mongo 2.12.0.rc0 → 2.12.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 056e2cbfcb67349d4d1c9c530c110e8d27b9a7035b202b52665b8cddc3c5d3f7
-  data.tar.gz: cd3752037a07e808bb9c45714546cd9cb450d6cfdae632bb81c09bc269e88b71
+  metadata.gz: 3445c61a01ced5590fabff016e17fb745789b0bca07628c653272ea5f1ba9c22
+  data.tar.gz: 6a945cc89db62d7bb613ef03c262407f56820e4aedfc5c2aa25fe813a02a7b51
 SHA512:
-  metadata.gz: 13e11a08e91b16021e2fbe9663de2e1fe8319f547cebb3c101b6519ab45993eb3abdbbe18f8e48b3b7591a595c448f0cbb6d8077237c69331cbca8dcf6ff3a9f
-  data.tar.gz: a1bb9120bac5385a6adf16ee960c3f8529c1c7c075dfd77ada2e9e7370ef4aecd5bbf1a94df3c099966800066db9824158235a2ca69e6e7d3bf0864d0defc426
+  metadata.gz: 207218c0f2715f90d877d697f24aa2dce851032ef8affd8e8fa222d608f886f0bb9e3a1f7763e57070bc0214952285d1ad7c54454d90772be4c8bbe2d274d6b8
+  data.tar.gz: d95ad222012c17207208e6d2bf32e33a744823ceaee1695cc794c89fb672c7a186eaba3c7aeae8b68dcfe4b0b03543b7474bd5420271f571513b6fdab29478d4

data/README.md

@@ -18,7 +18,8 @@ Support & Feedback
 For issues, questions or feedback related to the Ruby driver, please look into
 our [support channels](http://www.mongodb.org/about/support). Please
 do not email any of the Ruby developers directly with issues or
-questions - you're more likely to get an answer quickly on the [mongodb-user list](http://groups.google.com/group/mongodb-user) on Google Groups.
+questions - you're more likely to get an answer quickly on the
+[MongoDB Community Forum](https://community.mongodb.com).
 
 
 Bugs & Feature Requests

data/lib/mongo/client.rb

@@ -475,16 +475,26 @@ module Mongo
           cluster_options.merge(srv_uri: srv_uri))
       end
 
-      # Unset monitoring, it will be taken out of cluster from now on
-      remove_instance_variable('@monitoring')
+      begin
+        # Unset monitoring, it will be taken out of cluster from now on
+        remove_instance_variable('@monitoring')
 
-      if @options[:auto_encryption_options]
-        @connect_lock.synchronize do
-          build_encrypter
+        if @options[:auto_encryption_options]
+          @connect_lock.synchronize do
+            build_encrypter
+          end
         end
-      end
 
-      yield(self) if block_given?
+        yield(self) if block_given?
+      rescue
+        begin
+          @cluster.disconnect!
+        rescue => e
+          log_warn("Eror disconnecting cluster in client constructor's exception handler: #{e.class}: #{e}")
+          # Drop this exception so that the original exception is raised
+        end
+        raise
+      end
     end
 
     # @api private
@@ -695,9 +705,13 @@ module Mongo
         # If auto_encryption_options are nil, set @encrypter to nil, but do not
         # close the encrypter because it may still be used by the original client.
         if @options[:auto_encryption_options] && auto_encryption_options_changed
-          build_encrypter
+          @connect_lock.synchronize do
+            build_encrypter
+          end
         elsif @options[:auto_encryption_options].nil?
-          @encrypter = nil
+          @connect_lock.synchronize do
+            @encrypter = nil
+          end
         end
 
         validate_options!

data/lib/mongo/client_encryption.rb

@@ -44,7 +44,7 @@ module Mongo
     #
     # @param [ String ] kms_provider The KMS provider to use. Valid values are
     #   "aws" and "local".
-    # @params [ Hash ] options
+    # @param [ Hash ] options
     #
     # @option options [ Hash ] :master_key Information about the AWS master key.
     #   Required if kms_provider is "aws".

data/lib/mongo/cluster.rb

@@ -487,6 +487,11 @@ module Mongo
         server.reconnect!
       end
       @periodic_executor.restart!
+      @srv_monitor_lock.synchronize do
+        if @srv_monitor
+          @srv_monitor.run!
+        end
+      end
       @connecting = false
       @connected = true
     end
@@ -855,7 +860,7 @@ module Mongo
           unless @srv_monitor
             monitor_options = options.merge(
               timeout: options[:connect_timeout] || Server::CONNECT_TIMEOUT)
-            @srv_monitor = _srv_monitor = SrvMonitor.new(self, monitor_options)
+            @srv_monitor = _srv_monitor = Srv::Monitor.new(self, monitor_options)
             finalizer = lambda do
               _srv_monitor.stop!
             end
@@ -879,4 +884,3 @@ module Mongo
 end
 
 require 'mongo/cluster/sdam_flow'
-require 'mongo/cluster/srv_monitor'

data/lib/mongo/crypt/auto_decryption_context.rb

@@ -23,13 +23,11 @@ module Mongo
       # Create a new AutoEncryptionContext object
       #
       # @param [ Mongo::Crypt::Handle ] mongocrypt a Handle that
-      #   wraps a mongocrypt_t object used to create a new mongocrypt_ctx_t
+      #   wraps a mongocrypt_t object used to create a new mongocrypt_ctx_t.
       # @param [ ClientEncryption::IO ] io A instance of the IO class
       #   that implements driver I/O methods required to run the
-      #   state machine
-      # @param [ String ] db_name The name of the database against which
-      #   the command is being made
-      # @param [ Hash ] command The command to be encrypted
+      #   state machine.
+      # @param [ Hash ] command The command to be decrypted.
       def initialize(mongocrypt, io, command)
         super(mongocrypt, io)
 

data/lib/mongo/crypt/auto_encrypter.rb

@@ -79,13 +79,23 @@ module Mongo
           server_selection_timeout: 1,
         )
 
-        @encryption_io = EncryptionIO.new(
-          client: @options[:client],
-          mongocryptd_client: @mongocryptd_client,
-          key_vault_namespace: @options[:key_vault_namespace],
-          key_vault_client: @key_vault_client,
-          mongocryptd_options: @options[:extra_options]
-        )
+        begin
+          @encryption_io = EncryptionIO.new(
+            client: @options[:client],
+            mongocryptd_client: @mongocryptd_client,
+            key_vault_namespace: @options[:key_vault_namespace],
+            key_vault_client: @key_vault_client,
+            mongocryptd_options: @options[:extra_options]
+          )
+        rescue
+          begin
+            @mongocryptd_client.close
+          rescue => e
+            log_warn("Eror closing mongocryptd client in auto encrypter's constructor: #{e.class}: #{e}")
+            # Drop this exception so that the original exception is raised
+          end
+          raise
+        end
       end
 
       # Whether this encrypter should perform encryption (returns false if

data/lib/mongo/crypt/binding.rb

@@ -56,55 +56,62 @@ module Mongo
           "is invalid: #{ENV['LIBMONGOCRYPT_PATH']}\n\n#{e.class}: #{e.message}"
       end
 
-      # Returns the version string of the libmongocrypt library
+      # @!method self.mongocrypt_version(len)
+      #   @api private
       #
-      # @param [ FFI::Pointer | nil ] len (out param) An optional pointer to a
-      #   uint8 that will reference the length of the returned string.
-      #
-      # @return [ String ] A version string for libmongocrypt
+      #   Returns the version string of the libmongocrypt library.
+      #   @param [ FFI::Pointer | nil ] len (out param) An optional pointer to a
+      #     uint8 that will reference the length of the returned string.
+      #   @return [ String ] A version string for libmongocrypt.
       attach_function :mongocrypt_version, [:pointer], :string
 
-      # Create a new mongocrypt_binary_t object (a non-owning view of a byte
-      # array)
+      # @!method self.mongocrypt_binary_new
+      #   @api private
       #
-      # @return [ FFI::Pointer ] A pointer to the newly-created
-      #   mongocrypt_binary_t object
+      #   Creates a new mongocrypt_binary_t object (a non-owning view of a byte
+      #     array).
+      #   @return [ FFI::Pointer ] A pointer to the newly-created
+      #     mongocrypt_binary_t object.
       attach_function :mongocrypt_binary_new, [], :pointer
 
-      # Create a new mongocrypt_binary_t object that maintains a pointer to
-      # the specified byte array.
-      #
-      # @param [ FFI::Pointer ] data A pointer to an array of bytes; the data
-      #   is not copied and must outlive the mongocrypt_binary_t object
-      # @param [ Integer ] len The length of the array argument
+      # @!method self.mongocrypt_binary_new_from_data(data, len)
+      #   @api private
       #
-      # @return [ FFI::Pointer ] A pointer to the newly-created
-      #   mongocrypt_binary_t object
+      #   Create a new mongocrypt_binary_t object that maintains a pointer to
+      #     the specified byte array.
+      #   @param [ FFI::Pointer ] data A pointer to an array of bytes; the data
+      #     is not copied and must outlive the mongocrypt_binary_t object.
+      #   @param [ Integer ] len The length of the array argument.
+      #   @return [ FFI::Pointer ] A pointer to the newly-created
+      #     mongocrypt_binary_t object.
       attach_function(
         :mongocrypt_binary_new_from_data,
         [:pointer, :int],
         :pointer
       )
 
-      # Get the pointer to the underlying data for the mongocrypt_binary_t
-      #
-      # @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t object
+      # @!method self.mongocrypt_binary_data(binary)
+      #   @api private
       #
-      # @return [ FFI::Pointer ] A pointer to the data array
+      #   Get the pointer to the underlying data for the mongocrypt_binary_t.
+      #   @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t object.
+      #   @return [ FFI::Pointer ] A pointer to the data array.
       attach_function :mongocrypt_binary_data, [:pointer], :pointer
 
-      # Get the length of the underlying data array
+      # @!method self.mongocrypt_binary_len(binary)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t object
-      #
-      # @return [ Integer ] The length of the data array
+      #   Get the length of the underlying data array.
+      #   @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t object.
+      #   @return [ Integer ] The length of the data array.
       attach_function :mongocrypt_binary_len, [:pointer], :int
 
-      # Destroy the mongocrypt_binary_t object
-      #
-      # @param [ FFI::Pointer ] A pointer to a mongocrypt_binary_t object
+      # @!method self.mongocrypt_binary_destroy(binary)
+      #   @api private
       #
-      # @return [ nil ] Always nil
+      #   Destroy the mongocrypt_binary_t object.
+      #   @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t object.
+      #   @return [ nil ] Always nil.
       attach_function :mongocrypt_binary_destroy, [:pointer], :void
 
       # Enum labeling different status types
@@ -114,63 +121,71 @@ module Mongo
         :error_kms,     2,
       ]
 
-      # Create a new mongocrypt_status_t object
+      # @!method self.mongocrypt_status_new
+      #   @api private
       #
-      # @return [ FFI::Pointer ] A pointer to the new mongocrypt_status_ts
+      #   Create a new mongocrypt_status_t object.
+      #   @return [ FFI::Pointer ] A pointer to the new mongocrypt_status_ts.
       attach_function :mongocrypt_status_new, [], :pointer
 
-      # Set a message, type, and code on an existing status
-      #
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
-      # @param [ Symbol ] type The status type; possible values are defined
-      #   by the status_type enum
-      # @param [ Integer ] code The status code
-      # @param [ String ] message The status message
-      # @param [ Integer ] len The length of the message argument (or -1 for a
-      #   null-terminated string)
-      #
-      # @return [ nil ] Always nil
+      # @!method self.mongocrypt_status_set(status, type, code, message, len)
+      #   @api private
+      #
+      #   Set a message, type, and code on an existing status.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
+      #   @param [ Symbol ] type The status type; possible values are defined
+      #     by the status_type enum.
+      #   @param [ Integer ] code The status code.
+      #   @param [ String ] message The status message.
+      #   @param [ Integer ] len The length of the message argument (or -1 for a
+      #     null-terminated string).
+      #   @return [ nil ] Always nil.
       attach_function(
         :mongocrypt_status_set,
         [:pointer, :status_type, :int, :string, :int],
         :void
       )
 
-      # Indicates the status type
+      # @!method self.mongocrypt_status_type(status)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
-      #
-      # @return [ Symbol ] The status type (as defined by the status_type enum)
+      #   Indicates the status type.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
+      #   @return [ Symbol ] The status type (as defined by the status_type enum).
       attach_function :mongocrypt_status_type, [:pointer], :status_type
 
-      # Return the status error code
-      #
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
+      # @!method self.mongocrypt_status_code(status)
+      #   @api private
       #
-      # @return [ Integer ] The status code
+      #   Return the status error code.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
+      #   @return [ Integer ] The status code.
       attach_function :mongocrypt_status_code, [:pointer], :int
 
-      # Returns the status message
+      # @!method self.mongocrypt_status_message(status, len=nil)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
-      # @param [ FFI::Pointer | nil ] len (out param) An optional pointer to a
-      #   uint32, where the length of the retun string will be written
-      #
-      # @return [ String ] The status message
+      #   Returns the status message.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
+      #   @param [ FFI::Pointer | nil ] len (out param) An optional pointer to a
+      #     uint32, where the length of the retun string will be written.
+      #   @return [ String ] The status message.
       attach_function :mongocrypt_status_message, [:pointer, :pointer], :string
 
-      # Returns whether the status is ok or an error
-      #
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
+      # @!method self.mongocrypt_status_ok(status)
+      #   @api private
       #
-      # @return [ Boolean ] Whether the status is ok
+      #   Returns whether the status is ok or an error.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
+      #   @return [ Boolean ] Whether the status is ok.
       attach_function :mongocrypt_status_ok, [:pointer], :bool
 
-      # Destroys the reference to the mongocrypt_status_t object
-      #
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
+      # @!method self.mongocrypt_status_destroy(status)
+      #   @api private
       #
-      # @return [ nil ] Always nil
+      #   Destroys the reference to the mongocrypt_status_t object.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t.
+      #   @return [ nil ] Always nil.
       attach_function :mongocrypt_status_destroy, [:pointer], :void
 
       # Enum labeling the various log levels
@@ -182,34 +197,41 @@ module Mongo
         :debug,   4,
       ]
 
-      # A callback to the mongocrypt log function
-      # Set a custom log callback with the mongocrypt_setopt_log_handler method
-      #
-      # @param [ Symbol ] level The log level; possible values defined by the
-      #   log_level enum
-      # @param [ String ] message The log message
-      # @param [ Integer ] len The length of the message param, or -1 if the
-      #   string is null terminated
-      # @param [ FFI::Pointer | nil ] ctx An optional pointer to a context
-      #   object when this callback was set
-      #
-      # @return [ nil ] Always nil.
+      # @!method mongocrypt_log_fn_t(level, message, len, ctx)
+      #   @api private
+      #
+      #   A callback to the mongocrypt log function. Set a custom log callback
+      #     with the mongocrypt_setopt_log_handler method
+      #   @param [ Symbol ] level The log level; possible values defined by the
+      #     log_level enum
+      #   @param [ String ] message The log message
+      #   @param [ Integer ] len The length of the message param, or -1 if the
+      #     string is null terminated
+      #   @param [ FFI::Pointer | nil ] ctx An optional pointer to a context
+      #     object when this callback was set
+      #   @return [ nil ] Always nil.
+      #
+      #   @note This defines a method signature for an FFI callback; it is not
+      #     an instance method on the Binding class.
       callback :mongocrypt_log_fn_t, [:log_level, :string, :int, :pointer], :void
 
-      # Creates a new mongocrypt_t object
+      # @!method self.ongocrypt_new
+      #   @api private
       #
-      # @return [ FFI::Pointer ] A pointer to a new mongocrypt_t object
+      #   Creates a new mongocrypt_t object.
+      #   @return [ FFI::Pointer ] A pointer to a new mongocrypt_t object.
       attach_function :mongocrypt_new, [], :pointer
 
-      # Set the handler on the mongocrypt_t object to be called every time
-      #   libmongocrypt logs a message
-      #
-      # @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
-      # @param [ Method ] log_fn A logging callback method
-      # @param [ FFI::Pointer | nil ] log_ctx An optional pointer to a context
-      #   to be passed into the log callback on every invocation.
+      # @!method self.mongocrypt_setopt_log_handler(crypt, log_fn, log_ctx=nil)
+      #   @api private
       #
-      # @return [ Boolean ] Whether setting the callback was successful
+      #   Set the handler on the mongocrypt_t object to be called every time
+      #     libmongocrypt logs a message.
+      #   @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
+      #   @param [ Method ] log_fn A logging callback method.
+      #   @param [ FFI::Pointer | nil ] log_ctx An optional pointer to a context
+      #     to be passed into the log callback on every invocation.
+      #   @return [ Boolean ] Whether setting the callback was successful.
       attach_function(
         :mongocrypt_setopt_log_handler,
         [:pointer, :mongocrypt_log_fn_t, :pointer],
@@ -228,17 +250,18 @@ module Mongo
         end
       end
 
-      # Configure mongocrypt_t object with AWS KMS provider options
-      #
-      # @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
-      # @param [ String ] aws_access_key_id The AWS access key id
-      # @param [ Integer ] aws_access_key_id_len The length of the AWS access
-      #   key string (or -1 for a null-terminated string)
-      # @param [ String ] aws_secret_access_key The AWS secret access key
-      # @param [ Integer ] aws_secret_access_key_len The length of the AWS
-      #   secret access key (or -1 for a null-terminated string)
-      #
-      # @return [ Boolean ] Returns whether the option was set successfully
+      # @!method self.mongocrypt_setopt_kms_provider_aws(crypt, aws_access_key_id, aws_access_key_id_len, aws_secret_access_key, aws_secret_access_key_len)
+      #   @api private
+      #
+      #   Configure mongocrypt_t object with AWS KMS provider options.
+      #   @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
+      #   @param [ String ] aws_access_key_id The AWS access key id.
+      #   @param [ Integer ] aws_access_key_id_len The length of the AWS access
+      #     key string (or -1 for a null-terminated string).
+      #   @param [ String ] aws_secret_access_key The AWS secret access key.
+      #   @param [ Integer ] aws_secret_access_key_len The length of the AWS
+      #     secret access key (or -1 for a null-terminated string).
+      #   @return [ Boolean ] Returns whether the option was set successfully.
       attach_function(
         :mongocrypt_setopt_kms_provider_aws,
         [:pointer, :string, :int, :string, :int],
@@ -266,13 +289,14 @@ module Mongo
         end
       end
 
-      # Configure mongocrypt_t object to take local KSM provider options
-      #
-      # @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
-      # @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
-      #   that references the 96-byte local master key
+      # @!method self.mongocrypt_setopt_kms_provider_local(crypt, key)
+      #   @api private
       #
-      # @return [ Boolean ] Returns whether the option was set successfully
+      #   Configure mongocrypt_t object to take local KSM provider options.
+      #   @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
+      #   @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
+      #     that references the 96-byte local master key.
+      #   @return [ Boolean ] Returns whether the option was set successfully.
       attach_function(
         :mongocrypt_setopt_kms_provider_local,
         [:pointer, :pointer],
@@ -293,13 +317,14 @@ module Mongo
         end
       end
 
-      # Sets a local schema map for encryption
-      #
-      # @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
-      # @param [ FFI::Pointer ] schema_map A pointer to a mongocrypt_binary_t
-      #   object that references the schema map as a BSON binary string
+      # @!method self.mongocrypt_setopt_schema_map(crypt, schema_map)
+      #   @api private
       #
-      # @return [ Boolean ] Returns whether the option was set successfully
+      #   Sets a local schema map for encryption.
+      #   @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
+      #   @param [ FFI::Pointer ] schema_map A pointer to a mongocrypt_binary_t.
+      #     object that references the schema map as a BSON binary string.
+      #   @return [ Boolean ] Returns whether the option was set successfully.
       attach_function :mongocrypt_setopt_schema_map, [:pointer, :pointer], :bool
 
       # Set schema map on the Mongo::Crypt::Handle object
@@ -319,11 +344,12 @@ module Mongo
         end
       end
 
-      # Initialize the mongocrypt_t object
+      # @!method self.mongocrypt_init(crypt)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
-      #
-      # @return [ Boolean ] Returns whether the crypt was initialized successfully
+      #   Initialize the mongocrypt_t object.
+      #   @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
+      #   @return [ Boolean ] Returns whether the crypt was initialized successfully.
       attach_function :mongocrypt_init, [:pointer], :bool
 
       # Initialize the Mongo::Crypt::Handle object
@@ -337,47 +363,52 @@ module Mongo
         end
       end
 
-      # Set the status information from the mongocrypt_t object on the
-      # mongocrypt_status_t object
-      #
-      # @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object
+      # @!method self.mongocrypt_status(crypt, status)
+      #   @api private
       #
-      # @return [ Boolean ] Whether the status was successfully set
+      #   Set the status information from the mongocrypt_t object on the
+      #     mongocrypt_status_t object.
+      #   @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object.
+      #   @return [ Boolean ] Whether the status was successfully set.
       attach_function :mongocrypt_status, [:pointer, :pointer], :bool
 
-      # Destroy the reference the mongocrypt_t object
+      # @!method self.mongocrypt_destroy(crypt)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
-      #
-      # @return [ nil ] Always nil
+      #   Destroy the reference the mongocrypt_t object.
+      #   @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
+      #   @return [ nil ] Always nil.
       attach_function :mongocrypt_destroy, [:pointer], :void
 
-      # Create a new mongocrypt_ctx_t object (a wrapper for the libmongocrypt
-      #   state machine)
-      #
-      # @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
+      # @!method self.mongocrypt_ctx_new(crypt)
+      #   @api private
       #
-      # @return [ FFI::Pointer ] A new mongocrypt_ctx_t object
+      #   Create a new mongocrypt_ctx_t object (a wrapper for the libmongocrypt
+      #     state machine).
+      #   @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
+      #   @return [ FFI::Pointer ] A new mongocrypt_ctx_t object.
       attach_function :mongocrypt_ctx_new, [:pointer], :pointer
 
-      # Set the status information from the mongocrypt_ctx_t object on the
-      # mongocrypt_status_t object
+      # @!method self.mongocrypt_ctx_status(ctx, status)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object
-      #
-      # @return [ Boolean ] Whether the status was successfully set
+      #   Set the status information from the mongocrypt_ctx_t object on the
+      #     mongocrypt_status_t object.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object.
+      #   @return [ Boolean ] Whether the status was successfully set.
       attach_function :mongocrypt_ctx_status, [:pointer, :pointer], :bool
 
-      # Set the key id used for explicit encryption
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ FFI::Pointer ] key_id A pointer to a mongocrypt_binary_t object
-      #   that references the 16-byte key-id
+      # @!method self.mongocrypt_ctx_setopt_key_id(ctx, key_id)
+      #   @api private
       #
-      # @note Do not initialize ctx before calling this method
-      # @return [ Boolean ] Whether the option was successfully set
+      #   Set the key id used for explicit encryption.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] key_id A pointer to a mongocrypt_binary_t object
+      #     that references the 16-byte key-id.
+      #   @note Do not initialize ctx before calling this method.
+      #   @return [ Boolean ] Whether the option was successfully set.
       attach_function :mongocrypt_ctx_setopt_key_id, [:pointer, :pointer], :bool
 
       # Sets the key id option on an explicit encryption context.
@@ -394,18 +425,18 @@ module Mongo
         end
       end
 
-      # When creating a data key, set an alternate name on that key. When
-      # performing explicit encryption, specifying which data key to use for
-      # encryption based on its keyAltName field.
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t
-      #   object that references a BSON document in the format
-      #   { "keyAltName": <BSON UTF8 value> }
-      #
-      # @return [ Boolean ] Whether the alternative name was successfully set
-      #
-      # @note Do not initialize ctx before calling this method
+      # @!method self.mongocrypt_ctx_setopt_key_alt_name(ctx, binary)
+      #   @api private
+      #
+      #   When creating a data key, set an alternate name on that key. When
+      #     performing explicit encryption, specifying which data key to use for
+      #     encryption based on its keyAltName field.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] binary A pointer to a mongocrypt_binary_t
+      #     object that references a BSON document in the format
+      #     { "keyAltName": <BSON UTF8 value> }.
+      #   @return [ Boolean ] Whether the alternative name was successfully set.
+      #   @note Do not initialize ctx before calling this method.
       attach_function(
         :mongocrypt_ctx_setopt_key_alt_name,
         [:pointer, :pointer],
@@ -431,16 +462,17 @@ module Mongo
         end
       end
 
-      # Set the algorithm used for explicit encryption
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ String ] algorithm The algorithm name. Valid values are:
-      #   - "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
-      #   - "AEAD_AES_256_CBC_HMAC_SHA_512-Random"
-      # @param [ Integer ] len The length of the algorithm string
-      #
-      # @note Do not initialize ctx before calling this method
-      # @return [ Boolean ] Whether the option was successfully set
+      # @!method self.mongocrypt_ctx_setopt_algorithm(ctx, algorithm, len)
+      #   @api private
+      #
+      #   Set the algorithm used for explicit encryption.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ String ] algorithm The algorithm name. Valid values are:
+      #     - "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
+      #     - "AEAD_AES_256_CBC_HMAC_SHA_512-Random"
+      #   @param [ Integer ] len The length of the algorithm string.
+      #   @note Do not initialize ctx before calling this method.
+      #   @return [ Boolean ] Whether the option was successfully set.
       attach_function(
         :mongocrypt_ctx_setopt_algorithm,
         [:pointer, :string, :int],
@@ -461,17 +493,18 @@ module Mongo
         end
       end
 
-      # Configure the ctx to take a master key from AWS
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_object
-      # @param [ String ] region The AWS region
-      # @param [ Integer ] region_len The length of the region string (or -1
-      #   for a null-terminated string)
-      # @param [ String ] arn The Amazon Resource Name (ARN) of the mater key
-      # @param [ Integer ] arn_len The length of the ARN (or -1 for a
-      #   null-terminated string)
-      #
-      # @return [ Boolean ] Returns whether the option was set successfully
+      # @!method self.mongocrypt_ctx_setopt_masterkey_aws(ctx, region, region_len, arn, arn_len)
+      #   @api private
+      #
+      #   Configure the ctx to take a master key from AWS.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_object.
+      #   @param [ String ] region The AWS region.
+      #   @param [ Integer ] region_len The length of the region string (or -1
+      #     for a null-terminated string).
+      #   @param [ String ] arn The Amazon Resource Name (ARN) of the mater key.
+      #   @param [ Integer ] arn_len The length of the ARN (or -1 for a
+      #     null-terminated string).
+      #   @return [ Boolean ] Returns whether the option was set successfully.
       attach_function(
         :mongocrypt_ctx_setopt_masterkey_aws,
         [:pointer, :string, :int, :string, :int],
@@ -497,14 +530,15 @@ module Mongo
         end
       end
 
-      # Set a custom endpoint at which to fetch the AWS master key
-      #
-      # @param [ FFI::Pointer ] ctx
-      # @param [ String ] endpoint The custom endpoint
-      # @param [ Integer ] endpoint_len The length of the endpoint string (or
-      #   -1 for a null-terminated string)
+      # @!method self.mongocrypt_ctx_setopt_masterkey_aws_endpoint(ctx, endpoint, endpoint_len)
+      #   @api private
       #
-      # @return [ Boolean ] Returns whether the option was set successfully
+      #   Set a custom endpoint at which to fetch the AWS master key
+      #   @param [ FFI::Pointer ] ctx
+      #   @param [ String ] endpoint The custom endpoint.
+      #   @param [ Integer ] endpoint_len The length of the endpoint string (or
+      #     -1 for a null-terminated string).
+      #   @return [ Boolean ] Returns whether the option was set successfully.
       attach_function(
         :mongocrypt_ctx_setopt_masterkey_aws_endpoint,
         [:pointer, :string, :int],
@@ -527,12 +561,13 @@ module Mongo
         end
       end
 
-      # Set the ctx to take a local master key
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
+      # @!method self.mongocrypt_ctx_setopt_masterkey_local(ctx)
+      #   @api private
       #
-      # @note Do not initialize ctx before calling this method
-      # @return [ Boolean ] Whether the option was successfully set
+      #   Set the ctx to take a local master key.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @note Do not initialize ctx before calling this method.
+      #   @return [ Boolean ] Whether the option was successfully set.
       attach_function(
         :mongocrypt_ctx_setopt_masterkey_local,
         [:pointer],
@@ -550,16 +585,16 @@ module Mongo
         end
       end
 
-      # Initializes the ctx to create a data key
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      #
-      # @note Before calling this method, master key options must be set.
-      #   Set AWS master key by calling mongocrypt_ctx_setopt_masterkey_aws
-      #   and mongocrypt_ctx_setopt_masterkey_aws_endpoint. Set local master
-      #   key by calling mongocrypt_ctx_setopt_masterkey_local.
+      # @!method self.mongocrypt_ctx_datakey_init(ctx)
+      #   @api private
       #
-      # @return [ Boolean ] Whether the initialization was successful
+      #   Initializes the ctx to create a data key.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @note Before calling this method, master key options must be set.
+      #     Set AWS master key by calling mongocrypt_ctx_setopt_masterkey_aws
+      #     and mongocrypt_ctx_setopt_masterkey_aws_endpoint. Set local master
+      #     key by calling mongocrypt_ctx_setopt_masterkey_local.
+      #   @return [ Boolean ] Whether the initialization was successful.
       attach_function :mongocrypt_ctx_datakey_init, [:pointer], :bool
 
       # Initialize the Context to create a data key
@@ -573,19 +608,19 @@ module Mongo
         end
       end
 
-      # Initializes the ctx for auto-encryption
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ String ] db The database name
-      # @param [ Integer ] db_len The length of the database name argument (or
-      #   -1 for a null-terminated string)
-      # @param [ FFI::Pointer ] cmd A pointer to a mongocrypt_binary_t object
-      #   that references the database command as a binary string
-      #
-      # @note This method expects the passed-in BSON to be in the format:
-      #   { "v": BSON value to decrypt }
-      #
-      # @return [ Boolean ] Whether the initialization was successful
+      # @!method self.mongocrypt_ctx_encrypt_init(ctx, db, db_len, cmd)
+      #   @api private
+      #
+      #   Initializes the ctx for auto-encryption.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ String ] db The database name.
+      #   @param [ Integer ] db_len The length of the database name argument
+      #     (or -1 for a null-terminated string).
+      #   @param [ FFI::Pointer ] cmd A pointer to a mongocrypt_binary_t object
+      #     that references the database command as a binary string.
+      #   @note This method expects the passed-in BSON to be in the format:
+      #     { "v": BSON value to decrypt }.
+      #   @return [ Boolean ] Whether the initialization was successful.
       attach_function(
         :mongocrypt_ctx_encrypt_init,
         [:pointer, :string, :int, :pointer],
@@ -610,18 +645,18 @@ module Mongo
         end
       end
 
-      # Initializes the ctx for explicit encryption
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ FFI::Pointer ] msg A pointer to a mongocrypt_binary_t object
-      #   that references the message to be encrypted as a binary string
-      #
-      # @note Before calling this method, set a key_id, key_alt_name (optional),
-      #   and encryption algorithm using the following methods:
-      #   mongocrypt_ctx_setopt_key_id, mongocrypt_ctx_setopt_key_alt_name,
-      #   and mongocrypt_ctx_setopt_algorithm
-      #
-      # @return [ Boolean ] Whether the initialization was successful
+      # @!method self.mongocrypt_ctx_explicit_encrypt_init(ctx, msg)
+      #   @api private
+      #
+      #   Initializes the ctx for explicit encryption.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] msg A pointer to a mongocrypt_binary_t object
+      #     that references the message to be encrypted as a binary string.
+      #   @note Before calling this method, set a key_id, key_alt_name (optional),
+      #     and encryption algorithm using the following methods:
+      #     mongocrypt_ctx_setopt_key_id, mongocrypt_ctx_setopt_key_alt_name,
+      #     and mongocrypt_ctx_setopt_algorithm.
+      #   @return [ Boolean ] Whether the initialization was successful.
       attach_function(
         :mongocrypt_ctx_explicit_encrypt_init,
         [:pointer, :pointer],
@@ -631,7 +666,7 @@ module Mongo
       # Initialize the Context for explicit encryption
       #
       # @param [ Mongo::Crypt::Context ] context
-      # @param [ Hash ] A BSON document to encrypt
+      # @param [ Hash ] doc A BSON document to encrypt
       #
       # @raise [ Mongo::Error::CryptError ] If initialization fails
       def self.ctx_explicit_encrypt_init(context, doc)
@@ -644,19 +679,20 @@ module Mongo
         end
       end
 
-      # Initializes the ctx for auto-decryption
+      # @!method self.mongocrypt_ctx_decrypt_init(ctx, doc)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ FFI::Pointer ] doc A pointer to a mongocrypt_binary_t object
-      #   that references the document to be decrypted as a BSON binary string
-      #
-      # @return [ Boolean ] Whether the initialization was successful
+      #   Initializes the ctx for auto-decryption.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] doc A pointer to a mongocrypt_binary_t object
+      #     that references the document to be decrypted as a BSON binary string.
+      #   @return [ Boolean ] Whether the initialization was successful.
       attach_function :mongocrypt_ctx_decrypt_init, [:pointer, :pointer], :bool
 
       # Initialize the Context for auto-decryption
       #
       # @param [ Mongo::Crypt::Context ] context
-      # @param [ BSON::Document ] A BSON document to decrypt
+      # @param [ BSON::Document ] command A BSON document to decrypt
       #
       # @raise [ Mongo::Error::CryptError ] If initialization fails
       def self.ctx_decrypt_init(context, command)
@@ -669,13 +705,14 @@ module Mongo
         end
       end
 
-      # Initializes the ctx for explicit decryption
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ FFI::Pointer ] msg A pointer to a mongocrypt_binary_t object
-      #   that references the message to be decrypted as a BSON binary string
+      # @!method self.mongocrypt_ctx_explicit_decrypt_init(ctx, msg)
+      #   @api private
       #
-      # @return [ Boolean ] Whether the initialization was successful
+      #   Initializes the ctx for explicit decryption.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] msg A pointer to a mongocrypt_binary_t object
+      #     that references the message to be decrypted as a BSON binary string.
+      #   @return [ Boolean ] Whether the initialization was successful.
       attach_function(
         :mongocrypt_ctx_explicit_decrypt_init,
         [:pointer, :pointer],
@@ -685,7 +722,7 @@ module Mongo
       # Initialize the Context for explicit decryption
       #
       # @param [ Mongo::Crypt::Context ] context
-      # @param [ Hash ] A BSON document to decrypt
+      # @param [ Hash ] doc A BSON document to decrypt
       #
       # @raise [ Mongo::Error::CryptError ] If initialization fails
       def self.ctx_explicit_decrypt_init(context, doc)
@@ -709,23 +746,25 @@ module Mongo
         :done,                6,
       ]
 
-      # Get the current state of the ctx
+      # @!method self.mongocrypt_ctx_state(ctx)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      #
-      # @return [ Symbol ] The current state, will be one of the values defined
-      #   by the mongocrypt_ctx_state enum
+      #   Get the current state of the ctx.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @return [ Symbol ] The current state, will be one of the values defined
+      #     by the mongocrypt_ctx_state enum.
       attach_function :mongocrypt_ctx_state, [:pointer], :mongocrypt_ctx_state
 
-      # Get a BSON operation for the driver to run against the MongoDB
-      # collection, the key vault database, or mongocryptd.
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ FFI::Pointer ] op_bson (out param) A pointer to a
-      #   mongocrypt_binary_t object that will have a reference to the
-      #   BSON operation written to it by libmongocrypt
+      # @!method self.mongocrypt_ctx_mongo_op(ctx, op_bson)
+      #   @api private
       #
-      # @return [ Boolean ] A boolean indicating the success of the operation
+      #   Get a BSON operation for the driver to run against the MongoDB
+      #     collection, the key vault database, or mongocryptd.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] op_bson (out param) A pointer to a
+      #     mongocrypt_binary_t object that will have a reference to the
+      #     BSON operation written to it by libmongocrypt.
+      #   @return [ Boolean ] A boolean indicating the success of the operation.
       attach_function :mongocrypt_ctx_mongo_op, [:pointer, :pointer], :bool
 
       # Returns a BSON::Document representing an operation that the
@@ -750,13 +789,14 @@ module Mongo
         BSON::Document.from_bson(BSON::ByteBuffer.new(binary.to_s), mode: :bson)
       end
 
-      # Feed a BSON reply to libmongocrypt
+      # @!method self.mongocrypt_ctx_mongo_feed(ctx, reply)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ FFI::Pointer ] reply A mongocrypt_binary_t object that
-      #   references the BSON reply to feed to libmongocrypt
-      #
-      # @return [ Boolean ] A boolean indicating the success of the operation
+      #   Feed a BSON reply to libmongocrypt.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] reply A mongocrypt_binary_t object that
+      #     references the BSON reply to feed to libmongocrypt.
+      #   @return [ Boolean ] A boolean indicating the success of the operation.
       attach_function :mongocrypt_ctx_mongo_feed, [:pointer, :pointer], :bool
 
       # Feed a response from the driver back to libmongocrypt
@@ -775,18 +815,20 @@ module Mongo
         end
       end
 
-      # Indicate to libmongocrypt that the driver is done feeding replies
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
+      # @!method self.mongocrypt_ctx_mongo_done(ctx)
+      #   @api private
       #
-      # @return [ Boolean ] A boolean indicating the success of the operation
+      #   Indicate to libmongocrypt that the driver is done feeding replies.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @return [ Boolean ] A boolean indicating the success of the operation.
       attach_function :mongocrypt_ctx_mongo_done, [:pointer], :bool
 
-      # Return a pointer to a mongocrypt_kms_ctx_t object or NULL.
+      # @!method self.mongocrypt_ctx_mongo_next_kms_ctx(ctx)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      #
-      # @return [ FFI::Pointer ] A pointer to a mongocrypt_kms_ctx_t object
+      #   Return a pointer to a mongocrypt_kms_ctx_t object or NULL.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @return [ FFI::Pointer ] A pointer to a mongocrypt_kms_ctx_t object.
       attach_function :mongocrypt_ctx_next_kms_ctx, [:pointer], :pointer
 
       # Return a new KmsContext object needed by a Context object.
@@ -805,14 +847,15 @@ module Mongo
         end
       end
 
-      # Get the message needed to fetch the AWS KMS master key.
-      #
-      # @param [ FFI::Pointer ] kms Pointer to the mongocrypt_kms_ctx_t object
-      # @param [ FFI::Pointer ] msg (outparam) Pointer to a mongocrypt_binary_t
-      #   object that will have the location of the message written to it by
-      #   libmongocrypt
+      # @!method self.mongocrypt_kms_ctx_message(kms, msg)
+      #   @api private
       #
-      # @return [ Boolean ] Whether the operation is successful
+      #   Get the message needed to fetch the AWS KMS master key.
+      #   @param [ FFI::Pointer ] kms Pointer to the mongocrypt_kms_ctx_t object
+      #   @param [ FFI::Pointer ] msg (outparam) Pointer to a mongocrypt_binary_t
+      #     object that will have the location of the message written to it by
+      #     libmongocrypt.
+      #   @return [ Boolean ] Whether the operation is successful.
       attach_function :mongocrypt_kms_ctx_message, [:pointer, :pointer], :bool
 
       # Get the HTTP message needed to fetch the AWS KMS master key from a
@@ -833,14 +876,15 @@ module Mongo
         return binary.to_s
       end
 
-      # Get the hostname with which to connect over TLS to get information about
-      # the AWS master key.
-      #
-      # @param [ FFI::Pointer ] kms A pointer to a mongocrypt_kms_ctx_t object
-      # @param [ FFI::Pointer ] endpoint (out param) A pointer to which the
-      #   endpoint string will be written by libmongocrypt
+      # @!method self.mongocrypt_kms_ctx_endpoint(kms, endpoint)
+      #   @api private
       #
-      # @return [ Boolean ] Whether the operation was successful
+      #   Get the hostname with which to connect over TLS to get information about
+      #     the AWS master key.
+      #   @param [ FFI::Pointer ] kms A pointer to a mongocrypt_kms_ctx_t object.
+      #   @param [ FFI::Pointer ] endpoint (out param) A pointer to which the
+      #     endpoint string will be written by libmongocrypt.
+      #   @return [ Boolean ] Whether the operation was successful.
       attach_function :mongocrypt_kms_ctx_endpoint, [:pointer, :pointer], :bool
 
       # Get the hostname with which to connect over TLS to get information
@@ -862,11 +906,12 @@ module Mongo
         str_ptr.null? ? nil : str_ptr.read_string.force_encoding('UTF-8')
       end
 
-      # Get the number of bytes needed by the KMS context.
+      # @!method self.mongocrypt_kms_ctx_bytes_needed(kms)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] kms The mongocrypt_kms_ctx_t object
-      #
-      # @return [ Integer ] The number of bytes needed
+      #   Get the number of bytes needed by the KMS context.
+      #   @param [ FFI::Pointer ] kms The mongocrypt_kms_ctx_t object.
+      #   @return [ Integer ] The number of bytes needed.
       attach_function :mongocrypt_kms_ctx_bytes_needed, [:pointer], :int
 
       # Get the number of bytes needed by the KmsContext.
@@ -878,19 +923,20 @@ module Mongo
         mongocrypt_kms_ctx_bytes_needed(kms_context.kms_ctx_p)
       end
 
-      # Feed replies from the KMS back to libmongocrypt.
-      #
-      # @param [ FFI::Pointer ] kms A pointer to the mongocrypt_kms_ctx_t object
-      # @param [ FFI::Pointer ] bytes A pointer to a mongocrypt_binary_t
-      #   object that references the response from the KMS
+      # @!method self.mongocrypt_kms_ctx_feed(kms, bytes)
+      #   @api private
       #
-      # @return [ Boolean ] Whether the operation was successful
+      #   Feed replies from the KMS back to libmongocrypt.
+      #   @param [ FFI::Pointer ] kms A pointer to the mongocrypt_kms_ctx_t object.
+      #   @param [ FFI::Pointer ] bytes A pointer to a mongocrypt_binary_t
+      #     object that references the response from the KMS.
+      #   @return [ Boolean ] Whether the operation was successful.
       attach_function :mongocrypt_kms_ctx_feed, [:pointer, :pointer], :bool
 
       # Feed replies from the KMS back to libmongocrypt.
       #
       # @param [ Mongo::Crypt::KmsContext ] kms_context
-      # @oaram [ String ] data The data to feed to libmongocrypt
+      # @param [ String ] bytes The data to feed to libmongocrypt
       #
       # @raise [ Mongo::Error::CryptError ] If the response is not fed successfully
       def self.kms_ctx_feed(kms_context, bytes)
@@ -901,13 +947,14 @@ module Mongo
         end
       end
 
-      # Write status information about the mongocrypt_kms_ctx_t object
-      # to the mongocrypt_status_t object.
+      # @!method self.mongocrypt_kms_ctx_status(kms, status)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] kms A pointer to the mongocrypt_kms_ctx_t object
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object
-      #
-      # @return [ Boolean ] Whether the operation was successful
+      #   Write status information about the mongocrypt_kms_ctx_t object
+      #     to the mongocrypt_status_t object.
+      #   @param [ FFI::Pointer ] kms A pointer to the mongocrypt_kms_ctx_t object.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t object.
+      #   @return [ Boolean ] Whether the operation was successful.
       attach_function :mongocrypt_kms_ctx_status, [:pointer, :pointer], :bool
 
       # If the provided block returns false, raise a CryptError with the
@@ -925,12 +972,13 @@ module Mongo
         end
       end
 
-      # Indicate to libmongocrypt that it will receive no more replies from
-      # mongocrypt_kms_ctx_t objects.
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
+      # @!method self.mongocrypt_kms_ctx_done(ctx)
+      #   @api private
       #
-      # @return [ Boolean ] Whether the operation was successful
+      #   Indicate to libmongocrypt that it will receive no more replies from
+      #     mongocrypt_kms_ctx_t objects.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @return [ Boolean ] Whether the operation was successful.
       attach_function :mongocrypt_ctx_kms_done, [:pointer], :bool
 
       # Indicate to libmongocrypt that it will receive no more KMS replies.
@@ -944,14 +992,15 @@ module Mongo
         end
       end
 
-      # Perform the final encryption or decryption and return a BSON document
+      # @!method self.mongocrypt_ctx_finalize(ctx, op_bson)
+      #   @api private
       #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
-      # @param [ FFI::Pointer ] op_bson (out param) A pointer to a
-      #   mongocrypt_binary_t object that will have a reference to the
-      #   final encrypted BSON document
-      #
-      # @return [ Boolean ] A boolean indicating the success of the operation
+      #   Perform the final encryption or decryption and return a BSON document.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] op_bson (out param) A pointer to a
+      #     mongocrypt_binary_t object that will have a reference to the
+      #     final encrypted BSON document.
+      #   @return [ Boolean ] A boolean indicating the success of the operation.
       attach_function :mongocrypt_ctx_finalize, [:pointer, :pointer], :void
 
       # Finalize the state machine represented by the Context
@@ -973,99 +1022,117 @@ module Mongo
         BSON::Document.from_bson(BSON::ByteBuffer.new(binary.to_s), mode: :bson)
       end
 
-      # Destroy the reference to the mongocrypt_ctx_t object
-      #
-      # @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object
+      # @!method self.mongocrypt_ctx_destroy(ctx)
+      #   @api private
       #
-      # @return [ nil ] Always nil
+      #   Destroy the reference to the mongocrypt_ctx_t object.
+      #   @param [ FFI::Pointer ] ctx A pointer to a mongocrypt_ctx_t object.
+      #   @return [ nil ] Always nil.
       attach_function :mongocrypt_ctx_destroy, [:pointer], :void
 
-      # A callback to a function that performs AES encryption or decryption
-      #
-      # @param [ FFI::Pointer | nil] ctx An optional pointer to a context object
-      #   that may have been set when hooks were enabled.
-      # @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
-      #   that references the 32-byte AES encryption key
-      # @param [ FFI::Pointer ] iv A pointer to a mongocrypt_binary_t object
-      #   that references the 16-byte AES IV
-      # @param [ FFI::Pointer ] in A pointer to a mongocrypt_binary_t object
-      #   that references the value to be encrypted/decrypted
-      # @param [ FFI::Pointer ] out (out param) A pointer to a
-      #   mongocrypt_binary_t object will have a reference to the encrypted/
-      #   decrypted value written to it by libmongocrypt
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
-      #   object to which an error message will be written if encryption fails
-      #
-      # @return [ Bool ] Whether encryption/decryption was successful
+      # @!method mongocrypt_crypto_fn(ctx, key, iv, input, output, status)
+      #   @api private
+      #
+      #   A callback to a function that performs AES encryption or decryption.
+      #   @param [ FFI::Pointer | nil] ctx An optional pointer to a context object
+      #     that may have been set when hooks were enabled.
+      #   @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
+      #     that references the 32-byte AES encryption key.
+      #   @param [ FFI::Pointer ] iv A pointer to a mongocrypt_binary_t object
+      #     that references the 16-byte AES IV.
+      #   @param [ FFI::Pointer ] input A pointer to a mongocrypt_binary_t object
+      #     that references the value to be encrypted/decrypted.
+      #   @param [ FFI::Pointer ] output (out param) A pointer to a
+      #     mongocrypt_binary_t object will have a reference to the encrypted/
+      #     decrypted value written to it by libmongocrypt.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
+      #     object to which an error message will be written if encryption fails.
+      #   @return [ Bool ] Whether encryption/decryption was successful.
+      #
+      #   @note This defines a method signature for an FFI callback; it is not
+      #     an instance method on the Binding class.
       callback(
         :mongocrypt_crypto_fn,
         [:pointer, :pointer, :pointer, :pointer, :pointer, :pointer, :pointer],
         :bool
       )
 
-      # A callback to a function that performs HMAC SHA-512 or SHA-256
-      #
-      # @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
-      #   that may have been set when hooks were enabled.
-      # @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
-      #   that references the 32-byte HMAC SHA encryption key
-      # @param [ FFI::Pointer ] in A pointer to a mongocrypt_binary_t object
-      #   that references the input value
-      # @param [ FFI::Pointer ] out (out param) A pointer to a
-      #   mongocrypt_binary_t object will have a reference to the output value
-      #   written to it by libmongocrypt
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
-      #   object to which an error message will be written if encryption fails
-      #
-      # @return [ Bool ] Whether HMAC-SHA was successful
+      # @!method mongocrypt_hmac_fn(ctx, key, input, output, status)
+      #   @api private
+      #
+      #   A callback to a function that performs HMAC SHA-512 or SHA-256.
+      #   @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
+      #     that may have been set when hooks were enabled.
+      #   @param [ FFI::Pointer ] key A pointer to a mongocrypt_binary_t object
+      #     that references the 32-byte HMAC SHA encryption key.
+      #   @param [ FFI::Pointer ] input A pointer to a mongocrypt_binary_t object
+      #     that references the input value.
+      #   @param [ FFI::Pointer ] output (out param) A pointer to a
+      #     mongocrypt_binary_t object will have a reference to the output value
+      #     written to it by libmongocrypt.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
+      #     object to which an error message will be written if encryption fails.
+      #   @return [ Bool ] Whether HMAC-SHA was successful.
+      #
+      #   @note This defines a method signature for an FFI callback; it is not
+      #     an instance method on the Binding class.
       callback(
         :mongocrypt_hmac_fn,
         [:pointer, :pointer, :pointer, :pointer, :pointer],
         :bool
       )
 
-      # A callback to a SHA-256 hash function
-      #
-      # @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
-      #   that may have been set when hooks were enabled.
-      # @param [ FFI::Pointer ] in A pointer to a mongocrypt_binary_t object
-      #   that references the value to be hashed
-      # @param [ FFI::Pointer ] out (out param) A pointer to a
-      #   mongocrypt_binary_t object will have a reference to the output value
-      #   written to it by libmongocrypt
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
-      #   object to which an error message will be written if encryption fails
-      #
-      # @return [ Bool ] Whether hashing was successful
+      # @!method mongocrypt_hash_fn(ctx, input, output, status)
+      #   @api private
+      #
+      #   A callback to a SHA-256 hash function.
+      #   @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
+      #     that may have been set when hooks were enabled.
+      #   @param [ FFI::Pointer ] input A pointer to a mongocrypt_binary_t object
+      #     that references the value to be hashed.
+      #   @param [ FFI::Pointer ] output (out param) A pointer to a
+      #     mongocrypt_binary_t object will have a reference to the output value
+      #     written to it by libmongocrypt.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
+      #     object to which an error message will be written if encryption fails.
+      #   @return [ Bool ] Whether hashing was successful.
+      #
+      #   @note This defines a method signature for an FFI callback; it is not
+      #     an instance method on the Binding class.
       callback :mongocrypt_hash_fn, [:pointer, :pointer, :pointer, :pointer], :bool
 
-      # A callback to a crypto secure random function
-      #
-      # @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
-      #   that may have been set when hooks were enabled.
-      # @param [ FFI::Pointer ] out (out param) A pointer to a
-      #   mongocrypt_binary_t object will have a reference to the output value
-      #   written to it by libmongocrypt
-      # @param [ Integer ] count The number of random bytes to return
-      # @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
-      #   object to which an error message will be written if encryption fails
-      #
-      # @return [ Bool ] Whether hashing was successful
+      # @!method mongocrypt_random_fn(ctx, output, count, status)
+      #   @api private
+      #
+      #   A callback to a crypto secure random function.
+      #   @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
+      #     that may have been set when hooks were enabled.
+      #   @param [ FFI::Pointer ] output (out param) A pointer to a
+      #     mongocrypt_binary_t object will have a reference to the output value
+      #     written to it by libmongocrypt.
+      #   @param [ Integer ] count The number of random bytes to return.
+      #   @param [ FFI::Pointer ] status A pointer to a mongocrypt_status_t
+      #     object to which an error message will be written if encryption fails.
+      #   @return [ Bool ] Whether hashing was successful.
+      #
+      #   @note This defines a method signature for an FFI callback; it is not
+      #     an instance method on the Binding class.
       callback :mongocrypt_random_fn, [:pointer, :pointer, :int, :pointer], :bool
 
-      # Set crypto hooks on the provided mongocrypt object
-      #
-      # @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object
-      # @param [ Proc ] An AES encryption method
-      # @param [ Proc ] An AES decryption method
-      # @param [ Proc ] A random method
-      # @param [ Proc ] A HMAC SHA-512 method
-      # @param [ Proc ] A HMAC SHA-256 method
-      # @param [ Proc ] A SHA-256 hash method
-      # @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
-      #   that may have been set when hooks were enabled.
-      #
-      # @return [ Boolean ] Whether setting this option succeeded
+      # @!method self.mongocrypt_setopt_crypto_hooks(crypt, aes_enc_fn, aes_dec_fn, random_fn, sha_512_fn, sha_256_fn, hash_fn, ctx=nil)
+      #   @api private
+      #
+      #   Set crypto hooks on the provided mongocrypt object.
+      #   @param [ FFI::Pointer ] crypt A pointer to a mongocrypt_t object.
+      #   @param [ Proc ] aes_enc_fn An AES encryption method.
+      #   @param [ Proc ] aes_dec_fn An AES decryption method.
+      #   @param [ Proc ] random_fn A random method.
+      #   @param [ Proc ] sha_512_fn A HMAC SHA-512 method.
+      #   @param [ Proc ] sha_256_fn A HMAC SHA-256 method.
+      #   @param [ Proc ] hash_fn A SHA-256 hash method.
+      #   @param [ FFI::Pointer | nil ] ctx An optional pointer to a context object
+      #     that may have been set when hooks were enabled.
+      #   @return [ Boolean ] Whether setting this option succeeded.
       attach_function(
         :mongocrypt_setopt_crypto_hooks,
         [