mongo 2.12.0.rc0 → 2.12.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/README.md +2 -1
- data/lib/mongo/client.rb +23 -9
- data/lib/mongo/client_encryption.rb +1 -1
- data/lib/mongo/cluster.rb +6 -2
- data/lib/mongo/crypt/auto_decryption_context.rb +3 -5
- data/lib/mongo/crypt/auto_encrypter.rb +17 -7
- data/lib/mongo/crypt/binding.rb +446 -379
- data/lib/mongo/crypt/context.rb +4 -4
- data/lib/mongo/crypt/encryption_io.rb +16 -10
- data/lib/mongo/crypt/explicit_encrypter.rb +3 -3
- data/lib/mongo/crypt/explicit_encryption_context.rb +1 -1
- data/lib/mongo/crypt/handle.rb +26 -4
- data/lib/mongo/crypt/hooks.rb +1 -1
- data/lib/mongo/database.rb +11 -1
- data/lib/mongo/error/bulk_write_error.rb +16 -14
- data/lib/mongo/error/notable.rb +0 -15
- data/lib/mongo/error/parser.rb +1 -1
- data/lib/mongo/grid/file/info.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/connection_check_out_failed.rb +1 -1
- data/lib/mongo/operation/insert/command.rb +3 -2
- data/lib/mongo/operation/insert/legacy.rb +2 -1
- data/lib/mongo/operation/insert/op_msg.rb +1 -1
- data/lib/mongo/operation/shared/executable.rb +9 -9
- data/lib/mongo/operation/shared/op_msg_or_command.rb +2 -2
- data/lib/mongo/operation/shared/read_preference_supported.rb +68 -19
- data/lib/mongo/operation/shared/response_handling.rb +1 -1
- data/lib/mongo/operation/shared/sessions_supported.rb +44 -3
- data/lib/mongo/protocol/bit_vector.rb +2 -1
- data/lib/mongo/protocol/message.rb +22 -7
- data/lib/mongo/protocol/msg.rb +2 -5
- data/lib/mongo/protocol/serializers.rb +32 -11
- data/lib/mongo/retryable.rb +1 -1
- data/lib/mongo/server/connection.rb +1 -1
- data/lib/mongo/server/connection_base.rb +9 -4
- data/lib/mongo/server/connection_pool/populator.rb +1 -1
- data/lib/mongo/session.rb +1 -1
- data/lib/mongo/srv/monitor.rb +73 -42
- data/lib/mongo/srv/result.rb +0 -1
- data/lib/mongo/uri.rb +1 -1
- data/lib/mongo/uri/srv_protocol.rb +1 -1
- data/lib/mongo/version.rb +1 -1
- data/mongo.gemspec +0 -2
- data/spec/README.md +106 -12
- data/spec/integration/client_construction_spec.rb +29 -5
- data/spec/integration/client_side_encryption/auto_encryption_bulk_writes_spec.rb +6 -4
- data/spec/integration/client_side_encryption/auto_encryption_command_monitoring_spec.rb +19 -17
- data/spec/integration/client_side_encryption/auto_encryption_mongocryptd_spawn_spec.rb +5 -4
- data/spec/integration/client_side_encryption/auto_encryption_old_wire_version_spec.rb +11 -8
- data/spec/integration/client_side_encryption/auto_encryption_reconnect_spec.rb +14 -9
- data/spec/integration/client_side_encryption/auto_encryption_spec.rb +46 -45
- data/spec/integration/client_side_encryption/bson_size_limit_spec.rb +11 -7
- data/spec/integration/client_side_encryption/bypass_mongocryptd_spawn_spec.rb +13 -9
- data/spec/integration/client_side_encryption/client_close_spec.rb +10 -6
- data/spec/integration/client_side_encryption/corpus_spec.rb +19 -14
- data/spec/integration/client_side_encryption/data_key_spec.rb +10 -8
- data/spec/integration/client_side_encryption/external_key_vault_spec.rb +12 -8
- data/spec/integration/client_side_encryption/views_spec.rb +6 -4
- data/spec/integration/client_update_spec.rb +36 -2
- data/spec/integration/crud_spec.rb +89 -0
- data/spec/integration/read_preference_spec.rb +26 -0
- data/spec/integration/srv_monitoring_spec.rb +2 -2
- data/spec/kerberos/kerberos_spec.rb +87 -0
- data/spec/lite_spec_helper.rb +4 -8
- data/spec/mongo/bulk_write/result_spec.rb +11 -7
- data/spec/mongo/client_encryption_spec.rb +3 -6
- data/spec/mongo/crypt/auto_encrypter_spec.rb +8 -3
- data/spec/mongo/crypt/handle_spec.rb +38 -4
- data/spec/mongo/error/bulk_write_error_spec.rb +49 -0
- data/spec/mongo/error/notable_spec.rb +59 -0
- data/spec/mongo/operation/find/legacy_spec.rb +1 -0
- data/spec/mongo/operation/read_preference_legacy_spec.rb +351 -0
- data/spec/mongo/operation/read_preference_op_msg_spec.rb +194 -0
- data/spec/mongo/srv/monitor_spec.rb +88 -69
- data/spec/runners/transactions.rb +5 -7
- data/spec/spec_tests/client_side_encryption_spec.rb +0 -5
- data/spec/spec_tests/data/client_side_encryption/bulk.yml +3 -0
- data/spec/spec_tests/data/client_side_encryption/replaceOne.yml +4 -1
- data/spec/spec_tests/data/client_side_encryption/updateOne.yml +3 -0
- data/spec/support/cluster_tools.rb +6 -1
- data/spec/support/crypt.rb +14 -0
- data/spec/support/lite_constraints.rb +3 -1
- data/spec/support/spec_config.rb +10 -0
- data/spec/support/utils.rb +9 -1
- metadata +15 -14
- metadata.gz.sig +0 -0
- data/lib/mongo/cluster/srv_monitor.rb +0 -127
- data/lib/mongo/srv/warning_result.rb +0 -35
- data/spec/enterprise_auth/kerberos_spec.rb +0 -58
- data/spec/mongo/cluster/srv_monitor_spec.rb +0 -214
- data/spec/mongo/operation/read_preference_spec.rb +0 -245
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3445c61a01ced5590fabff016e17fb745789b0bca07628c653272ea5f1ba9c22
|
4
|
+
data.tar.gz: 6a945cc89db62d7bb613ef03c262407f56820e4aedfc5c2aa25fe813a02a7b51
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 207218c0f2715f90d877d697f24aa2dce851032ef8affd8e8fa222d608f886f0bb9e3a1f7763e57070bc0214952285d1ad7c54454d90772be4c8bbe2d274d6b8
|
7
|
+
data.tar.gz: d95ad222012c17207208e6d2bf32e33a744823ceaee1695cc794c89fb672c7a186eaba3c7aeae8b68dcfe4b0b03543b7474bd5420271f571513b6fdab29478d4
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
data/README.md
CHANGED
@@ -18,7 +18,8 @@ Support & Feedback
|
|
18
18
|
For issues, questions or feedback related to the Ruby driver, please look into
|
19
19
|
our [support channels](http://www.mongodb.org/about/support). Please
|
20
20
|
do not email any of the Ruby developers directly with issues or
|
21
|
-
questions - you're more likely to get an answer quickly on the
|
21
|
+
questions - you're more likely to get an answer quickly on the
|
22
|
+
[MongoDB Community Forum](https://community.mongodb.com).
|
22
23
|
|
23
24
|
|
24
25
|
Bugs & Feature Requests
|
data/lib/mongo/client.rb
CHANGED
@@ -475,16 +475,26 @@ module Mongo
|
|
475
475
|
cluster_options.merge(srv_uri: srv_uri))
|
476
476
|
end
|
477
477
|
|
478
|
-
|
479
|
-
|
478
|
+
begin
|
479
|
+
# Unset monitoring, it will be taken out of cluster from now on
|
480
|
+
remove_instance_variable('@monitoring')
|
480
481
|
|
481
|
-
|
482
|
-
|
483
|
-
|
482
|
+
if @options[:auto_encryption_options]
|
483
|
+
@connect_lock.synchronize do
|
484
|
+
build_encrypter
|
485
|
+
end
|
484
486
|
end
|
485
|
-
end
|
486
487
|
|
487
|
-
|
488
|
+
yield(self) if block_given?
|
489
|
+
rescue
|
490
|
+
begin
|
491
|
+
@cluster.disconnect!
|
492
|
+
rescue => e
|
493
|
+
log_warn("Eror disconnecting cluster in client constructor's exception handler: #{e.class}: #{e}")
|
494
|
+
# Drop this exception so that the original exception is raised
|
495
|
+
end
|
496
|
+
raise
|
497
|
+
end
|
488
498
|
end
|
489
499
|
|
490
500
|
# @api private
|
@@ -695,9 +705,13 @@ module Mongo
|
|
695
705
|
# If auto_encryption_options are nil, set @encrypter to nil, but do not
|
696
706
|
# close the encrypter because it may still be used by the original client.
|
697
707
|
if @options[:auto_encryption_options] && auto_encryption_options_changed
|
698
|
-
|
708
|
+
@connect_lock.synchronize do
|
709
|
+
build_encrypter
|
710
|
+
end
|
699
711
|
elsif @options[:auto_encryption_options].nil?
|
700
|
-
@
|
712
|
+
@connect_lock.synchronize do
|
713
|
+
@encrypter = nil
|
714
|
+
end
|
701
715
|
end
|
702
716
|
|
703
717
|
validate_options!
|
@@ -44,7 +44,7 @@ module Mongo
|
|
44
44
|
#
|
45
45
|
# @param [ String ] kms_provider The KMS provider to use. Valid values are
|
46
46
|
# "aws" and "local".
|
47
|
-
# @
|
47
|
+
# @param [ Hash ] options
|
48
48
|
#
|
49
49
|
# @option options [ Hash ] :master_key Information about the AWS master key.
|
50
50
|
# Required if kms_provider is "aws".
|
data/lib/mongo/cluster.rb
CHANGED
@@ -487,6 +487,11 @@ module Mongo
|
|
487
487
|
server.reconnect!
|
488
488
|
end
|
489
489
|
@periodic_executor.restart!
|
490
|
+
@srv_monitor_lock.synchronize do
|
491
|
+
if @srv_monitor
|
492
|
+
@srv_monitor.run!
|
493
|
+
end
|
494
|
+
end
|
490
495
|
@connecting = false
|
491
496
|
@connected = true
|
492
497
|
end
|
@@ -855,7 +860,7 @@ module Mongo
|
|
855
860
|
unless @srv_monitor
|
856
861
|
monitor_options = options.merge(
|
857
862
|
timeout: options[:connect_timeout] || Server::CONNECT_TIMEOUT)
|
858
|
-
@srv_monitor = _srv_monitor =
|
863
|
+
@srv_monitor = _srv_monitor = Srv::Monitor.new(self, monitor_options)
|
859
864
|
finalizer = lambda do
|
860
865
|
_srv_monitor.stop!
|
861
866
|
end
|
@@ -879,4 +884,3 @@ module Mongo
|
|
879
884
|
end
|
880
885
|
|
881
886
|
require 'mongo/cluster/sdam_flow'
|
882
|
-
require 'mongo/cluster/srv_monitor'
|
@@ -23,13 +23,11 @@ module Mongo
|
|
23
23
|
# Create a new AutoEncryptionContext object
|
24
24
|
#
|
25
25
|
# @param [ Mongo::Crypt::Handle ] mongocrypt a Handle that
|
26
|
-
# wraps a mongocrypt_t object used to create a new mongocrypt_ctx_t
|
26
|
+
# wraps a mongocrypt_t object used to create a new mongocrypt_ctx_t.
|
27
27
|
# @param [ ClientEncryption::IO ] io A instance of the IO class
|
28
28
|
# that implements driver I/O methods required to run the
|
29
|
-
# state machine
|
30
|
-
# @param [
|
31
|
-
# the command is being made
|
32
|
-
# @param [ Hash ] command The command to be encrypted
|
29
|
+
# state machine.
|
30
|
+
# @param [ Hash ] command The command to be decrypted.
|
33
31
|
def initialize(mongocrypt, io, command)
|
34
32
|
super(mongocrypt, io)
|
35
33
|
|
@@ -79,13 +79,23 @@ module Mongo
|
|
79
79
|
server_selection_timeout: 1,
|
80
80
|
)
|
81
81
|
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
82
|
+
begin
|
83
|
+
@encryption_io = EncryptionIO.new(
|
84
|
+
client: @options[:client],
|
85
|
+
mongocryptd_client: @mongocryptd_client,
|
86
|
+
key_vault_namespace: @options[:key_vault_namespace],
|
87
|
+
key_vault_client: @key_vault_client,
|
88
|
+
mongocryptd_options: @options[:extra_options]
|
89
|
+
)
|
90
|
+
rescue
|
91
|
+
begin
|
92
|
+
@mongocryptd_client.close
|
93
|
+
rescue => e
|
94
|
+
log_warn("Eror closing mongocryptd client in auto encrypter's constructor: #{e.class}: #{e}")
|
95
|
+
# Drop this exception so that the original exception is raised
|
96
|
+
end
|
97
|
+
raise
|
98
|
+
end
|
89
99
|
end
|
90
100
|
|
91
101
|
# Whether this encrypter should perform encryption (returns false if
|
data/lib/mongo/crypt/binding.rb
CHANGED
@@ -56,55 +56,62 @@ module Mongo
|
|
56
56
|
"is invalid: #{ENV['LIBMONGOCRYPT_PATH']}\n\n#{e.class}: #{e.message}"
|
57
57
|
end
|
58
58
|
|
59
|
-
#
|
59
|
+
# @!method self.mongocrypt_version(len)
|
60
|
+
# @api private
|
60
61
|
#
|
61
|
-
#
|
62
|
-
#
|
63
|
-
#
|
64
|
-
#
|
62
|
+
# Returns the version string of the libmongocrypt library.
|
63
|
+
# @param [ FFI::Pointer | nil ] len (out param) An optional pointer to a
|
64
|
+
# uint8 that will reference the length of the returned string.
|
65
|
+
# @return [ String ] A version string for libmongocrypt.
|
65
66
|
attach_function :mongocrypt_version, [:pointer], :string
|
66
67
|
|
67
|
-
#
|
68
|
-
#
|
68
|
+
# @!method self.mongocrypt_binary_new
|
69
|
+
# @api private
|
69
70
|
#
|
70
|
-
#
|
71
|
-
#
|
71
|
+
# Creates a new mongocrypt_binary_t object (a non-owning view of a byte
|
72
|
+
# array).
|
73
|
+
# @return [ FFI::Pointer ] A pointer to the newly-created
|
74
|
+
# mongocrypt_binary_t object.
|
72
75
|
attach_function :mongocrypt_binary_new, [], :pointer
|
73
76
|
|
74
|
-
#
|
75
|
-
#
|
76
|
-
#
|
77
|
-
# @param [ FFI::Pointer ] data A pointer to an array of bytes; the data
|
78
|
-
# is not copied and must outlive the mongocrypt_binary_t object
|
79
|
-
# @param [ Integer ] len The length of the array argument
|
77
|
+
# @!method self.mongocrypt_binary_new_from_data(data, len)
|
78
|
+
# @api private
|
80
79
|
#
|
81
|
-
#
|
82
|
-
#
|
80
|
+
# Create a new mongocrypt_binary_t object that maintains a pointer to
|
81
|
+
# the specified byte array.
|
82
|
+
# @param [ FFI::Pointer ] data A pointer to an array of bytes; the data
|
83
|
+
# is not copied and must outlive the mongocrypt_binary_t object.
|
84
|
+
# @param [ Integer ] len The length of the array argument.
|
85
|
+
# @return [ FFI::Pointer ] A pointer to the newly-created
|
86
|
+
# mongocrypt_binary_t object.
|
83
87
|
attach_function(
|
84
88
|
:mongocrypt_binary_new_from_data,
|
85
89
|
[:pointer, :int],
|
86
90
|
:pointer
|
87
91
|
)
|
88
92
|
|
89
|
-
#
|
90
|
-
#
|
91
|
-
# @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t object
|
93
|
+
# @!method self.mongocrypt_binary_data(binary)
|
94
|
+
# @api private
|
92
95
|
#
|
93
|
-
#
|
96
|
+
# Get the pointer to the underlying data for the mongocrypt_binary_t.
|
97
|
+
# @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t object.
|
98
|
+
# @return [ FFI::Pointer ] A pointer to the data array.
|
94
99
|
attach_function :mongocrypt_binary_data, [:pointer], :pointer
|
95
100
|
|
96
|
-
#
|
101
|
+
# @!method self.mongocrypt_binary_len(binary)
|
102
|
+
# @api private
|
97
103
|
#
|
98
|
-
#
|
99
|
-
#
|
100
|
-
#
|
104
|
+
# Get the length of the underlying data array.
|
105
|
+
# @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t object.
|
106
|
+
# @return [ Integer ] The length of the data array.
|
101
107
|
attach_function :mongocrypt_binary_len, [:pointer], :int
|
102
108
|
|
103
|
-
#
|
104
|
-
#
|
105
|
-
# @param [ FFI::Pointer ] A pointer to a mongocrypt_binary_t object
|
109
|
+
# @!method self.mongocrypt_binary_destroy(binary)
|
110
|
+
# @api private
|
106
111
|
#
|
107
|
-
#
|
112
|
+
# Destroy the mongocrypt_binary_t object.
|
113
|
+
# @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t object.
|
114
|
+
# @return [ nil ] Always nil.
|
108
115
|
attach_function :mongocrypt_binary_destroy, [:pointer], :void
|
109
116
|
|
110
117
|
# Enum labeling different status types
|
@@ -114,63 +121,71 @@ module Mongo
|
|
114
121
|
:error_kms, 2,
|
115
122
|
]
|
116
123
|
|
117
|
-
#
|
124
|
+
# @!method self.mongocrypt_status_new
|
125
|
+
# @api private
|
118
126
|
#
|
119
|
-
#
|
127
|
+
# Create a new mongocrypt_status_t object.
|
128
|
+
# @return [ FFI::Pointer ] A pointer to the new mongocrypt_status_ts.
|
120
129
|
attach_function :mongocrypt_status_new, [], :pointer
|
121
130
|
|
122
|
-
#
|
123
|
-
#
|
124
|
-
#
|
125
|
-
#
|
126
|
-
#
|
127
|
-
#
|
128
|
-
#
|
129
|
-
#
|
130
|
-
#
|
131
|
-
#
|
132
|
-
#
|
131
|
+
# @!method self.mongocrypt_status_set(status, type, code, message, len)
|
132
|
+
# @api private
|
133
|
+
#
|
134
|
+
# Set a message, type, and code on an existing status.
|
135
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
|
136
|
+
# @param [ Symbol ] type The status type; possible values are defined
|
137
|
+
# by the status_type enum.
|
138
|
+
# @param [ Integer ] code The status code.
|
139
|
+
# @param [ String ] message The status message.
|
140
|
+
# @param [ Integer ] len The length of the message argument (or -1 for a
|
141
|
+
# null-terminated string).
|
142
|
+
# @return [ nil ] Always nil.
|
133
143
|
attach_function(
|
134
144
|
:mongocrypt_status_set,
|
135
145
|
[:pointer, :status_type, :int, :string, :int],
|
136
146
|
:void
|
137
147
|
)
|
138
148
|
|
139
|
-
#
|
149
|
+
# @!method self.mongocrypt_status_type(status)
|
150
|
+
# @api private
|
140
151
|
#
|
141
|
-
#
|
142
|
-
#
|
143
|
-
#
|
152
|
+
# Indicates the status type.
|
153
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
|
154
|
+
# @return [ Symbol ] The status type (as defined by the status_type enum).
|
144
155
|
attach_function :mongocrypt_status_type, [:pointer], :status_type
|
145
156
|
|
146
|
-
#
|
147
|
-
#
|
148
|
-
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
|
157
|
+
# @!method self.mongocrypt_status_code(status)
|
158
|
+
# @api private
|
149
159
|
#
|
150
|
-
#
|
160
|
+
# Return the status error code.
|
161
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
|
162
|
+
# @return [ Integer ] The status code.
|
151
163
|
attach_function :mongocrypt_status_code, [:pointer], :int
|
152
164
|
|
153
|
-
#
|
165
|
+
# @!method self.mongocrypt_status_message(status, len=nil)
|
166
|
+
# @api private
|
154
167
|
#
|
155
|
-
#
|
156
|
-
#
|
157
|
-
#
|
158
|
-
#
|
159
|
-
#
|
168
|
+
# Returns the status message.
|
169
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
|
170
|
+
# @param [ FFI::Pointer | nil ] len (out param) An optional pointer to a
|
171
|
+
# uint32, where the length of the retun string will be written.
|
172
|
+
# @return [ String ] The status message.
|
160
173
|
attach_function :mongocrypt_status_message, [:pointer, :pointer], :string
|
161
174
|
|
162
|
-
#
|
163
|
-
#
|
164
|
-
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
|
175
|
+
# @!method self.mongocrypt_status_ok(status)
|
176
|
+
# @api private
|
165
177
|
#
|
166
|
-
#
|
178
|
+
# Returns whether the status is ok or an error.
|
179
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
|
180
|
+
# @return [ Boolean ] Whether the status is ok.
|
167
181
|
attach_function :mongocrypt_status_ok, [:pointer], :bool
|
168
182
|
|
169
|
-
#
|
170
|
-
#
|
171
|
-
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
|
183
|
+
# @!method self.mongocrypt_status_destroy(status)
|
184
|
+
# @api private
|
172
185
|
#
|
173
|
-
#
|
186
|
+
# Destroys the reference to the mongocrypt_status_t object.
|
187
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
|
188
|
+
# @return [ nil ] Always nil.
|
174
189
|
attach_function :mongocrypt_status_destroy, [:pointer], :void
|
175
190
|
|
176
191
|
# Enum labeling the various log levels
|
@@ -182,34 +197,41 @@ module Mongo
|
|
182
197
|
:debug, 4,
|
183
198
|
]
|
184
199
|
|
185
|
-
#
|
186
|
-
#
|
187
|
-
#
|
188
|
-
#
|
189
|
-
#
|
190
|
-
#
|
191
|
-
#
|
192
|
-
#
|
193
|
-
#
|
194
|
-
#
|
195
|
-
#
|
196
|
-
#
|
200
|
+
# @!method mongocrypt_log_fn_t(level, message, len, ctx)
|
201
|
+
# @api private
|
202
|
+
#
|
203
|
+
# A callback to the mongocrypt log function. Set a custom log callback
|
204
|
+
# with the mongocrypt_setopt_log_handler method
|
205
|
+
# @param [ Symbol ] level The log level; possible values defined by the
|
206
|
+
# log_level enum
|
207
|
+
# @param [ String ] message The log message
|
208
|
+
# @param [ Integer ] len The length of the message param, or -1 if the
|
209
|
+
# string is null terminated
|
210
|
+
# @param [ FFI::Pointer | nil ] ctx An optional pointer to a context
|
211
|
+
# object when this callback was set
|
212
|
+
# @return [ nil ] Always nil.
|
213
|
+
#
|
214
|
+
# @note This defines a method signature for an FFI callback; it is not
|
215
|
+
# an instance method on the Binding class.
|
197
216
|
callback :mongocrypt_log_fn_t, [:log_level, :string, :int, :pointer], :void
|
198
217
|
|
199
|
-
#
|
218
|
+
# @!method self.ongocrypt_new
|
219
|
+
# @api private
|
200
220
|
#
|
201
|
-
#
|
221
|
+
# Creates a new mongocrypt_t object.
|
222
|
+
# @return [ FFI::Pointer ] A pointer to a new mongocrypt_t object.
|
202
223
|
attach_function :mongocrypt_new, [], :pointer
|
203
224
|
|
204
|
-
#
|
205
|
-
#
|
206
|
-
#
|
207
|
-
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
|
208
|
-
# @param [ Method ] log_fn A logging callback method
|
209
|
-
# @param [ FFI::Pointer | nil ] log_ctx An optional pointer to a context
|
210
|
-
# to be passed into the log callback on every invocation.
|
225
|
+
# @!method self.mongocrypt_setopt_log_handler(crypt, log_fn, log_ctx=nil)
|
226
|
+
# @api private
|
211
227
|
#
|
212
|
-
#
|
228
|
+
# Set the handler on the mongocrypt_t object to be called every time
|
229
|
+
# libmongocrypt logs a message.
|
230
|
+
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
|
231
|
+
# @param [ Method ] log_fn A logging callback method.
|
232
|
+
# @param [ FFI::Pointer | nil ] log_ctx An optional pointer to a context
|
233
|
+
# to be passed into the log callback on every invocation.
|
234
|
+
# @return [ Boolean ] Whether setting the callback was successful.
|
213
235
|
attach_function(
|
214
236
|
:mongocrypt_setopt_log_handler,
|
215
237
|
[:pointer, :mongocrypt_log_fn_t, :pointer],
|
@@ -228,17 +250,18 @@ module Mongo
|
|
228
250
|
end
|
229
251
|
end
|
230
252
|
|
231
|
-
#
|
232
|
-
#
|
233
|
-
#
|
234
|
-
#
|
235
|
-
#
|
236
|
-
#
|
237
|
-
#
|
238
|
-
#
|
239
|
-
#
|
240
|
-
#
|
241
|
-
#
|
253
|
+
# @!method self.mongocrypt_setopt_kms_provider_aws(crypt, aws_access_key_id, aws_access_key_id_len, aws_secret_access_key, aws_secret_access_key_len)
|
254
|
+
# @api private
|
255
|
+
#
|
256
|
+
# Configure mongocrypt_t object with AWS KMS provider options.
|
257
|
+
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
|
258
|
+
# @param [ String ] aws_access_key_id The AWS access key id.
|
259
|
+
# @param [ Integer ] aws_access_key_id_len The length of the AWS access
|
260
|
+
# key string (or -1 for a null-terminated string).
|
261
|
+
# @param [ String ] aws_secret_access_key The AWS secret access key.
|
262
|
+
# @param [ Integer ] aws_secret_access_key_len The length of the AWS
|
263
|
+
# secret access key (or -1 for a null-terminated string).
|
264
|
+
# @return [ Boolean ] Returns whether the option was set successfully.
|
242
265
|
attach_function(
|
243
266
|
:mongocrypt_setopt_kms_provider_aws,
|
244
267
|
[:pointer, :string, :int, :string, :int],
|
@@ -266,13 +289,14 @@ module Mongo
|
|
266
289
|
end
|
267
290
|
end
|
268
291
|
|
269
|
-
#
|
270
|
-
#
|
271
|
-
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
|
272
|
-
# @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
|
273
|
-
# that references the 96-byte local master key
|
292
|
+
# @!method self.mongocrypt_setopt_kms_provider_local(crypt, key)
|
293
|
+
# @api private
|
274
294
|
#
|
275
|
-
#
|
295
|
+
# Configure mongocrypt_t object to take local KSM provider options.
|
296
|
+
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
|
297
|
+
# @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
|
298
|
+
# that references the 96-byte local master key.
|
299
|
+
# @return [ Boolean ] Returns whether the option was set successfully.
|
276
300
|
attach_function(
|
277
301
|
:mongocrypt_setopt_kms_provider_local,
|
278
302
|
[:pointer, :pointer],
|
@@ -293,13 +317,14 @@ module Mongo
|
|
293
317
|
end
|
294
318
|
end
|
295
319
|
|
296
|
-
#
|
297
|
-
#
|
298
|
-
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
|
299
|
-
# @param [ FFI::Pointer ] schema_map A pointer to a mongocrypt_binary_t
|
300
|
-
# object that references the schema map as a BSON binary string
|
320
|
+
# @!method self.mongocrypt_setopt_schema_map(crypt, schema_map)
|
321
|
+
# @api private
|
301
322
|
#
|
302
|
-
#
|
323
|
+
# Sets a local schema map for encryption.
|
324
|
+
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
|
325
|
+
# @param [ FFI::Pointer ] schema_map A pointer to a mongocrypt_binary_t.
|
326
|
+
# object that references the schema map as a BSON binary string.
|
327
|
+
# @return [ Boolean ] Returns whether the option was set successfully.
|
303
328
|
attach_function :mongocrypt_setopt_schema_map, [:pointer, :pointer], :bool
|
304
329
|
|
305
330
|
# Set schema map on the Mongo::Crypt::Handle object
|
@@ -319,11 +344,12 @@ module Mongo
|
|
319
344
|
end
|
320
345
|
end
|
321
346
|
|
322
|
-
#
|
347
|
+
# @!method self.mongocrypt_init(crypt)
|
348
|
+
# @api private
|
323
349
|
#
|
324
|
-
#
|
325
|
-
#
|
326
|
-
#
|
350
|
+
# Initialize the mongocrypt_t object.
|
351
|
+
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
|
352
|
+
# @return [ Boolean ] Returns whether the crypt was initialized successfully.
|
327
353
|
attach_function :mongocrypt_init, [:pointer], :bool
|
328
354
|
|
329
355
|
# Initialize the Mongo::Crypt::Handle object
|
@@ -337,47 +363,52 @@ module Mongo
|
|
337
363
|
end
|
338
364
|
end
|
339
365
|
|
340
|
-
#
|
341
|
-
#
|
342
|
-
#
|
343
|
-
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
|
344
|
-
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object
|
366
|
+
# @!method self.mongocrypt_status(crypt, status)
|
367
|
+
# @api private
|
345
368
|
#
|
346
|
-
#
|
369
|
+
# Set the status information from the mongocrypt_t object on the
|
370
|
+
# mongocrypt_status_t object.
|
371
|
+
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
|
372
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object.
|
373
|
+
# @return [ Boolean ] Whether the status was successfully set.
|
347
374
|
attach_function :mongocrypt_status, [:pointer, :pointer], :bool
|
348
375
|
|
349
|
-
#
|
376
|
+
# @!method self.mongocrypt_destroy(crypt)
|
377
|
+
# @api private
|
350
378
|
#
|
351
|
-
#
|
352
|
-
#
|
353
|
-
#
|
379
|
+
# Destroy the reference the mongocrypt_t object.
|
380
|
+
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
|
381
|
+
# @return [ nil ] Always nil.
|
354
382
|
attach_function :mongocrypt_destroy, [:pointer], :void
|
355
383
|
|
356
|
-
#
|
357
|
-
#
|
358
|
-
#
|
359
|
-
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
|
384
|
+
# @!method self.mongocrypt_ctx_new(crypt)
|
385
|
+
# @api private
|
360
386
|
#
|
361
|
-
#
|
387
|
+
# Create a new mongocrypt_ctx_t object (a wrapper for the libmongocrypt
|
388
|
+
# state machine).
|
389
|
+
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
|
390
|
+
# @return [ FFI::Pointer ] A new mongocrypt_ctx_t object.
|
362
391
|
attach_function :mongocrypt_ctx_new, [:pointer], :pointer
|
363
392
|
|
364
|
-
#
|
365
|
-
#
|
393
|
+
# @!method self.mongocrypt_ctx_status(ctx, status)
|
394
|
+
# @api private
|
366
395
|
#
|
367
|
-
#
|
368
|
-
#
|
369
|
-
#
|
370
|
-
#
|
396
|
+
# Set the status information from the mongocrypt_ctx_t object on the
|
397
|
+
# mongocrypt_status_t object.
|
398
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
399
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object.
|
400
|
+
# @return [ Boolean ] Whether the status was successfully set.
|
371
401
|
attach_function :mongocrypt_ctx_status, [:pointer, :pointer], :bool
|
372
402
|
|
373
|
-
#
|
374
|
-
#
|
375
|
-
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
|
376
|
-
# @param [ FFI::Pointer ] key_id A pointer to a mongocrypt_binary_t object
|
377
|
-
# that references the 16-byte key-id
|
403
|
+
# @!method self.mongocrypt_ctx_setopt_key_id(ctx, key_id)
|
404
|
+
# @api private
|
378
405
|
#
|
379
|
-
#
|
380
|
-
#
|
406
|
+
# Set the key id used for explicit encryption.
|
407
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
408
|
+
# @param [ FFI::Pointer ] key_id A pointer to a mongocrypt_binary_t object
|
409
|
+
# that references the 16-byte key-id.
|
410
|
+
# @note Do not initialize ctx before calling this method.
|
411
|
+
# @return [ Boolean ] Whether the option was successfully set.
|
381
412
|
attach_function :mongocrypt_ctx_setopt_key_id, [:pointer, :pointer], :bool
|
382
413
|
|
383
414
|
# Sets the key id option on an explicit encryption context.
|
@@ -394,18 +425,18 @@ module Mongo
|
|
394
425
|
end
|
395
426
|
end
|
396
427
|
|
397
|
-
#
|
398
|
-
#
|
399
|
-
#
|
400
|
-
#
|
401
|
-
#
|
402
|
-
#
|
403
|
-
#
|
404
|
-
#
|
405
|
-
#
|
406
|
-
#
|
407
|
-
#
|
408
|
-
#
|
428
|
+
# @!method self.mongocrypt_ctx_setopt_key_alt_name(ctx, binary)
|
429
|
+
# @api private
|
430
|
+
#
|
431
|
+
# When creating a data key, set an alternate name on that key. When
|
432
|
+
# performing explicit encryption, specifying which data key to use for
|
433
|
+
# encryption based on its keyAltName field.
|
434
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
435
|
+
# @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t
|
436
|
+
# object that references a BSON document in the format
|
437
|
+
# { "keyAltName": <BSON UTF8 value> }.
|
438
|
+
# @return [ Boolean ] Whether the alternative name was successfully set.
|
439
|
+
# @note Do not initialize ctx before calling this method.
|
409
440
|
attach_function(
|
410
441
|
:mongocrypt_ctx_setopt_key_alt_name,
|
411
442
|
[:pointer, :pointer],
|
@@ -431,16 +462,17 @@ module Mongo
|
|
431
462
|
end
|
432
463
|
end
|
433
464
|
|
434
|
-
#
|
435
|
-
#
|
436
|
-
#
|
437
|
-
#
|
438
|
-
#
|
439
|
-
#
|
440
|
-
#
|
441
|
-
#
|
442
|
-
#
|
443
|
-
#
|
465
|
+
# @!method self.mongocrypt_ctx_setopt_algorithm(ctx, algorithm, len)
|
466
|
+
# @api private
|
467
|
+
#
|
468
|
+
# Set the algorithm used for explicit encryption.
|
469
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
470
|
+
# @param [ String ] algorithm The algorithm name. Valid values are:
|
471
|
+
# - "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
|
472
|
+
# - "AEAD_AES_256_CBC_HMAC_SHA_512-Random"
|
473
|
+
# @param [ Integer ] len The length of the algorithm string.
|
474
|
+
# @note Do not initialize ctx before calling this method.
|
475
|
+
# @return [ Boolean ] Whether the option was successfully set.
|
444
476
|
attach_function(
|
445
477
|
:mongocrypt_ctx_setopt_algorithm,
|
446
478
|
[:pointer, :string, :int],
|
@@ -461,17 +493,18 @@ module Mongo
|
|
461
493
|
end
|
462
494
|
end
|
463
495
|
|
464
|
-
#
|
465
|
-
#
|
466
|
-
#
|
467
|
-
#
|
468
|
-
#
|
469
|
-
#
|
470
|
-
#
|
471
|
-
#
|
472
|
-
#
|
473
|
-
#
|
474
|
-
#
|
496
|
+
# @!method self.mongocrypt_ctx_setopt_masterkey_aws(ctx, region, region_len, arn, arn_len)
|
497
|
+
# @api private
|
498
|
+
#
|
499
|
+
# Configure the ctx to take a master key from AWS.
|
500
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_object.
|
501
|
+
# @param [ String ] region The AWS region.
|
502
|
+
# @param [ Integer ] region_len The length of the region string (or -1
|
503
|
+
# for a null-terminated string).
|
504
|
+
# @param [ String ] arn The Amazon Resource Name (ARN) of the mater key.
|
505
|
+
# @param [ Integer ] arn_len The length of the ARN (or -1 for a
|
506
|
+
# null-terminated string).
|
507
|
+
# @return [ Boolean ] Returns whether the option was set successfully.
|
475
508
|
attach_function(
|
476
509
|
:mongocrypt_ctx_setopt_masterkey_aws,
|
477
510
|
[:pointer, :string, :int, :string, :int],
|
@@ -497,14 +530,15 @@ module Mongo
|
|
497
530
|
end
|
498
531
|
end
|
499
532
|
|
500
|
-
#
|
501
|
-
#
|
502
|
-
# @param [ FFI::Pointer ] ctx
|
503
|
-
# @param [ String ] endpoint The custom endpoint
|
504
|
-
# @param [ Integer ] endpoint_len The length of the endpoint string (or
|
505
|
-
# -1 for a null-terminated string)
|
533
|
+
# @!method self.mongocrypt_ctx_setopt_masterkey_aws_endpoint(ctx, endpoint, endpoint_len)
|
534
|
+
# @api private
|
506
535
|
#
|
507
|
-
#
|
536
|
+
# Set a custom endpoint at which to fetch the AWS master key
|
537
|
+
# @param [ FFI::Pointer ] ctx
|
538
|
+
# @param [ String ] endpoint The custom endpoint.
|
539
|
+
# @param [ Integer ] endpoint_len The length of the endpoint string (or
|
540
|
+
# -1 for a null-terminated string).
|
541
|
+
# @return [ Boolean ] Returns whether the option was set successfully.
|
508
542
|
attach_function(
|
509
543
|
:mongocrypt_ctx_setopt_masterkey_aws_endpoint,
|
510
544
|
[:pointer, :string, :int],
|
@@ -527,12 +561,13 @@ module Mongo
|
|
527
561
|
end
|
528
562
|
end
|
529
563
|
|
530
|
-
#
|
531
|
-
#
|
532
|
-
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
|
564
|
+
# @!method self.mongocrypt_ctx_setopt_masterkey_local(ctx)
|
565
|
+
# @api private
|
533
566
|
#
|
534
|
-
#
|
535
|
-
#
|
567
|
+
# Set the ctx to take a local master key.
|
568
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
569
|
+
# @note Do not initialize ctx before calling this method.
|
570
|
+
# @return [ Boolean ] Whether the option was successfully set.
|
536
571
|
attach_function(
|
537
572
|
:mongocrypt_ctx_setopt_masterkey_local,
|
538
573
|
[:pointer],
|
@@ -550,16 +585,16 @@ module Mongo
|
|
550
585
|
end
|
551
586
|
end
|
552
587
|
|
553
|
-
#
|
554
|
-
#
|
555
|
-
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
|
556
|
-
#
|
557
|
-
# @note Before calling this method, master key options must be set.
|
558
|
-
# Set AWS master key by calling mongocrypt_ctx_setopt_masterkey_aws
|
559
|
-
# and mongocrypt_ctx_setopt_masterkey_aws_endpoint. Set local master
|
560
|
-
# key by calling mongocrypt_ctx_setopt_masterkey_local.
|
588
|
+
# @!method self.mongocrypt_ctx_datakey_init(ctx)
|
589
|
+
# @api private
|
561
590
|
#
|
562
|
-
#
|
591
|
+
# Initializes the ctx to create a data key.
|
592
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
593
|
+
# @note Before calling this method, master key options must be set.
|
594
|
+
# Set AWS master key by calling mongocrypt_ctx_setopt_masterkey_aws
|
595
|
+
# and mongocrypt_ctx_setopt_masterkey_aws_endpoint. Set local master
|
596
|
+
# key by calling mongocrypt_ctx_setopt_masterkey_local.
|
597
|
+
# @return [ Boolean ] Whether the initialization was successful.
|
563
598
|
attach_function :mongocrypt_ctx_datakey_init, [:pointer], :bool
|
564
599
|
|
565
600
|
# Initialize the Context to create a data key
|
@@ -573,19 +608,19 @@ module Mongo
|
|
573
608
|
end
|
574
609
|
end
|
575
610
|
|
576
|
-
#
|
577
|
-
#
|
578
|
-
#
|
579
|
-
#
|
580
|
-
#
|
581
|
-
#
|
582
|
-
#
|
583
|
-
#
|
584
|
-
#
|
585
|
-
#
|
586
|
-
#
|
587
|
-
#
|
588
|
-
#
|
611
|
+
# @!method self.mongocrypt_ctx_encrypt_init(ctx, db, db_len, cmd)
|
612
|
+
# @api private
|
613
|
+
#
|
614
|
+
# Initializes the ctx for auto-encryption.
|
615
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
616
|
+
# @param [ String ] db The database name.
|
617
|
+
# @param [ Integer ] db_len The length of the database name argument
|
618
|
+
# (or -1 for a null-terminated string).
|
619
|
+
# @param [ FFI::Pointer ] cmd A pointer to a mongocrypt_binary_t object
|
620
|
+
# that references the database command as a binary string.
|
621
|
+
# @note This method expects the passed-in BSON to be in the format:
|
622
|
+
# { "v": BSON value to decrypt }.
|
623
|
+
# @return [ Boolean ] Whether the initialization was successful.
|
589
624
|
attach_function(
|
590
625
|
:mongocrypt_ctx_encrypt_init,
|
591
626
|
[:pointer, :string, :int, :pointer],
|
@@ -610,18 +645,18 @@ module Mongo
|
|
610
645
|
end
|
611
646
|
end
|
612
647
|
|
613
|
-
#
|
614
|
-
#
|
615
|
-
#
|
616
|
-
#
|
617
|
-
#
|
618
|
-
#
|
619
|
-
#
|
620
|
-
#
|
621
|
-
#
|
622
|
-
#
|
623
|
-
#
|
624
|
-
#
|
648
|
+
# @!method self.mongocrypt_ctx_explicit_encrypt_init(ctx, msg)
|
649
|
+
# @api private
|
650
|
+
#
|
651
|
+
# Initializes the ctx for explicit encryption.
|
652
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
653
|
+
# @param [ FFI::Pointer ] msg A pointer to a mongocrypt_binary_t object
|
654
|
+
# that references the message to be encrypted as a binary string.
|
655
|
+
# @note Before calling this method, set a key_id, key_alt_name (optional),
|
656
|
+
# and encryption algorithm using the following methods:
|
657
|
+
# mongocrypt_ctx_setopt_key_id, mongocrypt_ctx_setopt_key_alt_name,
|
658
|
+
# and mongocrypt_ctx_setopt_algorithm.
|
659
|
+
# @return [ Boolean ] Whether the initialization was successful.
|
625
660
|
attach_function(
|
626
661
|
:mongocrypt_ctx_explicit_encrypt_init,
|
627
662
|
[:pointer, :pointer],
|
@@ -631,7 +666,7 @@ module Mongo
|
|
631
666
|
# Initialize the Context for explicit encryption
|
632
667
|
#
|
633
668
|
# @param [ Mongo::Crypt::Context ] context
|
634
|
-
# @param [ Hash ] A BSON document to encrypt
|
669
|
+
# @param [ Hash ] doc A BSON document to encrypt
|
635
670
|
#
|
636
671
|
# @raise [ Mongo::Error::CryptError ] If initialization fails
|
637
672
|
def self.ctx_explicit_encrypt_init(context, doc)
|
@@ -644,19 +679,20 @@ module Mongo
|
|
644
679
|
end
|
645
680
|
end
|
646
681
|
|
647
|
-
#
|
682
|
+
# @!method self.mongocrypt_ctx_decrypt_init(ctx, doc)
|
683
|
+
# @api private
|
648
684
|
#
|
649
|
-
#
|
650
|
-
#
|
651
|
-
#
|
652
|
-
#
|
653
|
-
#
|
685
|
+
# Initializes the ctx for auto-decryption.
|
686
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
687
|
+
# @param [ FFI::Pointer ] doc A pointer to a mongocrypt_binary_t object
|
688
|
+
# that references the document to be decrypted as a BSON binary string.
|
689
|
+
# @return [ Boolean ] Whether the initialization was successful.
|
654
690
|
attach_function :mongocrypt_ctx_decrypt_init, [:pointer, :pointer], :bool
|
655
691
|
|
656
692
|
# Initialize the Context for auto-decryption
|
657
693
|
#
|
658
694
|
# @param [ Mongo::Crypt::Context ] context
|
659
|
-
# @param [ BSON::Document ] A BSON document to decrypt
|
695
|
+
# @param [ BSON::Document ] command A BSON document to decrypt
|
660
696
|
#
|
661
697
|
# @raise [ Mongo::Error::CryptError ] If initialization fails
|
662
698
|
def self.ctx_decrypt_init(context, command)
|
@@ -669,13 +705,14 @@ module Mongo
|
|
669
705
|
end
|
670
706
|
end
|
671
707
|
|
672
|
-
#
|
673
|
-
#
|
674
|
-
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
|
675
|
-
# @param [ FFI::Pointer ] msg A pointer to a mongocrypt_binary_t object
|
676
|
-
# that references the message to be decrypted as a BSON binary string
|
708
|
+
# @!method self.mongocrypt_ctx_explicit_decrypt_init(ctx, msg)
|
709
|
+
# @api private
|
677
710
|
#
|
678
|
-
#
|
711
|
+
# Initializes the ctx for explicit decryption.
|
712
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
713
|
+
# @param [ FFI::Pointer ] msg A pointer to a mongocrypt_binary_t object
|
714
|
+
# that references the message to be decrypted as a BSON binary string.
|
715
|
+
# @return [ Boolean ] Whether the initialization was successful.
|
679
716
|
attach_function(
|
680
717
|
:mongocrypt_ctx_explicit_decrypt_init,
|
681
718
|
[:pointer, :pointer],
|
@@ -685,7 +722,7 @@ module Mongo
|
|
685
722
|
# Initialize the Context for explicit decryption
|
686
723
|
#
|
687
724
|
# @param [ Mongo::Crypt::Context ] context
|
688
|
-
# @param [ Hash ] A BSON document to decrypt
|
725
|
+
# @param [ Hash ] doc A BSON document to decrypt
|
689
726
|
#
|
690
727
|
# @raise [ Mongo::Error::CryptError ] If initialization fails
|
691
728
|
def self.ctx_explicit_decrypt_init(context, doc)
|
@@ -709,23 +746,25 @@ module Mongo
|
|
709
746
|
:done, 6,
|
710
747
|
]
|
711
748
|
|
712
|
-
#
|
749
|
+
# @!method self.mongocrypt_ctx_state(ctx)
|
750
|
+
# @api private
|
713
751
|
#
|
714
|
-
#
|
715
|
-
#
|
716
|
-
#
|
717
|
-
#
|
752
|
+
# Get the current state of the ctx.
|
753
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
754
|
+
# @return [ Symbol ] The current state, will be one of the values defined
|
755
|
+
# by the mongocrypt_ctx_state enum.
|
718
756
|
attach_function :mongocrypt_ctx_state, [:pointer], :mongocrypt_ctx_state
|
719
757
|
|
720
|
-
#
|
721
|
-
#
|
722
|
-
#
|
723
|
-
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
|
724
|
-
# @param [ FFI::Pointer ] op_bson (out param) A pointer to a
|
725
|
-
# mongocrypt_binary_t object that will have a reference to the
|
726
|
-
# BSON operation written to it by libmongocrypt
|
758
|
+
# @!method self.mongocrypt_ctx_mongo_op(ctx, op_bson)
|
759
|
+
# @api private
|
727
760
|
#
|
728
|
-
#
|
761
|
+
# Get a BSON operation for the driver to run against the MongoDB
|
762
|
+
# collection, the key vault database, or mongocryptd.
|
763
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
764
|
+
# @param [ FFI::Pointer ] op_bson (out param) A pointer to a
|
765
|
+
# mongocrypt_binary_t object that will have a reference to the
|
766
|
+
# BSON operation written to it by libmongocrypt.
|
767
|
+
# @return [ Boolean ] A boolean indicating the success of the operation.
|
729
768
|
attach_function :mongocrypt_ctx_mongo_op, [:pointer, :pointer], :bool
|
730
769
|
|
731
770
|
# Returns a BSON::Document representing an operation that the
|
@@ -750,13 +789,14 @@ module Mongo
|
|
750
789
|
BSON::Document.from_bson(BSON::ByteBuffer.new(binary.to_s), mode: :bson)
|
751
790
|
end
|
752
791
|
|
753
|
-
#
|
792
|
+
# @!method self.mongocrypt_ctx_mongo_feed(ctx, reply)
|
793
|
+
# @api private
|
754
794
|
#
|
755
|
-
#
|
756
|
-
#
|
757
|
-
#
|
758
|
-
#
|
759
|
-
#
|
795
|
+
# Feed a BSON reply to libmongocrypt.
|
796
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
797
|
+
# @param [ FFI::Pointer ] reply A mongocrypt_binary_t object that
|
798
|
+
# references the BSON reply to feed to libmongocrypt.
|
799
|
+
# @return [ Boolean ] A boolean indicating the success of the operation.
|
760
800
|
attach_function :mongocrypt_ctx_mongo_feed, [:pointer, :pointer], :bool
|
761
801
|
|
762
802
|
# Feed a response from the driver back to libmongocrypt
|
@@ -775,18 +815,20 @@ module Mongo
|
|
775
815
|
end
|
776
816
|
end
|
777
817
|
|
778
|
-
#
|
779
|
-
#
|
780
|
-
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
|
818
|
+
# @!method self.mongocrypt_ctx_mongo_done(ctx)
|
819
|
+
# @api private
|
781
820
|
#
|
782
|
-
#
|
821
|
+
# Indicate to libmongocrypt that the driver is done feeding replies.
|
822
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
823
|
+
# @return [ Boolean ] A boolean indicating the success of the operation.
|
783
824
|
attach_function :mongocrypt_ctx_mongo_done, [:pointer], :bool
|
784
825
|
|
785
|
-
#
|
826
|
+
# @!method self.mongocrypt_ctx_mongo_next_kms_ctx(ctx)
|
827
|
+
# @api private
|
786
828
|
#
|
787
|
-
#
|
788
|
-
#
|
789
|
-
#
|
829
|
+
# Return a pointer to a mongocrypt_kms_ctx_t object or NULL.
|
830
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
831
|
+
# @return [ FFI::Pointer ] A pointer to a mongocrypt_kms_ctx_t object.
|
790
832
|
attach_function :mongocrypt_ctx_next_kms_ctx, [:pointer], :pointer
|
791
833
|
|
792
834
|
# Return a new KmsContext object needed by a Context object.
|
@@ -805,14 +847,15 @@ module Mongo
|
|
805
847
|
end
|
806
848
|
end
|
807
849
|
|
808
|
-
#
|
809
|
-
#
|
810
|
-
# @param [ FFI::Pointer ] kms Pointer to the mongocrypt_kms_ctx_t object
|
811
|
-
# @param [ FFI::Pointer ] msg (outparam) Pointer to a mongocrypt_binary_t
|
812
|
-
# object that will have the location of the message written to it by
|
813
|
-
# libmongocrypt
|
850
|
+
# @!method self.mongocrypt_kms_ctx_message(kms, msg)
|
851
|
+
# @api private
|
814
852
|
#
|
815
|
-
#
|
853
|
+
# Get the message needed to fetch the AWS KMS master key.
|
854
|
+
# @param [ FFI::Pointer ] kms Pointer to the mongocrypt_kms_ctx_t object
|
855
|
+
# @param [ FFI::Pointer ] msg (outparam) Pointer to a mongocrypt_binary_t
|
856
|
+
# object that will have the location of the message written to it by
|
857
|
+
# libmongocrypt.
|
858
|
+
# @return [ Boolean ] Whether the operation is successful.
|
816
859
|
attach_function :mongocrypt_kms_ctx_message, [:pointer, :pointer], :bool
|
817
860
|
|
818
861
|
# Get the HTTP message needed to fetch the AWS KMS master key from a
|
@@ -833,14 +876,15 @@ module Mongo
|
|
833
876
|
return binary.to_s
|
834
877
|
end
|
835
878
|
|
836
|
-
#
|
837
|
-
#
|
838
|
-
#
|
839
|
-
# @param [ FFI::Pointer ] kms A pointer to a mongocrypt_kms_ctx_t object
|
840
|
-
# @param [ FFI::Pointer ] endpoint (out param) A pointer to which the
|
841
|
-
# endpoint string will be written by libmongocrypt
|
879
|
+
# @!method self.mongocrypt_kms_ctx_endpoint(kms, endpoint)
|
880
|
+
# @api private
|
842
881
|
#
|
843
|
-
#
|
882
|
+
# Get the hostname with which to connect over TLS to get information about
|
883
|
+
# the AWS master key.
|
884
|
+
# @param [ FFI::Pointer ] kms A pointer to a mongocrypt_kms_ctx_t object.
|
885
|
+
# @param [ FFI::Pointer ] endpoint (out param) A pointer to which the
|
886
|
+
# endpoint string will be written by libmongocrypt.
|
887
|
+
# @return [ Boolean ] Whether the operation was successful.
|
844
888
|
attach_function :mongocrypt_kms_ctx_endpoint, [:pointer, :pointer], :bool
|
845
889
|
|
846
890
|
# Get the hostname with which to connect over TLS to get information
|
@@ -862,11 +906,12 @@ module Mongo
|
|
862
906
|
str_ptr.null? ? nil : str_ptr.read_string.force_encoding('UTF-8')
|
863
907
|
end
|
864
908
|
|
865
|
-
#
|
909
|
+
# @!method self.mongocrypt_kms_ctx_bytes_needed(kms)
|
910
|
+
# @api private
|
866
911
|
#
|
867
|
-
#
|
868
|
-
#
|
869
|
-
#
|
912
|
+
# Get the number of bytes needed by the KMS context.
|
913
|
+
# @param [ FFI::Pointer ] kms The mongocrypt_kms_ctx_t object.
|
914
|
+
# @return [ Integer ] The number of bytes needed.
|
870
915
|
attach_function :mongocrypt_kms_ctx_bytes_needed, [:pointer], :int
|
871
916
|
|
872
917
|
# Get the number of bytes needed by the KmsContext.
|
@@ -878,19 +923,20 @@ module Mongo
|
|
878
923
|
mongocrypt_kms_ctx_bytes_needed(kms_context.kms_ctx_p)
|
879
924
|
end
|
880
925
|
|
881
|
-
#
|
882
|
-
#
|
883
|
-
# @param [ FFI::Pointer ] kms A pointer to the mongocrypt_kms_ctx_t object
|
884
|
-
# @param [ FFI::Pointer ] bytes A pointer to a mongocrypt_binary_t
|
885
|
-
# object that references the response from the KMS
|
926
|
+
# @!method self.mongocrypt_kms_ctx_feed(kms, bytes)
|
927
|
+
# @api private
|
886
928
|
#
|
887
|
-
#
|
929
|
+
# Feed replies from the KMS back to libmongocrypt.
|
930
|
+
# @param [ FFI::Pointer ] kms A pointer to the mongocrypt_kms_ctx_t object.
|
931
|
+
# @param [ FFI::Pointer ] bytes A pointer to a mongocrypt_binary_t
|
932
|
+
# object that references the response from the KMS.
|
933
|
+
# @return [ Boolean ] Whether the operation was successful.
|
888
934
|
attach_function :mongocrypt_kms_ctx_feed, [:pointer, :pointer], :bool
|
889
935
|
|
890
936
|
# Feed replies from the KMS back to libmongocrypt.
|
891
937
|
#
|
892
938
|
# @param [ Mongo::Crypt::KmsContext ] kms_context
|
893
|
-
# @
|
939
|
+
# @param [ String ] bytes The data to feed to libmongocrypt
|
894
940
|
#
|
895
941
|
# @raise [ Mongo::Error::CryptError ] If the response is not fed successfully
|
896
942
|
def self.kms_ctx_feed(kms_context, bytes)
|
@@ -901,13 +947,14 @@ module Mongo
|
|
901
947
|
end
|
902
948
|
end
|
903
949
|
|
904
|
-
#
|
905
|
-
#
|
950
|
+
# @!method self.mongocrypt_kms_ctx_status(kms, status)
|
951
|
+
# @api private
|
906
952
|
#
|
907
|
-
#
|
908
|
-
#
|
909
|
-
#
|
910
|
-
#
|
953
|
+
# Write status information about the mongocrypt_kms_ctx_t object
|
954
|
+
# to the mongocrypt_status_t object.
|
955
|
+
# @param [ FFI::Pointer ] kms A pointer to the mongocrypt_kms_ctx_t object.
|
956
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object.
|
957
|
+
# @return [ Boolean ] Whether the operation was successful.
|
911
958
|
attach_function :mongocrypt_kms_ctx_status, [:pointer, :pointer], :bool
|
912
959
|
|
913
960
|
# If the provided block returns false, raise a CryptError with the
|
@@ -925,12 +972,13 @@ module Mongo
|
|
925
972
|
end
|
926
973
|
end
|
927
974
|
|
928
|
-
#
|
929
|
-
#
|
930
|
-
#
|
931
|
-
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
|
975
|
+
# @!method self.mongocrypt_kms_ctx_done(ctx)
|
976
|
+
# @api private
|
932
977
|
#
|
933
|
-
#
|
978
|
+
# Indicate to libmongocrypt that it will receive no more replies from
|
979
|
+
# mongocrypt_kms_ctx_t objects.
|
980
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
981
|
+
# @return [ Boolean ] Whether the operation was successful.
|
934
982
|
attach_function :mongocrypt_ctx_kms_done, [:pointer], :bool
|
935
983
|
|
936
984
|
# Indicate to libmongocrypt that it will receive no more KMS replies.
|
@@ -944,14 +992,15 @@ module Mongo
|
|
944
992
|
end
|
945
993
|
end
|
946
994
|
|
947
|
-
#
|
995
|
+
# @!method self.mongocrypt_ctx_finalize(ctx, op_bson)
|
996
|
+
# @api private
|
948
997
|
#
|
949
|
-
#
|
950
|
-
#
|
951
|
-
#
|
952
|
-
#
|
953
|
-
#
|
954
|
-
#
|
998
|
+
# Perform the final encryption or decryption and return a BSON document.
|
999
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
1000
|
+
# @param [ FFI::Pointer ] op_bson (out param) A pointer to a
|
1001
|
+
# mongocrypt_binary_t object that will have a reference to the
|
1002
|
+
# final encrypted BSON document.
|
1003
|
+
# @return [ Boolean ] A boolean indicating the success of the operation.
|
955
1004
|
attach_function :mongocrypt_ctx_finalize, [:pointer, :pointer], :void
|
956
1005
|
|
957
1006
|
# Finalize the state machine represented by the Context
|
@@ -973,99 +1022,117 @@ module Mongo
|
|
973
1022
|
BSON::Document.from_bson(BSON::ByteBuffer.new(binary.to_s), mode: :bson)
|
974
1023
|
end
|
975
1024
|
|
976
|
-
#
|
977
|
-
#
|
978
|
-
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
|
1025
|
+
# @!method self.mongocrypt_ctx_destroy(ctx)
|
1026
|
+
# @api private
|
979
1027
|
#
|
980
|
-
#
|
1028
|
+
# Destroy the reference to the mongocrypt_ctx_t object.
|
1029
|
+
# @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
|
1030
|
+
# @return [ nil ] Always nil.
|
981
1031
|
attach_function :mongocrypt_ctx_destroy, [:pointer], :void
|
982
1032
|
|
983
|
-
#
|
984
|
-
#
|
985
|
-
#
|
986
|
-
#
|
987
|
-
#
|
988
|
-
#
|
989
|
-
#
|
990
|
-
#
|
991
|
-
#
|
992
|
-
#
|
993
|
-
#
|
994
|
-
#
|
995
|
-
#
|
996
|
-
#
|
997
|
-
#
|
998
|
-
#
|
999
|
-
#
|
1033
|
+
# @!method mongocrypt_crypto_fn(ctx, key, iv, input, output, status)
|
1034
|
+
# @api private
|
1035
|
+
#
|
1036
|
+
# A callback to a function that performs AES encryption or decryption.
|
1037
|
+
# @param [ FFI::Pointer | nil] ctx An optional pointer to a context object
|
1038
|
+
# that may have been set when hooks were enabled.
|
1039
|
+
# @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
|
1040
|
+
# that references the 32-byte AES encryption key.
|
1041
|
+
# @param [ FFI::Pointer ] iv A pointer to a mongocrypt_binary_t object
|
1042
|
+
# that references the 16-byte AES IV.
|
1043
|
+
# @param [ FFI::Pointer ] input A pointer to a mongocrypt_binary_t object
|
1044
|
+
# that references the value to be encrypted/decrypted.
|
1045
|
+
# @param [ FFI::Pointer ] output (out param) A pointer to a
|
1046
|
+
# mongocrypt_binary_t object will have a reference to the encrypted/
|
1047
|
+
# decrypted value written to it by libmongocrypt.
|
1048
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
|
1049
|
+
# object to which an error message will be written if encryption fails.
|
1050
|
+
# @return [ Bool ] Whether encryption/decryption was successful.
|
1051
|
+
#
|
1052
|
+
# @note This defines a method signature for an FFI callback; it is not
|
1053
|
+
# an instance method on the Binding class.
|
1000
1054
|
callback(
|
1001
1055
|
:mongocrypt_crypto_fn,
|
1002
1056
|
[:pointer, :pointer, :pointer, :pointer, :pointer, :pointer, :pointer],
|
1003
1057
|
:bool
|
1004
1058
|
)
|
1005
1059
|
|
1006
|
-
#
|
1007
|
-
#
|
1008
|
-
#
|
1009
|
-
#
|
1010
|
-
#
|
1011
|
-
#
|
1012
|
-
#
|
1013
|
-
#
|
1014
|
-
#
|
1015
|
-
#
|
1016
|
-
#
|
1017
|
-
#
|
1018
|
-
#
|
1019
|
-
#
|
1020
|
-
#
|
1060
|
+
# @!method mongocrypt_hmac_fn(ctx, key, input, output, status)
|
1061
|
+
# @api private
|
1062
|
+
#
|
1063
|
+
# A callback to a function that performs HMAC SHA-512 or SHA-256.
|
1064
|
+
# @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
|
1065
|
+
# that may have been set when hooks were enabled.
|
1066
|
+
# @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
|
1067
|
+
# that references the 32-byte HMAC SHA encryption key.
|
1068
|
+
# @param [ FFI::Pointer ] input A pointer to a mongocrypt_binary_t object
|
1069
|
+
# that references the input value.
|
1070
|
+
# @param [ FFI::Pointer ] output (out param) A pointer to a
|
1071
|
+
# mongocrypt_binary_t object will have a reference to the output value
|
1072
|
+
# written to it by libmongocrypt.
|
1073
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
|
1074
|
+
# object to which an error message will be written if encryption fails.
|
1075
|
+
# @return [ Bool ] Whether HMAC-SHA was successful.
|
1076
|
+
#
|
1077
|
+
# @note This defines a method signature for an FFI callback; it is not
|
1078
|
+
# an instance method on the Binding class.
|
1021
1079
|
callback(
|
1022
1080
|
:mongocrypt_hmac_fn,
|
1023
1081
|
[:pointer, :pointer, :pointer, :pointer, :pointer],
|
1024
1082
|
:bool
|
1025
1083
|
)
|
1026
1084
|
|
1027
|
-
#
|
1028
|
-
#
|
1029
|
-
#
|
1030
|
-
#
|
1031
|
-
#
|
1032
|
-
#
|
1033
|
-
#
|
1034
|
-
#
|
1035
|
-
#
|
1036
|
-
#
|
1037
|
-
#
|
1038
|
-
#
|
1039
|
-
#
|
1085
|
+
# @!method mongocrypt_hash_fn(ctx, input, output, status)
|
1086
|
+
# @api private
|
1087
|
+
#
|
1088
|
+
# A callback to a SHA-256 hash function.
|
1089
|
+
# @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
|
1090
|
+
# that may have been set when hooks were enabled.
|
1091
|
+
# @param [ FFI::Pointer ] input A pointer to a mongocrypt_binary_t object
|
1092
|
+
# that references the value to be hashed.
|
1093
|
+
# @param [ FFI::Pointer ] output (out param) A pointer to a
|
1094
|
+
# mongocrypt_binary_t object will have a reference to the output value
|
1095
|
+
# written to it by libmongocrypt.
|
1096
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
|
1097
|
+
# object to which an error message will be written if encryption fails.
|
1098
|
+
# @return [ Bool ] Whether hashing was successful.
|
1099
|
+
#
|
1100
|
+
# @note This defines a method signature for an FFI callback; it is not
|
1101
|
+
# an instance method on the Binding class.
|
1040
1102
|
callback :mongocrypt_hash_fn, [:pointer, :pointer, :pointer, :pointer], :bool
|
1041
1103
|
|
1042
|
-
#
|
1043
|
-
#
|
1044
|
-
#
|
1045
|
-
#
|
1046
|
-
#
|
1047
|
-
#
|
1048
|
-
#
|
1049
|
-
#
|
1050
|
-
#
|
1051
|
-
#
|
1052
|
-
#
|
1053
|
-
#
|
1104
|
+
# @!method mongocrypt_random_fn(ctx, output, count, status)
|
1105
|
+
# @api private
|
1106
|
+
#
|
1107
|
+
# A callback to a crypto secure random function.
|
1108
|
+
# @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
|
1109
|
+
# that may have been set when hooks were enabled.
|
1110
|
+
# @param [ FFI::Pointer ] output (out param) A pointer to a
|
1111
|
+
# mongocrypt_binary_t object will have a reference to the output value
|
1112
|
+
# written to it by libmongocrypt.
|
1113
|
+
# @param [ Integer ] count The number of random bytes to return.
|
1114
|
+
# @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
|
1115
|
+
# object to which an error message will be written if encryption fails.
|
1116
|
+
# @return [ Bool ] Whether hashing was successful.
|
1117
|
+
#
|
1118
|
+
# @note This defines a method signature for an FFI callback; it is not
|
1119
|
+
# an instance method on the Binding class.
|
1054
1120
|
callback :mongocrypt_random_fn, [:pointer, :pointer, :int, :pointer], :bool
|
1055
1121
|
|
1056
|
-
#
|
1057
|
-
#
|
1058
|
-
#
|
1059
|
-
#
|
1060
|
-
#
|
1061
|
-
#
|
1062
|
-
#
|
1063
|
-
#
|
1064
|
-
#
|
1065
|
-
#
|
1066
|
-
#
|
1067
|
-
#
|
1068
|
-
#
|
1122
|
+
# @!method self.mongocrypt_setopt_crypto_hooks(crypt, aes_enc_fn, aes_dec_fn, random_fn, sha_512_fn, sha_256_fn, hash_fn, ctx=nil)
|
1123
|
+
# @api private
|
1124
|
+
#
|
1125
|
+
# Set crypto hooks on the provided mongocrypt object.
|
1126
|
+
# @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
|
1127
|
+
# @param [ Proc ] aes_enc_fn An AES encryption method.
|
1128
|
+
# @param [ Proc ] aes_dec_fn An AES decryption method.
|
1129
|
+
# @param [ Proc ] random_fn A random method.
|
1130
|
+
# @param [ Proc ] sha_512_fn A HMAC SHA-512 method.
|
1131
|
+
# @param [ Proc ] sha_256_fn A HMAC SHA-256 method.
|
1132
|
+
# @param [ Proc ] hash_fn A SHA-256 hash method.
|
1133
|
+
# @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
|
1134
|
+
# that may have been set when hooks were enabled.
|
1135
|
+
# @return [ Boolean ] Whether setting this option succeeded.
|
1069
1136
|
attach_function(
|
1070
1137
|
:mongocrypt_setopt_crypto_hooks,
|
1071
1138
|
[
|