libmongocrypt-helper 1.7.4.0.1002 → 1.11.0.0.1001
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +40 -5
- data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +29 -24
- data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -4
- data/ext/libmongocrypt/libmongocrypt/Earthfile +522 -0
- data/ext/libmongocrypt/libmongocrypt/README.md +36 -40
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/CMakeLists.txt +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Driver.snk +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/AssemblyInfo.cs +2 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Binary.cs +16 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClient.cs +25 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClientFactory.cs +8 -4
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Library.cs +35 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoader.cs +81 -44
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.csproj +2 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Example/MongoDB.Libmongocrypt.Example.csproj +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/BasicTests.cs +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/MongoDB.Libmongocrypt.Test.csproj +2 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/MongoDB.Libmongocrypt.Test32.csproj +2 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/README.md +3 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.cake +22 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.config +3 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.sh +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +28 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +217 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +22 -7
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +154 -108
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +7 -18
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +41 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +5 -5
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +27 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +34 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +6 -4
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +180 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +134 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +50 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/{python/test/data/fle2-find-range-explicit → java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2}/int32/rangeopts.json +3 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/node/README.md +4 -771
- data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +86 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +41 -20
- data/ext/libmongocrypt/libmongocrypt/bindings/python/RELEASE.rst +6 -24
- data/ext/libmongocrypt/libmongocrypt/bindings/python/build-manylinux-wheel.sh +4 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/python/hatch_build.py +36 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/__init__.py +2 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/auto_encrypter.py +61 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/credentials.py +156 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/explicit_encrypter.py +156 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/state_machine.py +149 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/auto_encrypter.py +2 -46
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binary.py +14 -17
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +232 -296
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/compat.py +6 -31
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/credentials.py +2 -121
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/crypto.py +31 -20
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/errors.py +2 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/explicit_encrypter.py +2 -233
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +168 -254
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/options.py +265 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/state_machine.py +2 -141
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/auto_encrypter.py +61 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/credentials.py +156 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/explicit_encrypter.py +156 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/state_machine.py +149 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +2 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pyproject.toml +118 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +97 -61
- data/ext/libmongocrypt/libmongocrypt/bindings/python/requirements-test.txt +7 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/requirements.txt +4 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +76 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/strip_header.py +6 -7
- data/ext/libmongocrypt/libmongocrypt/bindings/python/synchro.py +64 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/__init__.py +2 -10
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/collection-info.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/command.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-payload.json +21 -21
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-command-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-range-explicit-v2/int32/encrypted-payload.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-range-explicit-v2/int32/rangeopts.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-document-azure.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-document-gcp.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-document.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-filter.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/list-collections-filter.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/mongocryptd-command.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/schema-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/performance/keyDocument.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/performance/perf_test.py +165 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_binding.py +8 -12
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_crypto.py +9 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +991 -343
- data/ext/libmongocrypt/libmongocrypt/bindings/python/update-sbom.sh +14 -0
- data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +19 -1
- data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +31 -6
- data/ext/libmongocrypt/libmongocrypt/cmake/IntelDFP.cmake +20 -227
- data/ext/libmongocrypt/libmongocrypt/cmake/Patch.cmake +54 -0
- data/ext/libmongocrypt/libmongocrypt/cmake/Platform.cmake +50 -0
- data/ext/libmongocrypt/libmongocrypt/cmake/mongocrypt-config.cmake +21 -0
- data/ext/libmongocrypt/libmongocrypt/doc/img/cli-icon.png +0 -0
- data/ext/libmongocrypt/libmongocrypt/doc/img/reference-targets.png +0 -0
- data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +153 -0
- data/ext/libmongocrypt/libmongocrypt/etc/c6-vault.repo +39 -0
- data/ext/libmongocrypt/libmongocrypt/etc/calc_release_version.py +61 -28
- data/ext/libmongocrypt/libmongocrypt/etc/calc_release_version_selftest.sh +73 -0
- data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +108 -0
- data/ext/libmongocrypt/libmongocrypt/etc/fle2_aead_generate_tests.py +15 -24
- data/ext/libmongocrypt/libmongocrypt/etc/fle2_crypto.py +66 -54
- data/ext/libmongocrypt/libmongocrypt/etc/fle2_generate_tests.py +14 -23
- data/ext/libmongocrypt/libmongocrypt/etc/fle2v2_aead_generate_tests.py +32 -0
- data/ext/libmongocrypt/libmongocrypt/etc/format-all.sh +12 -0
- data/ext/libmongocrypt/libmongocrypt/etc/format.sh +16 -0
- data/ext/libmongocrypt/libmongocrypt/etc/install-package.sh +48 -0
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +27 -0
- data/ext/libmongocrypt/libmongocrypt/etc/mongo-inteldfp-alpine-arm-fix.patch +17 -0
- data/ext/libmongocrypt/libmongocrypt/etc/mongo-inteldfp-libmongocrypt-pr-625.patch +13 -0
- data/ext/libmongocrypt/libmongocrypt/etc/packager.py +120 -91
- data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +14 -0
- data/ext/libmongocrypt/libmongocrypt/etc/repo_config.yaml +56 -0
- data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +70 -0
- data/ext/libmongocrypt/libmongocrypt/etc/ssdlc_compliance_report.md +37 -0
- data/ext/libmongocrypt/libmongocrypt/etc/third_party_vulnerabilities.md +42 -0
- data/ext/libmongocrypt/libmongocrypt/integrating.md +18 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/CMakeLists.txt +11 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_gcp_request.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_reader_writer.c +17 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_reader_writer_private.h +6 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_request.c +211 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_response.c +163 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_tag_type_private.h +2 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_kmip_request.h +17 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_kmip_response.h +6 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_port.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +4 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_str.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +23 -2
- data/ext/libmongocrypt/libmongocrypt/src/crypto/cng.c +381 -436
- data/ext/libmongocrypt/libmongocrypt/src/crypto/commoncrypto.c +162 -227
- data/ext/libmongocrypt/libmongocrypt/src/crypto/libcrypto.c +183 -248
- data/ext/libmongocrypt/libmongocrypt/src/crypto/none.c +33 -55
- data/ext/libmongocrypt/libmongocrypt/src/csfle-markup.cpp +175 -205
- data/ext/libmongocrypt/libmongocrypt/src/mc-array-private.h +10 -21
- data/ext/libmongocrypt/libmongocrypt/src/mc-array.c +44 -56
- data/ext/libmongocrypt/libmongocrypt/src/mc-check-conversions-private.h +4 -8
- data/ext/libmongocrypt/libmongocrypt/src/mc-dec128.h +351 -463
- data/ext/libmongocrypt/libmongocrypt/src/mc-dec128.test.cpp +59 -66
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +21 -11
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +175 -99
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +18 -10
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +69 -70
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +445 -439
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-private-v2.h +41 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-private.h +11 -18
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +135 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +109 -126
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private-v2.h +103 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private.h +28 -31
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-v2.c +173 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload.c +106 -125
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +130 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private.h +36 -44
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +382 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +237 -278
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private-v2.h +133 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-private.h +67 -56
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +437 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev.c +454 -325
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev-common-private.h +69 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev-common.c +182 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev-private.h +23 -31
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev-v2-private.h +85 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev-v2.c +142 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev.c +104 -231
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-range-operator-private.h +8 -7
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds-private.h +56 -56
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds.c +520 -580
- data/ext/libmongocrypt/libmongocrypt/src/mc-optional-private.h +47 -66
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation-private.h +67 -76
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +201 -190
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding-private.h +55 -42
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +809 -558
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +177 -201
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-private.h +54 -53
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +188 -240
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +43 -35
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +484 -337
- data/ext/libmongocrypt/libmongocrypt/src/mc-reader-private.h +36 -71
- data/ext/libmongocrypt/libmongocrypt/src/mc-reader.c +111 -164
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +87 -65
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +153 -125
- data/ext/libmongocrypt/libmongocrypt/src/mc-writer-private.h +66 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-writer.c +141 -0
- data/ext/libmongocrypt/libmongocrypt/src/mlib/check.hpp +37 -55
- data/ext/libmongocrypt/libmongocrypt/src/mlib/endian.h +11 -11
- data/ext/libmongocrypt/libmongocrypt/src/mlib/error.h +27 -32
- data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.h +461 -499
- data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.test.cpp +256 -334
- data/ext/libmongocrypt/libmongocrypt/src/mlib/macros.h +4 -5
- data/ext/libmongocrypt/libmongocrypt/src/mlib/path.h +196 -231
- data/ext/libmongocrypt/libmongocrypt/src/mlib/path.test.c +56 -79
- data/ext/libmongocrypt/libmongocrypt/src/mlib/str.h +411 -530
- data/ext/libmongocrypt/libmongocrypt/src/mlib/str.test.c +116 -131
- data/ext/libmongocrypt/libmongocrypt/src/mlib/thread.h +17 -26
- data/ext/libmongocrypt/libmongocrypt/src/mlib/user-check.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-binary-private.h +1 -9
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-binary.c +31 -48
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer-private.h +55 -131
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +442 -565
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo-private.h +1 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c +28 -45
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key-private.h +11 -17
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key.c +104 -132
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-oauth-private.h +16 -24
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-oauth.c +110 -93
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-private.h +26 -45
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache.c +220 -273
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext-private.h +13 -25
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext.c +147 -166
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-compat.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto-private.h +110 -204
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto.c +1145 -1567
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +510 -476
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +817 -694
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +2775 -2697
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +189 -184
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-rewrap-many-datakey.c +308 -351
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +990 -1139
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-dll-private.h +23 -24
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-endian-private.h +44 -58
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-endpoint-private.h +21 -25
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-endpoint.c +167 -181
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kek-private.h +42 -44
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kek.c +292 -272
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker-private.h +70 -110
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +1010 -1033
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-private.h +27 -44
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key.c +349 -402
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx-private.h +127 -120
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +1692 -1611
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-log-private.h +35 -67
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-log.c +49 -83
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +31 -36
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +1923 -1479
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-mutex-private.h +7 -12
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +124 -107
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +925 -419
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +99 -122
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-status-private.h +3 -8
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-status.c +92 -119
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util-private.h +19 -29
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-traverse-util.c +136 -176
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util-private.h +11 -21
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +98 -136
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +924 -1339
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +199 -313
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +83 -79
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_mutex.c +20 -28
- data/ext/libmongocrypt/libmongocrypt/src/os_win/os_dll.c +64 -73
- data/ext/libmongocrypt/libmongocrypt/src/os_win/os_mutex.c +8 -16
- data/ext/libmongocrypt/libmongocrypt/test/crypt_shared-stub.cpp +57 -87
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/bypassQueryAnalysis/payload.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd-to-mongocryptd.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/cmd-to-mongocryptd.json +50 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/cmd.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/collinfo.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/encrypted-field-map.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/encrypted-payload-pattern.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/mongocryptd-reply.json +62 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/cmd-to-mongocryptd.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/cmd.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/mongocryptd-reply.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/encrypted-payload.json +4 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/cmd.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +63 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/encrypted-field-config-map.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/encrypted-payload-range-v2.json +37 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/encrypted-payload.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/cmd.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +64 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +105 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/cmd.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +15 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +10 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +104 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload.json +6 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/empty/encrypted-payload-v2.json +60 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-delete/success/encrypted-payload-v2.json +67 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +5 -5
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-contentionFactor1-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/find-indexed-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-contentionFactor1-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-same-user-and-index-key-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explicit/insert-indexed-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality-v2/cmd.json +6 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality-v2/encrypted-field-map.json +22 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality-v2/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-equality-v2/mongocryptd-reply.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/cmd.json +10 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/encrypted-payload.json +41 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/mongocryptd-reply.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/cmd.json +6 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/encrypted-field-map.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/encrypted-payload.json +50 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/mongocryptd-reply.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/cmd.json +6 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/encrypted-payload.json +41 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/mongocryptd-reply.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision-v2/cmd.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision-v2/encrypted-field-map.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision-v2/encrypted-payload.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision-v2/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/cmd.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/encrypted-payload.json +41 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/mongocryptd-reply.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/cmd.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/encrypted-payload.json +41 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/mongocryptd-reply.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/cmd.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/encrypted-payload.json +41 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/mongocryptd-reply.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload-v2.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload-v2.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload-v2.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload-v2.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload-v2.json +16 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert/cmd.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date/RNG_DATA.h +65 -65
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/cmd.json +13 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/encrypted-payload.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128/RNG_DATA.h +132 -132
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision/RNG_DATA.h +71 -71
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/encrypted-field-map.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/encrypted-payload.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/mongocryptd-reply.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/encrypted-payload.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double/RNG_DATA.h +68 -68
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision/RNG_DATA.h +19 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision-v2/cmd.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision-v2/encrypted-field-map.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision-v2/encrypted-payload.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision-v2/mongocryptd-reply.json +55 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/cmd.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/encrypted-payload.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32/RNG_DATA.h +25 -25
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/cmd.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/encrypted-payload.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64/RNG_DATA.h +65 -65
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/cmd.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/encrypted-field-map.json +27 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/encrypted-payload.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/mongocryptd-reply.json +52 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/RNG_DATA.h +68 -68
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/RNG_DATA.h +19 -19
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32/RNG_DATA.h +25 -25
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32/encrypted-payload-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/RNG_DATA.h +15 -15
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload-v2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed-v2/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed-v2/encrypted-field-map.json +18 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed-v2/encrypted-payload.json +14 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-unindexed-v2/mongocryptd-reply.json +41 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2/encrypted-field-map.json +22 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2/encrypted-payload.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-v2/mongocryptd-reply.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneRangeV2.json +10 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/iev-v2/FLECrudTest-insertOneV2.json +10 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/kms-azure/decrypt-response.txt +16 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/kms-azure/encrypt-response.txt +16 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/kms-azure/oauth-response.txt +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/find/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/find/encrypted-field-map.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/find/encrypted-payload.json +62 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/find/mongocryptd-reply.json +69 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/insert/cmd.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/insert/encrypted-field-map.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/insert/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/insert/mongocryptd-reply.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_decimal128.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_double.cstruct +8637 -7958
- data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_int32.cstruct +5522 -1382
- data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_int64.cstruct +5042 -1262
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_decimal128.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_decimal128_precision.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_double.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_double_precision.cstruct +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_int32.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_int64.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-find-int32/cmd.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-find-int32/encrypted-field-map.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-find-int32/encrypted-payload.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-find-int32/mongocryptd-reply.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-insert-int32/cmd.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-insert-int32/encrypted-field-map.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-insert-int32/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-insert-int32/mongocryptd-reply.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-find-int32/expected.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-find-int32/to-encrypt.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-find-int32-defaults/expected.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-find-int32-defaults/to-encrypt.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-insert-double/expected.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-insert-int32/expected.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-insert-int32-defaults/expected.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/README.md +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/aes-ctr.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/fle2-fixed.json +10 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/fle2-generated.json +38 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/fle2aead-decrypt.json +35 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/fle2aead-fixed.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/fle2aead-generated.json +122 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/fle2v2-aead-fixed.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/fle2v2-aead-generated.json +122 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/mcgrew.json +12 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/roundtrip/nist.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/README.md +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +25 -0
- data/ext/libmongocrypt/libmongocrypt/test/example-no-bson.c +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +279 -323
- data/ext/libmongocrypt/libmongocrypt/test/fuzz_kms.c +8 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-dll.cpp +6 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-gcp-auth.c +221 -283
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +60 -73
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +78 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-range-payload-v2.c +129 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev-v2.c +248 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iev.c +467 -414
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +248 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +141 -159
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev-v2.c +338 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-uev.c +238 -176
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +373 -474
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +421 -388
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +974 -825
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +499 -481
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +312 -148
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-reader.c +124 -207
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +249 -213
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-writer.c +176 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +632 -808
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.h +22 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +168 -189
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +187 -211
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache-oauth.c +118 -37
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +210 -233
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ciphertext.c +185 -220
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cleanup.c +374 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-compact.c +410 -445
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +798 -812
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-std-hooks.c +142 -135
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-std-hooks.h +70 -71
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +394 -846
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +159 -183
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +870 -1045
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +5183 -4717
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +750 -964
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-setopt.c +1093 -1178
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +348 -420
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-dll.c +23 -30
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-endpoint.c +98 -111
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +49 -52
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-broker.c +770 -920
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +354 -407
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key.c +197 -245
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-ctx.c +705 -368
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-responses.c +147 -166
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-local-kms.c +50 -61
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-log.c +85 -100
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +1073 -690
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-opts.c +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-status.c +46 -58
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-traverse-util.c +381 -451
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-util.c +55 -67
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-util.h +7 -10
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +879 -918
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +119 -169
- data/ext/libmongocrypt/libmongocrypt/test/test-named-kms-providers.c +2381 -0
- data/ext/libmongocrypt/libmongocrypt/test/util/HELP.autogen +3 -1
- data/ext/libmongocrypt/libmongocrypt/test/util/README.md +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/util/csfle.c +512 -559
- data/ext/libmongocrypt/libmongocrypt/test/util/make_includes.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/util/util.c +771 -882
- data/ext/libmongocrypt/libmongocrypt/test/util/util.h +33 -55
- data/lib/libmongocrypt_helper/version.rb +2 -2
- metadata +245 -111
- checksums.yaml.gz.sig +0 -0
- data/ext/libmongocrypt/libmongocrypt/VERSION_CURRENT +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit/int32/key-document.json +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/node/CHANGELOG.md +0 -81
- data/ext/libmongocrypt/libmongocrypt/bindings/node/LICENSE +0 -201
- data/ext/libmongocrypt/libmongocrypt/bindings/node/binding.gyp +0 -79
- data/ext/libmongocrypt/libmongocrypt/bindings/node/etc/README.hbs +0 -44
- data/ext/libmongocrypt/libmongocrypt/bindings/node/etc/build-static.sh +0 -39
- data/ext/libmongocrypt/libmongocrypt/bindings/node/index.d.ts +0 -515
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/autoEncrypter.js +0 -420
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/buffer_pool.js +0 -123
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/clientEncryption.js +0 -699
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/common.js +0 -100
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/credentialsProvider.js +0 -33
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/cryptoCallbacks.js +0 -87
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/index.js +0 -42
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/mongocryptdManager.js +0 -66
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/stateMachine.js +0 -487
- data/ext/libmongocrypt/libmongocrypt/bindings/node/package-lock.json +0 -16051
- data/ext/libmongocrypt/libmongocrypt/bindings/node/package.json +0 -81
- data/ext/libmongocrypt/libmongocrypt/bindings/node/src/mongocrypt.cc +0 -929
- data/ext/libmongocrypt/libmongocrypt/bindings/node/src/mongocrypt.h +0 -114
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/autoEncrypter.test.js +0 -953
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/buffer_pool.test.js +0 -91
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/clientEncryption.test.js +0 -701
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/credentialsProvider.test.js +0 -163
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/cryptoCallbacks.test.js +0 -284
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/README.md +0 -5
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/collection-info.json +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/encrypted-document-nested.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/encrypted-document.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/encryptedFields.json +0 -30
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/key-document.json +0 -32
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/key1-document.json +0 -30
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/mongocryptd-reply.json +0 -18
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/mongocryptdManager.test.js +0 -48
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/release.test.js +0 -59
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/requirements.helper.js +0 -29
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/stateMachine.test.js +0 -331
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/tools/mongodb_reporter.js +0 -325
- data/ext/libmongocrypt/libmongocrypt/bindings/python/setup.py +0 -84
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-range-explicit/int32/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test-requirements.txt +0 -12
- data/ext/libmongocrypt/libmongocrypt/debian/build_snapshot.sh +0 -79
- data/ext/libmongocrypt/libmongocrypt/debian/changelog +0 -105
- data/ext/libmongocrypt/libmongocrypt/debian/compat +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/control +0 -41
- data/ext/libmongocrypt/libmongocrypt/debian/copyright +0 -129
- data/ext/libmongocrypt/libmongocrypt/debian/gbp.conf +0 -23
- data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt-dev.dirs +0 -2
- data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt-dev.install +0 -5
- data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt0.dirs +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt0.install +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/rules +0 -46
- data/ext/libmongocrypt/libmongocrypt/debian/source/format +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/source/lintian-overrides +0 -3
- data/ext/libmongocrypt/libmongocrypt/debian/source/options +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/watch +0 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/aes-ctr.cstructs +0 -359
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/mongocryptd-reply.json +0 -72
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-aead.cstructs +0 -109
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/encrypted-payload.json +0 -26
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-nominmax/rangeopts.json +0 -5
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/RNG_DATA.h +0 -70
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/encrypted-payload.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/rangeopts.json +0 -5
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32-nominmax/value-to-encrypt.json +0 -5
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2.cstructs +0 -33
- data.tar.gz.sig +0 -0
- metadata.gz.sig +0 -0
- /data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/{fle2-find-range-explicit → fle2-find-range-explicit-v2}/int32/key-filter.json +0 -0
- /data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/{fle2-find-range-explicit → fle2-find-range-explicit-v2}/int32/value-to-encrypt.json +0 -0
- /data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/{fle2-find-range-explicit → fle2-find-range-explicit-v2}/int32/value-to-encrypt.json +0 -0
- /data/ext/libmongocrypt/libmongocrypt/bindings/{java/mongocrypt/src/test/resources/fle2-find-range-explicit → python/test/data/fle2-find-rangePreview-explicit}/int32/rangeopts.json +0 -0
- /data/ext/libmongocrypt/libmongocrypt/{test/data/fle2-find-range-explicit/int32-nominmax → bindings/python/test/data/fle2-find-rangePreview-explicit/int32}/value-to-encrypt.json +0 -0
- /data/ext/libmongocrypt/libmongocrypt/{bindings/node/test/data/kms-decrypt-reply.txt → test/data/kms-aws/decrypt-response.txt} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/{bindings/node/test/data/kms-encrypt-reply.txt → test/data/kms-aws/encrypt-response.txt} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{gcp-auth → kms-gcp}/decrypt-response.txt +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{gcp-auth → kms-gcp}/encrypt-response.txt +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{gcp-auth → kms-gcp}/oauth-response.txt +0 -0
@@ -1,953 +0,0 @@
|
|
1
|
-
'use strict';
|
2
|
-
|
3
|
-
const fs = require('fs');
|
4
|
-
const path = require('path');
|
5
|
-
const sinon = require('sinon');
|
6
|
-
const mongodb = require('mongodb');
|
7
|
-
const BSON = mongodb.BSON;
|
8
|
-
const EJSON = BSON.EJSON;
|
9
|
-
const requirements = require('./requirements.helper');
|
10
|
-
const MongoNetworkTimeoutError = mongodb.MongoNetworkTimeoutError || mongodb.MongoTimeoutError;
|
11
|
-
const MongoError = mongodb.MongoError;
|
12
|
-
const stateMachine = require('../lib/stateMachine')({ mongodb });
|
13
|
-
const StateMachine = stateMachine.StateMachine;
|
14
|
-
const MongocryptdManager = require('../lib/mongocryptdManager').MongocryptdManager;
|
15
|
-
|
16
|
-
const chai = require('chai');
|
17
|
-
const expect = chai.expect;
|
18
|
-
chai.use(require('chai-subset'));
|
19
|
-
chai.use(require('sinon-chai'));
|
20
|
-
|
21
|
-
const sharedLibrarySuffix =
|
22
|
-
process.platform === 'win32' ? 'dll' : process.platform === 'darwin' ? 'dylib' : 'so';
|
23
|
-
let sharedLibraryStub = path.resolve(
|
24
|
-
__dirname,
|
25
|
-
'..',
|
26
|
-
'..',
|
27
|
-
'..',
|
28
|
-
`mongo_crypt_v1.${sharedLibrarySuffix}`
|
29
|
-
);
|
30
|
-
if (!fs.existsSync(sharedLibraryStub)) {
|
31
|
-
sharedLibraryStub = path.resolve(
|
32
|
-
__dirname,
|
33
|
-
'..',
|
34
|
-
'deps',
|
35
|
-
'tmp',
|
36
|
-
'libmongocrypt-build',
|
37
|
-
...(process.platform === 'win32' ? ['RelWithDebInfo'] : []),
|
38
|
-
`mongo_crypt_v1.${sharedLibrarySuffix}`
|
39
|
-
);
|
40
|
-
}
|
41
|
-
|
42
|
-
function readExtendedJsonToBuffer(path) {
|
43
|
-
const ejson = EJSON.parse(fs.readFileSync(path, 'utf8'));
|
44
|
-
return BSON.serialize(ejson);
|
45
|
-
}
|
46
|
-
|
47
|
-
function readHttpResponse(path) {
|
48
|
-
let data = fs.readFileSync(path, 'utf8');
|
49
|
-
data = data.split('\n').join('\r\n');
|
50
|
-
return Buffer.from(data, 'utf8');
|
51
|
-
}
|
52
|
-
|
53
|
-
const TEST_COMMAND = JSON.parse(fs.readFileSync(`${__dirname}/data/cmd.json`));
|
54
|
-
const MOCK_COLLINFO_RESPONSE = readExtendedJsonToBuffer(`${__dirname}/data/collection-info.json`);
|
55
|
-
const MOCK_MONGOCRYPTD_RESPONSE = readExtendedJsonToBuffer(
|
56
|
-
`${__dirname}/data/mongocryptd-reply.json`
|
57
|
-
);
|
58
|
-
const MOCK_KEYDOCUMENT_RESPONSE = readExtendedJsonToBuffer(`${__dirname}/data/key-document.json`);
|
59
|
-
const MOCK_KMS_DECRYPT_REPLY = readHttpResponse(`${__dirname}/data/kms-decrypt-reply.txt`);
|
60
|
-
|
61
|
-
class MockClient {
|
62
|
-
constructor() {
|
63
|
-
this.topology = {
|
64
|
-
bson: BSON
|
65
|
-
};
|
66
|
-
}
|
67
|
-
}
|
68
|
-
|
69
|
-
const originalAccessKeyId = process.env.AWS_ACCESS_KEY_ID;
|
70
|
-
const originalSecretAccessKey = process.env.AWS_SECRET_ACCESS_KEY;
|
71
|
-
|
72
|
-
const AutoEncrypter = require('../lib/autoEncrypter')({ mongodb, stateMachine }).AutoEncrypter;
|
73
|
-
describe('AutoEncrypter', function () {
|
74
|
-
this.timeout(12000);
|
75
|
-
let ENABLE_LOG_TEST = false;
|
76
|
-
let sandbox = sinon.createSandbox();
|
77
|
-
beforeEach(() => {
|
78
|
-
sandbox.restore();
|
79
|
-
sandbox.stub(StateMachine.prototype, 'kmsRequest').callsFake(request => {
|
80
|
-
request.addResponse(MOCK_KMS_DECRYPT_REPLY);
|
81
|
-
return Promise.resolve();
|
82
|
-
});
|
83
|
-
|
84
|
-
sandbox
|
85
|
-
.stub(StateMachine.prototype, 'fetchCollectionInfo')
|
86
|
-
.callsFake((client, ns, filter, callback) => {
|
87
|
-
callback(null, MOCK_COLLINFO_RESPONSE);
|
88
|
-
});
|
89
|
-
|
90
|
-
sandbox
|
91
|
-
.stub(StateMachine.prototype, 'markCommand')
|
92
|
-
.callsFake((client, ns, command, callback) => {
|
93
|
-
if (ENABLE_LOG_TEST) {
|
94
|
-
const response = BSON.deserialize(MOCK_MONGOCRYPTD_RESPONSE);
|
95
|
-
response.schemaRequiresEncryption = false;
|
96
|
-
|
97
|
-
ENABLE_LOG_TEST = false; // disable test after run
|
98
|
-
callback(null, BSON.serialize(response));
|
99
|
-
return;
|
100
|
-
}
|
101
|
-
|
102
|
-
callback(null, MOCK_MONGOCRYPTD_RESPONSE);
|
103
|
-
});
|
104
|
-
|
105
|
-
sandbox.stub(StateMachine.prototype, 'fetchKeys').callsFake((client, ns, filter, callback) => {
|
106
|
-
// mock data is already seriaized, our action deals with the result of a cursor
|
107
|
-
const deserializedKey = BSON.deserialize(MOCK_KEYDOCUMENT_RESPONSE);
|
108
|
-
callback(null, [deserializedKey]);
|
109
|
-
});
|
110
|
-
});
|
111
|
-
|
112
|
-
afterEach(() => {
|
113
|
-
sandbox.restore();
|
114
|
-
});
|
115
|
-
|
116
|
-
describe('#constructor', function () {
|
117
|
-
context('when mongodb exports BSON (driver >= 4.9.0)', function () {
|
118
|
-
context('when a bson option is provided', function () {
|
119
|
-
const bson = Object.assign({}, BSON);
|
120
|
-
const encrypter = new AutoEncrypter(
|
121
|
-
{},
|
122
|
-
{
|
123
|
-
bson: bson,
|
124
|
-
kmsProviders: {
|
125
|
-
local: { key: Buffer.alloc(96) }
|
126
|
-
}
|
127
|
-
}
|
128
|
-
);
|
129
|
-
|
130
|
-
it('uses the bson option', function () {
|
131
|
-
expect(encrypter._bson).to.equal(bson);
|
132
|
-
});
|
133
|
-
});
|
134
|
-
|
135
|
-
context('when a bson option is not provided', function () {
|
136
|
-
const encrypter = new AutoEncrypter(
|
137
|
-
{},
|
138
|
-
{
|
139
|
-
kmsProviders: {
|
140
|
-
local: { key: Buffer.alloc(96) }
|
141
|
-
}
|
142
|
-
}
|
143
|
-
);
|
144
|
-
|
145
|
-
it('uses the mongodb exported BSON', function () {
|
146
|
-
expect(encrypter._bson).to.equal(BSON);
|
147
|
-
});
|
148
|
-
});
|
149
|
-
|
150
|
-
it('never uses bson from the topology', function () {
|
151
|
-
expect(() => {
|
152
|
-
new AutoEncrypter(
|
153
|
-
{},
|
154
|
-
{
|
155
|
-
kmsProviders: {
|
156
|
-
local: { key: Buffer.alloc(96) }
|
157
|
-
}
|
158
|
-
}
|
159
|
-
);
|
160
|
-
}).not.to.throw();
|
161
|
-
});
|
162
|
-
});
|
163
|
-
|
164
|
-
context('when mongodb does not export BSON (driver < 4.9.0)', function () {
|
165
|
-
context('when a bson option is provided', function () {
|
166
|
-
const bson = Object.assign({}, BSON);
|
167
|
-
const encrypter = new AutoEncrypter(
|
168
|
-
{},
|
169
|
-
{
|
170
|
-
bson: bson,
|
171
|
-
kmsProviders: {
|
172
|
-
local: { key: Buffer.alloc(96) }
|
173
|
-
}
|
174
|
-
}
|
175
|
-
);
|
176
|
-
|
177
|
-
it('uses the bson option', function () {
|
178
|
-
expect(encrypter._bson).to.equal(bson);
|
179
|
-
});
|
180
|
-
});
|
181
|
-
|
182
|
-
context('when a bson option is not provided', function () {
|
183
|
-
const mongoNoBson = { ...mongodb, BSON: undefined };
|
184
|
-
const AutoEncrypterNoBson = require('../lib/autoEncrypter')({
|
185
|
-
mongodb: mongoNoBson,
|
186
|
-
stateMachine
|
187
|
-
}).AutoEncrypter;
|
188
|
-
|
189
|
-
context('when the client has a topology', function () {
|
190
|
-
const client = new MockClient();
|
191
|
-
const encrypter = new AutoEncrypterNoBson(client, {
|
192
|
-
kmsProviders: {
|
193
|
-
local: { key: Buffer.alloc(96) }
|
194
|
-
}
|
195
|
-
});
|
196
|
-
|
197
|
-
it('uses the bson on the topology', function () {
|
198
|
-
expect(encrypter._bson).to.equal(client.topology.bson);
|
199
|
-
});
|
200
|
-
});
|
201
|
-
|
202
|
-
context('when the client does not have a topology', function () {
|
203
|
-
it('raises an error', function () {
|
204
|
-
expect(() => {
|
205
|
-
new AutoEncrypterNoBson({}, {});
|
206
|
-
}).to.throw(/bson/);
|
207
|
-
});
|
208
|
-
});
|
209
|
-
});
|
210
|
-
});
|
211
|
-
|
212
|
-
context('when using mongocryptd', function () {
|
213
|
-
const client = new MockClient();
|
214
|
-
const autoEncrypterOptions = {
|
215
|
-
mongocryptdBypassSpawn: true,
|
216
|
-
keyVaultNamespace: 'admin.datakeys',
|
217
|
-
logger: () => {},
|
218
|
-
kmsProviders: {
|
219
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
220
|
-
local: { key: Buffer.alloc(96) }
|
221
|
-
}
|
222
|
-
};
|
223
|
-
const autoEncrypter = new AutoEncrypter(client, autoEncrypterOptions);
|
224
|
-
|
225
|
-
it('instantiates a mongo client on the auto encrypter', function () {
|
226
|
-
expect(autoEncrypter)
|
227
|
-
.to.have.property('_mongocryptdClient')
|
228
|
-
.to.be.instanceOf(mongodb.MongoClient);
|
229
|
-
});
|
230
|
-
|
231
|
-
it('sets the 3x legacy client options on the mongo client', function () {
|
232
|
-
expect(autoEncrypter).to.have.nested.property('_mongocryptdClient.s.options');
|
233
|
-
const options = autoEncrypter._mongocryptdClient.s.options;
|
234
|
-
expect(options).to.have.property('useUnifiedTopology', true);
|
235
|
-
expect(options).to.have.property('useNewUrlParser', true);
|
236
|
-
});
|
237
|
-
|
238
|
-
it('sets serverSelectionTimeoutMS to 10000ms', function () {
|
239
|
-
expect(autoEncrypter).to.have.nested.property('_mongocryptdClient.s.options');
|
240
|
-
const options = autoEncrypter._mongocryptdClient.s.options;
|
241
|
-
expect(options).to.have.property('serverSelectionTimeoutMS', 10000);
|
242
|
-
});
|
243
|
-
|
244
|
-
context('when mongocryptdURI is not specified', () => {
|
245
|
-
it('sets the ip address family to ipv4', function () {
|
246
|
-
expect(autoEncrypter).to.have.nested.property('_mongocryptdClient.s.options');
|
247
|
-
const options = autoEncrypter._mongocryptdClient.s.options;
|
248
|
-
expect(options).to.have.property('family', 4);
|
249
|
-
});
|
250
|
-
});
|
251
|
-
|
252
|
-
context('when mongocryptdURI is specified', () => {
|
253
|
-
it('does not set the ip address family to ipv4', function () {
|
254
|
-
const autoEncrypter = new AutoEncrypter(client, {
|
255
|
-
...autoEncrypterOptions,
|
256
|
-
extraOptions: { mongocryptdURI: MongocryptdManager.DEFAULT_MONGOCRYPTD_URI }
|
257
|
-
});
|
258
|
-
|
259
|
-
expect(autoEncrypter).to.have.nested.property('_mongocryptdClient.s.options');
|
260
|
-
const options = autoEncrypter._mongocryptdClient.s.options;
|
261
|
-
expect(options).not.to.have.property('family', 4);
|
262
|
-
});
|
263
|
-
});
|
264
|
-
});
|
265
|
-
});
|
266
|
-
|
267
|
-
it('should support `bypassAutoEncryption`', function (done) {
|
268
|
-
const client = new MockClient();
|
269
|
-
const autoEncrypter = new AutoEncrypter(client, {
|
270
|
-
bypassAutoEncryption: true,
|
271
|
-
mongocryptdBypassSpawn: true,
|
272
|
-
keyVaultNamespace: 'admin.datakeys',
|
273
|
-
logger: () => {},
|
274
|
-
kmsProviders: {
|
275
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
276
|
-
local: { key: Buffer.alloc(96) }
|
277
|
-
}
|
278
|
-
});
|
279
|
-
|
280
|
-
autoEncrypter.encrypt('test.test', { test: 'command' }, (err, encrypted) => {
|
281
|
-
expect(err).to.not.exist;
|
282
|
-
expect(encrypted).to.eql({ test: 'command' });
|
283
|
-
done();
|
284
|
-
});
|
285
|
-
});
|
286
|
-
|
287
|
-
describe('state machine', function () {
|
288
|
-
it('should decrypt mock data', function (done) {
|
289
|
-
const input = readExtendedJsonToBuffer(`${__dirname}/data/encrypted-document.json`);
|
290
|
-
const client = new MockClient();
|
291
|
-
const mc = new AutoEncrypter(client, {
|
292
|
-
keyVaultNamespace: 'admin.datakeys',
|
293
|
-
logger: () => {},
|
294
|
-
kmsProviders: {
|
295
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
296
|
-
local: { key: Buffer.alloc(96) }
|
297
|
-
}
|
298
|
-
});
|
299
|
-
mc.decrypt(input, (err, decrypted) => {
|
300
|
-
if (err) return done(err);
|
301
|
-
expect(decrypted).to.eql({ filter: { find: 'test', ssn: '457-55-5462' } });
|
302
|
-
expect(decrypted).to.not.have.property(Symbol.for('@@mdb.decryptedKeys'));
|
303
|
-
expect(decrypted.filter).to.not.have.property(Symbol.for('@@mdb.decryptedKeys'));
|
304
|
-
done();
|
305
|
-
});
|
306
|
-
});
|
307
|
-
|
308
|
-
it('should decrypt mock data and mark decrypted items if enabled for testing', function (done) {
|
309
|
-
const input = readExtendedJsonToBuffer(`${__dirname}/data/encrypted-document.json`);
|
310
|
-
const nestedInput = readExtendedJsonToBuffer(
|
311
|
-
`${__dirname}/data/encrypted-document-nested.json`
|
312
|
-
);
|
313
|
-
const client = new MockClient();
|
314
|
-
const mc = new AutoEncrypter(client, {
|
315
|
-
keyVaultNamespace: 'admin.datakeys',
|
316
|
-
logger: () => {},
|
317
|
-
kmsProviders: {
|
318
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
319
|
-
local: { key: Buffer.alloc(96) }
|
320
|
-
}
|
321
|
-
});
|
322
|
-
mc[Symbol.for('@@mdb.decorateDecryptionResult')] = true;
|
323
|
-
mc.decrypt(input, (err, decrypted) => {
|
324
|
-
if (err) return done(err);
|
325
|
-
expect(decrypted).to.eql({ filter: { find: 'test', ssn: '457-55-5462' } });
|
326
|
-
expect(decrypted).to.not.have.property(Symbol.for('@@mdb.decryptedKeys'));
|
327
|
-
expect(decrypted.filter[Symbol.for('@@mdb.decryptedKeys')]).to.eql(['ssn']);
|
328
|
-
|
329
|
-
// The same, but with an object containing different data types as the input
|
330
|
-
mc.decrypt({ a: [null, 1, { c: new BSON.Binary('foo', 1) }] }, (err, decrypted) => {
|
331
|
-
if (err) return done(err);
|
332
|
-
expect(decrypted).to.eql({ a: [null, 1, { c: new BSON.Binary('foo', 1) }] });
|
333
|
-
expect(decrypted).to.not.have.property(Symbol.for('@@mdb.decryptedKeys'));
|
334
|
-
|
335
|
-
// The same, but with nested data inside the decrypted input
|
336
|
-
mc.decrypt(nestedInput, (err, decrypted) => {
|
337
|
-
if (err) return done(err);
|
338
|
-
expect(decrypted).to.eql({ nested: { x: { y: 1234 } } });
|
339
|
-
expect(decrypted[Symbol.for('@@mdb.decryptedKeys')]).to.eql(['nested']);
|
340
|
-
expect(decrypted.nested).to.not.have.property(Symbol.for('@@mdb.decryptedKeys'));
|
341
|
-
expect(decrypted.nested.x).to.not.have.property(Symbol.for('@@mdb.decryptedKeys'));
|
342
|
-
expect(decrypted.nested.x.y).to.not.have.property(Symbol.for('@@mdb.decryptedKeys'));
|
343
|
-
done();
|
344
|
-
});
|
345
|
-
});
|
346
|
-
});
|
347
|
-
});
|
348
|
-
|
349
|
-
it('should decrypt mock data with per-context KMS credentials', function (done) {
|
350
|
-
const input = readExtendedJsonToBuffer(`${__dirname}/data/encrypted-document.json`);
|
351
|
-
const client = new MockClient();
|
352
|
-
const mc = new AutoEncrypter(client, {
|
353
|
-
keyVaultNamespace: 'admin.datakeys',
|
354
|
-
logger: () => {},
|
355
|
-
kmsProviders: {
|
356
|
-
aws: {}
|
357
|
-
},
|
358
|
-
async onKmsProviderRefresh() {
|
359
|
-
return { aws: { accessKeyId: 'example', secretAccessKey: 'example' } };
|
360
|
-
}
|
361
|
-
});
|
362
|
-
mc.decrypt(input, (err, decrypted) => {
|
363
|
-
if (err) return done(err);
|
364
|
-
expect(decrypted).to.eql({ filter: { find: 'test', ssn: '457-55-5462' } });
|
365
|
-
done();
|
366
|
-
});
|
367
|
-
});
|
368
|
-
|
369
|
-
context('when no refresh function is provided', function () {
|
370
|
-
const accessKey = 'example';
|
371
|
-
const secretKey = 'example';
|
372
|
-
|
373
|
-
before(function () {
|
374
|
-
if (process.env.NPM_OPTIONS === '--no-optional') {
|
375
|
-
this.currentTest.skipReason = 'Cannot refresh credentials without sdk provider';
|
376
|
-
this.currentTest.skip();
|
377
|
-
return;
|
378
|
-
}
|
379
|
-
// After the entire suite runs, set the env back for the rest of the test run.
|
380
|
-
process.env.AWS_ACCESS_KEY_ID = accessKey;
|
381
|
-
process.env.AWS_SECRET_ACCESS_KEY = secretKey;
|
382
|
-
});
|
383
|
-
|
384
|
-
after(function () {
|
385
|
-
// After the entire suite runs, set the env back for the rest of the test run.
|
386
|
-
process.env.AWS_ACCESS_KEY_ID = originalAccessKeyId;
|
387
|
-
process.env.AWS_SECRET_ACCESS_KEY = originalSecretAccessKey;
|
388
|
-
});
|
389
|
-
|
390
|
-
it('should decrypt mock data with KMS credentials from the environment', function (done) {
|
391
|
-
const input = readExtendedJsonToBuffer(`${__dirname}/data/encrypted-document.json`);
|
392
|
-
const client = new MockClient();
|
393
|
-
const mc = new AutoEncrypter(client, {
|
394
|
-
keyVaultNamespace: 'admin.datakeys',
|
395
|
-
logger: () => {},
|
396
|
-
kmsProviders: {
|
397
|
-
aws: {}
|
398
|
-
}
|
399
|
-
});
|
400
|
-
mc.decrypt(input, (err, decrypted) => {
|
401
|
-
if (err) return done(err);
|
402
|
-
expect(decrypted).to.eql({ filter: { find: 'test', ssn: '457-55-5462' } });
|
403
|
-
done();
|
404
|
-
});
|
405
|
-
});
|
406
|
-
});
|
407
|
-
|
408
|
-
context('when no refresh function is provided and no optional sdk', function () {
|
409
|
-
const accessKey = 'example';
|
410
|
-
const secretKey = 'example';
|
411
|
-
|
412
|
-
before(function () {
|
413
|
-
if (!process.env.NPM_OPTIONS) {
|
414
|
-
this.currentTest.skipReason = 'With optional sdk installed credentials would be loaded.';
|
415
|
-
this.currentTest.skip();
|
416
|
-
return;
|
417
|
-
}
|
418
|
-
// After the entire suite runs, set the env back for the rest of the test run.
|
419
|
-
process.env.AWS_ACCESS_KEY_ID = accessKey;
|
420
|
-
process.env.AWS_SECRET_ACCESS_KEY = secretKey;
|
421
|
-
});
|
422
|
-
|
423
|
-
after(function () {
|
424
|
-
// After the entire suite runs, set the env back for the rest of the test run.
|
425
|
-
process.env.AWS_ACCESS_KEY_ID = originalAccessKeyId;
|
426
|
-
process.env.AWS_SECRET_ACCESS_KEY = originalSecretAccessKey;
|
427
|
-
});
|
428
|
-
|
429
|
-
it('errors without the optional sdk credential provider', function (done) {
|
430
|
-
const input = readExtendedJsonToBuffer(`${__dirname}/data/encrypted-document.json`);
|
431
|
-
const client = new MockClient();
|
432
|
-
const mc = new AutoEncrypter(client, {
|
433
|
-
keyVaultNamespace: 'admin.datakeys',
|
434
|
-
logger: () => {},
|
435
|
-
kmsProviders: {
|
436
|
-
aws: {}
|
437
|
-
}
|
438
|
-
});
|
439
|
-
mc.decrypt(input, err => {
|
440
|
-
expect(err.message).to.equal(
|
441
|
-
'client not configured with KMS provider necessary to decrypt'
|
442
|
-
);
|
443
|
-
done();
|
444
|
-
});
|
445
|
-
});
|
446
|
-
});
|
447
|
-
|
448
|
-
it('should encrypt mock data', function (done) {
|
449
|
-
const client = new MockClient();
|
450
|
-
const mc = new AutoEncrypter(client, {
|
451
|
-
keyVaultNamespace: 'admin.datakeys',
|
452
|
-
logger: () => {},
|
453
|
-
kmsProviders: {
|
454
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
455
|
-
local: { key: Buffer.alloc(96) }
|
456
|
-
}
|
457
|
-
});
|
458
|
-
|
459
|
-
mc.encrypt('test.test', TEST_COMMAND, (err, encrypted) => {
|
460
|
-
if (err) return done(err);
|
461
|
-
const expected = EJSON.parse(
|
462
|
-
JSON.stringify({
|
463
|
-
find: 'test',
|
464
|
-
filter: {
|
465
|
-
ssn: {
|
466
|
-
$binary: {
|
467
|
-
base64:
|
468
|
-
'AWFhYWFhYWFhYWFhYWFhYWECRTOW9yZzNDn5dGwuqsrJQNLtgMEKaujhs9aRWRp+7Yo3JK8N8jC8P0Xjll6C1CwLsE/iP5wjOMhVv1KMMyOCSCrHorXRsb2IKPtzl2lKTqQ=',
|
469
|
-
subType: '6'
|
470
|
-
}
|
471
|
-
}
|
472
|
-
}
|
473
|
-
})
|
474
|
-
);
|
475
|
-
|
476
|
-
expect(encrypted).to.containSubset(expected);
|
477
|
-
done();
|
478
|
-
});
|
479
|
-
});
|
480
|
-
|
481
|
-
it('should encrypt mock data with per-context KMS credentials', function (done) {
|
482
|
-
const client = new MockClient();
|
483
|
-
const mc = new AutoEncrypter(client, {
|
484
|
-
keyVaultNamespace: 'admin.datakeys',
|
485
|
-
logger: () => {},
|
486
|
-
kmsProviders: {
|
487
|
-
aws: {}
|
488
|
-
},
|
489
|
-
async onKmsProviderRefresh() {
|
490
|
-
return { aws: { accessKeyId: 'example', secretAccessKey: 'example' } };
|
491
|
-
}
|
492
|
-
});
|
493
|
-
|
494
|
-
mc.encrypt('test.test', TEST_COMMAND, (err, encrypted) => {
|
495
|
-
if (err) return done(err);
|
496
|
-
const expected = EJSON.parse(
|
497
|
-
JSON.stringify({
|
498
|
-
find: 'test',
|
499
|
-
filter: {
|
500
|
-
ssn: {
|
501
|
-
$binary: {
|
502
|
-
base64:
|
503
|
-
'AWFhYWFhYWFhYWFhYWFhYWECRTOW9yZzNDn5dGwuqsrJQNLtgMEKaujhs9aRWRp+7Yo3JK8N8jC8P0Xjll6C1CwLsE/iP5wjOMhVv1KMMyOCSCrHorXRsb2IKPtzl2lKTqQ=',
|
504
|
-
subType: '6'
|
505
|
-
}
|
506
|
-
}
|
507
|
-
}
|
508
|
-
})
|
509
|
-
);
|
510
|
-
|
511
|
-
expect(encrypted).to.containSubset(expected);
|
512
|
-
done();
|
513
|
-
});
|
514
|
-
});
|
515
|
-
|
516
|
-
// TODO(NODE-4089): Enable test once https://github.com/mongodb/libmongocrypt/pull/263 is done
|
517
|
-
it.skip('should encrypt mock data when using the crypt_shared library', function (done) {
|
518
|
-
const client = new MockClient();
|
519
|
-
const mc = new AutoEncrypter(client, {
|
520
|
-
keyVaultNamespace: 'admin.datakeys',
|
521
|
-
logger: () => {},
|
522
|
-
kmsProviders: {
|
523
|
-
aws: {}
|
524
|
-
},
|
525
|
-
async onKmsProviderRefresh() {
|
526
|
-
return { aws: { accessKeyId: 'example', secretAccessKey: 'example' } };
|
527
|
-
},
|
528
|
-
extraOptions: {
|
529
|
-
cryptSharedLibPath: sharedLibraryStub
|
530
|
-
}
|
531
|
-
});
|
532
|
-
|
533
|
-
expect(mc).to.not.have.property('_mongocryptdManager');
|
534
|
-
expect(mc).to.not.have.property('_mongocryptdClient');
|
535
|
-
|
536
|
-
mc.encrypt('test.test', TEST_COMMAND, (err, encrypted) => {
|
537
|
-
if (err) return done(err);
|
538
|
-
const expected = EJSON.parse(
|
539
|
-
JSON.stringify({
|
540
|
-
find: 'test',
|
541
|
-
filter: {
|
542
|
-
ssn: {
|
543
|
-
$binary: {
|
544
|
-
base64:
|
545
|
-
'AWFhYWFhYWFhYWFhYWFhYWECRTOW9yZzNDn5dGwuqsrJQNLtgMEKaujhs9aRWRp+7Yo3JK8N8jC8P0Xjll6C1CwLsE/iP5wjOMhVv1KMMyOCSCrHorXRsb2IKPtzl2lKTqQ=',
|
546
|
-
subType: '6'
|
547
|
-
}
|
548
|
-
}
|
549
|
-
}
|
550
|
-
})
|
551
|
-
);
|
552
|
-
|
553
|
-
expect(encrypted).to.containSubset(expected);
|
554
|
-
done();
|
555
|
-
});
|
556
|
-
});
|
557
|
-
});
|
558
|
-
|
559
|
-
describe('logging', function () {
|
560
|
-
it('should allow registration of a log handler', function (done) {
|
561
|
-
ENABLE_LOG_TEST = true;
|
562
|
-
|
563
|
-
let loggerCalled = false;
|
564
|
-
const logger = (level, message) => {
|
565
|
-
if (loggerCalled) return;
|
566
|
-
|
567
|
-
loggerCalled = true;
|
568
|
-
expect(level).to.be.oneOf([2, 3]);
|
569
|
-
expect(message).to.not.be.empty;
|
570
|
-
};
|
571
|
-
|
572
|
-
const client = new MockClient();
|
573
|
-
const mc = new AutoEncrypter(client, {
|
574
|
-
logger,
|
575
|
-
kmsProviders: {
|
576
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
577
|
-
local: { key: Buffer.alloc(96) }
|
578
|
-
}
|
579
|
-
});
|
580
|
-
|
581
|
-
mc.encrypt('test.test', TEST_COMMAND, (err, encrypted) => {
|
582
|
-
if (err) return done(err);
|
583
|
-
const expected = EJSON.parse(
|
584
|
-
JSON.stringify({
|
585
|
-
find: 'test',
|
586
|
-
filter: {
|
587
|
-
ssn: '457-55-5462'
|
588
|
-
}
|
589
|
-
})
|
590
|
-
);
|
591
|
-
|
592
|
-
expect(encrypted).to.containSubset(expected);
|
593
|
-
done();
|
594
|
-
});
|
595
|
-
});
|
596
|
-
});
|
597
|
-
|
598
|
-
describe('autoSpawn', function () {
|
599
|
-
beforeEach(function () {
|
600
|
-
if (requirements.SKIP_LIVE_TESTS) {
|
601
|
-
this.currentTest.skipReason = `requirements.SKIP_LIVE_TESTS=${requirements.SKIP_LIVE_TESTS}`;
|
602
|
-
this.currentTest.skip();
|
603
|
-
return;
|
604
|
-
}
|
605
|
-
});
|
606
|
-
afterEach(function (done) {
|
607
|
-
if (this.mc) {
|
608
|
-
this.mc.teardown(false, err => {
|
609
|
-
this.mc = undefined;
|
610
|
-
done(err);
|
611
|
-
});
|
612
|
-
} else {
|
613
|
-
done();
|
614
|
-
}
|
615
|
-
});
|
616
|
-
|
617
|
-
it('should autoSpawn a mongocryptd on init by default', function (done) {
|
618
|
-
const client = new MockClient();
|
619
|
-
this.mc = new AutoEncrypter(client, {
|
620
|
-
keyVaultNamespace: 'admin.datakeys',
|
621
|
-
logger: () => {},
|
622
|
-
kmsProviders: {
|
623
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
624
|
-
local: { key: Buffer.alloc(96) }
|
625
|
-
}
|
626
|
-
});
|
627
|
-
|
628
|
-
expect(this.mc).to.have.property('cryptSharedLibVersionInfo', null);
|
629
|
-
|
630
|
-
const localMcdm = this.mc._mongocryptdManager;
|
631
|
-
sandbox.spy(localMcdm, 'spawn');
|
632
|
-
|
633
|
-
this.mc.init(err => {
|
634
|
-
if (err) return done(err);
|
635
|
-
expect(localMcdm.spawn).to.have.been.calledOnce;
|
636
|
-
done();
|
637
|
-
});
|
638
|
-
});
|
639
|
-
|
640
|
-
it('should not attempt to kick off mongocryptd on a normal error', function (done) {
|
641
|
-
let called = false;
|
642
|
-
StateMachine.prototype.markCommand.callsFake((client, ns, filter, callback) => {
|
643
|
-
if (!called) {
|
644
|
-
called = true;
|
645
|
-
callback(new Error('msg'));
|
646
|
-
return;
|
647
|
-
}
|
648
|
-
|
649
|
-
callback(null, MOCK_MONGOCRYPTD_RESPONSE);
|
650
|
-
});
|
651
|
-
|
652
|
-
const client = new MockClient();
|
653
|
-
this.mc = new AutoEncrypter(client, {
|
654
|
-
keyVaultNamespace: 'admin.datakeys',
|
655
|
-
logger: () => {},
|
656
|
-
kmsProviders: {
|
657
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
658
|
-
local: { key: Buffer.alloc(96) }
|
659
|
-
}
|
660
|
-
});
|
661
|
-
expect(this.mc).to.have.property('cryptSharedLibVersionInfo', null);
|
662
|
-
|
663
|
-
const localMcdm = this.mc._mongocryptdManager;
|
664
|
-
this.mc.init(err => {
|
665
|
-
if (err) return done(err);
|
666
|
-
|
667
|
-
sandbox.spy(localMcdm, 'spawn');
|
668
|
-
|
669
|
-
this.mc.encrypt('test.test', TEST_COMMAND, err => {
|
670
|
-
expect(localMcdm.spawn).to.not.have.been.called;
|
671
|
-
expect(err).to.be.an.instanceOf(Error);
|
672
|
-
done();
|
673
|
-
});
|
674
|
-
});
|
675
|
-
});
|
676
|
-
|
677
|
-
it('should restore the mongocryptd and retry once if a MongoNetworkTimeoutError is experienced', function (done) {
|
678
|
-
let called = false;
|
679
|
-
StateMachine.prototype.markCommand.callsFake((client, ns, filter, callback) => {
|
680
|
-
if (!called) {
|
681
|
-
called = true;
|
682
|
-
callback(new MongoNetworkTimeoutError('msg'));
|
683
|
-
return;
|
684
|
-
}
|
685
|
-
|
686
|
-
callback(null, MOCK_MONGOCRYPTD_RESPONSE);
|
687
|
-
});
|
688
|
-
|
689
|
-
const client = new MockClient();
|
690
|
-
this.mc = new AutoEncrypter(client, {
|
691
|
-
keyVaultNamespace: 'admin.datakeys',
|
692
|
-
logger: () => {},
|
693
|
-
kmsProviders: {
|
694
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
695
|
-
local: { key: Buffer.alloc(96) }
|
696
|
-
}
|
697
|
-
});
|
698
|
-
expect(this.mc).to.have.property('cryptSharedLibVersionInfo', null);
|
699
|
-
|
700
|
-
const localMcdm = this.mc._mongocryptdManager;
|
701
|
-
this.mc.init(err => {
|
702
|
-
if (err) return done(err);
|
703
|
-
|
704
|
-
sandbox.spy(localMcdm, 'spawn');
|
705
|
-
|
706
|
-
this.mc.encrypt('test.test', TEST_COMMAND, err => {
|
707
|
-
expect(localMcdm.spawn).to.have.been.calledOnce;
|
708
|
-
expect(err).to.not.exist;
|
709
|
-
done();
|
710
|
-
});
|
711
|
-
});
|
712
|
-
});
|
713
|
-
|
714
|
-
it('should propagate error if MongoNetworkTimeoutError is experienced twice in a row', function (done) {
|
715
|
-
let counter = 2;
|
716
|
-
StateMachine.prototype.markCommand.callsFake((client, ns, filter, callback) => {
|
717
|
-
if (counter) {
|
718
|
-
counter -= 1;
|
719
|
-
callback(new MongoNetworkTimeoutError('msg'));
|
720
|
-
return;
|
721
|
-
}
|
722
|
-
|
723
|
-
callback(null, MOCK_MONGOCRYPTD_RESPONSE);
|
724
|
-
});
|
725
|
-
|
726
|
-
const client = new MockClient();
|
727
|
-
this.mc = new AutoEncrypter(client, {
|
728
|
-
keyVaultNamespace: 'admin.datakeys',
|
729
|
-
logger: () => {},
|
730
|
-
kmsProviders: {
|
731
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
732
|
-
local: { key: Buffer.alloc(96) }
|
733
|
-
}
|
734
|
-
});
|
735
|
-
expect(this.mc).to.have.property('cryptSharedLibVersionInfo', null);
|
736
|
-
|
737
|
-
const localMcdm = this.mc._mongocryptdManager;
|
738
|
-
this.mc.init(err => {
|
739
|
-
if (err) return done(err);
|
740
|
-
|
741
|
-
sandbox.spy(localMcdm, 'spawn');
|
742
|
-
|
743
|
-
this.mc.encrypt('test.test', TEST_COMMAND, err => {
|
744
|
-
expect(localMcdm.spawn).to.have.been.calledOnce;
|
745
|
-
expect(err).to.be.an.instanceof(MongoNetworkTimeoutError);
|
746
|
-
done();
|
747
|
-
});
|
748
|
-
});
|
749
|
-
});
|
750
|
-
|
751
|
-
it('should return a useful message if mongocryptd fails to autospawn', function (done) {
|
752
|
-
const client = new MockClient();
|
753
|
-
this.mc = new AutoEncrypter(client, {
|
754
|
-
keyVaultNamespace: 'admin.datakeys',
|
755
|
-
logger: () => {},
|
756
|
-
kmsProviders: {
|
757
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
758
|
-
local: { key: Buffer.alloc(96) }
|
759
|
-
},
|
760
|
-
extraOptions: {
|
761
|
-
mongocryptdURI: 'mongodb://something.invalid:27020/'
|
762
|
-
}
|
763
|
-
});
|
764
|
-
expect(this.mc).to.have.property('cryptSharedLibVersionInfo', null);
|
765
|
-
|
766
|
-
sandbox.stub(MongocryptdManager.prototype, 'spawn').callsFake(callback => {
|
767
|
-
callback();
|
768
|
-
});
|
769
|
-
|
770
|
-
this.mc.init(err => {
|
771
|
-
expect(err).to.exist;
|
772
|
-
expect(err).to.be.instanceOf(MongoError);
|
773
|
-
done();
|
774
|
-
});
|
775
|
-
});
|
776
|
-
});
|
777
|
-
|
778
|
-
describe('noAutoSpawn', function () {
|
779
|
-
beforeEach('start MongocryptdManager', function (done) {
|
780
|
-
if (requirements.SKIP_LIVE_TESTS) {
|
781
|
-
this.currentTest.skipReason = `requirements.SKIP_LIVE_TESTS=${requirements.SKIP_LIVE_TESTS}`;
|
782
|
-
this.skip();
|
783
|
-
}
|
784
|
-
|
785
|
-
this.mcdm = new MongocryptdManager({});
|
786
|
-
this.mcdm.spawn(done);
|
787
|
-
});
|
788
|
-
|
789
|
-
afterEach(function (done) {
|
790
|
-
if (this.mc) {
|
791
|
-
this.mc.teardown(false, err => {
|
792
|
-
this.mc = undefined;
|
793
|
-
done(err);
|
794
|
-
});
|
795
|
-
} else {
|
796
|
-
done();
|
797
|
-
}
|
798
|
-
});
|
799
|
-
|
800
|
-
['mongocryptdBypassSpawn', 'bypassAutoEncryption', 'bypassQueryAnalysis'].forEach(opt => {
|
801
|
-
const encryptionOptions = {
|
802
|
-
keyVaultNamespace: 'admin.datakeys',
|
803
|
-
logger: () => {},
|
804
|
-
kmsProviders: {
|
805
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
806
|
-
local: { key: Buffer.alloc(96) }
|
807
|
-
},
|
808
|
-
extraOptions: {
|
809
|
-
mongocryptdBypassSpawn: opt === 'mongocryptdBypassSpawn'
|
810
|
-
},
|
811
|
-
bypassAutoEncryption: opt === 'bypassAutoEncryption',
|
812
|
-
bypassQueryAnalysis: opt === 'bypassQueryAnalysis'
|
813
|
-
};
|
814
|
-
|
815
|
-
it(`should not spawn mongocryptd on startup if ${opt} is true`, function (done) {
|
816
|
-
const client = new MockClient();
|
817
|
-
this.mc = new AutoEncrypter(client, encryptionOptions);
|
818
|
-
|
819
|
-
const localMcdm = this.mc._mongocryptdManager || { spawn: () => {} };
|
820
|
-
sandbox.spy(localMcdm, 'spawn');
|
821
|
-
|
822
|
-
this.mc.init(err => {
|
823
|
-
expect(err).to.not.exist;
|
824
|
-
expect(localMcdm.spawn).to.have.a.callCount(0);
|
825
|
-
done();
|
826
|
-
});
|
827
|
-
});
|
828
|
-
});
|
829
|
-
|
830
|
-
it('should not spawn a mongocryptd or retry on a server selection error if mongocryptdBypassSpawn: true', function (done) {
|
831
|
-
let called = false;
|
832
|
-
const timeoutError = new MongoNetworkTimeoutError('msg');
|
833
|
-
StateMachine.prototype.markCommand.callsFake((client, ns, filter, callback) => {
|
834
|
-
if (!called) {
|
835
|
-
called = true;
|
836
|
-
callback(timeoutError);
|
837
|
-
return;
|
838
|
-
}
|
839
|
-
|
840
|
-
callback(null, MOCK_MONGOCRYPTD_RESPONSE);
|
841
|
-
});
|
842
|
-
|
843
|
-
const client = new MockClient();
|
844
|
-
this.mc = new AutoEncrypter(client, {
|
845
|
-
keyVaultNamespace: 'admin.datakeys',
|
846
|
-
logger: () => {},
|
847
|
-
kmsProviders: {
|
848
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
849
|
-
local: { key: Buffer.alloc(96) }
|
850
|
-
},
|
851
|
-
extraOptions: {
|
852
|
-
mongocryptdBypassSpawn: true
|
853
|
-
}
|
854
|
-
});
|
855
|
-
|
856
|
-
const localMcdm = this.mc._mongocryptdManager;
|
857
|
-
sandbox.spy(localMcdm, 'spawn');
|
858
|
-
|
859
|
-
this.mc.init(err => {
|
860
|
-
expect(err).to.not.exist;
|
861
|
-
expect(localMcdm.spawn).to.not.have.been.called;
|
862
|
-
|
863
|
-
this.mc.encrypt('test.test', TEST_COMMAND, (err, response) => {
|
864
|
-
expect(localMcdm.spawn).to.not.have.been.called;
|
865
|
-
expect(response).to.not.exist;
|
866
|
-
expect(err).to.equal(timeoutError);
|
867
|
-
done();
|
868
|
-
});
|
869
|
-
});
|
870
|
-
});
|
871
|
-
});
|
872
|
-
|
873
|
-
describe('crypt_shared library', function () {
|
874
|
-
it('should fail if no library can be found in the search path and cryptSharedLibRequired is set', function () {
|
875
|
-
// NB: This test has to be run before the tests/without having previously
|
876
|
-
// loaded a CSFLE shared library below to get the right error path.
|
877
|
-
const client = new MockClient();
|
878
|
-
try {
|
879
|
-
new AutoEncrypter(client, {
|
880
|
-
keyVaultNamespace: 'admin.datakeys',
|
881
|
-
logger: () => {},
|
882
|
-
kmsProviders: {
|
883
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
884
|
-
local: { key: Buffer.alloc(96) }
|
885
|
-
},
|
886
|
-
extraOptions: {
|
887
|
-
cryptSharedLibSearchPaths: ['/nonexistent'],
|
888
|
-
cryptSharedLibRequired: true
|
889
|
-
}
|
890
|
-
});
|
891
|
-
expect.fail('missed exception');
|
892
|
-
} catch (err) {
|
893
|
-
expect(err.message).to.include(
|
894
|
-
'`cryptSharedLibRequired` set but no crypt_shared library loaded'
|
895
|
-
);
|
896
|
-
}
|
897
|
-
});
|
898
|
-
|
899
|
-
it('should load a shared library by specifying its path', function (done) {
|
900
|
-
const client = new MockClient();
|
901
|
-
this.mc = new AutoEncrypter(client, {
|
902
|
-
keyVaultNamespace: 'admin.datakeys',
|
903
|
-
logger: () => {},
|
904
|
-
kmsProviders: {
|
905
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
906
|
-
local: { key: Buffer.alloc(96) }
|
907
|
-
},
|
908
|
-
extraOptions: {
|
909
|
-
cryptSharedLibPath: sharedLibraryStub
|
910
|
-
}
|
911
|
-
});
|
912
|
-
|
913
|
-
expect(this.mc).to.not.have.property('_mongocryptdManager');
|
914
|
-
expect(this.mc).to.not.have.property('_mongocryptdClient');
|
915
|
-
expect(this.mc).to.have.deep.property('cryptSharedLibVersionInfo', {
|
916
|
-
// eslint-disable-next-line no-undef
|
917
|
-
version: BigInt(0x000600020001000),
|
918
|
-
versionStr: 'stubbed-crypt_shared'
|
919
|
-
});
|
920
|
-
|
921
|
-
this.mc.teardown(true, done);
|
922
|
-
});
|
923
|
-
|
924
|
-
it('should load a shared library by specifying a search path', function (done) {
|
925
|
-
const client = new MockClient();
|
926
|
-
this.mc = new AutoEncrypter(client, {
|
927
|
-
keyVaultNamespace: 'admin.datakeys',
|
928
|
-
logger: () => {},
|
929
|
-
kmsProviders: {
|
930
|
-
aws: { accessKeyId: 'example', secretAccessKey: 'example' },
|
931
|
-
local: { key: Buffer.alloc(96) }
|
932
|
-
},
|
933
|
-
extraOptions: {
|
934
|
-
cryptSharedLibSearchPaths: [path.dirname(sharedLibraryStub)]
|
935
|
-
}
|
936
|
-
});
|
937
|
-
|
938
|
-
expect(this.mc).to.not.have.property('_mongocryptdManager');
|
939
|
-
expect(this.mc).to.not.have.property('_mongocryptdClient');
|
940
|
-
expect(this.mc).to.have.deep.property('cryptSharedLibVersionInfo', {
|
941
|
-
// eslint-disable-next-line no-undef
|
942
|
-
version: BigInt(0x000600020001000),
|
943
|
-
versionStr: 'stubbed-crypt_shared'
|
944
|
-
});
|
945
|
-
|
946
|
-
this.mc.teardown(true, done);
|
947
|
-
});
|
948
|
-
});
|
949
|
-
|
950
|
-
it('should provide the libmongocrypt version', function () {
|
951
|
-
expect(AutoEncrypter.libmongocryptVersion).to.be.a('string');
|
952
|
-
});
|
953
|
-
});
|