libmongocrypt-helper 1.7.0.0.1001 → 1.7.4.0.1000

Sign up to get free protection for your applications and to get access to all the features.
Files changed (991) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/ext/libmongocrypt/extconf.rb +70 -0
  4. data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +164 -0
  5. data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +699 -0
  6. data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +13 -0
  7. data/ext/libmongocrypt/libmongocrypt/LICENSE +201 -0
  8. data/ext/libmongocrypt/libmongocrypt/README.md +250 -0
  9. data/ext/libmongocrypt/libmongocrypt/VERSION_CURRENT +1 -0
  10. data/ext/libmongocrypt/libmongocrypt/bindings/cs/CMakeLists.txt +16 -0
  11. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/AssemblyInfo.cs +4 -0
  12. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Binary.cs +131 -0
  13. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/BinarySafeHandle.cs +60 -0
  14. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CheckableSafeHandle.cs +46 -0
  15. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CipherCallbacks.cs +168 -0
  16. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/ContextSafeHandle.cs +48 -0
  17. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClient.cs +238 -0
  18. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClientFactory.cs +134 -0
  19. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptContext.cs +214 -0
  20. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptException.cs +37 -0
  21. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptOptions.cs +67 -0
  22. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HashCallback.cs +59 -0
  23. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/HmacShaCallbacks.cs +96 -0
  24. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/IStatus.cs +26 -0
  25. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsCredentials.cs +53 -0
  26. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsKeyId.cs +91 -0
  27. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequest.cs +125 -0
  28. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/KmsRequestCollection.cs +60 -0
  29. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Library.cs +652 -0
  30. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoader.cs +252 -0
  31. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoadingException.cs +34 -0
  32. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/License.txt +14 -0
  33. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LogLevel.cs +26 -0
  34. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoCryptSafeHandle.cs +48 -0
  35. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.csproj +106 -0
  36. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.ruleset +85 -0
  37. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.targets +21 -0
  38. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/OperatingSystemHelper.cs +59 -0
  39. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Package.include.template.csproj +38 -0
  40. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/PinnedBinary.cs +49 -0
  41. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SecureRandomCallback.cs +51 -0
  42. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/SigningRSAESPKCSCallback.cs +74 -0
  43. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Status.cs +94 -0
  44. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StatusSafeHandle.cs +60 -0
  45. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/StyleCop.ruleset +11 -0
  46. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/stylecop.json +8 -0
  47. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/MongoDB.Libmongocrypt.Example.csproj +23 -0
  48. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Package.include.template.csproj +11 -0
  49. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/Program.cs +442 -0
  50. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BasicTests.cs +748 -0
  51. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BsonUtil.cs +82 -0
  52. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CallbackUtils.cs +37 -0
  53. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/CipherCallbacksTests.cs +46 -0
  54. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HashCallbackTests.cs +37 -0
  55. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/HmacShaCallbacksTests.cs +37 -0
  56. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/MongoDB.Libmongocrypt.Test.csproj +35 -0
  57. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/Package.include.template.csproj +23 -0
  58. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/SigningRSAESPKCSCallbackTests.cs +64 -0
  59. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/collection-info.json +37 -0
  60. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/command-reply.json +13 -0
  61. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command-reply.json +16 -0
  62. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-command.json +11 -0
  63. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/encrypted-value.json +6 -0
  64. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-document.json +36 -0
  65. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/key-filter.json +19 -0
  66. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/list-collections-filter.json +3 -0
  67. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/test/example/mongocryptd-command.json +22 -0
  68. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/xunit.runner.json +6 -0
  69. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/BasicTests.cs +54 -0
  70. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/MongoDB.Libmongocrypt.Test32.csproj +42 -0
  71. data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/Package.include.template.csproj +23 -0
  72. data/ext/libmongocrypt/libmongocrypt/bindings/cs/README.md +66 -0
  73. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.cake +219 -0
  74. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.ps1 +275 -0
  75. data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.sh +77 -0
  76. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/README.md +36 -0
  77. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +339 -0
  78. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
  79. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +5 -0
  80. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +188 -0
  81. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +100 -0
  82. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/BinaryHolder.java +45 -0
  83. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +1130 -0
  84. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +96 -0
  85. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +66 -0
  86. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/DisposableMemory.java +31 -0
  87. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/JULLogger.java +130 -0
  88. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Logger.java +144 -0
  89. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/Loggers.java +50 -0
  90. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MacCallback.java +60 -0
  91. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MessageDigestCallback.java +55 -0
  92. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoAwsKmsProviderOptions.java +104 -0
  93. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypt.java +100 -0
  94. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContext.java +137 -0
  95. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptContextImpl.java +164 -0
  96. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptException.java +67 -0
  97. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +408 -0
  98. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptOptions.java +284 -0
  99. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCrypts.java +38 -0
  100. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoDataKeyOptions.java +125 -0
  101. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +225 -0
  102. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptor.java +76 -0
  103. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoKeyDecryptorImpl.java +105 -0
  104. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoLocalKmsProviderOptions.java +83 -0
  105. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoRewrapManyDataKeyOptions.java +104 -0
  106. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SLF4JLogger.java +110 -0
  107. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SecureRandomCallback.java +51 -0
  108. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/SigningRSAESPKCSCallback.java +76 -0
  109. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/package-info.java +18 -0
  110. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +345 -0
  111. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/collection-info.json +37 -0
  112. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command-reply.json +13 -0
  113. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/command.json +6 -0
  114. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command-reply.json +16 -0
  115. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-command.json +11 -0
  116. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/encrypted-value.json +6 -0
  117. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit/int32/encrypted-payload.json +26 -0
  118. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit/int32/key-document.json +0 -0
  119. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit/int32/key-filter.json +19 -0
  120. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit/int32/rangeopts.json +11 -0
  121. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit/int32/value-to-encrypt.json +20 -0
  122. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/json-schema.json +15 -0
  123. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-document.json +36 -0
  124. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter-keyAltName.json +14 -0
  125. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/key-filter.json +19 -0
  126. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/keys/ABCDEFAB123498761234123456789012-local-document.json +30 -0
  127. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/kms-reply.txt +6 -0
  128. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/list-collections-filter.json +3 -0
  129. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-command.json +22 -0
  130. data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/mongocryptd-reply.json +18 -0
  131. data/ext/libmongocrypt/libmongocrypt/bindings/node/CHANGELOG.md +81 -0
  132. data/ext/libmongocrypt/libmongocrypt/bindings/node/LICENSE +201 -0
  133. data/ext/libmongocrypt/libmongocrypt/bindings/node/README.md +773 -0
  134. data/ext/libmongocrypt/libmongocrypt/bindings/node/binding.gyp +79 -0
  135. data/ext/libmongocrypt/libmongocrypt/bindings/node/etc/README.hbs +44 -0
  136. data/ext/libmongocrypt/libmongocrypt/bindings/node/etc/build-static.sh +39 -0
  137. data/ext/libmongocrypt/libmongocrypt/bindings/node/index.d.ts +515 -0
  138. data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/autoEncrypter.js +420 -0
  139. data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/buffer_pool.js +123 -0
  140. data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/clientEncryption.js +699 -0
  141. data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/common.js +100 -0
  142. data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/credentialsProvider.js +33 -0
  143. data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/cryptoCallbacks.js +87 -0
  144. data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/index.js +42 -0
  145. data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/mongocryptdManager.js +66 -0
  146. data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/stateMachine.js +487 -0
  147. data/ext/libmongocrypt/libmongocrypt/bindings/node/package-lock.json +16051 -0
  148. data/ext/libmongocrypt/libmongocrypt/bindings/node/package.json +81 -0
  149. data/ext/libmongocrypt/libmongocrypt/bindings/node/src/mongocrypt.cc +929 -0
  150. data/ext/libmongocrypt/libmongocrypt/bindings/node/src/mongocrypt.h +114 -0
  151. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/autoEncrypter.test.js +953 -0
  152. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/buffer_pool.test.js +91 -0
  153. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/clientEncryption.test.js +701 -0
  154. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/credentialsProvider.test.js +163 -0
  155. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/cryptoCallbacks.test.js +284 -0
  156. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/README.md +5 -0
  157. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/cmd.json +6 -0
  158. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/collection-info.json +37 -0
  159. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/encrypted-document-nested.json +8 -0
  160. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/encrypted-document.json +11 -0
  161. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/encryptedFields.json +30 -0
  162. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/key-document.json +32 -0
  163. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/key1-document.json +30 -0
  164. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/kms-decrypt-reply.txt +6 -0
  165. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/kms-encrypt-reply.txt +7 -0
  166. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/mongocryptd-reply.json +18 -0
  167. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/mongocryptdManager.test.js +48 -0
  168. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/release.test.js +59 -0
  169. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/requirements.helper.js +29 -0
  170. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/stateMachine.test.js +331 -0
  171. data/ext/libmongocrypt/libmongocrypt/bindings/node/test/tools/mongodb_reporter.js +325 -0
  172. data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +121 -0
  173. data/ext/libmongocrypt/libmongocrypt/bindings/python/LICENSE +201 -0
  174. data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +187 -0
  175. data/ext/libmongocrypt/libmongocrypt/bindings/python/RELEASE.rst +107 -0
  176. data/ext/libmongocrypt/libmongocrypt/bindings/python/build-manylinux-wheel.sh +16 -0
  177. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/__init__.py +16 -0
  178. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/auto_encrypter.py +61 -0
  179. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binary.py +94 -0
  180. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +1561 -0
  181. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/compat.py +61 -0
  182. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/credentials.py +136 -0
  183. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/crypto.py +162 -0
  184. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/errors.py +39 -0
  185. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/explicit_encrypter.py +248 -0
  186. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +808 -0
  187. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/state_machine.py +156 -0
  188. data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +17 -0
  189. data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +92 -0
  190. data/ext/libmongocrypt/libmongocrypt/bindings/python/setup.py +84 -0
  191. data/ext/libmongocrypt/libmongocrypt/bindings/python/strip_header.py +51 -0
  192. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/__init__.py +37 -0
  193. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/collection-info.json +39 -0
  194. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/command-reply.json +13 -0
  195. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/command.json +6 -0
  196. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/cmd.json +1 -0
  197. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-field-config-map.json +47 -0
  198. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-payload.json +23 -0
  199. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-command-reply.json +16 -0
  200. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-command.json +13 -0
  201. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +48 -0
  202. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-value.json +6 -0
  203. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +26 -0
  204. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-range-explicit/int32/rangeopts.json +11 -0
  205. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-range-explicit/int32/value-to-encrypt.json +20 -0
  206. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-document-azure.json +33 -0
  207. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-document-gcp.json +35 -0
  208. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-document.json +33 -0
  209. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-filter.json +19 -0
  210. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/keys/12345678123498761234123456789012-local-document.json +30 -0
  211. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/keys/12345678123498761234123456789013-local-document.json +30 -0
  212. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/keys/ABCDEFAB123498761234123456789012-local-document.json +30 -0
  213. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/kms-encrypt-reply.txt +7 -0
  214. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/kms-reply-azure.txt +6 -0
  215. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/kms-reply-gcp.txt +6 -0
  216. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/kms-reply.txt +6 -0
  217. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/list-collections-filter.json +3 -0
  218. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/mongocryptd-command.json +26 -0
  219. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/mongocryptd-reply.json +20 -0
  220. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/schema-map.json +40 -0
  221. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_binding.py +71 -0
  222. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_crypto.py +49 -0
  223. data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +825 -0
  224. data/ext/libmongocrypt/libmongocrypt/bindings/python/test-requirements.txt +12 -0
  225. data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +20 -0
  226. data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +209 -0
  227. data/ext/libmongocrypt/libmongocrypt/cmake/ImportDFP.cmake +70 -0
  228. data/ext/libmongocrypt/libmongocrypt/cmake/IntelDFP.cmake +409 -0
  229. data/ext/libmongocrypt/libmongocrypt/cmake/LTO.cmake +57 -0
  230. data/ext/libmongocrypt/libmongocrypt/cmake/MongoC-Warnings.cmake +74 -0
  231. data/ext/libmongocrypt/libmongocrypt/cmake/libmongocrypt-hidden-symbols.map +8 -0
  232. data/ext/libmongocrypt/libmongocrypt/cmake/libmongocrypt-hidden-symbols.txt +5 -0
  233. data/ext/libmongocrypt/libmongocrypt/cmake/libmongocrypt-static.pc.in +9 -0
  234. data/ext/libmongocrypt/libmongocrypt/cmake/libmongocrypt.pc.in +10 -0
  235. data/ext/libmongocrypt/libmongocrypt/cmake/ltocheck-lib.c +6 -0
  236. data/ext/libmongocrypt/libmongocrypt/cmake/ltocheck-main.c +9 -0
  237. data/ext/libmongocrypt/libmongocrypt/cmake/mongocrypt-config.cmake +42 -0
  238. data/ext/libmongocrypt/libmongocrypt/debian/build_snapshot.sh +79 -0
  239. data/ext/libmongocrypt/libmongocrypt/debian/changelog +105 -0
  240. data/ext/libmongocrypt/libmongocrypt/debian/compat +1 -0
  241. data/ext/libmongocrypt/libmongocrypt/debian/control +41 -0
  242. data/ext/libmongocrypt/libmongocrypt/debian/copyright +129 -0
  243. data/ext/libmongocrypt/libmongocrypt/debian/gbp.conf +23 -0
  244. data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt-dev.dirs +2 -0
  245. data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt-dev.install +5 -0
  246. data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt0.dirs +1 -0
  247. data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt0.install +1 -0
  248. data/ext/libmongocrypt/libmongocrypt/debian/rules +46 -0
  249. data/ext/libmongocrypt/libmongocrypt/debian/source/format +1 -0
  250. data/ext/libmongocrypt/libmongocrypt/debian/source/lintian-overrides +3 -0
  251. data/ext/libmongocrypt/libmongocrypt/debian/source/options +1 -0
  252. data/ext/libmongocrypt/libmongocrypt/debian/watch +3 -0
  253. data/ext/libmongocrypt/libmongocrypt/doc/Doxygen +2474 -0
  254. data/ext/libmongocrypt/libmongocrypt/etc/calc_release_version.py +265 -0
  255. data/ext/libmongocrypt/libmongocrypt/etc/debian/control +33 -0
  256. data/ext/libmongocrypt/libmongocrypt/etc/debian/rules +41 -0
  257. data/ext/libmongocrypt/libmongocrypt/etc/debian/source/format +1 -0
  258. data/ext/libmongocrypt/libmongocrypt/etc/fle2_aead_generate_tests.py +41 -0
  259. data/ext/libmongocrypt/libmongocrypt/etc/fle2_crypto.py +105 -0
  260. data/ext/libmongocrypt/libmongocrypt/etc/fle2_crypto_selftest.py +52 -0
  261. data/ext/libmongocrypt/libmongocrypt/etc/fle2_generate_tests.py +34 -0
  262. data/ext/libmongocrypt/libmongocrypt/etc/generate-kek-tests.py +69 -0
  263. data/ext/libmongocrypt/libmongocrypt/etc/generate-test-data.py +141 -0
  264. data/ext/libmongocrypt/libmongocrypt/etc/list-compile-files.py +20 -0
  265. data/ext/libmongocrypt/libmongocrypt/etc/mongo-inteldfp-MONGOCRYPT-571.patch +25 -0
  266. data/ext/libmongocrypt/libmongocrypt/etc/mongo-inteldfp-s390x.patch +134 -0
  267. data/ext/libmongocrypt/libmongocrypt/etc/packager.py +854 -0
  268. data/ext/libmongocrypt/libmongocrypt/etc/print-marking.py +36 -0
  269. data/ext/libmongocrypt/libmongocrypt/etc/repo_config.yaml +257 -0
  270. data/ext/libmongocrypt/libmongocrypt/etc/requirements.txt +2 -0
  271. data/ext/libmongocrypt/libmongocrypt/etc/rewrite.py +16 -0
  272. data/ext/libmongocrypt/libmongocrypt/etc/rpm/libmongocrypt.spec +67 -0
  273. data/ext/libmongocrypt/libmongocrypt/etc/rpm/tweak.awk +19 -0
  274. data/ext/libmongocrypt/libmongocrypt/integrating.md +251 -0
  275. data/ext/libmongocrypt/libmongocrypt/kms-message/CMakeLists.txt +305 -0
  276. data/ext/libmongocrypt/libmongocrypt/kms-message/COPYING +177 -0
  277. data/ext/libmongocrypt/libmongocrypt/kms-message/README.md +41 -0
  278. data/ext/libmongocrypt/libmongocrypt/kms-message/THIRD_PARTY_NOTICES +42 -0
  279. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/LICENSE +202 -0
  280. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/NOTICE +2 -0
  281. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.authz +1 -0
  282. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.creq +9 -0
  283. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.req +6 -0
  284. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.sreq +7 -0
  285. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-key-duplicate/get-header-key-duplicate.sts +4 -0
  286. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.authz +1 -0
  287. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.creq +9 -0
  288. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.req +6 -0
  289. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.sreq +7 -0
  290. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-multiline/get-header-value-multiline.sts +4 -0
  291. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.authz +1 -0
  292. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.creq +9 -0
  293. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.req +7 -0
  294. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.sreq +8 -0
  295. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-order/get-header-value-order.sts +4 -0
  296. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.authz +1 -0
  297. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.creq +10 -0
  298. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.req +5 -0
  299. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.sreq +6 -0
  300. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-header-value-trim/get-header-value-trim.sts +4 -0
  301. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-unreserved/get-unreserved.authz +1 -0
  302. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-unreserved/get-unreserved.creq +8 -0
  303. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-unreserved/get-unreserved.req +3 -0
  304. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-unreserved/get-unreserved.sreq +4 -0
  305. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-unreserved/get-unreserved.sts +4 -0
  306. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-utf8/get-utf8.authz +1 -0
  307. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-utf8/get-utf8.creq +8 -0
  308. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-utf8/get-utf8.req +3 -0
  309. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-utf8/get-utf8.sreq +4 -0
  310. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-utf8/get-utf8.sts +4 -0
  311. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla/get-vanilla.authz +1 -0
  312. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla/get-vanilla.creq +8 -0
  313. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla/get-vanilla.req +3 -0
  314. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla/get-vanilla.sreq +4 -0
  315. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla/get-vanilla.sts +4 -0
  316. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.authz +1 -0
  317. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.creq +8 -0
  318. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.req +3 -0
  319. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.sreq +4 -0
  320. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-empty-query-key/get-vanilla-empty-query-key.sts +4 -0
  321. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.authz +1 -0
  322. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.creq +8 -0
  323. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.req +3 -0
  324. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.sreq +4 -0
  325. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query/get-vanilla-query.sts +4 -0
  326. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.authz +1 -0
  327. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.creq +8 -0
  328. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.req +3 -0
  329. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.sreq +4 -0
  330. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key/get-vanilla-query-order-key.sts +4 -0
  331. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key-case/get-vanilla-query-order-key-case.authz +1 -0
  332. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key-case/get-vanilla-query-order-key-case.creq +8 -0
  333. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key-case/get-vanilla-query-order-key-case.req +3 -0
  334. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key-case/get-vanilla-query-order-key-case.sreq +4 -0
  335. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-key-case/get-vanilla-query-order-key-case.sts +4 -0
  336. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-value/get-vanilla-query-order-value.authz +1 -0
  337. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-value/get-vanilla-query-order-value.creq +8 -0
  338. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-value/get-vanilla-query-order-value.req +3 -0
  339. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-value/get-vanilla-query-order-value.sreq +4 -0
  340. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-order-value/get-vanilla-query-order-value.sts +4 -0
  341. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-unreserved/get-vanilla-query-unreserved.authz +1 -0
  342. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-unreserved/get-vanilla-query-unreserved.creq +8 -0
  343. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-unreserved/get-vanilla-query-unreserved.req +3 -0
  344. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-unreserved/get-vanilla-query-unreserved.sreq +4 -0
  345. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-query-unreserved/get-vanilla-query-unreserved.sts +4 -0
  346. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.authz +1 -0
  347. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.creq +8 -0
  348. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.req +3 -0
  349. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.sreq +4 -0
  350. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/get-vanilla-utf8-query/get-vanilla-utf8-query.sts +4 -0
  351. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.authz +1 -0
  352. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.creq +8 -0
  353. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.req +3 -0
  354. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.sreq +4 -0
  355. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative/get-relative.sts +4 -0
  356. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative-relative/get-relative-relative.authz +1 -0
  357. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative-relative/get-relative-relative.creq +8 -0
  358. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative-relative/get-relative-relative.req +3 -0
  359. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative-relative/get-relative-relative.sreq +4 -0
  360. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-relative-relative/get-relative-relative.sts +4 -0
  361. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.authz +1 -0
  362. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.creq +8 -0
  363. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.req +3 -0
  364. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.sreq +4 -0
  365. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash/get-slash.sts +4 -0
  366. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.authz +1 -0
  367. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.creq +8 -0
  368. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.req +3 -0
  369. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.sreq +4 -0
  370. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-dot-slash/get-slash-dot-slash.sts +4 -0
  371. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dot/get-slash-pointless-dot.authz +1 -0
  372. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dot/get-slash-pointless-dot.creq +8 -0
  373. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dot/get-slash-pointless-dot.req +3 -0
  374. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dot/get-slash-pointless-dot.sreq +4 -0
  375. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slash-pointless-dot/get-slash-pointless-dot.sts +4 -0
  376. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.authz +1 -0
  377. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.creq +8 -0
  378. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.req +3 -0
  379. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.sreq +4 -0
  380. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-slashes/get-slashes.sts +4 -0
  381. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-space/get-space.authz +1 -0
  382. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-space/get-space.creq +8 -0
  383. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-space/get-space.req +3 -0
  384. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-space/get-space.sreq +4 -0
  385. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/get-space/get-space.sts +4 -0
  386. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/normalize-path/normalize-path.txt +3 -0
  387. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.authz +1 -0
  388. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.creq +8 -0
  389. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.req +3 -0
  390. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.sreq +4 -0
  391. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-case/post-header-key-case.sts +4 -0
  392. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.authz +1 -0
  393. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.creq +9 -0
  394. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.req +4 -0
  395. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.sreq +5 -0
  396. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-key-sort/post-header-key-sort.sts +4 -0
  397. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.authz +1 -0
  398. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.creq +9 -0
  399. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.req +4 -0
  400. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.sreq +5 -0
  401. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-header-value-case/post-header-value-case.sts +4 -0
  402. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-after/post-sts-header-after.authz +1 -0
  403. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-after/post-sts-header-after.creq +8 -0
  404. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-after/post-sts-header-after.req +3 -0
  405. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-after/post-sts-header-after.sreq +5 -0
  406. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-after/post-sts-header-after.sts +4 -0
  407. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-before/post-sts-header-before.authz +1 -0
  408. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-before/post-sts-header-before.creq +9 -0
  409. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-before/post-sts-header-before.req +4 -0
  410. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-before/post-sts-header-before.sreq +5 -0
  411. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/post-sts-header-before/post-sts-header-before.sts +4 -0
  412. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-sts-token/readme.txt +15 -0
  413. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla/post-vanilla.authz +1 -0
  414. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla/post-vanilla.creq +8 -0
  415. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla/post-vanilla.req +3 -0
  416. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla/post-vanilla.sreq +4 -0
  417. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla/post-vanilla.sts +4 -0
  418. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-empty-query-value/post-vanilla-empty-query-value.authz +1 -0
  419. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-empty-query-value/post-vanilla-empty-query-value.creq +8 -0
  420. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-empty-query-value/post-vanilla-empty-query-value.req +3 -0
  421. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-empty-query-value/post-vanilla-empty-query-value.sreq +4 -0
  422. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-empty-query-value/post-vanilla-empty-query-value.sts +4 -0
  423. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.authz +1 -0
  424. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.creq +8 -0
  425. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.req +3 -0
  426. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.sreq +4 -0
  427. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-vanilla-query/post-vanilla-query.sts +4 -0
  428. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.authz +1 -0
  429. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.creq +9 -0
  430. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.req +6 -0
  431. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.sreq +7 -0
  432. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded/post-x-www-form-urlencoded.sts +4 -0
  433. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parameters/post-x-www-form-urlencoded-parameters.authz +1 -0
  434. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parameters/post-x-www-form-urlencoded-parameters.creq +9 -0
  435. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parameters/post-x-www-form-urlencoded-parameters.req +6 -0
  436. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parameters/post-x-www-form-urlencoded-parameters.sreq +7 -0
  437. data/ext/libmongocrypt/libmongocrypt/kms-message/aws-sig-v4-test-suite/post-x-www-form-urlencoded-parameters/post-x-www-form-urlencoded-parameters.sts +4 -0
  438. data/ext/libmongocrypt/libmongocrypt/kms-message/cmake/kms_message-config.cmake +1 -0
  439. data/ext/libmongocrypt/libmongocrypt/kms-message/cmake/libkms_message.pc.in +9 -0
  440. data/ext/libmongocrypt/libmongocrypt/kms-message/src/hexlify.c +67 -0
  441. data/ext/libmongocrypt/libmongocrypt/kms-message/src/hexlify.h +24 -0
  442. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_azure_request.c +219 -0
  443. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_b64.c +654 -0
  444. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_caller_identity_request.c +52 -0
  445. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto.h +70 -0
  446. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_apple.c +159 -0
  447. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_libcrypto.c +142 -0
  448. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_none.c +65 -0
  449. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_crypto_windows.c +268 -0
  450. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_decrypt_request.c +72 -0
  451. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_encrypt_request.c +73 -0
  452. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_endian_private.h +165 -0
  453. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_gcp_request.c +286 -0
  454. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_item_type_private.h +59 -0
  455. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_reader_writer.c +502 -0
  456. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_reader_writer_private.h +150 -0
  457. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_request.c +256 -0
  458. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_response.c +323 -0
  459. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_response_parser.c +148 -0
  460. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_response_parser_private.h +55 -0
  461. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_result_reason_private.h +77 -0
  462. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_result_status_private.h +54 -0
  463. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_tag_type_private.h +343 -0
  464. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kv_list.c +149 -0
  465. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kv_list.h +56 -0
  466. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_azure_request.h +110 -0
  467. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_b64.h +70 -0
  468. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_caller_identity_request.h +36 -0
  469. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_decrypt_request.h +37 -0
  470. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_encrypt_request.h +39 -0
  471. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_gcp_request.h +124 -0
  472. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_kmip_request.h +58 -0
  473. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_kmip_response.h +40 -0
  474. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_kmip_response_parser.h +26 -0
  475. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_message.h +34 -0
  476. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_message_defines.h +72 -0
  477. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_request.h +103 -0
  478. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_request_opt.h +80 -0
  479. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_response.h +43 -0
  480. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_response_parser.h +64 -0
  481. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message.c +47 -0
  482. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +142 -0
  483. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_port.c +33 -0
  484. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_port.h +34 -0
  485. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +925 -0
  486. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_opt.c +88 -0
  487. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_opt_private.h +32 -0
  488. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_str.c +520 -0
  489. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_str.h +89 -0
  490. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_response.c +54 -0
  491. data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_response_parser.c +408 -0
  492. data/ext/libmongocrypt/libmongocrypt/kms-message/src/sort.c +74 -0
  493. data/ext/libmongocrypt/libmongocrypt/kms-message/src/sort.h +21 -0
  494. data/ext/libmongocrypt/libmongocrypt/kms-message/test/connection_close/connection_close.sreq +5 -0
  495. data/ext/libmongocrypt/libmongocrypt/kms-message/test/content_length/content_length.sreq +7 -0
  496. data/ext/libmongocrypt/libmongocrypt/kms-message/test/decrypt/decrypt.creq +11 -0
  497. data/ext/libmongocrypt/libmongocrypt/kms-message/test/decrypt/decrypt.sreq +9 -0
  498. data/ext/libmongocrypt/libmongocrypt/kms-message/test/encrypt/encrypt.creq +11 -0
  499. data/ext/libmongocrypt/libmongocrypt/kms-message/test/encrypt/encrypt.sreq +9 -0
  500. data/ext/libmongocrypt/libmongocrypt/kms-message/test/example-chunked-response.bin +20 -0
  501. data/ext/libmongocrypt/libmongocrypt/kms-message/test/example-multi-chunked-response.bin +22 -0
  502. data/ext/libmongocrypt/libmongocrypt/kms-message/test/example-response.bin +6 -0
  503. data/ext/libmongocrypt/libmongocrypt/kms-message/test/host/host.sreq +4 -0
  504. data/ext/libmongocrypt/libmongocrypt/kms-message/test/multibyte/multibyte.creq +10 -0
  505. data/ext/libmongocrypt/libmongocrypt/kms-message/test/multibyte/multibyte.sreq +8 -0
  506. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +485 -0
  507. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +147 -0
  508. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +260 -0
  509. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +250 -0
  510. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_kmip_request.c +223 -0
  511. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_kmip_response.c +214 -0
  512. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_kmip_response_parser.c +197 -0
  513. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_online_util.c +120 -0
  514. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_online_util.h +35 -0
  515. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +1302 -0
  516. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_util.c +92 -0
  517. data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_util.h +45 -0
  518. data/ext/libmongocrypt/libmongocrypt/kms-message/test/windows/dirent.h +1224 -0
  519. data/ext/libmongocrypt/libmongocrypt/src/crypto/cng.c +640 -0
  520. data/ext/libmongocrypt/libmongocrypt/src/crypto/commoncrypto.c +326 -0
  521. data/ext/libmongocrypt/libmongocrypt/src/crypto/libcrypto.c +341 -0
  522. data/ext/libmongocrypt/libmongocrypt/src/crypto/none.c +97 -0
  523. data/ext/libmongocrypt/libmongocrypt/src/csfle-markup.cpp +237 -0
  524. data/ext/libmongocrypt/libmongocrypt/src/mc-array-private.h +54 -0
  525. data/ext/libmongocrypt/libmongocrypt/src/mc-array.c +102 -0
  526. data/ext/libmongocrypt/libmongocrypt/src/mc-check-conversions-private.h +36 -0
  527. data/ext/libmongocrypt/libmongocrypt/src/mc-dec128.h +743 -0
  528. data/ext/libmongocrypt/libmongocrypt/src/mc-dec128.test.cpp +86 -0
  529. data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +48 -0
  530. data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +127 -0
  531. data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +40 -0
  532. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +152 -0
  533. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +487 -0
  534. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-private.h +47 -0
  535. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +156 -0
  536. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private.h +95 -0
  537. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload.c +158 -0
  538. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private.h +124 -0
  539. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +316 -0
  540. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private.h +179 -0
  541. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev.c +385 -0
  542. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev-private.h +93 -0
  543. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev.c +269 -0
  544. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-range-operator-private.h +29 -0
  545. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds-private.h +91 -0
  546. data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds.c +658 -0
  547. data/ext/libmongocrypt/libmongocrypt/src/mc-optional-private.h +124 -0
  548. data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation-private.h +161 -0
  549. data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +242 -0
  550. data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding-private.h +128 -0
  551. data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +620 -0
  552. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +308 -0
  553. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-private.h +112 -0
  554. data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +341 -0
  555. data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +99 -0
  556. data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +382 -0
  557. data/ext/libmongocrypt/libmongocrypt/src/mc-reader-private.h +130 -0
  558. data/ext/libmongocrypt/libmongocrypt/src/mc-reader.c +235 -0
  559. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +118 -0
  560. data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +151 -0
  561. data/ext/libmongocrypt/libmongocrypt/src/mlib/check.hpp +89 -0
  562. data/ext/libmongocrypt/libmongocrypt/src/mlib/endian.h +42 -0
  563. data/ext/libmongocrypt/libmongocrypt/src/mlib/error.h +59 -0
  564. data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.h +685 -0
  565. data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.test.c +3 -0
  566. data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.test.cpp +407 -0
  567. data/ext/libmongocrypt/libmongocrypt/src/mlib/macros.h +53 -0
  568. data/ext/libmongocrypt/libmongocrypt/src/mlib/path.h +381 -0
  569. data/ext/libmongocrypt/libmongocrypt/src/mlib/path.test.c +93 -0
  570. data/ext/libmongocrypt/libmongocrypt/src/mlib/str.h +1028 -0
  571. data/ext/libmongocrypt/libmongocrypt/src/mlib/str.test.c +137 -0
  572. data/ext/libmongocrypt/libmongocrypt/src/mlib/thread.h +88 -0
  573. data/ext/libmongocrypt/libmongocrypt/src/mlib/user-check.h +4 -0
  574. data/ext/libmongocrypt/libmongocrypt/src/mlib/windows-lean.h +19 -0
  575. data/ext/libmongocrypt/libmongocrypt/src/mongo_crypt-v1.h +320 -0
  576. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-binary-private.h +34 -0
  577. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-binary.c +87 -0
  578. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +236 -0
  579. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +691 -0
  580. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo-private.h +24 -0
  581. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c +82 -0
  582. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key-private.h +55 -0
  583. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key.c +190 -0
  584. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-oauth-private.h +46 -0
  585. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-oauth.c +126 -0
  586. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-private.h +96 -0
  587. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache.c +341 -0
  588. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext-private.h +64 -0
  589. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext.c +212 -0
  590. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-compat.h +44 -0
  591. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-config.h.in +87 -0
  592. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto-private.h +303 -0
  593. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto.c +1850 -0
  594. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +534 -0
  595. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +773 -0
  596. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +3005 -0
  597. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +269 -0
  598. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-rewrap-many-datakey.c +415 -0
  599. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +1283 -0
  600. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-dll-private.h +97 -0
  601. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-endian-private.h +168 -0
  602. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-endpoint-private.h +64 -0
  603. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-endpoint.c +212 -0
  604. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kek-private.h +109 -0
  605. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kek.c +325 -0
  606. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker-private.h +209 -0
  607. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +1189 -0
  608. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-private.h +87 -0
  609. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key.c +473 -0
  610. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx-private.h +154 -0
  611. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +1785 -0
  612. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-log-private.h +111 -0
  613. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-log.c +123 -0
  614. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +74 -0
  615. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +1624 -0
  616. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-mutex-private.h +46 -0
  617. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +231 -0
  618. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +493 -0
  619. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +197 -0
  620. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-status-private.h +39 -0
  621. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-status.c +169 -0
  622. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util-private.h +59 -0
  623. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +234 -0
  624. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util-private.h +84 -0
  625. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +203 -0
  626. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +1605 -0
  627. data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +1610 -0
  628. data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +132 -0
  629. data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_mutex.c +57 -0
  630. data/ext/libmongocrypt/libmongocrypt/src/os_win/os_dll.c +92 -0
  631. data/ext/libmongocrypt/libmongocrypt/src/os_win/os_mutex.c +45 -0
  632. data/ext/libmongocrypt/libmongocrypt/test/crypt_shared-stub.cpp +155 -0
  633. data/ext/libmongocrypt/libmongocrypt/test/data/NIST-CAVP.cstructs +1350 -0
  634. data/ext/libmongocrypt/libmongocrypt/test/data/aes-ctr.cstructs +359 -0
  635. data/ext/libmongocrypt/libmongocrypt/test/data/cache-tests.json +197 -0
  636. data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-schema.json +19 -0
  637. data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-no-validator.json +13 -0
  638. data/ext/libmongocrypt/libmongocrypt/test/data/collection-info-view.json +11 -0
  639. data/ext/libmongocrypt/libmongocrypt/test/data/collinfo-siblings.json +40 -0
  640. data/ext/libmongocrypt/libmongocrypt/test/data/compact/missing-key-id/collinfo.json +21 -0
  641. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/collinfo.json +10 -0
  642. data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-fields/encrypted-payload.json +4 -0
  643. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/cmd.json +1 -0
  644. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +49 -0
  645. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +47 -0
  646. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload.json +23 -0
  647. data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/mongocryptd-reply.json +72 -0
  648. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd-to-mongocryptd.json +34 -0
  649. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/cmd.json +6 -0
  650. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/collinfo.json +27 -0
  651. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/encrypted-payload.json +39 -0
  652. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/omitted/mongocryptd-reply.json +45 -0
  653. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd-to-mongocryptd.json +34 -0
  654. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/cmd.json +7 -0
  655. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/collinfo.json +27 -0
  656. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/encrypted-payload.json +40 -0
  657. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved/mongocryptd-reply.json +45 -0
  658. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd-to-mongocryptd.json +17 -0
  659. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/cmd.json +7 -0
  660. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/collinfo.json +10 -0
  661. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/encrypted-payload.json +7 -0
  662. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_empty/mongocryptd-reply.json +23 -0
  663. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/cmd-to-mongocryptd.json +26 -0
  664. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/cmd.json +7 -0
  665. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/collinfo.json +25 -0
  666. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/encrypted-payload.json +14 -0
  667. data/ext/libmongocrypt/libmongocrypt/test/data/dollardb/preserved_fle1/mongocryptd-reply.json +15 -0
  668. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-extraField.json +24 -0
  669. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-missingKeyId.json +17 -0
  670. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-oneField.json +23 -0
  671. data/ext/libmongocrypt/libmongocrypt/test/data/efc/efc-twoFields.json +39 -0
  672. data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-cmd.json +11 -0
  673. data/ext/libmongocrypt/libmongocrypt/test/data/encrypted-field-config-map.json +48 -0
  674. data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decryption-input.json +8 -0
  675. data/ext/libmongocrypt/libmongocrypt/test/data/find-with-encryptionInformation.json +16 -0
  676. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/cmd-to-mongocryptd.json +12 -0
  677. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/cmd.json +8 -0
  678. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/cmd.json +8 -0
  679. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/insert/collinfo.json +9 -0
  680. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-collMod/mongocryptd-reply.json +14 -0
  681. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/old-mongocryptd/cmd.json +3 -0
  682. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/old-mongocryptd/encrypted-payload.json +3 -0
  683. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/old-mongocryptd/ismaster-to-mongocryptd.json +3 -0
  684. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/old-mongocryptd/mongocryptd-ismaster.json +12 -0
  685. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-cmd-schema/cmd-to-mongocryptd.json +20 -0
  686. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-cmd-schema/cmd.json +12 -0
  687. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-cmd-schema/encrypted-payload.json +12 -0
  688. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-cmd-schema/ismaster-to-mongocryptd.json +3 -0
  689. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-cmd-schema/mongocryptd-ismaster.json +12 -0
  690. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-cmd-schema/mongocryptd-reply.json +9 -0
  691. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-schema/cmd-to-mongocryptd.json +7 -0
  692. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-schema/cmd.json +3 -0
  693. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-schema/encrypted-payload.json +3 -0
  694. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-schema/ismaster-to-mongocryptd.json +3 -0
  695. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-schema/mongocryptd-ismaster.json +12 -0
  696. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-schema/mongocryptd-reply.json +9 -0
  697. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/with-schema/schema-map.json +5 -0
  698. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/without-schema/cmd-to-mongocryptd.json +5 -0
  699. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/without-schema/cmd.json +3 -0
  700. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/without-schema/encrypted-payload.json +3 -0
  701. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/without-schema/ismaster-to-mongocryptd.json +3 -0
  702. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/without-schema/mongocryptd-ismaster.json +12 -0
  703. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-create/without-schema/mongocryptd-reply.json +9 -0
  704. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/cmd.json +8 -0
  705. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/collinfo.json +7 -0
  706. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-csfle/encrypted-payload.json +8 -0
  707. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/cmd-to-mongocryptd.json +10 -0
  708. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/cmd.json +8 -0
  709. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/collinfo.json +7 -0
  710. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/encrypted-payload.json +8 -0
  711. data/ext/libmongocrypt/libmongocrypt/test/data/fle1-explain/with-mongocryptd/mongocryptd-reply.json +14 -0
  712. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-aead.cstructs +109 -0
  713. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd-to-mongocryptd.json +14 -0
  714. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/cmd.json +3 -0
  715. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-field-config-map.json +8 -0
  716. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/encrypted-payload.json +3 -0
  717. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/ismaster-to-mongocryptd.json +3 -0
  718. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/mongocryptd-ismaster.json +12 -0
  719. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-create/mongocryptd-reply.json +9 -0
  720. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-decrypt-ieev/first-filter.json +21 -0
  721. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-decrypt-ieev/second-filter.json +21 -0
  722. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/cmd.json +6 -0
  723. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/collinfo.json +49 -0
  724. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-field-config-map.json +47 -0
  725. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload.json +91 -0
  726. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/mongocryptd-reply.json +66 -0
  727. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/cmd.json +6 -0
  728. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/collinfo.json +49 -0
  729. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-field-config-map.json +47 -0
  730. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload.json +98 -0
  731. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/mongocryptd-reply.json +72 -0
  732. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/cmd.json +8 -0
  733. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +27 -0
  734. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +46 -0
  735. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd-to-mongocryptd.json +36 -0
  736. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/cmd.json +8 -0
  737. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/collinfo.json +27 -0
  738. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/encrypted-payload.json +41 -0
  739. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-mongocryptd/mongocryptd-reply.json +47 -0
  740. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1.json +8 -0
  741. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed.json +8 -0
  742. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1.json +8 -0
  743. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key.json +8 -0
  744. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed.json +8 -0
  745. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/cmd.json +6 -0
  746. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-field-map.json +23 -0
  747. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/encrypted-payload.json +41 -0
  748. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality/mongocryptd-reply.json +19 -0
  749. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongocryptd.json +24 -0
  750. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd-to-mongod.json +24 -0
  751. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/cmd.json +11 -0
  752. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-explicit/reply-from-mongocryptd.json +27 -0
  753. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/README.md +2 -0
  754. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/cmd.json +10 -0
  755. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-field-map.json +28 -0
  756. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/encrypted-payload.json +42 -0
  757. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date/mongocryptd-reply.json +50 -0
  758. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/cmd.json +6 -0
  759. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-field-map.json +28 -0
  760. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/encrypted-payload.json +42 -0
  761. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128/mongocryptd-reply.json +50 -0
  762. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/cmd.json +6 -0
  763. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-field-map.json +31 -0
  764. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/encrypted-payload.json +51 -0
  765. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision/mongocryptd-reply.json +59 -0
  766. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/cmd.json +8 -0
  767. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-field-map.json +28 -0
  768. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/encrypted-payload.json +42 -0
  769. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double/mongocryptd-reply.json +50 -0
  770. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/cmd.json +8 -0
  771. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-field-map.json +31 -0
  772. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/encrypted-payload.json +45 -0
  773. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision/mongocryptd-reply.json +53 -0
  774. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/cmd.json +8 -0
  775. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-field-map.json +28 -0
  776. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/encrypted-payload.json +42 -0
  777. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32/mongocryptd-reply.json +50 -0
  778. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/cmd.json +8 -0
  779. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-field-map.json +28 -0
  780. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/encrypted-payload.json +42 -0
  781. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64/mongocryptd-reply.json +50 -0
  782. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload.json +26 -0
  783. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/rangeopts.json +5 -0
  784. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/value-to-encrypt.json +20 -0
  785. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload.json +26 -0
  786. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/rangeopts.json +14 -0
  787. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/value-to-encrypt.json +20 -0
  788. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +26 -0
  789. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/rangeopts.json +11 -0
  790. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/value-to-encrypt.json +20 -0
  791. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload.json +26 -0
  792. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/rangeopts.json +5 -0
  793. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/value-to-encrypt.json +20 -0
  794. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload.json +16 -0
  795. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/rangeopts.json +11 -0
  796. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/value-to-encrypt.json +13 -0
  797. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert/cmd.json +9 -0
  798. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert/encrypted-field-map.json +23 -0
  799. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert/encrypted-payload.json +40 -0
  800. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert/mongocryptd-reply.json +50 -0
  801. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/README.md +2 -0
  802. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/RNG_DATA.h +67 -0
  803. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/cmd.json +13 -0
  804. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-field-map.json +28 -0
  805. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/encrypted-payload.json +45 -0
  806. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/mongocryptd-reply.json +53 -0
  807. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/RNG_DATA.h +134 -0
  808. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/cmd.json +9 -0
  809. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-field-map.json +28 -0
  810. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/encrypted-payload.json +45 -0
  811. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/mongocryptd-reply.json +53 -0
  812. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/RNG_DATA.h +73 -0
  813. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/cmd.json +9 -0
  814. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-field-map.json +31 -0
  815. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/encrypted-payload.json +54 -0
  816. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/mongocryptd-reply.json +62 -0
  817. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/RNG_DATA.h +70 -0
  818. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/cmd.json +11 -0
  819. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-field-map.json +28 -0
  820. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/encrypted-payload.json +45 -0
  821. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/mongocryptd-reply.json +53 -0
  822. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/RNG_DATA.h +21 -0
  823. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/cmd.json +11 -0
  824. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-field-map.json +31 -0
  825. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/encrypted-payload.json +48 -0
  826. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/mongocryptd-reply.json +56 -0
  827. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/RNG_DATA.h +27 -0
  828. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/cmd.json +11 -0
  829. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-field-map.json +28 -0
  830. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/encrypted-payload.json +45 -0
  831. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/mongocryptd-reply.json +53 -0
  832. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/RNG_DATA.h +67 -0
  833. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/cmd.json +11 -0
  834. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-field-map.json +28 -0
  835. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/encrypted-payload.json +45 -0
  836. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/mongocryptd-reply.json +53 -0
  837. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/RNG_DATA.h +70 -0
  838. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload.json +8 -0
  839. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/rangeopts.json +5 -0
  840. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/value-to-encrypt.json +5 -0
  841. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/RNG_DATA.h +21 -0
  842. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload.json +8 -0
  843. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/rangeopts.json +14 -0
  844. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/value-to-encrypt.json +5 -0
  845. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32/RNG_DATA.h +27 -0
  846. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32/encrypted-payload.json +8 -0
  847. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32/rangeopts.json +11 -0
  848. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32/value-to-encrypt.json +5 -0
  849. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/RNG_DATA.h +70 -0
  850. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload.json +8 -0
  851. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/rangeopts.json +5 -0
  852. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/value-to-encrypt.json +5 -0
  853. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/RNG_DATA.h +17 -0
  854. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload.json +8 -0
  855. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/rangeopts.json +11 -0
  856. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/value-to-encrypt.json +5 -0
  857. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/cmd.json +9 -0
  858. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-field-map.json +23 -0
  859. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/encrypted-payload.json +14 -0
  860. data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed/mongocryptd-reply.json +46 -0
  861. data/ext/libmongocrypt/libmongocrypt/test/data/fle2.cstructs +33 -0
  862. data/ext/libmongocrypt/libmongocrypt/test/data/gcp-auth/decrypt-response.txt +5 -0
  863. data/ext/libmongocrypt/libmongocrypt/test/data/gcp-auth/encrypt-response.txt +5 -0
  864. data/ext/libmongocrypt/libmongocrypt/test/data/gcp-auth/oauth-response.txt +5 -0
  865. data/ext/libmongocrypt/libmongocrypt/test/data/kek-tests.json +169 -0
  866. data/ext/libmongocrypt/libmongocrypt/test/data/key-document-azure.json +33 -0
  867. data/ext/libmongocrypt/libmongocrypt/test/data/key-document-full.json +36 -0
  868. data/ext/libmongocrypt/libmongocrypt/test/data/key-document-gcp.json +35 -0
  869. data/ext/libmongocrypt/libmongocrypt/test/data/key-document-kmip.json +34 -0
  870. data/ext/libmongocrypt/libmongocrypt/test/data/key-document-local.json +18 -0
  871. data/ext/libmongocrypt/libmongocrypt/test/data/key-document-no-region.json +31 -0
  872. data/ext/libmongocrypt/libmongocrypt/test/data/key-document-with-alt-name-duplicate-id.json +36 -0
  873. data/ext/libmongocrypt/libmongocrypt/test/data/key-document-with-alt-name.json +33 -0
  874. data/ext/libmongocrypt/libmongocrypt/test/data/key-document-with-alt-name2.json +33 -0
  875. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789012-aws-decrypt-reply.txt +11 -0
  876. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789012-aws-document.json +32 -0
  877. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789012-key-material.txt +1 -0
  878. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789012-local-document.json +30 -0
  879. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789013-aws-decrypt-reply.txt +11 -0
  880. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789013-aws-document.json +32 -0
  881. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789013-key-material.txt +1 -0
  882. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789013-local-document.json +30 -0
  883. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789014-key-material.txt +1 -0
  884. data/ext/libmongocrypt/libmongocrypt/test/data/keys/12345678123498761234123456789014-local-document.json +30 -0
  885. data/ext/libmongocrypt/libmongocrypt/test/data/keys/ABCDEFAB123498761234123456789012-aws-decrypt-reply.txt +11 -0
  886. data/ext/libmongocrypt/libmongocrypt/test/data/keys/ABCDEFAB123498761234123456789012-aws-document.json +32 -0
  887. data/ext/libmongocrypt/libmongocrypt/test/data/keys/ABCDEFAB123498761234123456789012-key-material.txt +1 -0
  888. data/ext/libmongocrypt/libmongocrypt/test/data/keys/ABCDEFAB123498761234123456789012-local-document.json +30 -0
  889. data/ext/libmongocrypt/libmongocrypt/test/data/keys/README.md +21 -0
  890. data/ext/libmongocrypt/libmongocrypt/test/data/kms-encrypt-reply.txt +7 -0
  891. data/ext/libmongocrypt/libmongocrypt/test/data/kms-tests.json +297 -0
  892. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-cmd.json +26 -0
  893. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-reply-existing-ciphertext.json +24 -0
  894. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-reply-invalid.json +18 -0
  895. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-reply-key-alt-name.json +18 -0
  896. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-reply-key-alt-name2.json +18 -0
  897. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-reply-no-encryption-needed.json +7 -0
  898. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-reply-no-markings.json +7 -0
  899. data/ext/libmongocrypt/libmongocrypt/test/data/mongocryptd-reply-random.json +18 -0
  900. data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_decimal128.cstruct +14527 -0
  901. data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_double.cstruct +7959 -0
  902. data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_int32.cstruct +6906 -0
  903. data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_int64.cstruct +9429 -0
  904. data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_decimal128.cstruct +4565 -0
  905. data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_decimal128_precision.cstruct +312 -0
  906. data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_double.cstruct +3277 -0
  907. data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_double_precision.cstruct +369 -0
  908. data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_int32.cstruct +4612 -0
  909. data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_int64.cstruct +3398 -0
  910. data/ext/libmongocrypt/libmongocrypt/test/data/rmd/key-document-a.json +35 -0
  911. data/ext/libmongocrypt/libmongocrypt/test/data/rmd/key-document-b.json +37 -0
  912. data/ext/libmongocrypt/libmongocrypt/test/data/rmd/key-document-local.json +30 -0
  913. data/ext/libmongocrypt/libmongocrypt/test/data/rmd/kms-decrypt-reply-a.txt +6 -0
  914. data/ext/libmongocrypt/libmongocrypt/test/data/rmd/kms-decrypt-reply-b.txt +6 -0
  915. data/ext/libmongocrypt/libmongocrypt/test/data/rmd/kms-encrypt-reply-a.txt +7 -0
  916. data/ext/libmongocrypt/libmongocrypt/test/data/rmd/kms-encrypt-reply-b.txt +7 -0
  917. data/ext/libmongocrypt/libmongocrypt/test/data/schema-map.json +40 -0
  918. data/ext/libmongocrypt/libmongocrypt/test/data/schema.json +19 -0
  919. data/ext/libmongocrypt/libmongocrypt/test/example/README.md +5 -0
  920. data/ext/libmongocrypt/libmongocrypt/test/example/cmd.json +6 -0
  921. data/ext/libmongocrypt/libmongocrypt/test/example/collection-info.json +39 -0
  922. data/ext/libmongocrypt/libmongocrypt/test/example/encrypted-command.json +9 -0
  923. data/ext/libmongocrypt/libmongocrypt/test/example/key-document-custom-endpoint.json +34 -0
  924. data/ext/libmongocrypt/libmongocrypt/test/example/key-document.json +33 -0
  925. data/ext/libmongocrypt/libmongocrypt/test/example/kms-decrypt-reply.txt +6 -0
  926. data/ext/libmongocrypt/libmongocrypt/test/example/mongocryptd-reply.json +18 -0
  927. data/ext/libmongocrypt/libmongocrypt/test/example-no-bson.c +23 -0
  928. data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +368 -0
  929. data/ext/libmongocrypt/libmongocrypt/test/fuzz_kms.c +42 -0
  930. data/ext/libmongocrypt/libmongocrypt/test/test-dll.cpp +22 -0
  931. data/ext/libmongocrypt/libmongocrypt/test/test-gcp-auth.c +312 -0
  932. data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +104 -0
  933. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +443 -0
  934. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +184 -0
  935. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +200 -0
  936. data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +518 -0
  937. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +468 -0
  938. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +886 -0
  939. data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +609 -0
  940. data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +174 -0
  941. data/ext/libmongocrypt/libmongocrypt/test/test-mc-reader.c +251 -0
  942. data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +245 -0
  943. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +1079 -0
  944. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.h +26 -0
  945. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +218 -0
  946. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +266 -0
  947. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache-oauth.c +57 -0
  948. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +264 -0
  949. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ciphertext.c +259 -0
  950. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-compact.c +478 -0
  951. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +917 -0
  952. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-std-hooks.c +177 -0
  953. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-std-hooks.h +110 -0
  954. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +892 -0
  955. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +208 -0
  956. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +1134 -0
  957. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +5096 -0
  958. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +1061 -0
  959. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-setopt.c +1301 -0
  960. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +489 -0
  961. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-dll.c +48 -0
  962. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-endpoint.c +138 -0
  963. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +104 -0
  964. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-broker.c +1174 -0
  965. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +475 -0
  966. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key.c +282 -0
  967. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-ctx.c +561 -0
  968. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +206 -0
  969. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-local-kms.c +89 -0
  970. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-log.c +137 -0
  971. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +738 -0
  972. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-status.c +88 -0
  973. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-traverse-util.c +548 -0
  974. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-util.c +105 -0
  975. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-util.h +42 -0
  976. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +1060 -0
  977. data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +290 -0
  978. data/ext/libmongocrypt/libmongocrypt/test/util/HELP.autogen +102 -0
  979. data/ext/libmongocrypt/libmongocrypt/test/util/README.md +103 -0
  980. data/ext/libmongocrypt/libmongocrypt/test/util/csfle.c +612 -0
  981. data/ext/libmongocrypt/libmongocrypt/test/util/helpgen.py +7 -0
  982. data/ext/libmongocrypt/libmongocrypt/test/util/make_includes.py +845 -0
  983. data/ext/libmongocrypt/libmongocrypt/test/util/util.c +969 -0
  984. data/ext/libmongocrypt/libmongocrypt/test/util/util.h +96 -0
  985. data/ext/libmongocrypt/libmongocrypt/third-party/IntelRDFPMathLib20U2.tar.xz +0 -0
  986. data/lib/libmongocrypt_helper/version.rb +2 -2
  987. data/lib/libmongocrypt_helper.rb +13 -1
  988. data.tar.gz.sig +0 -0
  989. metadata +988 -6
  990. metadata.gz.sig +0 -0
  991. data/so/libmongocrypt.so +0 -0
@@ -0,0 +1,1785 @@
1
+ /*
2
+ * Copyright 2019-present MongoDB, Inc.
3
+ *
4
+ * Licensed under the Apache License, Version 2.0 (the "License");
5
+ * you may not use this file except in compliance with the License.
6
+ * You may obtain a copy of the License at
7
+ *
8
+ * http://www.apache.org/licenses/LICENSE-2.0
9
+ *
10
+ * Unless required by applicable law or agreed to in writing, software
11
+ * distributed under the License is distributed on an "AS IS" BASIS,
12
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ * See the License for the specific language governing permissions and
14
+ * limitations under the License.
15
+ */
16
+
17
+
18
+ #include "mongocrypt-private.h"
19
+ #include "mongocrypt-binary-private.h"
20
+ #include "mongocrypt-buffer-private.h"
21
+ #include "mongocrypt-ctx-private.h"
22
+ #include "mongocrypt-kms-ctx-private.h"
23
+ #include "mongocrypt-opts-private.h"
24
+ #include "mongocrypt-status-private.h"
25
+ #include "mongocrypt-util-private.h"
26
+ #include <kms_message/kms_b64.h>
27
+ #include <kms_message/kms_azure_request.h>
28
+ #include <kms_message/kms_gcp_request.h>
29
+ #include "mongocrypt.h"
30
+
31
+ /* Sadly, Windows does not define SSIZE_MAX. It is defined in bson-compat.h,
32
+ * but only since 1.22.x, so copy this from bson-compat.h for now. */
33
+ #ifndef SSIZE_MAX
34
+ #define SSIZE_MAX \
35
+ (ssize_t) ( \
36
+ (((size_t) 0x01u) << (sizeof (ssize_t) * (size_t) CHAR_BIT - 1u)) - 1u)
37
+ #endif
38
+
39
+ typedef struct {
40
+ mongocrypt_status_t *status;
41
+ void *ctx;
42
+ } ctx_with_status_t;
43
+
44
+ /* Before we've read the Content-Length header in an HTTP response,
45
+ * we don't know how many bytes we'll need. So return this value
46
+ * in kms_ctx_bytes_needed until we are fed the Content-Length.
47
+ */
48
+ #define DEFAULT_MAX_KMS_BYTE_REQUEST 1024
49
+ #define SHA256_LEN 32
50
+ #define DEFAULT_HTTPS_PORT "443"
51
+ #define DEFAULT_KMIP_PORT "5696"
52
+
53
+ static bool
54
+ _sha256 (void *ctx, const char *input, size_t len, unsigned char *hash_out)
55
+ {
56
+ BSON_ASSERT_PARAM (ctx);
57
+ BSON_ASSERT_PARAM (input);
58
+ BSON_ASSERT_PARAM (hash_out);
59
+
60
+ bool ret;
61
+ ctx_with_status_t *ctx_with_status = (ctx_with_status_t *) ctx;
62
+ _mongocrypt_crypto_t *crypto;
63
+ mongocrypt_binary_t *plaintext, *out;
64
+
65
+ crypto = (_mongocrypt_crypto_t *) ctx_with_status->ctx;
66
+ BSON_ASSERT (crypto);
67
+ BSON_ASSERT (len <= UINT32_MAX);
68
+ plaintext =
69
+ mongocrypt_binary_new_from_data ((uint8_t *) input, (uint32_t) len);
70
+ out = mongocrypt_binary_new ();
71
+
72
+ out->data = hash_out;
73
+ out->len = SHA256_LEN;
74
+
75
+ ret = crypto->sha_256 (crypto->ctx, plaintext, out, ctx_with_status->status);
76
+
77
+ mongocrypt_binary_destroy (plaintext);
78
+ mongocrypt_binary_destroy (out);
79
+ return ret;
80
+ }
81
+
82
+ static bool
83
+ _sha256_hmac (void *ctx,
84
+ const char *key_input,
85
+ size_t key_len,
86
+ const char *input,
87
+ size_t len,
88
+ unsigned char *hash_out)
89
+ {
90
+ BSON_ASSERT_PARAM (ctx);
91
+ BSON_ASSERT_PARAM (key_input);
92
+ BSON_ASSERT_PARAM (input);
93
+ BSON_ASSERT_PARAM (hash_out);
94
+
95
+ ctx_with_status_t *ctx_with_status = (ctx_with_status_t *) ctx;
96
+ _mongocrypt_crypto_t *crypto;
97
+ mongocrypt_binary_t *key, *plaintext, *out;
98
+ bool ret;
99
+
100
+ crypto = (_mongocrypt_crypto_t *) ctx_with_status->ctx;
101
+ BSON_ASSERT (crypto);
102
+
103
+ BSON_ASSERT (key_len <= UINT32_MAX);
104
+ key = mongocrypt_binary_new_from_data ((uint8_t *) key_input,
105
+ (uint32_t) key_len);
106
+ BSON_ASSERT (len <= UINT32_MAX);
107
+ plaintext =
108
+ mongocrypt_binary_new_from_data ((uint8_t *) input, (uint32_t) len);
109
+ out = mongocrypt_binary_new ();
110
+
111
+ out->data = hash_out;
112
+ out->len = SHA256_LEN;
113
+
114
+ ret = crypto->hmac_sha_256 (
115
+ crypto->ctx, key, plaintext, out, ctx_with_status->status);
116
+
117
+ mongocrypt_binary_destroy (key);
118
+ mongocrypt_binary_destroy (plaintext);
119
+ mongocrypt_binary_destroy (out);
120
+ return ret;
121
+ }
122
+
123
+ static void
124
+ _set_kms_crypto_hooks (_mongocrypt_crypto_t *crypto,
125
+ ctx_with_status_t *ctx_with_status,
126
+ kms_request_opt_t *opts)
127
+ {
128
+ BSON_ASSERT_PARAM (crypto);
129
+ BSON_ASSERT_PARAM (ctx_with_status);
130
+ BSON_ASSERT_PARAM (opts);
131
+
132
+ if (crypto->hooks_enabled) {
133
+ kms_request_opt_set_crypto_hooks (
134
+ opts, _sha256, _sha256_hmac, ctx_with_status);
135
+ }
136
+ }
137
+
138
+ static bool
139
+ is_kms (_kms_request_type_t kms_type)
140
+ {
141
+ return kms_type == MONGOCRYPT_KMS_KMIP_REGISTER ||
142
+ kms_type == MONGOCRYPT_KMS_KMIP_ACTIVATE ||
143
+ kms_type == MONGOCRYPT_KMS_KMIP_GET;
144
+ }
145
+
146
+ static void
147
+ _init_common (mongocrypt_kms_ctx_t *kms,
148
+ _mongocrypt_log_t *log,
149
+ _kms_request_type_t kms_type)
150
+ {
151
+ BSON_ASSERT_PARAM (kms);
152
+
153
+ if (is_kms (kms_type)) {
154
+ kms->parser = kms_kmip_response_parser_new (NULL /* reserved */);
155
+ } else {
156
+ kms->parser = kms_response_parser_new ();
157
+ }
158
+ kms->log = log;
159
+ kms->status = mongocrypt_status_new ();
160
+ kms->req_type = kms_type;
161
+ _mongocrypt_buffer_init (&kms->result);
162
+ }
163
+
164
+ bool
165
+ _mongocrypt_kms_ctx_init_aws_decrypt (
166
+ mongocrypt_kms_ctx_t *kms,
167
+ _mongocrypt_opts_kms_providers_t *kms_providers,
168
+ _mongocrypt_key_doc_t *key,
169
+ _mongocrypt_log_t *log,
170
+ _mongocrypt_crypto_t *crypto)
171
+ {
172
+ BSON_ASSERT_PARAM (kms);
173
+ BSON_ASSERT_PARAM (key);
174
+ BSON_ASSERT_PARAM (kms_providers);
175
+ BSON_ASSERT_PARAM (crypto);
176
+
177
+ kms_request_opt_t *opt;
178
+ mongocrypt_status_t *status;
179
+ ctx_with_status_t ctx_with_status;
180
+ bool ret = false;
181
+
182
+ _init_common (kms, log, MONGOCRYPT_KMS_AWS_DECRYPT);
183
+ status = kms->status;
184
+ ctx_with_status.ctx = crypto;
185
+ ctx_with_status.status = mongocrypt_status_new ();
186
+
187
+ if (!key->kek.kms_provider) {
188
+ CLIENT_ERR ("no kms provider specified on key");
189
+ goto done;
190
+ }
191
+
192
+ if (MONGOCRYPT_KMS_PROVIDER_AWS != key->kek.kms_provider) {
193
+ CLIENT_ERR ("expected aws kms provider");
194
+ goto done;
195
+ }
196
+
197
+ if (!key->kek.provider.aws.region) {
198
+ CLIENT_ERR ("no key region provided");
199
+ goto done;
200
+ }
201
+
202
+ if (0 ==
203
+ (kms_providers->configured_providers & MONGOCRYPT_KMS_PROVIDER_AWS)) {
204
+ CLIENT_ERR ("aws kms not configured");
205
+ goto done;
206
+ }
207
+
208
+ if (!kms_providers->aws.access_key_id) {
209
+ CLIENT_ERR ("aws access key id not provided");
210
+ goto done;
211
+ }
212
+
213
+ if (!kms_providers->aws.secret_access_key) {
214
+ CLIENT_ERR ("aws secret access key not provided");
215
+ goto done;
216
+ }
217
+
218
+ /* create the KMS request. */
219
+ opt = kms_request_opt_new ();
220
+ BSON_ASSERT (opt);
221
+
222
+ _set_kms_crypto_hooks (crypto, &ctx_with_status, opt);
223
+ kms_request_opt_set_connection_close (opt, true);
224
+
225
+ kms->req = kms_decrypt_request_new (
226
+ key->key_material.data, key->key_material.len, opt);
227
+
228
+ kms_request_opt_destroy (opt);
229
+ if (!kms_request_set_service (kms->req, "kms")) {
230
+ CLIENT_ERR ("failed to set service: %s",
231
+ kms_request_get_error (kms->req));
232
+ _mongocrypt_status_append (status, ctx_with_status.status);
233
+ goto done;
234
+ }
235
+
236
+ if (kms_providers->aws.session_token) {
237
+ if (!kms_request_add_header_field (kms->req,
238
+ "X-Amz-Security-Token",
239
+ kms_providers->aws.session_token)) {
240
+ CLIENT_ERR ("failed to set session token: %s",
241
+ kms_request_get_error (kms->req));
242
+ _mongocrypt_status_append (status, ctx_with_status.status);
243
+ goto done;
244
+ }
245
+ }
246
+
247
+ if (kms_request_get_error (kms->req)) {
248
+ CLIENT_ERR ("error constructing KMS message: %s",
249
+ kms_request_get_error (kms->req));
250
+ _mongocrypt_status_append (status, ctx_with_status.status);
251
+ goto done;
252
+ }
253
+
254
+ /* If an endpoint was set, override the default Host header. */
255
+ if (key->kek.provider.aws.endpoint) {
256
+ if (!kms_request_add_header_field (
257
+ kms->req, "Host", key->kek.provider.aws.endpoint->host_and_port)) {
258
+ CLIENT_ERR ("error constructing KMS message: %s",
259
+ kms_request_get_error (kms->req));
260
+ _mongocrypt_status_append (status, ctx_with_status.status);
261
+ goto done;
262
+ }
263
+ }
264
+
265
+ if (!kms_request_set_region (kms->req, key->kek.provider.aws.region)) {
266
+ CLIENT_ERR ("failed to set region: %s", kms_request_get_error (kms->req));
267
+ _mongocrypt_status_append (status, ctx_with_status.status);
268
+ goto done;
269
+ }
270
+
271
+ if (!kms_request_set_access_key_id (kms->req,
272
+ kms_providers->aws.access_key_id)) {
273
+ CLIENT_ERR ("failed to set aws access key id: %s",
274
+ kms_request_get_error (kms->req));
275
+ _mongocrypt_status_append (status, ctx_with_status.status);
276
+ goto done;
277
+ }
278
+ if (!kms_request_set_secret_key (kms->req,
279
+ kms_providers->aws.secret_access_key)) {
280
+ CLIENT_ERR ("failed to set aws secret access key: %s",
281
+ kms_request_get_error (kms->req));
282
+ _mongocrypt_status_append (status, ctx_with_status.status);
283
+ goto done;
284
+ }
285
+
286
+ _mongocrypt_buffer_init (&kms->msg);
287
+ kms->msg.data = (uint8_t *) kms_request_get_signed (kms->req);
288
+ if (!kms->msg.data) {
289
+ CLIENT_ERR ("failed to create KMS message: %s",
290
+ kms_request_get_error (kms->req));
291
+ _mongocrypt_status_append (status, ctx_with_status.status);
292
+ goto done;
293
+ }
294
+ kms->msg.len = (uint32_t) strlen ((char *) kms->msg.data);
295
+ kms->msg.owned = true;
296
+
297
+ if (key->kek.provider.aws.endpoint) {
298
+ kms->endpoint =
299
+ bson_strdup (key->kek.provider.aws.endpoint->host_and_port);
300
+ } else {
301
+ /* construct the endpoint from AWS region. */
302
+ kms->endpoint = bson_strdup_printf ("kms.%s.amazonaws.com",
303
+ key->kek.provider.aws.region);
304
+ }
305
+ _mongocrypt_apply_default_port (&kms->endpoint, DEFAULT_HTTPS_PORT);
306
+
307
+ ret = true;
308
+ done:
309
+ mongocrypt_status_destroy (ctx_with_status.status);
310
+
311
+ return ret;
312
+ }
313
+
314
+
315
+ bool
316
+ _mongocrypt_kms_ctx_init_aws_encrypt (
317
+ mongocrypt_kms_ctx_t *kms,
318
+ _mongocrypt_opts_kms_providers_t *kms_providers,
319
+ _mongocrypt_ctx_opts_t *ctx_opts,
320
+ _mongocrypt_buffer_t *plaintext_key_material,
321
+ _mongocrypt_log_t *log,
322
+ _mongocrypt_crypto_t *crypto)
323
+ {
324
+ BSON_ASSERT_PARAM (kms);
325
+ BSON_ASSERT_PARAM (ctx_opts);
326
+ BSON_ASSERT_PARAM (kms_providers);
327
+ BSON_ASSERT_PARAM (crypto);
328
+ BSON_ASSERT_PARAM (plaintext_key_material);
329
+
330
+ kms_request_opt_t *opt;
331
+ mongocrypt_status_t *status;
332
+ ctx_with_status_t ctx_with_status;
333
+ bool ret = false;
334
+
335
+ _init_common (kms, log, MONGOCRYPT_KMS_AWS_ENCRYPT);
336
+ status = kms->status;
337
+ ctx_with_status.ctx = crypto;
338
+ ctx_with_status.status = mongocrypt_status_new ();
339
+
340
+ if (MONGOCRYPT_KMS_PROVIDER_AWS != ctx_opts->kek.kms_provider) {
341
+ CLIENT_ERR ("expected aws kms provider");
342
+ goto done;
343
+ }
344
+
345
+ if (!ctx_opts->kek.provider.aws.region) {
346
+ CLIENT_ERR ("no key region provided");
347
+ goto done;
348
+ }
349
+
350
+ if (!ctx_opts->kek.provider.aws.cmk) {
351
+ CLIENT_ERR ("no aws cmk provided");
352
+ goto done;
353
+ }
354
+
355
+ if (0 ==
356
+ (kms_providers->configured_providers & MONGOCRYPT_KMS_PROVIDER_AWS)) {
357
+ CLIENT_ERR ("aws kms not configured");
358
+ goto done;
359
+ }
360
+
361
+ if (!kms_providers->aws.access_key_id) {
362
+ CLIENT_ERR ("aws access key id not provided");
363
+ goto done;
364
+ }
365
+
366
+ if (!kms_providers->aws.secret_access_key) {
367
+ CLIENT_ERR ("aws secret access key not provided");
368
+ goto done;
369
+ }
370
+
371
+ /* create the KMS request. */
372
+ opt = kms_request_opt_new ();
373
+ BSON_ASSERT (opt);
374
+
375
+ _set_kms_crypto_hooks (crypto, &ctx_with_status, opt);
376
+ kms_request_opt_set_connection_close (opt, true);
377
+
378
+ kms->req = kms_encrypt_request_new (plaintext_key_material->data,
379
+ plaintext_key_material->len,
380
+ ctx_opts->kek.provider.aws.cmk,
381
+ opt);
382
+
383
+ kms_request_opt_destroy (opt);
384
+ if (!kms_request_set_service (kms->req, "kms")) {
385
+ CLIENT_ERR ("failed to set service: %s",
386
+ kms_request_get_error (kms->req));
387
+ _mongocrypt_status_append (status, ctx_with_status.status);
388
+ goto done;
389
+ }
390
+
391
+ if (kms_providers->aws.session_token) {
392
+ if (!kms_request_add_header_field (kms->req,
393
+ "X-Amz-Security-Token",
394
+ kms_providers->aws.session_token)) {
395
+ CLIENT_ERR ("failed to set session token: %s",
396
+ kms_request_get_error (kms->req));
397
+ _mongocrypt_status_append (status, ctx_with_status.status);
398
+ goto done;
399
+ }
400
+ }
401
+
402
+ if (kms_request_get_error (kms->req)) {
403
+ CLIENT_ERR ("error constructing KMS message: %s",
404
+ kms_request_get_error (kms->req));
405
+ _mongocrypt_status_append (status, ctx_with_status.status);
406
+ goto done;
407
+ }
408
+
409
+ /* If an endpoint was set, override the default Host header. */
410
+ if (ctx_opts->kek.provider.aws.endpoint) {
411
+ if (!kms_request_add_header_field (
412
+ kms->req, "Host", ctx_opts->kek.provider.aws.endpoint->host)) {
413
+ CLIENT_ERR ("error constructing KMS message: %s",
414
+ kms_request_get_error (kms->req));
415
+ _mongocrypt_status_append (status, ctx_with_status.status);
416
+ goto done;
417
+ }
418
+ }
419
+
420
+ if (!kms_request_set_region (kms->req, ctx_opts->kek.provider.aws.region)) {
421
+ CLIENT_ERR ("failed to set region: %s", kms_request_get_error (kms->req));
422
+ _mongocrypt_status_append (status, ctx_with_status.status);
423
+ goto done;
424
+ }
425
+
426
+ if (!kms_request_set_access_key_id (kms->req,
427
+ kms_providers->aws.access_key_id)) {
428
+ CLIENT_ERR ("failed to set aws access key id: %s",
429
+ kms_request_get_error (kms->req));
430
+ _mongocrypt_status_append (status, ctx_with_status.status);
431
+ goto done;
432
+ }
433
+ if (!kms_request_set_secret_key (kms->req,
434
+ kms_providers->aws.secret_access_key)) {
435
+ CLIENT_ERR ("failed to set aws secret access key: %s",
436
+ kms_request_get_error (kms->req));
437
+ _mongocrypt_status_append (status, ctx_with_status.status);
438
+ goto done;
439
+ }
440
+
441
+ _mongocrypt_buffer_init (&kms->msg);
442
+ kms->msg.data = (uint8_t *) kms_request_get_signed (kms->req);
443
+ if (!kms->msg.data) {
444
+ CLIENT_ERR ("failed to create KMS message: %s",
445
+ kms_request_get_error (kms->req));
446
+ _mongocrypt_status_append (status, ctx_with_status.status);
447
+ goto done;
448
+ }
449
+ kms->msg.len = (uint32_t) strlen ((char *) kms->msg.data);
450
+ kms->msg.owned = true;
451
+
452
+ /* construct the endpoint */
453
+ if (ctx_opts->kek.provider.aws.endpoint) {
454
+ kms->endpoint =
455
+ bson_strdup (ctx_opts->kek.provider.aws.endpoint->host_and_port);
456
+ } else {
457
+ kms->endpoint = bson_strdup_printf ("kms.%s.amazonaws.com",
458
+ ctx_opts->kek.provider.aws.region);
459
+ }
460
+ _mongocrypt_apply_default_port (&kms->endpoint, DEFAULT_HTTPS_PORT);
461
+
462
+ ret = true;
463
+ done:
464
+ mongocrypt_status_destroy (ctx_with_status.status);
465
+ return ret;
466
+ }
467
+
468
+
469
+ uint32_t
470
+ mongocrypt_kms_ctx_bytes_needed (mongocrypt_kms_ctx_t *kms)
471
+ {
472
+ int want_bytes;
473
+
474
+ if (!kms) {
475
+ return 0;
476
+ }
477
+ /* TODO: an oddity of kms-message. After retrieving the result, it
478
+ * resets the parser. */
479
+ if (!mongocrypt_status_ok (kms->status) ||
480
+ !_mongocrypt_buffer_empty (&kms->result)) {
481
+ return 0;
482
+ }
483
+ want_bytes = kms_response_parser_wants_bytes (kms->parser,
484
+ DEFAULT_MAX_KMS_BYTE_REQUEST);
485
+ BSON_ASSERT (want_bytes >= 0);
486
+ return (uint32_t) want_bytes;
487
+ }
488
+
489
+ static void
490
+ _handle_non200_http_status (int http_status,
491
+ const char *body,
492
+ size_t body_len,
493
+ mongocrypt_status_t *status)
494
+ {
495
+ BSON_ASSERT_PARAM (body);
496
+
497
+ /* 1xx, 2xx, and 3xx HTTP status codes are not errors, but we only
498
+ * support handling 200 response. */
499
+ if (http_status < 400) {
500
+ CLIENT_ERR ("Unsupported HTTP code in KMS response. HTTP status=%d. "
501
+ "Response body=\n%s",
502
+ http_status,
503
+ body);
504
+ return;
505
+ }
506
+
507
+ /* Either empty body or body containing JSON with error message. */
508
+ if (body_len == 0) {
509
+ CLIENT_ERR ("Error in KMS response. HTTP status=%d. Empty body.",
510
+ http_status);
511
+ return;
512
+ }
513
+
514
+ CLIENT_ERR ("Error in KMS response. HTTP status=%d. Response body=\n%s",
515
+ http_status,
516
+ body);
517
+ }
518
+
519
+ /* An AWS KMS context has received full response. Parse out the result or error.
520
+ */
521
+ static bool
522
+ _ctx_done_aws (mongocrypt_kms_ctx_t *kms, const char *json_field)
523
+ {
524
+ BSON_ASSERT_PARAM (kms);
525
+ BSON_ASSERT_PARAM (json_field);
526
+
527
+ kms_response_t *response = NULL;
528
+ const char *body;
529
+ bson_t body_bson = BSON_INITIALIZER;
530
+ bool ret;
531
+ bson_error_t bson_error;
532
+ bson_iter_t iter;
533
+ uint32_t b64_strlen;
534
+ char *b64_str;
535
+ int http_status;
536
+ size_t body_len;
537
+ int result_len;
538
+ mongocrypt_status_t *status;
539
+
540
+ status = kms->status;
541
+ ret = false;
542
+ /* Parse out the {en|de}crypted result. */
543
+ http_status = kms_response_parser_status (kms->parser);
544
+ response = kms_response_parser_get_response (kms->parser);
545
+ body = kms_response_get_body (response, &body_len);
546
+
547
+ if (http_status != 200) {
548
+ _handle_non200_http_status (http_status, body, body_len, status);
549
+ goto fail;
550
+ }
551
+
552
+ /* If HTTP response succeeded (status 200) then body should contain JSON.
553
+ */
554
+ bson_destroy (&body_bson);
555
+ if (body_len > (size_t) SSIZE_MAX) {
556
+ CLIENT_ERR ("Error parsing JSON in KMS response '%s'. "
557
+ "Response body exceeds maximum supported length",
558
+ bson_error.message);
559
+ bson_init (&body_bson);
560
+ goto fail;
561
+ }
562
+ if (!bson_init_from_json (
563
+ &body_bson, body, (ssize_t) body_len, &bson_error)) {
564
+ CLIENT_ERR ("Error parsing JSON in KMS response '%s'. "
565
+ "HTTP status=%d. Response body=\n%s",
566
+ bson_error.message,
567
+ http_status,
568
+ body);
569
+ bson_init (&body_bson);
570
+ goto fail;
571
+ }
572
+
573
+ if (!bson_iter_init_find (&iter, &body_bson, json_field) ||
574
+ !BSON_ITER_HOLDS_UTF8 (&iter)) {
575
+ CLIENT_ERR (
576
+ "KMS JSON response does not include field '%s'. HTTP status=%d. "
577
+ "Response body=\n%s",
578
+ json_field,
579
+ http_status,
580
+ body);
581
+ goto fail;
582
+ }
583
+
584
+ b64_str = (char *) bson_iter_utf8 (&iter, &b64_strlen);
585
+ BSON_ASSERT (b64_str);
586
+ uint8_t *result_data = bson_malloc ((size_t) b64_strlen + 1u);
587
+ BSON_ASSERT (result_data);
588
+
589
+ result_len = kms_message_b64_pton (b64_str, result_data, b64_strlen);
590
+ if (result_len < 0) {
591
+ CLIENT_ERR (
592
+ "Failed to base64 decode response. HTTP status=%d. Response body=\n%s",
593
+ http_status,
594
+ body);
595
+ bson_free (result_data);
596
+ goto fail;
597
+ }
598
+ kms->result.data = result_data;
599
+ kms->result.len = (uint32_t) result_len;
600
+ kms->result.owned = true;
601
+ ret = true;
602
+ fail:
603
+ bson_destroy (&body_bson);
604
+ kms_response_destroy (response);
605
+ return ret;
606
+ }
607
+
608
+ /* A Azure/GCP oauth KMS context has received full response. Parse out the
609
+ * bearer token or error. */
610
+ static bool
611
+ _ctx_done_oauth (mongocrypt_kms_ctx_t *kms)
612
+ {
613
+ BSON_ASSERT_PARAM (kms);
614
+
615
+ kms_response_t *response = NULL;
616
+ const char *body;
617
+ bson_t *bson_body = NULL;
618
+ bool ret;
619
+ bson_error_t bson_error;
620
+ bson_iter_t iter;
621
+ int http_status;
622
+ size_t body_len;
623
+ mongocrypt_status_t *status;
624
+
625
+ status = kms->status;
626
+ ret = false;
627
+ /* Parse out the oauth token result (or error). */
628
+ http_status = kms_response_parser_status (kms->parser);
629
+ response = kms_response_parser_get_response (kms->parser);
630
+ body = kms_response_get_body (response, &body_len);
631
+
632
+ if (body_len == 0) {
633
+ CLIENT_ERR ("Empty KMS response. HTTP status=%d", http_status);
634
+ goto fail;
635
+ }
636
+
637
+ if (body_len > (size_t) SSIZE_MAX) {
638
+ CLIENT_ERR ("Error parsing JSON in KMS response '%s'. "
639
+ "Response body exceeds maximum supported length",
640
+ bson_error.message);
641
+ goto fail;
642
+ }
643
+ bson_body = bson_new_from_json (
644
+ (const uint8_t *) body, (ssize_t) body_len, &bson_error);
645
+ if (!bson_body) {
646
+ CLIENT_ERR ("Error parsing JSON in KMS response '%s'. "
647
+ "HTTP status=%d. Response body=\n%s",
648
+ bson_error.message,
649
+ http_status,
650
+ body);
651
+ goto fail;
652
+ }
653
+
654
+ if (http_status != 200) {
655
+ _handle_non200_http_status (http_status, body, body_len, status);
656
+ goto fail;
657
+ }
658
+
659
+ if (!bson_iter_init_find (&iter, bson_body, "access_token") ||
660
+ !BSON_ITER_HOLDS_UTF8 (&iter)) {
661
+ CLIENT_ERR ("Invalid KMS response. KMS JSON response does not include "
662
+ "field 'access_token'. "
663
+ "HTTP status=%d. Response body=\n%s",
664
+ http_status,
665
+ body);
666
+ goto fail;
667
+ }
668
+
669
+ /* Store the full response, to include the expiration time. */
670
+ _mongocrypt_buffer_steal_from_bson (&kms->result, bson_body);
671
+ bson_body = NULL;
672
+
673
+ ret = true;
674
+ fail:
675
+ bson_destroy (bson_body);
676
+ kms_response_destroy (response);
677
+ return ret;
678
+ }
679
+
680
+ /* An Azure oauth KMS context has received full response. Parse out the bearer
681
+ * token or error. */
682
+ static bool
683
+ _ctx_done_azure_wrapkey_unwrapkey (mongocrypt_kms_ctx_t *kms)
684
+ {
685
+ BSON_ASSERT_PARAM (kms);
686
+
687
+ kms_response_t *response = NULL;
688
+ const char *body;
689
+ bson_t *bson_body = NULL;
690
+ bool ret;
691
+ bson_error_t bson_error;
692
+ bson_iter_t iter;
693
+ int http_status;
694
+ size_t body_len;
695
+ mongocrypt_status_t *status;
696
+ const char *b64url_data = NULL;
697
+ uint32_t b64url_len;
698
+ char *b64_data = NULL;
699
+ uint32_t b64_len;
700
+ int result_len;
701
+
702
+ status = kms->status;
703
+ ret = false;
704
+ /* Parse out the oauth token result (or error). */
705
+ http_status = kms_response_parser_status (kms->parser);
706
+ response = kms_response_parser_get_response (kms->parser);
707
+ body = kms_response_get_body (response, &body_len);
708
+
709
+ if (body_len == 0) {
710
+ CLIENT_ERR ("Empty KMS response. HTTP status=%d", http_status);
711
+ goto fail;
712
+ }
713
+
714
+ if (body_len > (size_t) SSIZE_MAX) {
715
+ CLIENT_ERR ("Error parsing JSON in KMS response '%s'. "
716
+ "Response body exceeds maximum supported length",
717
+ bson_error.message);
718
+ goto fail;
719
+ }
720
+ bson_body = bson_new_from_json (
721
+ (const uint8_t *) body, (ssize_t) body_len, &bson_error);
722
+ if (!bson_body) {
723
+ CLIENT_ERR ("Error parsing JSON in KMS response '%s'. "
724
+ "HTTP status=%d. Response body=\n%s",
725
+ bson_error.message,
726
+ http_status,
727
+ body);
728
+ goto fail;
729
+ }
730
+
731
+ if (http_status != 200) {
732
+ _handle_non200_http_status (http_status, body, body_len, status);
733
+ goto fail;
734
+ }
735
+
736
+ if (!bson_iter_init_find (&iter, bson_body, "value") ||
737
+ !BSON_ITER_HOLDS_UTF8 (&iter)) {
738
+ CLIENT_ERR (
739
+ "KMS JSON response does not include field 'value'. HTTP status=%d. "
740
+ "Response body=\n%s",
741
+ http_status,
742
+ body);
743
+ goto fail;
744
+ }
745
+
746
+ b64url_data = bson_iter_utf8 (&iter, &b64url_len);
747
+ BSON_ASSERT (b64url_len <= UINT32_MAX - 4u);
748
+ /* add four for padding. */
749
+ b64_len = b64url_len + 4;
750
+ b64_data = bson_malloc0 (b64_len);
751
+ if (kms_message_b64url_to_b64 (b64url_data, b64url_len, b64_data, b64_len) ==
752
+ -1) {
753
+ CLIENT_ERR ("Error converting base64url to base64");
754
+ goto fail;
755
+ }
756
+
757
+ uint8_t *result_data = bson_malloc (b64_len);
758
+ BSON_ASSERT (result_data);
759
+ result_len = kms_message_b64_pton (b64_data, result_data, b64_len);
760
+ if (result_len < 0) {
761
+ CLIENT_ERR (
762
+ "Failed to base64 decode response. HTTP status=%d. Response body=\n%s",
763
+ http_status,
764
+ body);
765
+ bson_free (result_data);
766
+ goto fail;
767
+ }
768
+
769
+ kms->result.data = result_data;
770
+ kms->result.len = (uint32_t) result_len;
771
+ kms->result.owned = true;
772
+
773
+ ret = true;
774
+ fail:
775
+ bson_destroy (bson_body);
776
+ kms_response_destroy (response);
777
+ bson_free (b64_data);
778
+ return ret;
779
+ }
780
+
781
+ /* A GCP KMS context has received full response. Parse out the result or error.
782
+ */
783
+ static bool
784
+ _ctx_done_gcp (mongocrypt_kms_ctx_t *kms, const char *json_field)
785
+ {
786
+ BSON_ASSERT_PARAM (kms);
787
+ BSON_ASSERT_PARAM (json_field);
788
+
789
+ kms_response_t *response = NULL;
790
+ const char *body;
791
+ bson_t body_bson = BSON_INITIALIZER;
792
+ bool ret;
793
+ bson_error_t bson_error;
794
+ bson_iter_t iter;
795
+ size_t outlen;
796
+ char *b64_str;
797
+ int http_status;
798
+ size_t body_len;
799
+ mongocrypt_status_t *status;
800
+
801
+ status = kms->status;
802
+ ret = false;
803
+ /* Parse out the {en|de}crypted result. */
804
+ http_status = kms_response_parser_status (kms->parser);
805
+ response = kms_response_parser_get_response (kms->parser);
806
+ body = kms_response_get_body (response, &body_len);
807
+
808
+ if (http_status != 200) {
809
+ _handle_non200_http_status (http_status, body, body_len, status);
810
+ goto fail;
811
+ }
812
+
813
+ /* If HTTP response succeeded (status 200) then body should contain JSON.
814
+ */
815
+ bson_destroy (&body_bson);
816
+ if (body_len > (size_t) SSIZE_MAX) {
817
+ CLIENT_ERR ("Error parsing JSON in KMS response '%s'. "
818
+ "Response body exceeds maximum supported length",
819
+ bson_error.message);
820
+ bson_init (&body_bson);
821
+ goto fail;
822
+ }
823
+ if (!bson_init_from_json (
824
+ &body_bson, body, (ssize_t) body_len, &bson_error)) {
825
+ CLIENT_ERR ("Error parsing JSON in KMS response '%s'. "
826
+ "HTTP status=%d. Response body=\n%s",
827
+ bson_error.message,
828
+ http_status,
829
+ body);
830
+ bson_init (&body_bson);
831
+ goto fail;
832
+ }
833
+
834
+ if (!bson_iter_init_find (&iter, &body_bson, json_field) ||
835
+ !BSON_ITER_HOLDS_UTF8 (&iter)) {
836
+ CLIENT_ERR (
837
+ "KMS JSON response does not include field '%s'. HTTP status=%d. "
838
+ "Response body=\n%s",
839
+ json_field,
840
+ http_status,
841
+ body);
842
+ goto fail;
843
+ }
844
+
845
+
846
+ b64_str = (char *) bson_iter_utf8 (&iter, NULL);
847
+ BSON_ASSERT (b64_str);
848
+ kms->result.data = kms_message_b64_to_raw (b64_str, &outlen);
849
+ BSON_ASSERT (outlen <= UINT32_MAX);
850
+ kms->result.len = (uint32_t) outlen;
851
+ kms->result.owned = true;
852
+ ret = true;
853
+ fail:
854
+ bson_destroy (&body_bson);
855
+ kms_response_destroy (response);
856
+ return ret;
857
+ }
858
+
859
+ static bool
860
+ _ctx_done_kmip_register (mongocrypt_kms_ctx_t *kms_ctx)
861
+ {
862
+ BSON_ASSERT_PARAM (kms_ctx);
863
+
864
+ kms_response_t *res = NULL;
865
+
866
+ mongocrypt_status_t *status = kms_ctx->status;
867
+ bool ret = false;
868
+ char *uid;
869
+
870
+ res = kms_response_parser_get_response (kms_ctx->parser);
871
+ if (!res) {
872
+ CLIENT_ERR ("Error getting KMIP response: %s",
873
+ kms_response_parser_error (kms_ctx->parser));
874
+ goto done;
875
+ }
876
+
877
+ uid = kms_kmip_response_get_unique_identifier (res);
878
+ if (!uid) {
879
+ CLIENT_ERR (
880
+ "Error getting UniqueIdentifer from KMIP Register response: %s",
881
+ kms_response_get_error (res));
882
+ goto done;
883
+ }
884
+
885
+ if (!_mongocrypt_buffer_steal_from_string (&kms_ctx->result, uid)) {
886
+ CLIENT_ERR ("Error storing KMS UniqueIdentifer result");
887
+ bson_free (uid);
888
+ goto done;
889
+ }
890
+ ret = true;
891
+
892
+ done:
893
+ kms_response_destroy (res);
894
+ return ret;
895
+ }
896
+
897
+ static bool
898
+ _ctx_done_kmip_activate (mongocrypt_kms_ctx_t *kms_ctx)
899
+ {
900
+ BSON_ASSERT_PARAM (kms_ctx);
901
+ return _ctx_done_kmip_register (kms_ctx);
902
+ }
903
+
904
+ static bool
905
+ _ctx_done_kmip_get (mongocrypt_kms_ctx_t *kms_ctx)
906
+ {
907
+ BSON_ASSERT_PARAM (kms_ctx);
908
+
909
+ kms_response_t *res = NULL;
910
+
911
+ mongocrypt_status_t *status = kms_ctx->status;
912
+ bool ret = false;
913
+ uint8_t *secretdata;
914
+ size_t secretdata_len;
915
+
916
+ res = kms_response_parser_get_response (kms_ctx->parser);
917
+ if (!res) {
918
+ CLIENT_ERR ("Error getting KMIP response: %s",
919
+ kms_response_parser_error (kms_ctx->parser));
920
+ goto done;
921
+ }
922
+
923
+ secretdata = kms_kmip_response_get_secretdata (res, &secretdata_len);
924
+ if (!secretdata) {
925
+ CLIENT_ERR ("Error getting SecretData from KMIP Get response: %s",
926
+ kms_response_get_error (res));
927
+ goto done;
928
+ }
929
+
930
+ if (!_mongocrypt_buffer_steal_from_data_and_size (
931
+ &kms_ctx->result, secretdata, secretdata_len)) {
932
+ CLIENT_ERR ("Error storing KMS SecretData result");
933
+ bson_free (secretdata);
934
+ goto done;
935
+ }
936
+
937
+ ret = true;
938
+
939
+ done:
940
+ kms_response_destroy (res);
941
+ return ret;
942
+ }
943
+
944
+ bool
945
+ mongocrypt_kms_ctx_feed (mongocrypt_kms_ctx_t *kms, mongocrypt_binary_t *bytes)
946
+ {
947
+ if (!kms) {
948
+ return false;
949
+ }
950
+
951
+ mongocrypt_status_t *status = kms->status;
952
+ if (!mongocrypt_status_ok (status)) {
953
+ return false;
954
+ }
955
+
956
+ if (!bytes) {
957
+ CLIENT_ERR ("argument 'bytes' is required");
958
+ return false;
959
+ }
960
+
961
+ if (0 == bytes->len) {
962
+ CLIENT_ERR ("argument 'bytes' cannot be empty");
963
+ return false;
964
+ }
965
+
966
+ if (bytes->len > mongocrypt_kms_ctx_bytes_needed (kms)) {
967
+ CLIENT_ERR ("KMS response fed too much data");
968
+ return false;
969
+ }
970
+
971
+ if (kms->log && kms->log->trace_enabled) {
972
+ _mongocrypt_log (kms->log,
973
+ MONGOCRYPT_LOG_LEVEL_TRACE,
974
+ "%s (%s=\"%.*s\")",
975
+ BSON_FUNC,
976
+ "bytes",
977
+ mongocrypt_binary_len (bytes),
978
+ mongocrypt_binary_data (bytes));
979
+ }
980
+
981
+ if (!kms_response_parser_feed (kms->parser, bytes->data, bytes->len)) {
982
+ if (is_kms (kms->req_type)) {
983
+ /* The KMIP response parser does not suport kms_response_parser_status.
984
+ * Only report the error string. */
985
+ CLIENT_ERR ("KMS response parser error with error: '%s'",
986
+ kms_response_parser_error (kms->parser));
987
+ } else {
988
+ CLIENT_ERR ("KMS response parser error with status %d, error: '%s'",
989
+ kms_response_parser_status (kms->parser),
990
+ kms_response_parser_error (kms->parser));
991
+ }
992
+
993
+ return false;
994
+ }
995
+
996
+ if (0 == mongocrypt_kms_ctx_bytes_needed (kms)) {
997
+ switch (kms->req_type) {
998
+ default:
999
+ CLIENT_ERR ("Unknown request type");
1000
+ return false;
1001
+ case MONGOCRYPT_KMS_AWS_ENCRYPT:
1002
+ return _ctx_done_aws (kms, "CiphertextBlob");
1003
+ case MONGOCRYPT_KMS_AWS_DECRYPT:
1004
+ return _ctx_done_aws (kms, "Plaintext");
1005
+ case MONGOCRYPT_KMS_AZURE_OAUTH:
1006
+ return _ctx_done_oauth (kms);
1007
+ case MONGOCRYPT_KMS_AZURE_WRAPKEY:
1008
+ return _ctx_done_azure_wrapkey_unwrapkey (kms);
1009
+ case MONGOCRYPT_KMS_AZURE_UNWRAPKEY:
1010
+ return _ctx_done_azure_wrapkey_unwrapkey (kms);
1011
+ case MONGOCRYPT_KMS_GCP_OAUTH:
1012
+ return _ctx_done_oauth (kms);
1013
+ case MONGOCRYPT_KMS_GCP_ENCRYPT:
1014
+ return _ctx_done_gcp (kms, "ciphertext");
1015
+ case MONGOCRYPT_KMS_GCP_DECRYPT:
1016
+ return _ctx_done_gcp (kms, "plaintext");
1017
+ case MONGOCRYPT_KMS_KMIP_REGISTER:
1018
+ return _ctx_done_kmip_register (kms);
1019
+ case MONGOCRYPT_KMS_KMIP_ACTIVATE:
1020
+ return _ctx_done_kmip_activate (kms);
1021
+ case MONGOCRYPT_KMS_KMIP_GET:
1022
+ return _ctx_done_kmip_get (kms);
1023
+ }
1024
+ }
1025
+ return true;
1026
+ }
1027
+
1028
+
1029
+ bool
1030
+ _mongocrypt_kms_ctx_result (mongocrypt_kms_ctx_t *kms,
1031
+ _mongocrypt_buffer_t *out)
1032
+ {
1033
+ BSON_ASSERT_PARAM (kms);
1034
+ BSON_ASSERT_PARAM (out);
1035
+
1036
+ mongocrypt_status_t *status = kms->status;
1037
+
1038
+ /* If we have no status, we were never initialized */
1039
+ if (!status) {
1040
+ return false;
1041
+ }
1042
+
1043
+ if (!mongocrypt_status_ok (status)) {
1044
+ return false;
1045
+ }
1046
+
1047
+ if (mongocrypt_kms_ctx_bytes_needed (kms) > 0) {
1048
+ CLIENT_ERR ("KMS response unfinished");
1049
+ return false;
1050
+ }
1051
+
1052
+ _mongocrypt_buffer_init (out);
1053
+ out->data = kms->result.data;
1054
+ out->len = kms->result.len;
1055
+ return true;
1056
+ }
1057
+
1058
+
1059
+ bool
1060
+ mongocrypt_kms_ctx_status (mongocrypt_kms_ctx_t *kms,
1061
+ mongocrypt_status_t *status_out)
1062
+ {
1063
+ if (!kms) {
1064
+ return false;
1065
+ }
1066
+
1067
+ if (!status_out) {
1068
+ mongocrypt_status_t *status = kms->status;
1069
+ CLIENT_ERR ("argument 'status' is required");
1070
+ return false;
1071
+ }
1072
+ _mongocrypt_status_copy_to (kms->status, status_out);
1073
+ return mongocrypt_status_ok (status_out);
1074
+ }
1075
+
1076
+
1077
+ void
1078
+ _mongocrypt_kms_ctx_cleanup (mongocrypt_kms_ctx_t *kms)
1079
+ {
1080
+ if (!kms) {
1081
+ return;
1082
+ }
1083
+ if (kms->req) {
1084
+ kms_request_destroy (kms->req);
1085
+ }
1086
+ if (kms->parser) {
1087
+ kms_response_parser_destroy (kms->parser);
1088
+ }
1089
+ mongocrypt_status_destroy (kms->status);
1090
+ _mongocrypt_buffer_cleanup (&kms->msg);
1091
+ _mongocrypt_buffer_cleanup (&kms->result);
1092
+ bson_free (kms->endpoint);
1093
+ }
1094
+
1095
+
1096
+ bool
1097
+ mongocrypt_kms_ctx_message (mongocrypt_kms_ctx_t *kms, mongocrypt_binary_t *msg)
1098
+ {
1099
+ if (!kms) {
1100
+ return false;
1101
+ }
1102
+
1103
+ if (!msg) {
1104
+ mongocrypt_status_t *status = kms->status;
1105
+ CLIENT_ERR ("argument 'msg' is required");
1106
+ return false;
1107
+ }
1108
+ msg->data = kms->msg.data;
1109
+ msg->len = kms->msg.len;
1110
+ return true;
1111
+ }
1112
+
1113
+
1114
+ bool
1115
+ mongocrypt_kms_ctx_endpoint (mongocrypt_kms_ctx_t *kms, const char **endpoint)
1116
+ {
1117
+ if (!kms) {
1118
+ return false;
1119
+ }
1120
+ if (!endpoint) {
1121
+ mongocrypt_status_t *status = kms->status;
1122
+ CLIENT_ERR ("argument 'endpoint' is required");
1123
+ return false;
1124
+ }
1125
+ *endpoint = kms->endpoint;
1126
+ return true;
1127
+ }
1128
+
1129
+ bool
1130
+ _mongocrypt_kms_ctx_init_azure_auth (
1131
+ mongocrypt_kms_ctx_t *kms,
1132
+ _mongocrypt_log_t *log,
1133
+ _mongocrypt_opts_kms_providers_t *kms_providers,
1134
+ _mongocrypt_endpoint_t *key_vault_endpoint)
1135
+ {
1136
+ BSON_ASSERT_PARAM (kms);
1137
+ BSON_ASSERT_PARAM (kms_providers);
1138
+
1139
+ kms_request_opt_t *opt = NULL;
1140
+ mongocrypt_status_t *status;
1141
+ _mongocrypt_endpoint_t *identity_platform_endpoint;
1142
+ char *scope = NULL;
1143
+ const char *hostname;
1144
+ char *request_string;
1145
+ bool ret = false;
1146
+
1147
+ _init_common (kms, log, MONGOCRYPT_KMS_AZURE_OAUTH);
1148
+ status = kms->status;
1149
+
1150
+ identity_platform_endpoint = kms_providers->azure.identity_platform_endpoint;
1151
+
1152
+ if (identity_platform_endpoint) {
1153
+ kms->endpoint = bson_strdup (identity_platform_endpoint->host_and_port);
1154
+ hostname = identity_platform_endpoint->host;
1155
+ } else {
1156
+ kms->endpoint = bson_strdup ("login.microsoftonline.com");
1157
+ hostname = "login.microsoftonline.com";
1158
+ }
1159
+ _mongocrypt_apply_default_port (&kms->endpoint, DEFAULT_HTTPS_PORT);
1160
+
1161
+ if (key_vault_endpoint) {
1162
+ /* Request a custom scope. It is URL encoded, like
1163
+ * https%3A%2F%2Fvault.azure.net%2F.default */
1164
+ scope = bson_strdup_printf (
1165
+ "%s%s%s", "https%3A%2F%2F", key_vault_endpoint->domain, "%2F.default");
1166
+ } else {
1167
+ /* Default to commercial Azure endpoint. */
1168
+ scope = bson_strdup ("https%3A%2F%2Fvault.azure.net%2F.default");
1169
+ }
1170
+
1171
+ opt = kms_request_opt_new ();
1172
+ BSON_ASSERT (opt);
1173
+ kms_request_opt_set_connection_close (opt, true);
1174
+ kms_request_opt_set_provider (opt, KMS_REQUEST_PROVIDER_AZURE);
1175
+ kms->req = kms_azure_request_oauth_new (hostname,
1176
+ scope,
1177
+ kms_providers->azure.tenant_id,
1178
+ kms_providers->azure.client_id,
1179
+ kms_providers->azure.client_secret,
1180
+ opt);
1181
+ if (kms_request_get_error (kms->req)) {
1182
+ CLIENT_ERR ("error constructing KMS message: %s",
1183
+ kms_request_get_error (kms->req));
1184
+ goto fail;
1185
+ }
1186
+
1187
+ request_string = kms_request_to_string (kms->req);
1188
+ if (!request_string) {
1189
+ CLIENT_ERR ("error getting Azure OAuth KMS message: %s",
1190
+ kms_request_get_error (kms->req));
1191
+ goto fail;
1192
+ }
1193
+ _mongocrypt_buffer_init (&kms->msg);
1194
+ kms->msg.data = (uint8_t *) request_string;
1195
+ kms->msg.len = (uint32_t) strlen (request_string);
1196
+ kms->msg.owned = true;
1197
+
1198
+ ret = true;
1199
+ fail:
1200
+ bson_free (scope);
1201
+ kms_request_opt_destroy (opt);
1202
+ return ret;
1203
+ }
1204
+
1205
+ bool
1206
+ _mongocrypt_kms_ctx_init_azure_wrapkey (
1207
+ mongocrypt_kms_ctx_t *kms,
1208
+ _mongocrypt_log_t *log,
1209
+ _mongocrypt_opts_kms_providers_t *kms_providers,
1210
+ struct __mongocrypt_ctx_opts_t *ctx_opts,
1211
+ const char *access_token,
1212
+ _mongocrypt_buffer_t *plaintext_key_material)
1213
+ {
1214
+ BSON_ASSERT_PARAM (kms);
1215
+ BSON_ASSERT_PARAM (ctx_opts);
1216
+ BSON_ASSERT_PARAM (plaintext_key_material);
1217
+
1218
+ kms_request_opt_t *opt = NULL;
1219
+ mongocrypt_status_t *status;
1220
+ char *path_and_query = NULL;
1221
+ char *payload = NULL;
1222
+ const char *host;
1223
+ char *request_string;
1224
+ bool ret = false;
1225
+
1226
+ _init_common (kms, log, MONGOCRYPT_KMS_AZURE_WRAPKEY);
1227
+ status = kms->status;
1228
+
1229
+ BSON_ASSERT (ctx_opts->kek.provider.azure.key_vault_endpoint);
1230
+
1231
+ kms->endpoint = bson_strdup (
1232
+ ctx_opts->kek.provider.azure.key_vault_endpoint->host_and_port);
1233
+ _mongocrypt_apply_default_port (&kms->endpoint, DEFAULT_HTTPS_PORT);
1234
+ host = ctx_opts->kek.provider.azure.key_vault_endpoint->host;
1235
+
1236
+ opt = kms_request_opt_new ();
1237
+ BSON_ASSERT (opt);
1238
+ kms_request_opt_set_connection_close (opt, true);
1239
+ kms_request_opt_set_provider (opt, KMS_REQUEST_PROVIDER_AZURE);
1240
+ kms->req =
1241
+ kms_azure_request_wrapkey_new (host,
1242
+ access_token,
1243
+ ctx_opts->kek.provider.azure.key_name,
1244
+ ctx_opts->kek.provider.azure.key_version,
1245
+ plaintext_key_material->data,
1246
+ plaintext_key_material->len,
1247
+ opt);
1248
+
1249
+ if (kms_request_get_error (kms->req)) {
1250
+ CLIENT_ERR ("error constructing KMS wrapkey message: %s",
1251
+ kms_request_get_error (kms->req));
1252
+ goto fail;
1253
+ }
1254
+
1255
+ request_string = kms_request_to_string (kms->req);
1256
+ if (!request_string) {
1257
+ CLIENT_ERR ("error getting Azure wrapkey KMS message: %s",
1258
+ kms_request_get_error (kms->req));
1259
+ goto fail;
1260
+ }
1261
+ _mongocrypt_buffer_init (&kms->msg);
1262
+ kms->msg.data = (uint8_t *) request_string;
1263
+ kms->msg.len = (uint32_t) strlen (request_string);
1264
+ kms->msg.owned = true;
1265
+
1266
+ ret = true;
1267
+ fail:
1268
+ kms_request_opt_destroy (opt);
1269
+ bson_free (path_and_query);
1270
+ bson_free (payload);
1271
+ return ret;
1272
+ }
1273
+
1274
+ bool
1275
+ _mongocrypt_kms_ctx_init_azure_unwrapkey (
1276
+ mongocrypt_kms_ctx_t *kms,
1277
+ _mongocrypt_opts_kms_providers_t *kms_providers,
1278
+ const char *access_token,
1279
+ _mongocrypt_key_doc_t *key,
1280
+ _mongocrypt_log_t *log)
1281
+ {
1282
+ BSON_ASSERT_PARAM (kms);
1283
+ BSON_ASSERT_PARAM (key);
1284
+
1285
+ kms_request_opt_t *opt = NULL;
1286
+ mongocrypt_status_t *status;
1287
+ char *path_and_query = NULL;
1288
+ char *payload = NULL;
1289
+ const char *host;
1290
+ char *request_string;
1291
+ bool ret = false;
1292
+
1293
+ _init_common (kms, log, MONGOCRYPT_KMS_AZURE_UNWRAPKEY);
1294
+ status = kms->status;
1295
+
1296
+ BSON_ASSERT (key->kek.provider.azure.key_vault_endpoint);
1297
+
1298
+ kms->endpoint =
1299
+ bson_strdup (key->kek.provider.azure.key_vault_endpoint->host_and_port);
1300
+ _mongocrypt_apply_default_port (&kms->endpoint, DEFAULT_HTTPS_PORT);
1301
+ host = key->kek.provider.azure.key_vault_endpoint->host;
1302
+
1303
+ opt = kms_request_opt_new ();
1304
+ BSON_ASSERT (opt);
1305
+ kms_request_opt_set_connection_close (opt, true);
1306
+ kms_request_opt_set_provider (opt, KMS_REQUEST_PROVIDER_AZURE);
1307
+ kms->req =
1308
+ kms_azure_request_unwrapkey_new (host,
1309
+ access_token,
1310
+ key->kek.provider.azure.key_name,
1311
+ key->kek.provider.azure.key_version,
1312
+ key->key_material.data,
1313
+ key->key_material.len,
1314
+ opt);
1315
+
1316
+ if (kms_request_get_error (kms->req)) {
1317
+ CLIENT_ERR ("error constructing KMS unwrapkey message: %s",
1318
+ kms_request_get_error (kms->req));
1319
+ goto fail;
1320
+ }
1321
+
1322
+ request_string = kms_request_to_string (kms->req);
1323
+ if (!request_string) {
1324
+ CLIENT_ERR ("error getting Azure unwrapkey KMS message: %s",
1325
+ kms_request_get_error (kms->req));
1326
+ goto fail;
1327
+ }
1328
+ _mongocrypt_buffer_init (&kms->msg);
1329
+ kms->msg.data = (uint8_t *) request_string;
1330
+ kms->msg.len = (uint32_t) strlen (request_string);
1331
+ kms->msg.owned = true;
1332
+
1333
+ ret = true;
1334
+ fail:
1335
+ kms_request_opt_destroy (opt);
1336
+ bson_free (path_and_query);
1337
+ bson_free (payload);
1338
+ return ret;
1339
+ }
1340
+
1341
+ #define RSAES_PKCS1_V1_5_SIGNATURE_LEN 256
1342
+
1343
+ /* This is the form of the callback that KMS message calls. */
1344
+ static bool
1345
+ _sign_rsaes_pkcs1_v1_5_trampoline (void *ctx,
1346
+ const char *private_key,
1347
+ size_t private_key_len,
1348
+ const char *input,
1349
+ size_t input_len,
1350
+ unsigned char *signature_out)
1351
+ {
1352
+ ctx_with_status_t *ctx_with_status;
1353
+ _mongocrypt_opts_t *crypt_opts;
1354
+ mongocrypt_binary_t private_key_bin;
1355
+ mongocrypt_binary_t input_bin;
1356
+ mongocrypt_binary_t output_bin;
1357
+ bool ret;
1358
+
1359
+ BSON_ASSERT_PARAM (ctx);
1360
+ BSON_ASSERT_PARAM (input);
1361
+ BSON_ASSERT_PARAM (private_key);
1362
+ BSON_ASSERT_PARAM (signature_out);
1363
+
1364
+ ctx_with_status = (ctx_with_status_t *) ctx;
1365
+ crypt_opts = (_mongocrypt_opts_t *) ctx_with_status->ctx;
1366
+ BSON_ASSERT (crypt_opts);
1367
+ private_key_bin.data = (uint8_t *) private_key;
1368
+ BSON_ASSERT (private_key_len <= UINT32_MAX);
1369
+ private_key_bin.len = (uint32_t) private_key_len;
1370
+ input_bin.data = (uint8_t *) input;
1371
+ BSON_ASSERT (input_len <= UINT32_MAX);
1372
+ input_bin.len = (uint32_t) input_len;
1373
+ output_bin.data = (uint8_t *) signature_out;
1374
+ output_bin.len = RSAES_PKCS1_V1_5_SIGNATURE_LEN;
1375
+
1376
+ ret = crypt_opts->sign_rsaes_pkcs1_v1_5 (crypt_opts->sign_ctx,
1377
+ &private_key_bin,
1378
+ &input_bin,
1379
+ &output_bin,
1380
+ ctx_with_status->status);
1381
+ return ret;
1382
+ }
1383
+
1384
+ bool
1385
+ _mongocrypt_kms_ctx_init_gcp_auth (
1386
+ mongocrypt_kms_ctx_t *kms,
1387
+ _mongocrypt_log_t *log,
1388
+ _mongocrypt_opts_t *crypt_opts,
1389
+ _mongocrypt_opts_kms_providers_t *kms_providers,
1390
+ _mongocrypt_endpoint_t *kms_endpoint)
1391
+ {
1392
+ BSON_ASSERT_PARAM (kms);
1393
+ BSON_ASSERT_PARAM (kms_providers);
1394
+ BSON_ASSERT_PARAM (crypt_opts);
1395
+
1396
+ kms_request_opt_t *opt = NULL;
1397
+ mongocrypt_status_t *status;
1398
+ _mongocrypt_endpoint_t *auth_endpoint;
1399
+ char *scope = NULL;
1400
+ char *audience = NULL;
1401
+ const char *hostname;
1402
+ char *request_string;
1403
+ bool ret = false;
1404
+ ctx_with_status_t ctx_with_status;
1405
+
1406
+ _init_common (kms, log, MONGOCRYPT_KMS_GCP_OAUTH);
1407
+ status = kms->status;
1408
+ ctx_with_status.ctx = crypt_opts;
1409
+ ctx_with_status.status = mongocrypt_status_new ();
1410
+
1411
+ auth_endpoint = kms_providers->gcp.endpoint;
1412
+ if (auth_endpoint) {
1413
+ kms->endpoint = bson_strdup (auth_endpoint->host_and_port);
1414
+ hostname = auth_endpoint->host;
1415
+ audience = bson_strdup_printf ("https://%s/token", auth_endpoint->host);
1416
+ } else {
1417
+ kms->endpoint = bson_strdup ("oauth2.googleapis.com");
1418
+ hostname = "oauth2.googleapis.com";
1419
+ audience = bson_strdup_printf ("https://oauth2.googleapis.com/token");
1420
+ }
1421
+ _mongocrypt_apply_default_port (&kms->endpoint, DEFAULT_HTTPS_PORT);
1422
+
1423
+ if (kms_endpoint) {
1424
+ /* Request a custom scope. */
1425
+ scope = bson_strdup_printf ("https://www.%s/auth/cloudkms",
1426
+ kms_endpoint->domain);
1427
+ } else {
1428
+ scope = bson_strdup ("https://www.googleapis.com/auth/cloudkms");
1429
+ }
1430
+
1431
+ opt = kms_request_opt_new ();
1432
+ BSON_ASSERT (opt);
1433
+ kms_request_opt_set_connection_close (opt, true);
1434
+ kms_request_opt_set_provider (opt, KMS_REQUEST_PROVIDER_GCP);
1435
+ if (crypt_opts->sign_rsaes_pkcs1_v1_5) {
1436
+ kms_request_opt_set_crypto_hook_sign_rsaes_pkcs1_v1_5 (
1437
+ opt, _sign_rsaes_pkcs1_v1_5_trampoline, &ctx_with_status);
1438
+ }
1439
+ kms->req = kms_gcp_request_oauth_new (
1440
+ hostname,
1441
+ kms_providers->gcp.email,
1442
+ audience,
1443
+ scope,
1444
+ (const char *) kms_providers->gcp.private_key.data,
1445
+ kms_providers->gcp.private_key.len,
1446
+ opt);
1447
+ if (kms_request_get_error (kms->req)) {
1448
+ CLIENT_ERR ("error constructing KMS message: %s",
1449
+ kms_request_get_error (kms->req));
1450
+ _mongocrypt_status_append (status, ctx_with_status.status);
1451
+ goto fail;
1452
+ }
1453
+
1454
+ request_string = kms_request_to_string (kms->req);
1455
+ if (!request_string) {
1456
+ CLIENT_ERR ("error getting GCP OAuth KMS message: %s",
1457
+ kms_request_get_error (kms->req));
1458
+ _mongocrypt_status_append (status, ctx_with_status.status);
1459
+ goto fail;
1460
+ }
1461
+ _mongocrypt_buffer_init (&kms->msg);
1462
+ kms->msg.data = (uint8_t *) request_string;
1463
+ kms->msg.len = (uint32_t) strlen (request_string);
1464
+ kms->msg.owned = true;
1465
+
1466
+ ret = true;
1467
+ fail:
1468
+ bson_free (scope);
1469
+ bson_free (audience);
1470
+ kms_request_opt_destroy (opt);
1471
+ mongocrypt_status_destroy (ctx_with_status.status);
1472
+ return ret;
1473
+ }
1474
+
1475
+ bool
1476
+ _mongocrypt_kms_ctx_init_gcp_encrypt (
1477
+ mongocrypt_kms_ctx_t *kms,
1478
+ _mongocrypt_log_t *log,
1479
+ _mongocrypt_opts_kms_providers_t *kms_providers,
1480
+ struct __mongocrypt_ctx_opts_t *ctx_opts,
1481
+ const char *access_token,
1482
+ _mongocrypt_buffer_t *plaintext_key_material)
1483
+ {
1484
+ BSON_ASSERT_PARAM (kms);
1485
+ BSON_ASSERT_PARAM (ctx_opts);
1486
+ BSON_ASSERT_PARAM (kms_providers);
1487
+ BSON_ASSERT_PARAM (access_token);
1488
+ BSON_ASSERT_PARAM (plaintext_key_material);
1489
+
1490
+ kms_request_opt_t *opt = NULL;
1491
+ mongocrypt_status_t *status;
1492
+ char *path_and_query = NULL;
1493
+ char *payload = NULL;
1494
+ const char *hostname;
1495
+ char *request_string;
1496
+ bool ret = false;
1497
+
1498
+ _init_common (kms, log, MONGOCRYPT_KMS_GCP_ENCRYPT);
1499
+ status = kms->status;
1500
+
1501
+ if (ctx_opts->kek.provider.gcp.endpoint) {
1502
+ kms->endpoint =
1503
+ bson_strdup (ctx_opts->kek.provider.gcp.endpoint->host_and_port);
1504
+ hostname = ctx_opts->kek.provider.gcp.endpoint->host;
1505
+ } else {
1506
+ kms->endpoint = bson_strdup ("cloudkms.googleapis.com");
1507
+ hostname = "cloudkms.googleapis.com";
1508
+ }
1509
+ _mongocrypt_apply_default_port (&kms->endpoint, DEFAULT_HTTPS_PORT);
1510
+
1511
+ opt = kms_request_opt_new ();
1512
+ BSON_ASSERT (opt);
1513
+ kms_request_opt_set_connection_close (opt, true);
1514
+ kms_request_opt_set_provider (opt, KMS_REQUEST_PROVIDER_GCP);
1515
+ kms->req =
1516
+ kms_gcp_request_encrypt_new (hostname,
1517
+ access_token,
1518
+ ctx_opts->kek.provider.gcp.project_id,
1519
+ ctx_opts->kek.provider.gcp.location,
1520
+ ctx_opts->kek.provider.gcp.key_ring,
1521
+ ctx_opts->kek.provider.gcp.key_name,
1522
+ ctx_opts->kek.provider.gcp.key_version,
1523
+ plaintext_key_material->data,
1524
+ plaintext_key_material->len,
1525
+ opt);
1526
+
1527
+ if (kms_request_get_error (kms->req)) {
1528
+ CLIENT_ERR ("error constructing GCP KMS encrypt message: %s",
1529
+ kms_request_get_error (kms->req));
1530
+ goto fail;
1531
+ }
1532
+
1533
+ request_string = kms_request_to_string (kms->req);
1534
+ if (!request_string) {
1535
+ CLIENT_ERR ("error getting GCP KMS encrypt KMS message: %s",
1536
+ kms_request_get_error (kms->req));
1537
+ goto fail;
1538
+ }
1539
+ _mongocrypt_buffer_init (&kms->msg);
1540
+ kms->msg.data = (uint8_t *) request_string;
1541
+ kms->msg.len = (uint32_t) strlen (request_string);
1542
+ kms->msg.owned = true;
1543
+
1544
+ ret = true;
1545
+ fail:
1546
+ kms_request_opt_destroy (opt);
1547
+ bson_free (path_and_query);
1548
+ bson_free (payload);
1549
+ return ret;
1550
+ }
1551
+
1552
+ bool
1553
+ _mongocrypt_kms_ctx_init_gcp_decrypt (
1554
+ mongocrypt_kms_ctx_t *kms,
1555
+ _mongocrypt_opts_kms_providers_t *kms_providers,
1556
+ const char *access_token,
1557
+ _mongocrypt_key_doc_t *key,
1558
+ _mongocrypt_log_t *log)
1559
+ {
1560
+ BSON_ASSERT_PARAM (kms);
1561
+ BSON_ASSERT_PARAM (kms_providers);
1562
+ BSON_ASSERT_PARAM (access_token);
1563
+ BSON_ASSERT_PARAM (key);
1564
+
1565
+ kms_request_opt_t *opt = NULL;
1566
+ mongocrypt_status_t *status;
1567
+ char *path_and_query = NULL;
1568
+ char *payload = NULL;
1569
+ const char *hostname;
1570
+ char *request_string;
1571
+ bool ret = false;
1572
+
1573
+ _init_common (kms, log, MONGOCRYPT_KMS_GCP_DECRYPT);
1574
+ status = kms->status;
1575
+
1576
+ if (key->kek.provider.gcp.endpoint) {
1577
+ kms->endpoint =
1578
+ bson_strdup (key->kek.provider.gcp.endpoint->host_and_port);
1579
+ hostname = key->kek.provider.gcp.endpoint->host;
1580
+ } else {
1581
+ kms->endpoint = bson_strdup ("cloudkms.googleapis.com");
1582
+ hostname = "cloudkms.googleapis.com";
1583
+ }
1584
+ _mongocrypt_apply_default_port (&kms->endpoint, DEFAULT_HTTPS_PORT);
1585
+
1586
+ opt = kms_request_opt_new ();
1587
+ BSON_ASSERT (opt);
1588
+ kms_request_opt_set_connection_close (opt, true);
1589
+ kms_request_opt_set_provider (opt, KMS_REQUEST_PROVIDER_GCP);
1590
+ kms->req = kms_gcp_request_decrypt_new (hostname,
1591
+ access_token,
1592
+ key->kek.provider.gcp.project_id,
1593
+ key->kek.provider.gcp.location,
1594
+ key->kek.provider.gcp.key_ring,
1595
+ key->kek.provider.gcp.key_name,
1596
+ key->key_material.data,
1597
+ key->key_material.len,
1598
+ opt);
1599
+
1600
+ if (kms_request_get_error (kms->req)) {
1601
+ CLIENT_ERR ("error constructing GCP KMS decrypt message: %s",
1602
+ kms_request_get_error (kms->req));
1603
+ goto fail;
1604
+ }
1605
+
1606
+ request_string = kms_request_to_string (kms->req);
1607
+ if (!request_string) {
1608
+ CLIENT_ERR ("error getting GCP KMS decrypt KMS message: %s",
1609
+ kms_request_get_error (kms->req));
1610
+ goto fail;
1611
+ }
1612
+ _mongocrypt_buffer_init (&kms->msg);
1613
+ kms->msg.data = (uint8_t *) request_string;
1614
+ kms->msg.len = (uint32_t) strlen (request_string);
1615
+ kms->msg.owned = true;
1616
+
1617
+ ret = true;
1618
+ fail:
1619
+ kms_request_opt_destroy (opt);
1620
+ bson_free (path_and_query);
1621
+ bson_free (payload);
1622
+ return ret;
1623
+ }
1624
+
1625
+ bool
1626
+ _mongocrypt_kms_ctx_init_kmip_register (mongocrypt_kms_ctx_t *kms_ctx,
1627
+ const _mongocrypt_endpoint_t *endpoint,
1628
+ const uint8_t *secretdata,
1629
+ uint32_t secretdata_len,
1630
+ _mongocrypt_log_t *log)
1631
+ {
1632
+ BSON_ASSERT_PARAM (kms_ctx);
1633
+ BSON_ASSERT_PARAM (endpoint);
1634
+ BSON_ASSERT_PARAM (secretdata);
1635
+
1636
+ mongocrypt_status_t *status;
1637
+ bool ret = false;
1638
+ const uint8_t *reqdata;
1639
+ size_t reqlen;
1640
+
1641
+ _init_common (kms_ctx, log, MONGOCRYPT_KMS_KMIP_REGISTER);
1642
+ status = kms_ctx->status;
1643
+
1644
+ kms_ctx->endpoint = bson_strdup (endpoint->host_and_port);
1645
+ _mongocrypt_apply_default_port (&kms_ctx->endpoint, DEFAULT_KMIP_PORT);
1646
+ kms_ctx->req = kms_kmip_request_register_secretdata_new (
1647
+ NULL /* reserved */, secretdata, secretdata_len);
1648
+
1649
+ if (kms_request_get_error (kms_ctx->req)) {
1650
+ CLIENT_ERR ("Error creating KMIP register request: %s",
1651
+ kms_request_get_error (kms_ctx->req));
1652
+ goto done;
1653
+ }
1654
+
1655
+ reqdata = kms_request_to_bytes (kms_ctx->req, &reqlen);
1656
+ if (!_mongocrypt_buffer_copy_from_data_and_size (
1657
+ &kms_ctx->msg, reqdata, reqlen)) {
1658
+ CLIENT_ERR ("Error storing KMS request payload");
1659
+ goto done;
1660
+ }
1661
+
1662
+ ret = true;
1663
+ done:
1664
+ return ret;
1665
+ }
1666
+
1667
+ bool
1668
+ _mongocrypt_kms_ctx_init_kmip_activate (mongocrypt_kms_ctx_t *kms_ctx,
1669
+ const _mongocrypt_endpoint_t *endpoint,
1670
+ const char *unique_identifier,
1671
+ _mongocrypt_log_t *log)
1672
+ {
1673
+ BSON_ASSERT_PARAM (kms_ctx);
1674
+ BSON_ASSERT_PARAM (endpoint);
1675
+ BSON_ASSERT_PARAM (unique_identifier);
1676
+
1677
+ mongocrypt_status_t *status;
1678
+ bool ret = false;
1679
+ size_t reqlen;
1680
+ const uint8_t *reqdata;
1681
+
1682
+ _init_common (kms_ctx, log, MONGOCRYPT_KMS_KMIP_ACTIVATE);
1683
+ status = kms_ctx->status;
1684
+
1685
+ kms_ctx->endpoint = bson_strdup (endpoint->host_and_port);
1686
+ _mongocrypt_apply_default_port (&kms_ctx->endpoint, DEFAULT_KMIP_PORT);
1687
+ kms_ctx->req =
1688
+ kms_kmip_request_activate_new (NULL /* reserved */, unique_identifier);
1689
+
1690
+ if (kms_request_get_error (kms_ctx->req)) {
1691
+ CLIENT_ERR ("Error creating KMIP activate request: %s",
1692
+ kms_request_get_error (kms_ctx->req));
1693
+ goto done;
1694
+ }
1695
+
1696
+ reqdata = kms_request_to_bytes (kms_ctx->req, &reqlen);
1697
+ if (!_mongocrypt_buffer_copy_from_data_and_size (
1698
+ &kms_ctx->msg, reqdata, reqlen)) {
1699
+ CLIENT_ERR ("Error storing KMS request payload");
1700
+ goto done;
1701
+ }
1702
+
1703
+ ret = true;
1704
+ done:
1705
+ return ret;
1706
+ }
1707
+
1708
+ bool
1709
+ _mongocrypt_kms_ctx_init_kmip_get (mongocrypt_kms_ctx_t *kms_ctx,
1710
+ const _mongocrypt_endpoint_t *endpoint,
1711
+ const char *unique_identifier,
1712
+ _mongocrypt_log_t *log)
1713
+ {
1714
+ BSON_ASSERT_PARAM (kms_ctx);
1715
+ BSON_ASSERT_PARAM (endpoint);
1716
+ BSON_ASSERT_PARAM (unique_identifier);
1717
+
1718
+ mongocrypt_status_t *status;
1719
+ bool ret = false;
1720
+ size_t reqlen;
1721
+ const uint8_t *reqdata;
1722
+
1723
+ _init_common (kms_ctx, log, MONGOCRYPT_KMS_KMIP_GET);
1724
+ status = kms_ctx->status;
1725
+
1726
+ kms_ctx->endpoint = bson_strdup (endpoint->host_and_port);
1727
+ _mongocrypt_apply_default_port (&kms_ctx->endpoint, DEFAULT_KMIP_PORT);
1728
+ kms_ctx->req =
1729
+ kms_kmip_request_get_new (NULL /* reserved */, unique_identifier);
1730
+
1731
+ if (kms_request_get_error (kms_ctx->req)) {
1732
+ CLIENT_ERR ("Error creating KMIP get request: %s",
1733
+ kms_request_get_error (kms_ctx->req));
1734
+ goto done;
1735
+ }
1736
+
1737
+ reqdata = kms_request_to_bytes (kms_ctx->req, &reqlen);
1738
+ if (!_mongocrypt_buffer_copy_from_data_and_size (
1739
+ &kms_ctx->msg, reqdata, reqlen)) {
1740
+ CLIENT_ERR ("Error storing KMS request payload");
1741
+ goto done;
1742
+ }
1743
+
1744
+ ret = true;
1745
+ done:
1746
+ return ret;
1747
+ }
1748
+
1749
+ static const char *
1750
+ set_and_ret (const char *what, uint32_t *len)
1751
+ {
1752
+ BSON_ASSERT_PARAM (what);
1753
+
1754
+ if (len) {
1755
+ BSON_ASSERT (size_to_uint32 (strlen (what), len));
1756
+ }
1757
+ return what;
1758
+ }
1759
+
1760
+ const char *
1761
+ mongocrypt_kms_ctx_get_kms_provider (mongocrypt_kms_ctx_t *kms, uint32_t *len)
1762
+ {
1763
+ BSON_ASSERT_PARAM (kms);
1764
+ /* len is checked in set_and_ret () before it is used */
1765
+
1766
+ switch (kms->req_type) {
1767
+ default:
1768
+ BSON_ASSERT (false && "unknown KMS request type");
1769
+ case MONGOCRYPT_KMS_AWS_ENCRYPT:
1770
+ case MONGOCRYPT_KMS_AWS_DECRYPT:
1771
+ return set_and_ret ("aws", len);
1772
+ case MONGOCRYPT_KMS_AZURE_OAUTH:
1773
+ case MONGOCRYPT_KMS_AZURE_WRAPKEY:
1774
+ case MONGOCRYPT_KMS_AZURE_UNWRAPKEY:
1775
+ return set_and_ret ("azure", len);
1776
+ case MONGOCRYPT_KMS_GCP_OAUTH:
1777
+ case MONGOCRYPT_KMS_GCP_ENCRYPT:
1778
+ case MONGOCRYPT_KMS_GCP_DECRYPT:
1779
+ return set_and_ret ("gcp", len);
1780
+ case MONGOCRYPT_KMS_KMIP_REGISTER:
1781
+ case MONGOCRYPT_KMS_KMIP_ACTIVATE:
1782
+ case MONGOCRYPT_KMS_KMIP_GET:
1783
+ return set_and_ret ("kmip", len);
1784
+ }
1785
+ }