libmongocrypt-helper 1.8.0.0.1001 → 1.11.0.0.1001
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +33 -0
- data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +12 -1
- data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +1 -4
- data/ext/libmongocrypt/libmongocrypt/Earthfile +151 -3
- data/ext/libmongocrypt/libmongocrypt/README.md +36 -40
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/CMakeLists.txt +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Driver.snk +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/AssemblyInfo.cs +2 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Binary.cs +16 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/CryptClientFactory.cs +8 -4
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/Library.cs +10 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/LibraryLoader.cs +81 -44
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt/MongoDB.Libmongocrypt.csproj +2 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test/MongoDB.Libmongocrypt.Test.csproj +2 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/MongoDB.Libmongocrypt.Test32/MongoDB.Libmongocrypt.Test32.csproj +2 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/README.md +3 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.cake +21 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.config +3 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/Scripts/build.sh +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/build.gradle.kts +28 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/java/com/mongodb/crypt/benchmark/BenchmarkRunner.java +217 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/benchmarks/src/main/resources/keyDocument.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/build.gradle.kts +21 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.jar +0 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradle/wrapper/gradle-wrapper.properties +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew +154 -108
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/gradlew.bat +7 -18
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/settings.gradle.kts +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPI.java +41 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CAPIHelper.java +5 -5
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/CipherCallback.java +27 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoCryptImpl.java +34 -19
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/java/com/mongodb/crypt/capi/MongoExplicitEncryptOptions.java +6 -4
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/jni-config.json +180 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/main/resources/META-INF/native-image/reflect-config.json +134 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/java/com/mongodb/crypt/capi/MongoCryptTest.java +44 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/encrypted-payload.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/java/mongocrypt/src/test/resources/fle2-find-range-explicit-v2/int32/rangeopts.json +3 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/node/README.md +4 -900
- data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +60 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/README.rst +41 -20
- data/ext/libmongocrypt/libmongocrypt/bindings/python/RELEASE.rst +6 -24
- data/ext/libmongocrypt/libmongocrypt/bindings/python/build-manylinux-wheel.sh +4 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/python/hatch_build.py +36 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/__init__.py +2 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/auto_encrypter.py +61 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/credentials.py +156 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/explicit_encrypter.py +156 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/state_machine.py +149 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/auto_encrypter.py +2 -46
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binary.py +14 -17
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +107 -61
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/compat.py +6 -4
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/credentials.py +2 -121
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/crypto.py +31 -20
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/errors.py +2 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/explicit_encrypter.py +2 -233
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +168 -238
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/options.py +265 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/state_machine.py +2 -141
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/auto_encrypter.py +61 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/credentials.py +156 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/explicit_encrypter.py +156 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/state_machine.py +149 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +2 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pyproject.toml +118 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/release.sh +97 -61
- data/ext/libmongocrypt/libmongocrypt/bindings/python/{test-requirements.txt → requirements-test.txt} +4 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/requirements.txt +4 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +76 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/strip_header.py +6 -7
- data/ext/libmongocrypt/libmongocrypt/bindings/python/synchro.py +64 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/__init__.py +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/collection-info.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/command.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/compact/success/encrypted-payload.json +21 -21
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-command-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/encrypted-field-config-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-range-explicit-v2/int32/encrypted-payload.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-range-explicit-v2/int32/rangeopts.json +3 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-rangePreview-explicit/int32/rangeopts.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/fle2-find-rangePreview-explicit/int32/value-to-encrypt.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-document-azure.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-document-gcp.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-document.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/key-filter.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/list-collections-filter.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/mongocryptd-command.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/data/schema-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/performance/keyDocument.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/performance/perf_test.py +165 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_binding.py +8 -12
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_crypto.py +9 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +988 -340
- data/ext/libmongocrypt/libmongocrypt/bindings/python/update-sbom.sh +14 -0
- data/ext/libmongocrypt/libmongocrypt/cmake/FetchMongoC.cmake +19 -1
- data/ext/libmongocrypt/libmongocrypt/cmake/ImportBSON.cmake +23 -0
- data/ext/libmongocrypt/libmongocrypt/cmake/IntelDFP.cmake +19 -227
- data/ext/libmongocrypt/libmongocrypt/cmake/Patch.cmake +54 -0
- data/ext/libmongocrypt/libmongocrypt/doc/img/cli-icon.png +0 -0
- data/ext/libmongocrypt/libmongocrypt/doc/img/reference-targets.png +0 -0
- data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +153 -0
- data/ext/libmongocrypt/libmongocrypt/etc/calc_release_version.py +61 -28
- data/ext/libmongocrypt/libmongocrypt/etc/calc_release_version_selftest.sh +73 -0
- data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +108 -0
- data/ext/libmongocrypt/libmongocrypt/etc/format.sh +1 -1
- data/ext/libmongocrypt/libmongocrypt/etc/libbson-remove-GCC-diagnostic-pragma.patch +27 -0
- data/ext/libmongocrypt/libmongocrypt/etc/mongo-inteldfp-alpine-arm-fix.patch +17 -0
- data/ext/libmongocrypt/libmongocrypt/etc/packager.py +120 -91
- data/ext/libmongocrypt/libmongocrypt/etc/purls.txt +14 -0
- data/ext/libmongocrypt/libmongocrypt/etc/repo_config.yaml +56 -0
- data/ext/libmongocrypt/libmongocrypt/etc/silk-create-asset-group.sh +70 -0
- data/ext/libmongocrypt/libmongocrypt/etc/ssdlc_compliance_report.md +37 -0
- data/ext/libmongocrypt/libmongocrypt/etc/third_party_vulnerabilities.md +42 -0
- data/ext/libmongocrypt/libmongocrypt/integrating.md +18 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/CMakeLists.txt +11 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_gcp_request.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_reader_writer.c +17 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_reader_writer_private.h +6 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_request.c +211 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_response.c +163 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_tag_type_private.h +2 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_kmip_request.h +17 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message/kms_kmip_response.h +6 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_port.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +4 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_str.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +23 -2
- data/ext/libmongocrypt/libmongocrypt/src/crypto/libcrypto.c +13 -10
- data/ext/libmongocrypt/libmongocrypt/src/mc-dec128.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +16 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +94 -6
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +15 -5
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +114 -53
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-private-v2.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-private.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private-v2.h +21 -6
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private.h +5 -5
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-v2.c +38 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +20 -7
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private.h +8 -8
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +89 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev.c +1 -23
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds-private.h +4 -3
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds.c +15 -12
- data/ext/libmongocrypt/libmongocrypt/src/mc-optional-private.h +11 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation-private.h +16 -6
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +64 -22
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding-private.h +23 -4
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +359 -65
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +26 -14
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-private.h +17 -6
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +31 -13
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +16 -3
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +259 -63
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +40 -24
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +57 -13
- data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.h +17 -0
- data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.test.cpp +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-binary-private.h +0 -5
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-buffer.c +5 -7
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-key.c +1 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-oauth-private.h +16 -18
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-oauth.c +105 -76
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto.c +9 -3
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +170 -89
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +505 -124
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-private.h +31 -6
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +81 -13
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-dll-private.h +7 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kek-private.h +5 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kek.c +161 -103
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker-private.h +2 -7
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +191 -69
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx-private.h +50 -15
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-kms-ctx.c +365 -69
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +200 -107
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +50 -5
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +591 -15
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +6 -13
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +47 -234
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.h +75 -24
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +18 -2
- data/ext/libmongocrypt/libmongocrypt/src/os_win/os_dll.c +4 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/bypassQueryAnalysis/payload.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd-to-mongocryptd.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/jsonSchema/cmd.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/cmd-to-mongocryptd.json +50 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/cmd.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/collinfo.json +44 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/encrypted-field-map.json +24 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/encrypted-payload-pattern.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/simple/mongocryptd-reply.json +62 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/cmd-to-mongocryptd.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/cmd.json +17 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/mongocryptd-reply.json +39 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/bulkWrite/unencrypted/payload.json +21 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/missing-key-id/collinfo.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/collinfo.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/no-fields/encrypted-payload.json +4 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/cmd.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/collinfo.json +63 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/encrypted-field-config-map.json +61 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/encrypted-payload-range-v2.json +37 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/encrypted-payload.json +29 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/cmd.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/collinfo.json +64 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload-range-v2.json +105 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/anchor-pad/encrypted-payload.json +30 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/cmd.json +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/collinfo.json +49 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-field-config-map.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/no-range/encrypted-payload.json +23 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/collinfo.json +15 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +10 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload-range-v2.json +104 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload.json +6 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/collinfo.json +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-explain/with-csfle/encrypted-payload.json +3 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/kms-azure/decrypt-response.txt +16 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/kms-azure/encrypt-response.txt +16 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/kms-azure/oauth-response.txt +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/find/cmd.json +9 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/find/encrypted-field-map.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/find/encrypted-payload.json +62 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/find/mongocryptd-reply.json +69 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/insert/cmd.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/insert/encrypted-field-map.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/insert/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/no-trimFactor/insert/mongocryptd-reply.json +47 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_decimal128.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_double.cstruct +8637 -7958
- data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_int32.cstruct +5522 -1382
- data/ext/libmongocrypt/libmongocrypt/test/data/range-edge-generation/edges_int64.cstruct +5042 -1262
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_decimal128.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_decimal128_precision.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_double.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_double_precision.cstruct +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_int32.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-min-cover/mincover_int64.cstruct +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-find-int32/cmd.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-find-int32/encrypted-field-map.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-find-int32/encrypted-payload.json +53 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-find-int32/mongocryptd-reply.json +58 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-insert-int32/cmd.json +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-insert-int32/encrypted-field-map.json +19 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-insert-int32/encrypted-payload.json +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/auto-insert-int32/mongocryptd-reply.json +45 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-find-int32/expected.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-find-int32/to-encrypt.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-find-int32-defaults/expected.json +26 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-find-int32-defaults/to-encrypt.json +20 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-insert-double/expected.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-insert-int32/expected.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/range-sends-cryptoParams/explicit-insert-int32-defaults/expected.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/README.md +7 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +9 -5
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +9 -5
- data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-gcp-auth.c +8 -8
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-range-payload-v2.c +43 -3
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +76 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +89 -14
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +342 -76
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +94 -12
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +205 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +49 -23
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +16 -19
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.h +22 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache-oauth.c +94 -11
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cleanup.c +374 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-compact.c +121 -42
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +134 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-std-hooks.c +40 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-std-hooks.h +16 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +11 -11
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +8 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +922 -92
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-setopt.c +114 -12
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +14 -9
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-ctx.c +424 -3
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-log.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +447 -28
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-opts.c +42 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-traverse-util.c +30 -26
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-util.c +7 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-util.h +3 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +66 -14
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +11 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-named-kms-providers.c +2381 -0
- data/ext/libmongocrypt/libmongocrypt/test/util/HELP.autogen +3 -1
- data/ext/libmongocrypt/libmongocrypt/test/util/README.md +1 -0
- data/ext/libmongocrypt/libmongocrypt/test/util/csfle.c +4 -0
- data/ext/libmongocrypt/libmongocrypt/test/util/make_includes.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/util/util.c +38 -3
- data/lib/libmongocrypt_helper/version.rb +2 -2
- metadata +112 -106
- checksums.yaml.gz.sig +0 -0
- data/ext/libmongocrypt/libmongocrypt/VERSION_CURRENT +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/cs/cs.sln +0 -79
- data/ext/libmongocrypt/libmongocrypt/bindings/node/CHANGELOG.md +0 -105
- data/ext/libmongocrypt/libmongocrypt/bindings/node/LICENSE +0 -201
- data/ext/libmongocrypt/libmongocrypt/bindings/node/binding.gyp +0 -79
- data/ext/libmongocrypt/libmongocrypt/bindings/node/etc/README.hbs +0 -44
- data/ext/libmongocrypt/libmongocrypt/bindings/node/etc/build-static.sh +0 -36
- data/ext/libmongocrypt/libmongocrypt/bindings/node/index.d.ts +0 -641
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/autoEncrypter.js +0 -420
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/buffer_pool.js +0 -123
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/clientEncryption.js +0 -821
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/common.js +0 -98
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/cryptoCallbacks.js +0 -87
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/errors.js +0 -75
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/index.js +0 -73
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/mongocryptdManager.js +0 -66
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/providers/aws.js +0 -26
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/providers/azure.js +0 -178
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/providers/gcp.js +0 -24
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/providers/index.js +0 -54
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/providers/utils.js +0 -39
- data/ext/libmongocrypt/libmongocrypt/bindings/node/lib/stateMachine.js +0 -492
- data/ext/libmongocrypt/libmongocrypt/bindings/node/package-lock.json +0 -15302
- data/ext/libmongocrypt/libmongocrypt/bindings/node/package.json +0 -100
- data/ext/libmongocrypt/libmongocrypt/bindings/node/src/mongocrypt.cc +0 -956
- data/ext/libmongocrypt/libmongocrypt/bindings/node/src/mongocrypt.h +0 -114
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/autoEncrypter.test.js +0 -950
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/buffer_pool.test.js +0 -91
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/clientEncryption.test.js +0 -1093
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/common.test.js +0 -94
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/cryptoCallbacks.test.js +0 -240
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/README.md +0 -5
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/cmd.json +0 -6
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/collection-info.json +0 -37
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/encrypted-document-nested.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/encrypted-document.json +0 -11
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/encryptedFields.json +0 -30
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/key-document.json +0 -32
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/key1-document.json +0 -30
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/data/mongocryptd-reply.json +0 -18
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/index.test.js +0 -45
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/mongocryptdManager.test.js +0 -48
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/providers/credentialsProvider.test.js +0 -551
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/release.test.js +0 -66
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/requirements.helper.js +0 -51
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/stateMachine.test.js +0 -331
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/tools/chai-addons.js +0 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/tools/mongodb_reporter.js +0 -325
- data/ext/libmongocrypt/libmongocrypt/bindings/node/test/types/index.test-d.ts +0 -63
- data/ext/libmongocrypt/libmongocrypt/bindings/python/setup.py +0 -89
- data/ext/libmongocrypt/libmongocrypt/debian/build_snapshot.sh +0 -79
- data/ext/libmongocrypt/libmongocrypt/debian/changelog +0 -105
- data/ext/libmongocrypt/libmongocrypt/debian/compat +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/control +0 -41
- data/ext/libmongocrypt/libmongocrypt/debian/copyright +0 -129
- data/ext/libmongocrypt/libmongocrypt/debian/gbp.conf +0 -23
- data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt-dev.dirs +0 -2
- data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt-dev.install +0 -5
- data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt0.dirs +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/libmongocrypt0.install +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/rules +0 -46
- data/ext/libmongocrypt/libmongocrypt/debian/source/format +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/source/lintian-overrides +0 -3
- data/ext/libmongocrypt/libmongocrypt/debian/source/options +0 -1
- data/ext/libmongocrypt/libmongocrypt/debian/watch +0 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/mongocryptd-reply.json +0 -72
- data.tar.gz.sig +0 -1
- metadata.gz.sig +0 -0
- /data/ext/libmongocrypt/libmongocrypt/{bindings/node/test/data/kms-decrypt-reply.txt → test/data/kms-aws/decrypt-response.txt} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/{bindings/node/test/data/kms-encrypt-reply.txt → test/data/kms-aws/encrypt-response.txt} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{gcp-auth → kms-gcp}/decrypt-response.txt +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{gcp-auth → kms-gcp}/encrypt-response.txt +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/{gcp-auth → kms-gcp}/oauth-response.txt +0 -0
|
@@ -15,12 +15,13 @@
|
|
|
15
15
|
*/
|
|
16
16
|
|
|
17
17
|
#include "mc-tokens-private.h"
|
|
18
|
+
#include "mongocrypt-buffer-private.h"
|
|
18
19
|
|
|
19
20
|
/// Define a token type of the given name, with constructor parameters given as
|
|
20
21
|
/// the remaining arguments. This macro usage should be followed by the
|
|
21
22
|
/// constructor body, with the implicit first argument '_mongocrypt_crypto_t*
|
|
22
23
|
/// crypto' and final argument 'mongocrypt_status_t* status'
|
|
23
|
-
#define DEF_TOKEN_TYPE(Name, ...) DEF_TOKEN_TYPE_1(Name,
|
|
24
|
+
#define DEF_TOKEN_TYPE(Name, ...) DEF_TOKEN_TYPE_1(Name, BSON_CONCAT(Name, _t), __VA_ARGS__)
|
|
24
25
|
|
|
25
26
|
#define DEF_TOKEN_TYPE_1(Prefix, T, ...) \
|
|
26
27
|
/* Define the struct for the token */ \
|
|
@@ -28,9 +29,9 @@
|
|
|
28
29
|
_mongocrypt_buffer_t data; \
|
|
29
30
|
}; \
|
|
30
31
|
/* Data-getter */ \
|
|
31
|
-
const _mongocrypt_buffer_t *
|
|
32
|
+
const _mongocrypt_buffer_t *BSON_CONCAT(Prefix, _get)(const T *self) { return &self->data; } \
|
|
32
33
|
/* Destructor */ \
|
|
33
|
-
void
|
|
34
|
+
void BSON_CONCAT(Prefix, _destroy)(T * self) { \
|
|
34
35
|
if (!self) { \
|
|
35
36
|
return; \
|
|
36
37
|
} \
|
|
@@ -38,23 +39,23 @@
|
|
|
38
39
|
bson_free(self); \
|
|
39
40
|
} \
|
|
40
41
|
/* Constructor. From raw buffer */ \
|
|
41
|
-
T *
|
|
42
|
+
T *BSON_CONCAT(Prefix, _new_from_buffer)(_mongocrypt_buffer_t * buf) { \
|
|
42
43
|
BSON_ASSERT(buf->len == MONGOCRYPT_HMAC_SHA256_LEN); \
|
|
43
44
|
T *t = bson_malloc(sizeof(T)); \
|
|
44
45
|
_mongocrypt_buffer_set_to(buf, &t->data); \
|
|
45
46
|
return t; \
|
|
46
47
|
} \
|
|
47
48
|
/* Constructor. Parameter list given as variadic args. */ \
|
|
48
|
-
T *
|
|
49
|
+
T *BSON_CONCAT(Prefix, _new)(_mongocrypt_crypto_t * crypto, __VA_ARGS__, mongocrypt_status_t * status)
|
|
49
50
|
|
|
50
51
|
#define IMPL_TOKEN_NEW_1(Name, Key, Arg, Clean) \
|
|
51
52
|
{ \
|
|
52
|
-
|
|
53
|
+
BSON_CONCAT(Name, _t) *t = bson_malloc(sizeof(BSON_CONCAT(Name, _t))); \
|
|
53
54
|
_mongocrypt_buffer_init(&t->data); \
|
|
54
55
|
_mongocrypt_buffer_resize(&t->data, MONGOCRYPT_HMAC_SHA256_LEN); \
|
|
55
56
|
\
|
|
56
57
|
if (!_mongocrypt_hmac_sha_256(crypto, Key, Arg, &t->data, status)) { \
|
|
57
|
-
|
|
58
|
+
BSON_CONCAT(Name, _destroy)(t); \
|
|
58
59
|
Clean; \
|
|
59
60
|
return NULL; \
|
|
60
61
|
} \
|
|
@@ -97,23 +98,46 @@ IMPL_TOKEN_NEW(mc_ESCDerivedFromDataToken, mc_ESCToken_get(ESCToken), v)
|
|
|
97
98
|
DEF_TOKEN_TYPE(mc_ECCDerivedFromDataToken, const mc_ECCToken_t *ECCToken, const _mongocrypt_buffer_t *v)
|
|
98
99
|
IMPL_TOKEN_NEW(mc_ECCDerivedFromDataToken, mc_ECCToken_get(ECCToken), v)
|
|
99
100
|
|
|
101
|
+
DEF_TOKEN_TYPE(mc_EDCTwiceDerivedToken,
|
|
102
|
+
const mc_EDCDerivedFromDataTokenAndContentionFactor_t *EDCDerivedFromDataTokenAndContentionFactor)
|
|
103
|
+
IMPL_TOKEN_NEW_CONST(mc_EDCTwiceDerivedToken,
|
|
104
|
+
mc_EDCDerivedFromDataTokenAndContentionFactor_get(EDCDerivedFromDataTokenAndContentionFactor),
|
|
105
|
+
1)
|
|
106
|
+
|
|
107
|
+
DEF_TOKEN_TYPE(mc_ESCTwiceDerivedTagToken,
|
|
108
|
+
const mc_ESCDerivedFromDataTokenAndContentionFactor_t *ESCDerivedFromDataTokenAndContentionFactor)
|
|
109
|
+
IMPL_TOKEN_NEW_CONST(mc_ESCTwiceDerivedTagToken,
|
|
110
|
+
mc_ESCDerivedFromDataTokenAndContentionFactor_get(ESCDerivedFromDataTokenAndContentionFactor),
|
|
111
|
+
1)
|
|
112
|
+
DEF_TOKEN_TYPE(mc_ESCTwiceDerivedValueToken,
|
|
113
|
+
const mc_ESCDerivedFromDataTokenAndContentionFactor_t *ESCDerivedFromDataTokenAndContentionFactor)
|
|
114
|
+
IMPL_TOKEN_NEW_CONST(mc_ESCTwiceDerivedValueToken,
|
|
115
|
+
mc_ESCDerivedFromDataTokenAndContentionFactor_get(ESCDerivedFromDataTokenAndContentionFactor),
|
|
116
|
+
2)
|
|
117
|
+
|
|
100
118
|
DEF_TOKEN_TYPE(mc_ServerDataEncryptionLevel1Token, const _mongocrypt_buffer_t *RootKey)
|
|
101
119
|
IMPL_TOKEN_NEW_CONST(mc_ServerDataEncryptionLevel1Token, RootKey, 3)
|
|
102
120
|
|
|
103
|
-
DEF_TOKEN_TYPE(
|
|
121
|
+
DEF_TOKEN_TYPE(mc_EDCDerivedFromDataTokenAndContentionFactor,
|
|
104
122
|
const mc_EDCDerivedFromDataToken_t *EDCDerivedFromDataToken,
|
|
105
123
|
uint64_t u)
|
|
106
|
-
IMPL_TOKEN_NEW_CONST(
|
|
124
|
+
IMPL_TOKEN_NEW_CONST(mc_EDCDerivedFromDataTokenAndContentionFactor,
|
|
125
|
+
mc_EDCDerivedFromDataToken_get(EDCDerivedFromDataToken),
|
|
126
|
+
u)
|
|
107
127
|
|
|
108
|
-
DEF_TOKEN_TYPE(
|
|
128
|
+
DEF_TOKEN_TYPE(mc_ESCDerivedFromDataTokenAndContentionFactor,
|
|
109
129
|
const mc_ESCDerivedFromDataToken_t *ESCDerivedFromDataToken,
|
|
110
130
|
uint64_t u)
|
|
111
|
-
IMPL_TOKEN_NEW_CONST(
|
|
131
|
+
IMPL_TOKEN_NEW_CONST(mc_ESCDerivedFromDataTokenAndContentionFactor,
|
|
132
|
+
mc_ESCDerivedFromDataToken_get(ESCDerivedFromDataToken),
|
|
133
|
+
u)
|
|
112
134
|
|
|
113
|
-
DEF_TOKEN_TYPE(
|
|
135
|
+
DEF_TOKEN_TYPE(mc_ECCDerivedFromDataTokenAndContentionFactor,
|
|
114
136
|
const mc_ECCDerivedFromDataToken_t *ECCDerivedFromDataToken,
|
|
115
137
|
uint64_t u)
|
|
116
|
-
IMPL_TOKEN_NEW_CONST(
|
|
138
|
+
IMPL_TOKEN_NEW_CONST(mc_ECCDerivedFromDataTokenAndContentionFactor,
|
|
139
|
+
mc_ECCDerivedFromDataToken_get(ECCDerivedFromDataToken),
|
|
140
|
+
u)
|
|
117
141
|
|
|
118
142
|
/* FLE2v2 */
|
|
119
143
|
|
|
@@ -133,3 +157,23 @@ IMPL_TOKEN_NEW_CONST(mc_ServerCountAndContentionFactorEncryptionToken,
|
|
|
133
157
|
|
|
134
158
|
DEF_TOKEN_TYPE(mc_ServerZerosEncryptionToken, const mc_ServerDerivedFromDataToken_t *serverDerivedFromDataToken)
|
|
135
159
|
IMPL_TOKEN_NEW_CONST(mc_ServerZerosEncryptionToken, mc_ServerDerivedFromDataToken_get(serverDerivedFromDataToken), 2)
|
|
160
|
+
|
|
161
|
+
// d = 17 bytes of 0, AnchorPaddingTokenRoot = HMAC(ESCToken, d)
|
|
162
|
+
#define ANCHOR_PADDING_TOKEN_D_LENGTH 17
|
|
163
|
+
const uint8_t mc_AnchorPaddingTokenDValue[ANCHOR_PADDING_TOKEN_D_LENGTH] =
|
|
164
|
+
{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
|
|
165
|
+
|
|
166
|
+
DEF_TOKEN_TYPE(mc_AnchorPaddingTokenRoot, const mc_ESCToken_t *ESCToken) {
|
|
167
|
+
_mongocrypt_buffer_t to_hash;
|
|
168
|
+
if (!_mongocrypt_buffer_copy_from_data_and_size(&to_hash,
|
|
169
|
+
mc_AnchorPaddingTokenDValue,
|
|
170
|
+
ANCHOR_PADDING_TOKEN_D_LENGTH)) {
|
|
171
|
+
return NULL;
|
|
172
|
+
}
|
|
173
|
+
IMPL_TOKEN_NEW_1(mc_AnchorPaddingTokenRoot,
|
|
174
|
+
mc_ESCToken_get(ESCToken),
|
|
175
|
+
&to_hash,
|
|
176
|
+
_mongocrypt_buffer_cleanup(&to_hash))
|
|
177
|
+
}
|
|
178
|
+
|
|
179
|
+
#undef ANCHOR_PADDING_TOKEN_D_LENGTH
|
|
@@ -200,6 +200,13 @@ static mlib_constexpr_fn mlib_int128 mlib_int128_bitor(mlib_int128 l, mlib_int12
|
|
|
200
200
|
return MLIB_INIT(mlib_int128) MLIB_INT128_FROM_PARTS(l.r.lo | r.r.lo, l.r.hi | r.r.hi);
|
|
201
201
|
}
|
|
202
202
|
|
|
203
|
+
/**
|
|
204
|
+
* @brief Bitwise-and two 128-bit integers
|
|
205
|
+
*/
|
|
206
|
+
static mlib_constexpr_fn mlib_int128 mlib_int128_bitand(mlib_int128 l, mlib_int128 r) {
|
|
207
|
+
return MLIB_INIT(mlib_int128) MLIB_INT128_FROM_PARTS(l.r.lo & r.r.lo, l.r.hi & r.r.hi);
|
|
208
|
+
}
|
|
209
|
+
|
|
203
210
|
// Multiply two 64bit integers to get a 128-bit result without overflow
|
|
204
211
|
static mlib_constexpr_fn mlib_int128 _mlibUnsignedMult128(uint64_t left, uint64_t right) {
|
|
205
212
|
// Perform a Knuth 4.3.1M multiplication
|
|
@@ -245,6 +252,16 @@ static mlib_constexpr_fn int _mlibCountLeadingZeros_u64(uint64_t bits) {
|
|
|
245
252
|
return n;
|
|
246
253
|
}
|
|
247
254
|
|
|
255
|
+
static mlib_constexpr_fn int _mlibCountLeadingZeros_u128(mlib_int128 r) {
|
|
256
|
+
int clz_l = _mlibCountLeadingZeros_u64(r.r.hi);
|
|
257
|
+
if (clz_l != 64) {
|
|
258
|
+
return clz_l;
|
|
259
|
+
}
|
|
260
|
+
|
|
261
|
+
int clz_r = _mlibCountLeadingZeros_u64(r.r.lo);
|
|
262
|
+
return clz_l + clz_r;
|
|
263
|
+
}
|
|
264
|
+
|
|
248
265
|
/// Implementation of Knuth's algorithm 4.3.1 D for unsigned integer division
|
|
249
266
|
static mlib_constexpr_fn void
|
|
250
267
|
_mlibKnuth431D(uint32_t *const u, const int ulen, const uint32_t *const v, const int vlen, uint32_t *quotient) {
|
|
@@ -14,6 +14,11 @@
|
|
|
14
14
|
// Old GCC and old MSVC have partially-broken constexpr that prevents us from
|
|
15
15
|
// properly using static_assert with from_string()
|
|
16
16
|
#define BROKEN_CONSTEXPR
|
|
17
|
+
#elif (defined(_MSC_VER) && _MSC_VER >= 1930)
|
|
18
|
+
// Avoid internal compiler error on VS 2022 versions 17.0 and newer when
|
|
19
|
+
// evaluating mlib_int128_from_string via operator""_i128. Assumed to be related
|
|
20
|
+
// to: https://developercommunity.visualstudio.com/t/User-defined-literals-cause-ICEs/10259122
|
|
21
|
+
#define BROKEN_CONSTEXPR
|
|
17
22
|
#endif
|
|
18
23
|
|
|
19
24
|
#ifndef BROKEN_CONSTEXPR
|
|
@@ -21,11 +21,6 @@
|
|
|
21
21
|
|
|
22
22
|
#include "mongocrypt.h"
|
|
23
23
|
|
|
24
|
-
struct _mongocrypt_binary_t {
|
|
25
|
-
uint8_t *data;
|
|
26
|
-
uint32_t len;
|
|
27
|
-
};
|
|
28
|
-
|
|
29
24
|
bool _mongocrypt_binary_to_bson(mongocrypt_binary_t *binary, bson_t *out) MONGOCRYPT_WARN_UNUSED_RESULT;
|
|
30
25
|
|
|
31
26
|
#endif /* MONGOCRYPT_BINARY_PRIVATE_H */
|
|
@@ -19,6 +19,11 @@
|
|
|
19
19
|
#include "mongocrypt-util-private.h"
|
|
20
20
|
#include <bson/bson.h>
|
|
21
21
|
|
|
22
|
+
// Require libbson 1.16.0 or newer. Fix for CDRIVER-3360 is needed.
|
|
23
|
+
#if !BSON_CHECK_VERSION(1, 16, 0)
|
|
24
|
+
#error "libbson 1.16.0 or newer is required."
|
|
25
|
+
#endif
|
|
26
|
+
|
|
22
27
|
#define INT32_LEN 4
|
|
23
28
|
#define TYPE_LEN 1
|
|
24
29
|
#define NULL_BYTE_LEN 1
|
|
@@ -306,13 +311,6 @@ bool _mongocrypt_buffer_to_bson_value(_mongocrypt_buffer_t *plaintext, uint8_t t
|
|
|
306
311
|
}
|
|
307
312
|
bson_value_copy(bson_iter_value(&iter), out);
|
|
308
313
|
|
|
309
|
-
/* Due to an open libbson bug (CDRIVER-3340), give an empty
|
|
310
|
-
* binary payload a real address. TODO: remove this after
|
|
311
|
-
* CDRIVER-3340 is fixed. */
|
|
312
|
-
if (out->value_type == BSON_TYPE_BINARY && 0 == out->value.v_binary.data_len) {
|
|
313
|
-
out->value.v_binary.data = bson_malloc(1); /* Freed in bson_value_destroy */
|
|
314
|
-
}
|
|
315
|
-
|
|
316
314
|
ret = true;
|
|
317
315
|
fail:
|
|
318
316
|
bson_free(data);
|
|
@@ -85,6 +85,7 @@ static void _dump_attr(void *attr_in) {
|
|
|
85
85
|
for (altname = attr->alt_names; NULL != altname; altname = altname->next) {
|
|
86
86
|
printf("%s\n", _mongocrypt_key_alt_name_get_string(altname));
|
|
87
87
|
}
|
|
88
|
+
bson_free(hex);
|
|
88
89
|
}
|
|
89
90
|
|
|
90
91
|
_mongocrypt_cache_key_value_t *_mongocrypt_cache_key_value_new(_mongocrypt_key_doc_t *key_doc,
|
|
@@ -20,21 +20,19 @@
|
|
|
20
20
|
#include "mongocrypt-mutex-private.h"
|
|
21
21
|
#include "mongocrypt-status-private.h"
|
|
22
22
|
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
#endif /* MONGOCRYPT_CACHE_OAUTH_PRIVATE_H */
|
|
23
|
+
// `mc_mapof_kmsid_to_token_t` maps a KMS ID (e.g. `azure` or `azure:myname`) to an OAuth token.
|
|
24
|
+
typedef struct _mc_mapof_kmsid_to_token_t mc_mapof_kmsid_to_token_t;
|
|
25
|
+
|
|
26
|
+
mc_mapof_kmsid_to_token_t *mc_mapof_kmsid_to_token_new(void);
|
|
27
|
+
void mc_mapof_kmsid_to_token_destroy(mc_mapof_kmsid_to_token_t *k2t);
|
|
28
|
+
// `mc_mapof_kmsid_to_token_get_token` returns a copy of the base64 encoded oauth token, or NULL.
|
|
29
|
+
// Thread-safe.
|
|
30
|
+
char *mc_mapof_kmsid_to_token_get_token(mc_mapof_kmsid_to_token_t *k2t, const char *kmsid);
|
|
31
|
+
// `mc_mapof_kmsid_to_token_add_response` overwrites an entry if `kms_id` exists.
|
|
32
|
+
// Thread-safe.
|
|
33
|
+
bool mc_mapof_kmsid_to_token_add_response(mc_mapof_kmsid_to_token_t *k2t,
|
|
34
|
+
const char *kmsid,
|
|
35
|
+
bson_t *response,
|
|
36
|
+
mongocrypt_status_t *status);
|
|
37
|
+
|
|
38
|
+
#endif /* MONGOCRYPT_CACHE_OAUTH_PRIVATE_H */
|
|
@@ -16,6 +16,7 @@
|
|
|
16
16
|
|
|
17
17
|
#include "mongocrypt-cache-oauth-private.h"
|
|
18
18
|
|
|
19
|
+
#include "mc-array-private.h"
|
|
19
20
|
#include "mongocrypt-private.h"
|
|
20
21
|
|
|
21
22
|
/* How long before the reported "expires_in" time cache entries get evicted.
|
|
@@ -24,91 +25,119 @@
|
|
|
24
25
|
*/
|
|
25
26
|
#define MONGOCRYPT_OAUTH_CACHE_EVICTION_PERIOD_US 5000 * 1000
|
|
26
27
|
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
cache = bson_malloc0(sizeof(_mongocrypt_cache_oauth_t));
|
|
31
|
-
_mongocrypt_mutex_init(&cache->mutex);
|
|
32
|
-
return cache;
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
void _mongocrypt_cache_oauth_destroy(_mongocrypt_cache_oauth_t *cache) {
|
|
36
|
-
BSON_ASSERT_PARAM(cache);
|
|
37
|
-
|
|
38
|
-
_mongocrypt_mutex_cleanup(&cache->mutex);
|
|
39
|
-
bson_destroy(cache->entry);
|
|
40
|
-
bson_free(cache->access_token);
|
|
41
|
-
bson_free(cache);
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
bool _mongocrypt_cache_oauth_add(_mongocrypt_cache_oauth_t *cache,
|
|
45
|
-
bson_t *oauth_response,
|
|
46
|
-
mongocrypt_status_t *status) {
|
|
47
|
-
bson_iter_t iter;
|
|
28
|
+
typedef struct {
|
|
29
|
+
char *kmsid;
|
|
30
|
+
char *access_token;
|
|
48
31
|
int64_t expiration_time_us;
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
32
|
+
} mc_mapof_kmsid_to_token_entry_t;
|
|
33
|
+
|
|
34
|
+
struct _mc_mapof_kmsid_to_token_t {
|
|
35
|
+
mc_array_t entries;
|
|
36
|
+
mongocrypt_mutex_t mutex; // Guards `entries`.
|
|
37
|
+
};
|
|
38
|
+
|
|
39
|
+
mc_mapof_kmsid_to_token_t *mc_mapof_kmsid_to_token_new(void) {
|
|
40
|
+
mc_mapof_kmsid_to_token_t *k2t = bson_malloc0(sizeof(mc_mapof_kmsid_to_token_t));
|
|
41
|
+
_mc_array_init(&k2t->entries, sizeof(mc_mapof_kmsid_to_token_entry_t));
|
|
42
|
+
_mongocrypt_mutex_init(&k2t->mutex);
|
|
43
|
+
return k2t;
|
|
44
|
+
}
|
|
56
45
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
CLIENT_ERR("OAuth response invalid, no 'expires_in' field.");
|
|
61
|
-
return false;
|
|
62
|
-
}
|
|
63
|
-
cache_time_us = bson_get_monotonic_time();
|
|
64
|
-
expires_in_s = bson_iter_as_int64(&iter);
|
|
65
|
-
BSON_ASSERT(expires_in_s <= INT64_MAX / 1000 / 1000);
|
|
66
|
-
expires_in_us = expires_in_s * 1000 * 1000;
|
|
67
|
-
BSON_ASSERT(expires_in_us <= INT64_MAX - cache_time_us
|
|
68
|
-
&& expires_in_us + cache_time_us > MONGOCRYPT_OAUTH_CACHE_EVICTION_PERIOD_US);
|
|
69
|
-
expiration_time_us = expires_in_us + cache_time_us - MONGOCRYPT_OAUTH_CACHE_EVICTION_PERIOD_US;
|
|
70
|
-
|
|
71
|
-
if (!bson_iter_init_find(&iter, oauth_response, "access_token") || !BSON_ITER_HOLDS_UTF8(&iter)) {
|
|
72
|
-
CLIENT_ERR("OAuth response invalid, no 'access_token' field.");
|
|
73
|
-
return false;
|
|
46
|
+
void mc_mapof_kmsid_to_token_destroy(mc_mapof_kmsid_to_token_t *k2t) {
|
|
47
|
+
if (!k2t) {
|
|
48
|
+
return;
|
|
74
49
|
}
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
cache->entry = bson_copy(oauth_response);
|
|
81
|
-
cache->expiration_time_us = expiration_time_us;
|
|
82
|
-
bson_free(cache->access_token);
|
|
83
|
-
cache->access_token = bson_strdup(access_token);
|
|
50
|
+
_mongocrypt_mutex_cleanup(&k2t->mutex);
|
|
51
|
+
for (size_t i = 0; i < k2t->entries.len; i++) {
|
|
52
|
+
mc_mapof_kmsid_to_token_entry_t k2te = _mc_array_index(&k2t->entries, mc_mapof_kmsid_to_token_entry_t, i);
|
|
53
|
+
bson_free(k2te.kmsid);
|
|
54
|
+
bson_free(k2te.access_token);
|
|
84
55
|
}
|
|
85
|
-
|
|
86
|
-
|
|
56
|
+
_mc_array_destroy(&k2t->entries);
|
|
57
|
+
bson_free(k2t);
|
|
87
58
|
}
|
|
88
59
|
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
60
|
+
char *mc_mapof_kmsid_to_token_get_token(mc_mapof_kmsid_to_token_t *k2t, const char *kmsid) {
|
|
61
|
+
BSON_ASSERT_PARAM(k2t);
|
|
62
|
+
BSON_ASSERT_PARAM(kmsid);
|
|
63
|
+
|
|
64
|
+
_mongocrypt_mutex_lock(&k2t->mutex);
|
|
65
|
+
|
|
66
|
+
for (size_t i = 0; i < k2t->entries.len; i++) {
|
|
67
|
+
mc_mapof_kmsid_to_token_entry_t k2te = _mc_array_index(&k2t->entries, mc_mapof_kmsid_to_token_entry_t, i);
|
|
68
|
+
if (0 == strcmp(k2te.kmsid, kmsid)) {
|
|
69
|
+
if (bson_get_monotonic_time() >= k2te.expiration_time_us) {
|
|
70
|
+
// Expired.
|
|
71
|
+
_mongocrypt_mutex_unlock(&k2t->mutex);
|
|
72
|
+
return NULL;
|
|
73
|
+
}
|
|
74
|
+
char *access_token = bson_strdup(k2te.access_token);
|
|
75
|
+
_mongocrypt_mutex_unlock(&k2t->mutex);
|
|
76
|
+
return access_token;
|
|
77
|
+
}
|
|
78
|
+
}
|
|
93
79
|
|
|
94
|
-
|
|
80
|
+
_mongocrypt_mutex_unlock(&k2t->mutex);
|
|
81
|
+
return NULL;
|
|
82
|
+
}
|
|
95
83
|
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
84
|
+
bool mc_mapof_kmsid_to_token_add_response(mc_mapof_kmsid_to_token_t *k2t,
|
|
85
|
+
const char *kmsid,
|
|
86
|
+
bson_t *response,
|
|
87
|
+
mongocrypt_status_t *status) {
|
|
88
|
+
BSON_ASSERT_PARAM(k2t);
|
|
89
|
+
BSON_ASSERT_PARAM(kmsid);
|
|
90
|
+
BSON_ASSERT_PARAM(response);
|
|
101
91
|
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
92
|
+
// Parse access token before locking.
|
|
93
|
+
const char *access_token;
|
|
94
|
+
int64_t expiration_time_us;
|
|
95
|
+
{
|
|
96
|
+
bson_iter_t iter;
|
|
97
|
+
int64_t cache_time_us;
|
|
98
|
+
int64_t expires_in_s;
|
|
99
|
+
int64_t expires_in_us;
|
|
100
|
+
|
|
101
|
+
/* The OAuth spec strongly implies that the value of expires_in is positive,
|
|
102
|
+
* so the overflow checks in this function don't consider negative values. */
|
|
103
|
+
if (!bson_iter_init_find(&iter, response, "expires_in") || !BSON_ITER_HOLDS_INT(&iter)) {
|
|
104
|
+
CLIENT_ERR("OAuth response invalid, no 'expires_in' field.");
|
|
105
|
+
return false;
|
|
106
|
+
}
|
|
107
|
+
cache_time_us = bson_get_monotonic_time();
|
|
108
|
+
expires_in_s = bson_iter_as_int64(&iter);
|
|
109
|
+
BSON_ASSERT(expires_in_s <= INT64_MAX / 1000 / 1000);
|
|
110
|
+
expires_in_us = expires_in_s * 1000 * 1000;
|
|
111
|
+
BSON_ASSERT(expires_in_us <= INT64_MAX - cache_time_us
|
|
112
|
+
&& expires_in_us + cache_time_us > MONGOCRYPT_OAUTH_CACHE_EVICTION_PERIOD_US);
|
|
113
|
+
expiration_time_us = expires_in_us + cache_time_us - MONGOCRYPT_OAUTH_CACHE_EVICTION_PERIOD_US;
|
|
114
|
+
|
|
115
|
+
if (!bson_iter_init_find(&iter, response, "access_token") || !BSON_ITER_HOLDS_UTF8(&iter)) {
|
|
116
|
+
CLIENT_ERR("OAuth response invalid, no 'access_token' field.");
|
|
117
|
+
return false;
|
|
118
|
+
}
|
|
119
|
+
access_token = bson_iter_utf8(&iter, NULL);
|
|
108
120
|
}
|
|
109
121
|
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
122
|
+
_mongocrypt_mutex_lock(&k2t->mutex);
|
|
123
|
+
|
|
124
|
+
// Check if there is an existing entry.
|
|
125
|
+
for (size_t i = 0; i < k2t->entries.len; i++) {
|
|
126
|
+
mc_mapof_kmsid_to_token_entry_t *k2te = &_mc_array_index(&k2t->entries, mc_mapof_kmsid_to_token_entry_t, i);
|
|
127
|
+
if (0 == strcmp(k2te->kmsid, kmsid)) {
|
|
128
|
+
// Update entry.
|
|
129
|
+
bson_free(k2te->access_token);
|
|
130
|
+
k2te->access_token = bson_strdup(access_token);
|
|
131
|
+
k2te->expiration_time_us = expiration_time_us;
|
|
132
|
+
_mongocrypt_mutex_unlock(&k2t->mutex);
|
|
133
|
+
return true;
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
// Create an entry.
|
|
137
|
+
mc_mapof_kmsid_to_token_entry_t to_put = {.kmsid = bson_strdup(kmsid),
|
|
138
|
+
.access_token = bson_strdup(access_token),
|
|
139
|
+
.expiration_time_us = expiration_time_us};
|
|
140
|
+
_mc_array_append_val(&k2t->entries, to_put);
|
|
141
|
+
_mongocrypt_mutex_unlock(&k2t->mutex);
|
|
142
|
+
return true;
|
|
114
143
|
}
|
|
@@ -78,7 +78,10 @@ static bool _crypto_aes_256_ctr_encrypt_decrypt_via_ecb(void *ctx,
|
|
|
78
78
|
|
|
79
79
|
/* XOR resulting stream with original data */
|
|
80
80
|
for (uint32_t i = 0; i < bytes_written && ptr < args.in->len; i++, ptr++) {
|
|
81
|
-
|
|
81
|
+
uint8_t *in_bin_u8 = in_bin.data;
|
|
82
|
+
uint8_t *out_bin_u8 = out_bin.data;
|
|
83
|
+
uint8_t *tmp_bin_u8 = tmp_bin.data;
|
|
84
|
+
out_bin_u8[ptr] = in_bin_u8[ptr] ^ tmp_bin_u8[i];
|
|
82
85
|
}
|
|
83
86
|
|
|
84
87
|
/* Increment value in CTR buffer */
|
|
@@ -86,9 +89,10 @@ static bool _crypto_aes_256_ctr_encrypt_decrypt_via_ecb(void *ctx,
|
|
|
86
89
|
/* assert rather than return since this should never happen */
|
|
87
90
|
BSON_ASSERT(ctr_bin.len == 0u || ctr_bin.len - 1u <= INT_MAX);
|
|
88
91
|
for (int i = (int)ctr_bin.len - 1; i >= 0 && carry != 0; --i) {
|
|
89
|
-
|
|
92
|
+
uint8_t *ctr_bin_u8 = ctr_bin.data;
|
|
93
|
+
uint32_t bpp = carry + ctr_bin_u8[i];
|
|
90
94
|
carry = bpp >> 8;
|
|
91
|
-
|
|
95
|
+
ctr_bin_u8[i] = bpp & 0xFF;
|
|
92
96
|
}
|
|
93
97
|
}
|
|
94
98
|
|
|
@@ -1384,6 +1388,8 @@ bool _mongocrypt_random_uint64(_mongocrypt_crypto_t *crypto,
|
|
|
1384
1388
|
}
|
|
1385
1389
|
|
|
1386
1390
|
memcpy(&rand_u64, rand_u64_buf.data, rand_u64_buf.len);
|
|
1391
|
+
// Use little-endian to enable deterministic tests on big-endian machines.
|
|
1392
|
+
rand_u64 = BSON_UINT64_FROM_LE(rand_u64);
|
|
1387
1393
|
|
|
1388
1394
|
if (rand_u64 >= min) {
|
|
1389
1395
|
break;
|