MONGOCRYPT-756 Convert FLE2EncryptionPlaceholder to FLE2InsertUpdatePayloadV2 for text search indexed fields #939
Conversation
…ayloadV2 for text search indexed fields
test/test-mongocrypt-ctx-encrypt.c
Outdated
There was a problem hiding this comment.
moved these tests to test-mc-fle2-encryption-placehoder.c
|
|
||
| #define RAW_STRING(...) #__VA_ARGS__ | ||
|
|
||
| static void _test_FLE2EncryptionPlaceholder_parse(_mongocrypt_tester_t *tester) { |
There was a problem hiding this comment.
taken from test-mongocrypt-ctx-encrypt.c
| mongocrypt_status_destroy(status); | ||
| } | ||
|
|
||
| static void _test_FLE2EncryptionPlaceholder_range_parse(_mongocrypt_tester_t *tester) { |
There was a problem hiding this comment.
taken from test-mongocrypt-ctx-encrypt.c
| * https://github.com/mongodb/mongo/blob/master/src/mongo/crypto/fle_field_schema.idl | ||
| * for the representation in the MongoDB server. */ | ||
| typedef struct { | ||
| // v is the value to encrypt. |
There was a problem hiding this comment.
Since this is always a string, can we parse it into char * and uint32_t len? MONGOCRYPT-755 assumes this.
There was a problem hiding this comment.
It's simpler to keep it a bson_iter_t of type string, because when we encrypt it, we encrypt the bson element (which includes the 4 byte length + null terminator), not the raw string.
There was a problem hiding this comment.
Wait, when you say "we encrypt the bson element" - do you mean that the string passed into StrEncode is not the raw string, but the BSON element including the length + null terminator?
There was a problem hiding this comment.
No, I mean when we do the AES-CBC encrypt & derive the ESC/EDC/Server value-derived tokens, we pass in the (length + string + nullbyte). For StrEncode, we pass in just the string. When we derive the tokens for each substring/suffix/prefix from StrEncode later, we'll have to wrap those substrings so that they include the length + null-byte in the token derivations.
| index++; \ | ||
| } \ | ||
| if (index == UINT32_MAX && array->len > UINT32_MAX) { \ |
There was a problem hiding this comment.
Not sure if I understand -- Why are we appending one extra element in this case?
There was a problem hiding this comment.
bc the loop above it is not inclusive of index at UINT32_MAX if the array length exceeds that. highly unlikely, but this is the same logic for range edge tokens in mc_FLE2InsertUpdatePayloadV2_serializeForRange().
| for (size_t i = 0; i < array->len; i++) { \ | ||
| mc_Text##Type##TokenSet_t ts = _mc_array_index(array, mc_Text##Type##TokenSet_t, i); \ | ||
| uint32_t limit = (array->len > UINT32_MAX) ? UINT32_MAX : (uint32_t)array->len; \ | ||
| while (index < limit) { \ |
There was a problem hiding this comment.
Nit:
| while (index < limit) { \ | |
| for (; index < limit; index++) { \ | |
And remove the increment at the end of the loop.
src/mongocrypt.h
Outdated
| #define MONGOCRYPT_QUERY_TYPE_SUBSTRINGPREVIEW_STR "substringPreview" | ||
| #define MONGOCRYPT_QUERY_TYPE_SUFFIXPREVIEW_STR "suffixPreview" | ||
| #define MONGOCRYPT_QUERY_TYPE_PREFIXPREVIEW_STR "prefixPreview" |
There was a problem hiding this comment.
| #define MONGOCRYPT_QUERY_TYPE_SUBSTRINGPREVIEW_STR "substringPreview" | |
| #define MONGOCRYPT_QUERY_TYPE_SUFFIXPREVIEW_STR "suffixPreview" | |
| #define MONGOCRYPT_QUERY_TYPE_PREFIXPREVIEW_STR "prefixPreview" | |
| /// NOTE: "substringPreview" is experimental and may be removed in a future non-major release. | |
| #define MONGOCRYPT_QUERY_TYPE_SUBSTRINGPREVIEW_STR "substringPreview" | |
| /// NOTE: "suffixPreview" is experimental and may be removed in a future non-major release. | |
| #define MONGOCRYPT_QUERY_TYPE_SUFFIXPREVIEW_STR "suffixPreview" | |
| /// NOTE: "prefixPreview" is experimental and may be removed in a future non-major release. | |
| #define MONGOCRYPT_QUERY_TYPE_PREFIXPREVIEW_STR "prefixPreview" |
Document public API as unstable to permit removal in a non-major release.
src/mongocrypt-marking.c
Outdated
| * E?CText<T>DerivedFromDataTokenAndContentionFactorToken = HMAC(HMAC(E?CText<T>Token, v) cf) | ||
| * | ||
| * E?C = EDC|ESC | ||
| * n = 1 for EDC, 2 for ESC, 3 for ECC |
There was a problem hiding this comment.
| * n = 1 for EDC, 2 for ESC, 3 for ECC | |
| * n = 1 for EDC, 2 for ESC |
No description provided.