test (void)
145
147
  {
@@ -312,6 +314,7 @@ kms_kmip_reader_test (void)
312
314
  free (data);
313
315
  }
314
316
 
317
+ void kms_kmip_reader_negative_int_test (void); // -Wmissing-prototypes: for testing only.
315
318
  void
316
319
  kms_kmip_reader_negative_int_test (void)
317
320
  {
@@ -356,6 +359,7 @@ kms_kmip_reader_negative_int_test (void)
356
359
  free (data);
357
360
  }
358
361
 
362
+ void kms_kmip_reader_find_test (void); // -Wmissing-prototypes: for testing only.
359
363
  void
360
364
  kms_kmip_reader_find_test (void)
361
365
  {
@@ -404,6 +408,7 @@ kms_kmip_reader_find_test (void)
404
408
  free (data);
405
409
  }
406
410
 
411
+ void kms_kmip_reader_find_and_recurse_test (void); // -Wmissing-prototypes: for testing only.
407
412
  void
408
413
  kms_kmip_reader_find_and_recurse_test (void)
409
414
  {
@@ -438,6 +443,7 @@ kms_kmip_reader_find_and_recurse_test (void)
438
443
  free (data);
439
444
  }
440
445
 
446
+ void kms_kmip_reader_find_and_read_enum_test (void); // -Wmissing-prototypes: for testing only.
441
447
  void
442
448
  kms_kmip_reader_find_and_read_enum_test (void)
443
449
  {
@@ -470,6 +476,7 @@ kms_kmip_reader_find_and_read_enum_test (void)
470
476
  free (data);
471
477
  }
472
478
 
479
+ void kms_kmip_reader_find_and_read_bytes_test (void); // -Wmissing-prototypes: for testing only.
473
480
  void
474
481
  kms_kmip_reader_find_and_read_bytes_test (void)
475
482
  {
@@ -44,7 +44,7 @@
44
44
  #define TEST_ERROR(...) \
45
45
  do { \
46
46
  TEST_STDERR_PRINTF ( \
47
- "test error %s:%d %s(): ", __FILE__, __LINE__, __FUNCTION__); \
47
+ "test error %s:%d %s(): ", __FILE__, __LINE__, __func__); \
48
48
  TEST_STDERR_PRINTF (__VA_ARGS__); \
49
49
  TEST_STDERR_PRINTF ("\n"); \
50
50
  abort (); \
@@ -53,7 +53,8 @@
53
53
  #define ASSERT(stmt) \
54
54
  if (!(stmt)) { \
55
55
  TEST_ERROR ("statement failed %s", #stmt); \
56
- }
56
+ } else \
57
+ ((void)0)
57
58
 
58
59
  #define ASSERT_CMPSTR_WITH_LEN(_expect, _expect_len, _actual, _actual_len) \
59
60
  do { \
@@ -98,7 +99,7 @@
98
99
  TEST_ERROR ( \
99
100
  "comparison failed: %d %s %d", _a_int, #_operator, _b_int); \
100
101
  } \
101
- } while (0);
102
+ } while (0)
102
103
 
103
104
  #define ASSERT_CMPBYTES( \
104
105
  expected_bytes, expected_len, actual_bytes, actual_len) \
@@ -161,4 +162,4 @@
161
162
  ASSERT_CONTAINS (_error_str, expect_substring); \
162
163
  } while (0)
163
164
 
164
- #endif /* TEST_KMS_ASSERT_H */
165
+ #endif /* TEST_KMS_ASSERT_H */
@@ -257,4 +257,4 @@ main (int argc, char **argv)
257
257
  kms_message_init ();
258
258
  test_azure_wrapkey ();
259
259
  return 0;
260
- }
260
+ }