MONGOCRYPT-705 Add crypto parameters to payloads #872
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add new fields. Note fields that only applicable to range payloads
To include the line number of the macro invocation on error.
Fix documentation for `FLE2FindRangePayloadV2`. `g` is nested inside a `payload` document. See server IDL for reference.
To fix new tests on zSeries. May simplify testing with deterministic random-number generation on big-endian machines.
Payloads now include crypto param fields.
Notably: java bindings test with `trimFactor` of 0. Python tests with `trimFactor` of 1.
adriandole
approved these changes
Jul 31, 2024
| @@ -61,6 +71,11 @@ typedef struct { | |||
| // secondOperator represents the second query operator for which this payload | |||
| // was generated. Only populated for two-sided ranges. It is 0 if unset. | |||
| mc_FLE2RangeOperator_t secondOperator; | |||
| mc_optional_int64_t sparsity; // sp | |||
| mc_optional_uint32_t precision; // pn | |||
There was a problem hiding this comment.
Given that range v2 isn't backwards-compatible, is there a reason why trimFactor and precision can't be signed int32 to match the server types? Could avoid a lot of bounds checking.
There was a problem hiding this comment.
I like the idea of representing sparsity and precision to match the server types. Updated.
To match server representation
…ative The non-negative check may be redundant with prior checks. The check is intended to be closer to the cast to `size_t`
To match server representation
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Add crypto parameters to payloads
mc_FLE2InsertUpdatePayloadV2_tandmc_FLE2FindRangePayloadV2_t.Updates to expected payloads specification tests are in (mongodb/specifications#1616) and were verified with the C driver in this patch.
Background & Motivation
SERVER-91889 supports receiving optional crypto parameters on the
FLE2InsertUpdatePayloadV2andFLE2FindRangePayloadV2. The crypto parameters describe how the payload was generated. This may enable safeguards proposed in SERVER-91887 to reject client payloads generated with incorrect parameters.Other changes
_assert_match_bsonwas changed from a function to a macro. Before, the failure included the line number in the function_assert_match_bson:After, a failure includes the line number invoking the macro
_assert_match_bson:_mongocrypt_random_uint64was modified to read random data as little-endian. This is intended to ease testing on both little and big-endian hosts. Some tests use predetermined random data for deterministic results. If undesirable, random data for tests can be separately handled for big and little endian.