123456789_123456789_123456789_123456789_123456789_

Class: Mongo::Crypt::Binding Private

Do not use. This class is for internal use only.
Relationships & Source Files
Super Chains via Extension / Inclusion / Inheritance
Class Chain:
self, FFI::Library
Inherits: Object
Defined in: lib/mongo/crypt/binding.rb

Overview

A Ruby binding for the libmongocrypt C library

Constant Summary

  • MIN_LIBMONGOCRYPT_VERSION =

    Minimum version of libmongocrypt required by this version of the driver. An attempt to use the driver with any previous version of libmongocrypt will cause a ‘LoadError`.

    # File 'lib/mongo/crypt/binding.rb', line 86 
    Gem::Version.new("1.7.0")

Class Method Summary

Instance Method Summary

Class Method Details

.check_ctx_status(context) ⇒ nil

Raise a Mongo::Error::CryptError based on the status of the underlying mongocrypt_ctx_t object.

Returns:

  • (nil)

    Always nil.

[ GitHub ] 

  


# File 'lib/mongo/crypt/binding.rb', line 1757



def self.check_ctx_status(context)
  if block_given?
    do_raise = !yield
  else
    do_raise = true
  end

  if do_raise
    status = Status.new

    mongocrypt_ctx_status(context.ctx_p, status.ref)
    status.raise_crypt_error
  end
end


  








  

    .check_kms_ctx_status(kms_context)  
  



  

    

If the provided block returns false, raise a CryptError with the status information from the provided KmsContext object.


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1099



def self.check_kms_ctx_status(kms_context)
  unless yield
    status = Status.new

    mongocrypt_kms_ctx_status(kms_context.kms_ctx_p, status.ref)
    status.raise_crypt_error(kms: true)
  end
end


  








  

    .check_status(handle)  ⇒ nil 
  



  

    

Raise a Mongo::Error::CryptError based on the status of the underlying mongocrypt_t object.


  





  
Returns:


    
  
  • 
    (nil)
    

    Always nil.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1744



def self.check_status(handle)
  unless yield
    status = Status.new

    mongocrypt_status(handle.ref, status.ref)
    status.raise_crypt_error
  end
end


  








  

    .crypt_shared_lib_version(handle)  ⇒ Integer 
  



  

    

Obtain a 64-bit constant encoding the version of the loaded crypt_shared library, if available.



The version is encoded as four 16-bit numbers, from high to low:


  • 

    Major version
    

  • 

    Minor version
    

  • 

    Revision
    

  • 

    Reserved
    




For example, version 6.2.1 would be encoded as: 0x0006’0002’0001’0000


  





  
Parameters:



Returns:


    
  
  • 
    (Integer)
    

    A 64-bit encoded version number, with the version encoded as four sixteen-bit integers, or zero if no crypt_shared library was loaded.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1550



def self.crypt_shared_lib_version(handle)
  mongocrypt_crypt_shared_lib_version(handle.ref)
end


  








  

    .ctx_datakey_init(context)  
  



  

    

Initialize the Context to create a data key


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 617



def self.ctx_datakey_init(context)
  check_ctx_status(context) do
    mongocrypt_ctx_datakey_init(context.ctx_p)
  end
end


  








  

    .ctx_decrypt_init(context, command)  
  



  

    

Initialize the Context for auto-decryption


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 778



def self.ctx_decrypt_init(context, command)
  validate_document(command)
  data = command.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_decrypt_init(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_encrypt_init(context, db_name, command)  
  



  

    

Initialize the Context for auto-encryption


  





  
Parameters:


    
  
  • 
    context
    (Mongo::Crypt::Context)
  
    • 
  
  • 
    db_name
    (String)
    

    The name of the database against which the encrypted command is being performed
    

    
  
    • 
  
  • 
    command
    (Hash)
    

    The command to be encrypted
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 684



def self.ctx_encrypt_init(context, db_name, command)
  validate_document(command)
  data = command.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_encrypt_init(context.ctx_p, db_name, -1, data_p)
    end
  end
end


  








  

    .ctx_explicit_decrypt_init(context, doc)  
  



  

    

Initialize the Context for explicit decryption


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 808



def self.ctx_explicit_decrypt_init(context, doc)
  validate_document(doc)
  data = doc.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_explicit_decrypt_init(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_explicit_encrypt_expression_init(context, doc)  
  



  

    

Initialize the Context for explicit expression encryption.


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 752



def self.ctx_explicit_encrypt_expression_init(context, doc)
  validate_document(doc)
  data = doc.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_explicit_encrypt_expression_init(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_explicit_encrypt_init(context, doc)  
  



  

    

Initialize the Context for explicit encryption


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 718



def self.ctx_explicit_encrypt_init(context, doc)
  validate_document(doc)
  data = doc.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_explicit_encrypt_init(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_finalize(context)  
  



  

    

Finalize the state machine represented by the Context


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1145



def self.ctx_finalize(context)
  binary = Binary.new

  check_ctx_status(context) do
    mongocrypt_ctx_finalize(context.ctx_p, binary.ref)
  end

  # TODO since the binary references a C pointer, and ByteBuffer is
  # written in C in MRI, we could omit a copy of the data by making
  # ByteBuffer reference the string that is owned by libmongocrypt.
  BSON::Document.from_bson(BSON::ByteBuffer.new(binary.to_s), mode: :bson)
end


  








  

    .ctx_kms_done(context)  
  



  

    

Indicate to libmongocrypt that it will receive no more KMS replies.


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1122



def self.ctx_kms_done(context)
  check_ctx_status(context) do
    mongocrypt_ctx_kms_done(context.ctx_p)
  end
end


  








  

    .ctx_mongo_feed(context, doc)  
  



  

    

Feed a response from the driver back to libmongocrypt


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 889



def self.ctx_mongo_feed(context, doc)
  validate_document(doc)
  data = doc.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_mongo_feed(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_mongo_op(context)  ⇒ BSON::Document 
  



  

    

Returns a BSON::Document representing an operation that the driver must perform on behalf of libmongocrypt to get the information it needs in order to continue with encryption/decryption (for example, a filter for a key vault query).


  





  
Parameters:



Returns:


    
  
  • 
    (BSON::Document)
    

    The operation that the driver must perform
    

    
  
    • 



Raises:


    
  
  • 
    (Mongo::Crypt)
    

    If there is an error getting the operation
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 860



def self.ctx_mongo_op(context)
  binary = Binary.new

  check_ctx_status(context) do
    mongocrypt_ctx_mongo_op(context.ctx_p, binary.ref)
  end

  # TODO since the binary references a C pointer, and ByteBuffer is
  # written in C in MRI, we could omit a copy of the data by making
  # ByteBuffer reference the string that is owned by libmongocrypt.
  BSON::Document.from_bson(BSON::ByteBuffer.new(binary.to_s), mode: :bson)
end


  








  

    .ctx_next_kms_ctx(context)  ⇒ Mongo::Crypt::KmsContext | nil 
  



  

    

Return a new KmsContext object needed by a Context object.


  





  
Parameters:



Returns:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 921



def self.ctx_next_kms_ctx(context)
  kms_ctx_p = mongocrypt_ctx_next_kms_ctx(context.ctx_p)

  if kms_ctx_p.null?
    nil
  else
    KmsContext.new(kms_ctx_p)
  end
end


  








  

    .ctx_provide_kms_providers(context, kms_providers)  
  



  

    

Call in response to the MONGOCRYPT_CTX_NEED_KMS_CREDENTIALS state to set per-context KMS provider settings. These follow the same format as ‘mongocrypt_setopt_kms_providers“. If no keys are present in the BSON input, the KMS provider settings configured for the mongocrypt_t at initialization are used.


  





  
Parameters:


    
  
  • 
    context
    (Mongo::Crypt::Context)
    

    Encryption context.
    

    
  
    • 
  
  • 
    kms_providers
    (BSON::Document)
    

    BSON document mapping the KMS provider names to credentials.
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1623



def self.ctx_provide_kms_providers(context, kms_providers)
  validate_document(kms_providers)
  data = kms_providers.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_provide_kms_providers(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_rewrap_many_datakey_init(context, filter)  ⇒ Boolean 
  



  

    

Initialize a context to rewrap datakeys.


  





  
Parameters:


    
  
  • 
    context
    (Mongo::Crypt::Context)
  
    • 
  
  • 
    filter
    (BSON::Document)
    

    BSON Document that represents filter to use for the find command on the key vault collection to retrieve datakeys to rewrap.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the initialization was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 648



def self.ctx_rewrap_many_datakey_init(context, filter)
  filter_data = filter.to_bson.to_s
  Binary.wrap_string(filter_data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_rewrap_many_datakey_init(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_setopt_algorithm(context, name)  
  



  

    

Set the algorithm on the context


  





  
Parameters:


    
  
  • 
    context
    (Mongo::Crypt::Context)
  
    • 
  
  • 
    name
    (String)
    

    The algorithm name. Valid values are:
    

    • 

      “AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic”
      

    • 

      “AEAD_AES_256_CBC_HMAC_SHA_512-Random”
      

    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 561



def self.ctx_setopt_algorithm(context, name)
  check_ctx_status(context) do
    mongocrypt_ctx_setopt_algorithm(context.ctx_p, name, -1)
  end
end


  








  

    .ctx_setopt_algorithm_range(context, opts)  
  



  

    
  

    Note:
    


The RangePreview algorithm is experimental only. It is not intended for



  




Set options for explicit encryption with the “rangePreview” algorithm.



public use.


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1730



def self.ctx_setopt_algorithm_range(context, opts)
  validate_document(opts)
  data = opts.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_setopt_algorithm_range(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_setopt_contention_factor(context, factor)  
  



  

    

Set the contention factor used for explicit encryption. The contention factor is only used for indexed FLE 2 encryption.


  





  
Parameters:


    
  
  • 
    context
    (Mongo::Crypt::Context)
    

    Explicit encryption context.
    

    
  
    • 
  
  • 
    factor
    (Integer)
    

    Contention factor used for explicit encryption.
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1693



def self.ctx_setopt_contention_factor(context, factor)
  check_ctx_status(context) do
    mongocrypt_ctx_setopt_contention_factor(context.ctx_p, factor)
  end
end


  








  

    .ctx_setopt_key_alt_names(context, key_alt_names)  
  



  

    

Set multiple alternate key names on data key creation


  





  
Parameters:


    
  
  • 
    context
    (Mongo::Crypt::Context)
    

    A DataKeyContext
    

    
  
    • 
  
  • 
    key_alt_names
    (Array)
    

    An array of alternate key names as strings
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 492



def self.ctx_setopt_key_alt_names(context, key_alt_names)
  key_alt_names.each do |key_alt_name|
    key_alt_name_bson = { :keyAltName => key_alt_name }.to_bson.to_s

    Binary.wrap_string(key_alt_name_bson) do |key_alt_name_p|
      check_ctx_status(context) do
        mongocrypt_ctx_setopt_key_alt_name(context.ctx_p, key_alt_name_p)
      end
    end
  end
end


  








  

    .ctx_setopt_key_encryption_key(context, key_document)  
  



  

    

Set key encryption key document for creating a data key.


  





  
Parameters:


    
  
  • 
    context
    (Mongo::Crypt::Context)
  
    • 
  
  • 
    key_document
    (BSON::Document)
    

    BSON document representing the key encryption key document with an additional “provider” field.
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 590



def self.ctx_setopt_key_encryption_key(context, key_document)
  validate_document(key_document)
  data = key_document.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_setopt_key_encryption_key(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_setopt_key_id(context, key_id)  
  



  

    

Sets the key id option on an explicit encryption context.


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 459



def self.ctx_setopt_key_id(context, key_id)
  Binary.wrap_string(key_id) do |key_id_p|
    check_ctx_status(context) do
      mongocrypt_ctx_setopt_key_id(context.ctx_p, key_id_p)
    end
  end
end


  








  

    .ctx_setopt_key_material(context, key_material)  
  



  

    

Set set a custom key material to use for



encrypting data.


  





  
Parameters:


    
  
  • 
    context
    (Mongo::Crypt::Context)
    

    A DataKeyContext
    

    
  
    • 
  
  • 
    key_material
    (BSON::Binary)
    

    96 bytes of custom key material
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 527



def self.ctx_setopt_key_material(context, key_material)
  data = {'keyMaterial' => key_material}.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_ctx_status(context) do
      mongocrypt_ctx_setopt_key_material(context.ctx_p, data_p)
    end
  end
end


  








  

    .ctx_setopt_query_type(context, query_type)  
  



  

    

Set the query type to use for FLE 2 explicit encryption. The query type is only used for indexed FLE 2 encryption.


  





  
Parameters:


    
  
  • 
    context
    (Mongo::Crypt::Context)
    

    Explicit encryption context.
    

    
  
    • 
  
  • 
    :mongocrypt_query_type
    (String)
    

    query_type Type of the query.
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1661



def self.ctx_setopt_query_type(context, query_type)
  check_ctx_status(context) do
    mongocrypt_ctx_setopt_query_type(context.ctx_p, query_type, -1)
  end
end


  








  

    .init(handle)  
  



  

    

Initialize the Mongo::Crypt::Handle object


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 399



def self.init(handle)
  check_status(handle) do
    mongocrypt_init(handle.ref)
  end
end


  








  

    .kms_ctx_bytes_needed(kms_context)  ⇒ Integer 
  



  

    

Get the number of bytes needed by the KmsContext.


  





  
Parameters:



Returns:


    
  
  • 
    (Integer)
    

    The number of bytes needed
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1055



def self.kms_ctx_bytes_needed(kms_context)
  mongocrypt_kms_ctx_bytes_needed(kms_context.kms_ctx_p)
end


  








  

    .kms_ctx_endpoint(kms_context)  ⇒ String | nil 
  



  

    

Get the hostname with which to connect over TLS to get information about the AWS master key.


  





  
Parameters:



Returns:


    
  
  • 
    (String | nil)
    

    The hostname, or nil if none exists
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1031



def self.kms_ctx_endpoint(kms_context)
  ptr = FFI::MemoryPointer.new(:pointer, 1)

  check_kms_ctx_status(kms_context) do
    mongocrypt_kms_ctx_endpoint(kms_context.kms_ctx_p, ptr)
  end

  str_ptr = ptr.read_pointer
  str_ptr.null? ? nil : str_ptr.read_string.force_encoding('UTF-8')
end


  








  

    .kms_ctx_feed(kms_context, bytes)  
  



  

    

Feed replies from the KMS back to libmongocrypt.


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1075



def self.kms_ctx_feed(kms_context, bytes)
  check_kms_ctx_status(kms_context) do
    Binary.wrap_string(bytes) do |bytes_p|
      mongocrypt_kms_ctx_feed(kms_context.kms_ctx_p, bytes_p)
    end
  end
end


  








  

    .kms_ctx_get_kms_provider(kms_context)  
  



  

    

Get the KMS provider identifier associated with this KMS request.



This is used to conditionally configure TLS connections based on the KMS request. It is useful for KMIP, which authenticates with a client certificate.


  





  
Parameters:


    
  
  • 
    kms
    (FFI::Pointer)
    

    Pointer mongocrypt_kms_ctx_t object.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 962



def self.kms_ctx_get_kms_provider(kms_context)
  len_ptr = FFI::MemoryPointer.new(:uint32, 1)
  provider = mongocrypt_kms_ctx_get_kms_provider(
    kms_context.kms_ctx_p,
    len_ptr
  )
  if len_ptr.nil?
    nil
  else
    len = if BSON::Environment.jruby?
      # JRuby FFI implementation does not have `read(type)` method, but it
      # has this `get_uint32`.
      len_ptr.get_uint32
    else
      # For MRI we use a documented `read` method - https://www.rubydoc.info/github/ffi/ffi/FFI%2FPointer:read
      len_ptr.read(:uint32)
    end
    provider.read_string(len).to_sym
  end
end


  








  

    .kms_ctx_message(kms_context)  ⇒ String 
  



  

    

Get the HTTP message needed to fetch the AWS KMS master key from a KmsContext object.


  





  
Parameters:



Returns:


    
  
  • 
    (String)
    

    The HTTP message
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1002



def self.kms_ctx_message(kms_context)
  binary = Binary.new

  check_kms_ctx_status(kms_context) do
    mongocrypt_kms_ctx_message(kms_context.kms_ctx_p, binary.ref)
  end

  return binary.to_s
end


  








  

    .mongocrypt_binary_data(binary)  ⇒ FFI::Pointer 
  



  

    

Get the pointer to the underlying data for the mongocrypt_binary_t.


  





  
Parameters:


    
  
  • 
    binary
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (FFI::Pointer)
    

    A pointer to the data array.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 171



attach_function :mongocrypt_binary_data, [:pointer], :pointer


  








  

    .mongocrypt_binary_destroy(binary)  ⇒ nil 
  



  

    

Destroy the mongocrypt_binary_t object.


  





  
Parameters:


    
  
  • 
    binary
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (nil)
    

    Always nil.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 187



attach_function :mongocrypt_binary_destroy, [:pointer], :void


  








  

    .mongocrypt_binary_len(binary)  ⇒ Integer 
  



  

    

Get the length of the underlying data array.


  





  
Parameters:


    
  
  • 
    binary
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (Integer)
    

    The length of the data array.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 179



attach_function :mongocrypt_binary_len, [:pointer], :int


  








  

    .mongocrypt_binary_newFFI::Pointer 
  



  

    

Creates a new mongocrypt_binary_t object (a non-owning view of a byte



array).


  





  
Returns:


    
  
  • 
    (FFI::Pointer)
    

    A pointer to the newly-created mongocrypt_binary_t object.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 147



attach_function :mongocrypt_binary_new, [], :pointer


  








  

    .mongocrypt_binary_new_from_data(data, len)  ⇒ FFI::Pointer 
  



  

    

Create a new mongocrypt_binary_t object that maintains a pointer to



the specified byte array.


  





  
Parameters:


    
  
  • 
    data
    (FFI::Pointer)
    

    A pointer to an array of bytes; the data is not copied and must outlive the mongocrypt_binary_t object.
    

    
  
    • 
  
  • 
    len
    (Integer)
    

    The length of the array argument.
    

    
  
    • 



Returns:


    
  
  • 
    (FFI::Pointer)
    

    A pointer to the newly-created mongocrypt_binary_t object.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 159



attach_function(
  :mongocrypt_binary_new_from_data,
  [:pointer, :int],
  :pointer
)


  








  

    .mongocrypt_crypt_shared_lib_version(crypt)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1528



attach_function(
  :mongocrypt_crypt_shared_lib_version,
  [ :pointer ],
  :uint64
)


  








  

    .mongocrypt_ctx_datakey_init(ctx, filter)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 610



attach_function :mongocrypt_ctx_datakey_init, [:pointer], :bool


  








  

    .mongocrypt_ctx_decrypt_init(ctx, doc)  ⇒ Boolean 
  



  

    

Initializes the ctx for auto-decryption.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    doc
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the document to be decrypted as a BSON binary string.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the initialization was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 770



attach_function :mongocrypt_ctx_decrypt_init, [:pointer, :pointer], :bool


  








  

    .mongocrypt_ctx_destroy(ctx)  ⇒ nil 
  



  

    

Destroy the reference to the mongocrypt_ctx_t object.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (nil)
    

    Always nil.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1164



attach_function :mongocrypt_ctx_destroy, [:pointer], :void


  








  

    .mongocrypt_ctx_encrypt_init(ctx, db, db_len, cmd)  ⇒ Boolean 
  



  

    
  

    Note:
    


This method expects the passed-in BSON to be in the format: { “v”: BSON value to decrypt }.



  




Initializes the ctx for auto-encryption.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    db
    (String)
    

    The database name.
    

    
  
    • 
  
  • 
    db_len
    (Integer)
    

    The length of the database name argument (or -1 for a null-terminated string).
    

    
  
    • 
  
  • 
    cmd
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the database command as a binary string.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the initialization was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 670



attach_function(
  :mongocrypt_ctx_encrypt_init,
  [:pointer, :string, :int, :pointer],
  :bool
)


  








  

    .mongocrypt_ctx_explicit_decrypt_init(ctx, msg)  ⇒ Boolean 
  



  

    

Initializes the ctx for explicit decryption.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    msg
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the message to be decrypted as a BSON binary string.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the initialization was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 796



attach_function(
  :mongocrypt_ctx_explicit_decrypt_init,
  [:pointer, :pointer],
  :bool
)


  








  

    .mongocrypt_ctx_explicit_encrypt_init(ctx, msg)  ⇒ Boolean 
  



  

    
  

    Note:
    


Before calling this method, set a key_id, key_alt_name (optional), and encryption algorithm using the following methods: mongocrypt_ctx_setopt_key_id, mongocrypt_ctx_setopt_key_alt_name, and mongocrypt_ctx_setopt_algorithm.



  




Initializes the ctx for explicit expression encryption.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    msg
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the message to be encrypted as a binary string.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the initialization was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 706



attach_function(
  :mongocrypt_ctx_explicit_encrypt_init,
  [:pointer, :pointer],
  :bool
)


  








  

    .mongocrypt_ctx_finalize(ctx, op_bson)  ⇒ Boolean 
  



  

    

Perform the final encryption or decryption and return a BSON document.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    op_bson
    (FFI::Pointer)
    

    (out param) A pointer to a mongocrypt_binary_t object that will have a reference to the final encrypted BSON document.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    A boolean indicating the success of the operation.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1137



attach_function :mongocrypt_ctx_finalize, [:pointer, :pointer], :void


  








  

    .mongocrypt_ctx_mongo_done(ctx)  ⇒ Boolean 
  



  

    

Indicate to libmongocrypt that the driver is done feeding replies.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    A boolean indicating the success of the operation.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 905



attach_function :mongocrypt_ctx_mongo_done, [:pointer], :bool


  








  

    .mongocrypt_ctx_mongo_feed(ctx, reply)  ⇒ Boolean 
  



  

    

Feed a BSON reply to libmongocrypt.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    reply
    (FFI::Pointer)
    

    A mongocrypt_binary_t object that references the BSON reply to feed to libmongocrypt.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    A boolean indicating the success of the operation.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 881



attach_function :mongocrypt_ctx_mongo_feed, [:pointer, :pointer], :bool


  








  

    .mongocrypt_ctx_mongo_next_kms_ctx(ctx)  ⇒ FFI::Pointer 
  



  

    

Return a pointer to a mongocrypt_kms_ctx_t object or NULL.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (FFI::Pointer)
    

    A pointer to a mongocrypt_kms_ctx_t object.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 913



attach_function :mongocrypt_ctx_next_kms_ctx, [:pointer], :pointer


  








  

    .mongocrypt_ctx_mongo_op(ctx, op_bson)  ⇒ Boolean 
  



  

    

Get a BSON operation for the driver to run against the MongoDB



collection, the key vault database, or mongocryptd.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    op_bson
    (FFI::Pointer)
    

    (out param) A pointer to a mongocrypt_binary_t object that will have a reference to the BSON operation written to it by libmongocrypt.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    A boolean indicating the success of the operation.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 849



attach_function :mongocrypt_ctx_mongo_op, [:pointer, :pointer], :bool


  








  

    .mongocrypt_ctx_new(crypt)  ⇒ FFI::Pointer 
  



  

    

Create a new mongocrypt_ctx_t object (a wrapper for the libmongocrypt



state machine).


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (FFI::Pointer)
    

    A new mongocrypt_ctx_t object.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 430



attach_function :mongocrypt_ctx_new, [:pointer], :pointer


  








  

    .mongocrypt_ctx_provide_kms_providers(ctx, kms_providers)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1606



attach_function(
  :mongocrypt_ctx_provide_kms_providers,
  [ :pointer, :pointer ],
  :bool
)


  








  

    .mongocrypt_ctx_setopt_algorithm(ctx, algorithm, len)  ⇒ Boolean 
  



  

    
  

    Note:
    


Do not initialize ctx before calling this method.



  




Set the algorithm used for explicit encryption.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    algorithm
    (String)
    

    The algorithm name. Valid values are:
    

    • 

      “AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic”
      

    • 

      “AEAD_AES_256_CBC_HMAC_SHA_512-Random”
      

    

    
  
    • 
  
  • 
    len
    (Integer)
    

    The length of the algorithm string.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the option was successfully set.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 547



attach_function(
  :mongocrypt_ctx_setopt_algorithm,
  [:pointer, :string, :int],
  :bool
)


  








  

    .mongocrypt_ctx_setopt_algorithm_range(ctx, opts)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1712



attach_function(
  :mongocrypt_ctx_setopt_algorithm_range,
  [
    :pointer,
    :pointer
  ],
  :bool
)


  








  

    .mongocrypt_ctx_setopt_contention_factor(ctx, contention_factor)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1677



attach_function(
  :mongocrypt_ctx_setopt_contention_factor,
  [
    :pointer,
    :int64
  ],
  :bool
)


  








  

    .mongocrypt_ctx_setopt_key_alt_name(ctx, binary)  ⇒ Boolean 
  



  

    
  

    Note:
    


Do not initialize ctx before calling this method.



  




When creating a data key, set an alternate name on that key. When



performing explicit encryption, specifying which data key to use for
encryption based on its keyAltName field.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    binary
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references a BSON document in the format { “keyAltName”: <BSON UTF8 value> }.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the alternative name was successfully set.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 479



attach_function(
  :mongocrypt_ctx_setopt_key_alt_name,
  [:pointer, :pointer],
  :bool
)


  








  

    .mongocrypt_ctx_setopt_key_encryption_key(ctx)  ⇒ Boolean 
  



  

    
  

    Note:
    


Do not initialize ctx before calling this method.



  




Set key encryption key document for creating a data key.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    bin
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references a BSON document representing the key encryption key document with an additional “provider” field.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the option was successfully set.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 577



attach_function(
  :mongocrypt_ctx_setopt_key_encryption_key,
  [:pointer, :pointer],
  :bool
)


  








  

    .mongocrypt_ctx_setopt_key_id(ctx, key_id)  ⇒ Boolean 
  



  

    
  

    Note:
    


Do not initialize ctx before calling this method.



  




Set the key id used for explicit encryption.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    key_id
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the 16-byte key-id.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the option was successfully set.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 451



attach_function :mongocrypt_ctx_setopt_key_id, [:pointer, :pointer], :bool


  








  

    .mongocrypt_ctx_setopt_key_material(ctx, binary)  ⇒ Boolean 
  



  

    
  

    Note:
    


Do not initialize ctx before calling this method.



  




When creating a data key, set a custom key material to use for



encrypting data.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    binary
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the data encryption key to use.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the custom key material was successfully set.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 514



attach_function(
  :mongocrypt_ctx_setopt_key_material,
  [:pointer, :pointer],
  :bool
)


  








  

    .mongocrypt_ctx_setopt_query_type(ctx, mongocrypt_query_type)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1644



attach_function(
  :mongocrypt_ctx_setopt_query_type,
  [
    :pointer,
    :string,
    :int
  ],
  :bool
)


  








  

    .mongocrypt_ctx_state(ctx)  ⇒ Symbol 
  



  

    

Get the current state of the ctx.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (Symbol)
    

    The current state, will be one of the values defined by the mongocrypt_ctx_state enum.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 837



attach_function :mongocrypt_ctx_state, [:pointer], :mongocrypt_ctx_state


  








  

    .mongocrypt_ctx_status(ctx, status)  ⇒ Boolean 
  



  

    

Set the status information from the mongocrypt_ctx_t object on the



mongocrypt_status_t object.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the status was successfully set.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 440



attach_function :mongocrypt_ctx_status, [:pointer, :pointer], :bool


  








  

    .mongocrypt_destroy(crypt)  ⇒ nil 
  



  

    

Destroy the reference the mongocrypt_t object.


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (nil)
    

    Always nil.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 421



attach_function :mongocrypt_destroy, [:pointer], :void


  








  

    .mongocrypt_init(crypt)  ⇒ Boolean 
  



  

    

Initialize the mongocrypt_t object.


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Returns whether the crypt was initialized successfully.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 392



attach_function :mongocrypt_init, [:pointer], :bool


  








  

    .mongocrypt_kms_ctx_bytes_needed(kms)  ⇒ Integer 
  



  

    

Get the number of bytes needed by the KMS context.


  





  
Parameters:


    
  
  • 
    kms
    (FFI::Pointer)
    

    The mongocrypt_kms_ctx_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (Integer)
    

    The number of bytes needed.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1048



attach_function :mongocrypt_kms_ctx_bytes_needed, [:pointer], :int


  








  

    .mongocrypt_kms_ctx_done(ctx)  ⇒ Boolean 
  



  

    

Indicate to libmongocrypt that it will receive no more replies from



mongocrypt_kms_ctx_t objects.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer)
    

    A pointer to a mongocrypt_ctx_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the operation was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1115



attach_function :mongocrypt_ctx_kms_done, [:pointer], :bool


  








  

    .mongocrypt_kms_ctx_endpoint(kms, endpoint)  ⇒ Boolean 
  



  

    

Get the hostname with which to connect over TLS to get information about



the AWS master key.


  





  
Parameters:


    
  
  • 
    kms
    (FFI::Pointer)
    

    A pointer to a mongocrypt_kms_ctx_t object.
    

    
  
    • 
  
  • 
    endpoint
    (FFI::Pointer)
    

    (out param) A pointer to which the endpoint string will be written by libmongocrypt.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the operation was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1021



attach_function :mongocrypt_kms_ctx_endpoint, [:pointer, :pointer], :bool


  








  

    .mongocrypt_kms_ctx_feed(kms, bytes)  ⇒ Boolean 
  



  

    

Feed replies from the KMS back to libmongocrypt.


  





  
Parameters:


    
  
  • 
    kms
    (FFI::Pointer)
    

    A pointer to the mongocrypt_kms_ctx_t object.
    

    
  
    • 
  
  • 
    bytes
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the response from the KMS.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the operation was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1067



attach_function :mongocrypt_kms_ctx_feed, [:pointer, :pointer], :bool


  








  

    .mongocrypt_kms_ctx_get_kms_provider(crypt, kms_providers)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 947



attach_function(
  :mongocrypt_kms_ctx_get_kms_provider,
  [:pointer, :pointer],
  :pointer
)


  








  

    .mongocrypt_kms_ctx_message(kms, msg)  ⇒ Boolean 
  



  

    

Get the message needed to fetch the AWS KMS master key.


  





  
Parameters:


    
  
  • 
    kms
    (FFI::Pointer)
    

    Pointer to the mongocrypt_kms_ctx_t object
    

    
  
    • 
  
  • 
    msg
    (FFI::Pointer)
    

    (outparam) Pointer to a mongocrypt_binary_t object that will have the location of the message written to it by libmongocrypt.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the operation is successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 992



attach_function :mongocrypt_kms_ctx_message, [:pointer, :pointer], :bool


  








  

    .mongocrypt_kms_ctx_status(kms, status)  ⇒ Boolean 
  



  

    

Write status information about the mongocrypt_kms_ctx_t object



to the mongocrypt_status_t object.


  





  
Parameters:


    
  
  • 
    kms
    (FFI::Pointer)
    

    A pointer to the mongocrypt_kms_ctx_t object.
    

    
  
    • 
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the operation was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1091



attach_function :mongocrypt_kms_ctx_status, [:pointer, :pointer], :bool


  








  

    .mongocrypt_setopt_aes_256_ctr(crypt, aes_256_ctr_encrypt, aes_256_ctr_decrypt, ctx)  ⇒ Boolean 
  



  

    

Set a crypto hook for the AES256-CTR operations.


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 
  
  • 
    aes_enc_fn
    (Proc)
    

    An AES-CTR encryption method.
    

    
  
    • 
  
  • 
    aes_dec_fn
    (Proc)
    

    An AES-CTR decryption method.
    

    
  
    • 
  
  • 
    ctx
    (FFI::Pointer | nil)
    

    An optional pointer to a context object that may have been set when hooks were enabled.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether setting this option succeeded.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1423



attach_function(
  :mongocrypt_setopt_aes_256_ctr,
  [
    :pointer,
    :mongocrypt_crypto_fn,
    :mongocrypt_crypto_fn,
    :pointer
  ],
  :bool
)


  








  

    .mongocrypt_setopt_append_crypt_shared_lib_search_path(crypt, path)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1461



attach_function(
  :mongocrypt_setopt_append_crypt_shared_lib_search_path,
  [
    :pointer,
    :string,
  ],
  :void
)


  








  

    .mongocrypt_setopt_bypass_query_analysis(crypt)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1399



attach_function(:mongocrypt_setopt_bypass_query_analysis, [:pointer], :void)


  








  

    .mongocrypt_setopt_crypto_hook_sign_rsaes_pkcs1_v1_5(crypt, sign_rsaes_pkcs1_v1_5, ctx = nil)  ⇒ Boolean 
  



  

    

Set a crypto hook for the RSASSA-PKCS1-v1_5 algorithm with a SHA-256 hash.


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 
  
  • 
    sign_rsaes_pkcs1_v1_5
    (Proc)
    

    A RSASSA-PKCS1-v1_5 signing method.
    

    
  
    • 
  
  • 
    ctx
    (FFI::Pointer | nil)
    (defaults to: nil)
    

    An optional pointer to a context object that may have been set when hooks were enabled.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether setting this option succeeded.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1316



attach_function(
  :mongocrypt_setopt_crypto_hook_sign_rsaes_pkcs1_v1_5,
  [
    :pointer,
    :mongocrypt_hmac_fn,
    :pointer
  ],
  :bool
)


  








  

    .mongocrypt_setopt_crypto_hooks(crypt, aes_enc_fn, aes_dec_fn, random_fn, sha_512_fn, sha_256_fn, hash_fn, ctx = nil)  ⇒ Boolean 
  



  

    

Set crypto hooks on the provided mongocrypt object.


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 
  
  • 
    aes_enc_fn
    (Proc)
    

    An AES encryption method.
    

    
  
    • 
  
  • 
    aes_dec_fn
    (Proc)
    

    An AES decryption method.
    

    
  
    • 
  
  • 
    random_fn
    (Proc)
    

    A random method.
    

    
  
    • 
  
  • 
    sha_512_fn
    (Proc)
    

    A HMAC SHA-512 method.
    

    
  
    • 
  
  • 
    sha_256_fn
    (Proc)
    

    A HMAC SHA-256 method.
    

    
  
    • 
  
  • 
    hash_fn
    (Proc)
    

    A SHA-256 hash method.
    

    
  
    • 
  
  • 
    ctx
    (FFI::Pointer | nil)
    (defaults to: nil)
    

    An optional pointer to a context object that may have been set when hooks were enabled.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether setting this option succeeded.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1269



attach_function(
  :mongocrypt_setopt_crypto_hooks,
  [
    :pointer,
    :mongocrypt_crypto_fn,
    :mongocrypt_crypto_fn,
    :mongocrypt_random_fn,
    :mongocrypt_hmac_fn,
    :mongocrypt_hmac_fn,
    :mongocrypt_hash_fn,
    :pointer
  ],
  :bool
)


  








  

    .mongocrypt_setopt_encrypted_field_config_map(crypt, efc_map)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1358



attach_function(
  :mongocrypt_setopt_encrypted_field_config_map,
  [
    :pointer,
    :pointer
  ],
  :bool
)


  








  

    .mongocrypt_setopt_kms_providers(crypt, kms_providers)  
  



  

    
  

    Note:
    


Do not initialize ctx before calling this method.



  




Configure KMS providers with a BSON document.


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 
  
  • 
    kms_providers
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references a BSON document mapping the KMS provider names to credentials.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 336



attach_function(
  :mongocrypt_setopt_kms_providers,
  [:pointer, :pointer],
  :bool
)


  








  

    .mongocrypt_setopt_log_handler(crypt, log_fn, log_ctx = nil)  ⇒ Boolean 
  



  

    

Set the handler on the mongocrypt_t object to be called every time



libmongocrypt logs a message.


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 
  
  • 
    log_fn
    (Method)
    

    A logging callback method.
    

    
  
    • 
  
  • 
    log_ctx
    (FFI::Pointer | nil)
    (defaults to: nil)
    

    An optional pointer to a context to be passed into the log callback on every invocation.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether setting the callback was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 307



attach_function(
  :mongocrypt_setopt_log_handler,
  [:pointer, :mongocrypt_log_fn_t, :pointer],
  :bool
)


  








  

    .mongocrypt_setopt_schema_map(crypt, schema_map)  ⇒ Boolean 
  



  

    

Sets a local schema map for encryption.


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 
  
  • 
    schema_map
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t. object that references the schema map as a BSON binary string.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Returns whether the option was set successfully.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 367



attach_function :mongocrypt_setopt_schema_map, [:pointer, :pointer], :bool


  








  

    .mongocrypt_setopt_set_crypt_shared_lib_path_override(crypt, path)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1490



attach_function(
  :mongocrypt_setopt_set_crypt_shared_lib_path_override,
  [
    :pointer,
    :string,
  ],
  :void
)


  








  

    .mongocrypt_setopt_use_need_kms_credentials_state(crypt)  
  

  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1569



attach_function(
  :mongocrypt_setopt_use_need_kms_credentials_state,
  [ :pointer ],
  :void
)


  








  

    .mongocrypt_status(crypt, status)  ⇒ Boolean 
  



  

    

Set the status information from the mongocrypt_t object on the



mongocrypt_status_t object.


  





  
Parameters:


    
  
  • 
    crypt
    (FFI::Pointer)
    

    A pointer to a mongocrypt_t object.
    

    
  
    • 
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t object.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the status was successfully set.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 413



attach_function :mongocrypt_status, [:pointer, :pointer], :bool


  








  

    .mongocrypt_status_code(status)  ⇒ Integer 
  



  

    

Return the status error code.


  





  
Parameters:


    
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t.
    

    
  
    • 



Returns:


    
  
  • 
    (Integer)
    

    The status code.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 235



attach_function :mongocrypt_status_code, [:pointer], :int


  








  

    .mongocrypt_status_destroy(status)  ⇒ nil 
  



  

    

Destroys the reference to the mongocrypt_status_t object.


  





  
Parameters:


    
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t.
    

    
  
    • 



Returns:


    
  
  • 
    (nil)
    

    Always nil.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 261



attach_function :mongocrypt_status_destroy, [:pointer], :void


  








  

    .mongocrypt_status_message(status, len = nil)  ⇒ String 
  



  

    

Returns the status message.


  





  
Parameters:


    
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t.
    

    
  
    • 
  
  • 
    len
    (FFI::Pointer | nil)
    (defaults to: nil)
    

    (out param) An optional pointer to a uint32, where the length of the retun string will be written.
    

    
  
    • 



Returns:


    
  
  • 
    (String)
    

    The status message.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 245



attach_function :mongocrypt_status_message, [:pointer, :pointer], :string


  








  

    .mongocrypt_status_newFFI::Pointer 
  



  

    

Create a new mongocrypt_status_t object.


  





  
Returns:


    
  
  • 
    (FFI::Pointer)
    

    A pointer to the new mongocrypt_status_ts.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 201



attach_function :mongocrypt_status_new, [], :pointer


  








  

    .mongocrypt_status_ok(status)  ⇒ Boolean 
  



  

    

Returns whether the status is ok or an error.


  





  
Parameters:


    
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t.
    

    
  
    • 



Returns:


    
  
  • 
    (Boolean)
    

    Whether the status is ok.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 253



attach_function :mongocrypt_status_ok, [:pointer], :bool


  








  

    .mongocrypt_status_set(status, type, code, message, len)  ⇒ nil 
  



  

    

Set a message, type, and code on an existing status.


  





  
Parameters:


    
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t.
    

    
  
    • 
  
  • 
    type
    (Symbol)
    

    The status type; possible values are defined by the status_type enum.
    

    
  
    • 
  
  • 
    code
    (Integer)
    

    The status code.
    

    
  
    • 
  
  • 
    message
    (String)
    

    The status message.
    

    
  
    • 
  
  • 
    len
    (Integer)
    

    The length of the message argument (or -1 for a null-terminated string).
    

    
  
    • 



Returns:


    
  
  • 
    (nil)
    

    Always nil.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 215



attach_function(
  :mongocrypt_status_set,
  [:pointer, :status_type, :int, :string, :int],
  :void
)


  








  

    .mongocrypt_status_type(status)  ⇒ Symbol 
  



  

    

Indicates the status type.


  





  
Parameters:


    
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t.
    

    
  
    • 



Returns:


    
  
  • 
    (Symbol)
    

    The status type (as defined by the status_type enum).
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 227



attach_function :mongocrypt_status_type, [:pointer], :status_type


  








  

    .mongocrypt_version(len)  ⇒ String 
  



  

    

Returns the version string of the libmongocrypt library.


  





  
Parameters:


    
  
  • 
    len
    (FFI::Pointer | nil)
    

    (out param) An optional pointer to a uint8 that will reference the length of the returned string.
    

    
  
    • 



Returns:


    
  
  • 
    (String)
    

    A version string for libmongocrypt.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 95



attach_function :mongocrypt_version, [:pointer], :string


  








  

    .ongocrypt_newFFI::Pointer 
  



  

    

Creates a new mongocrypt_t object.


  





  
Returns:


    
  
  • 
    (FFI::Pointer)
    

    A pointer to a new mongocrypt_t object.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 295



attach_function :mongocrypt_new, [], :pointer


  








  

    .parse_version(version)  ⇒ Gem::Version 
  



  

    

Given a string representing a version number, parses it into a Gem::Version object. This handles the case where the string is not in a format supported by Gem::Version by doing some custom parsing.


  





  
Parameters:


    
  
  • 
    version
    (String)
    

    String representing a version number.
    

    
  
    • 



Returns:


    
  
  • 
    (Gem::Version)
    

    the version number
    

    
  
    • 



Raises:


    
  
  • 
    (ArgumentError)
    

    if the string cannot be parsed.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 108



def self.parse_version(version)
  Gem::Version.new(version)
rescue ArgumentError
  match = version.match(/\A(?<major>\d+)\.(?<minor>\d+)\.(?<patch>\d+)?(-[A-Za-z\+\d]+)?\z/)
  raise ArgumentError.new("Malformed version number string #{version}") if match.nil?

  Gem::Version.new(
    [
      match[:major],
      match[:minor],
      match[:patch]
    ].join('.')
  )
end


  








  

    .setopt_aes_256_ctr(handle, aes_ctr_encrypt_cb, aes_ctr_decrypt_cb)  
  



  

    

Set a crypto hook for the AES256-CTR operations.


  





  
Parameters:


    
  
  • 
    handle
    (Mongo::Crypt::Handle)
  
    • 
  
  • 
    aes_encrypt_cb
    (Method)
    

    An AES-CTR encryption method
    

    
  
    • 
  
  • 
    aes_decrypt_cb
    (Method)
    

    A AES-CTR decryption method
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1441



def self.setopt_aes_256_ctr(handle, aes_ctr_encrypt_cb, aes_ctr_decrypt_cb)
  check_status(handle) do
    mongocrypt_setopt_aes_256_ctr(handle.ref,
      aes_ctr_encrypt_cb, aes_ctr_decrypt_cb, nil
    )
  end
end


  








  

    .setopt_append_crypt_shared_lib_search_path(handle, path)  
  



  

    

Append an additional search directory to the search path for loading



the crypt_shared dynamic library.


  





  
Parameters:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1475



def self.setopt_append_crypt_shared_lib_search_path(handle, path)
  check_status(handle) do
    mongocrypt_setopt_append_crypt_shared_lib_search_path(handle.ref, path)
  end
end


  








  

    .setopt_bypass_query_analysis(handle)  
  



  

    

Opt-into skipping query analysis.



If opted in:


  • 

    The csfle shared library will not attempt to be loaded.
    

  • 

    A mongocrypt_ctx_t will never enter the MONGOCRYPT_CTX_NEED_MARKINGS state.
    



  





  
Parameters:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1408



def self.setopt_bypass_query_analysis(handle)
  mongocrypt_setopt_bypass_query_analysis(handle.ref)
end


  








  

    .setopt_crypto_hook_sign_rsaes_pkcs1_v1_5(handle, rsaes_pkcs_signature_cb)  
  



  

    

Set a crypto hook for the RSASSA-PKCS1-v1_5 algorithm with



a SHA-256 hash oh the Handle.


  





  
Parameters:


    
  
  • 
    handle
    (Mongo::Crypt::Handle)
  
    • 
  
  • 
    rsaes_pkcs_signature_cb
    (Method)
    

    A RSASSA-PKCS1-v1_5 signing method.
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1333



def self.setopt_crypto_hook_sign_rsaes_pkcs1_v1_5(
  handle,
  rsaes_pkcs_signature_cb
)
  check_status(handle) do
    mongocrypt_setopt_crypto_hook_sign_rsaes_pkcs1_v1_5(
      handle.ref,
      rsaes_pkcs_signature_cb,
      nil
    )
  end
end


  








  

    .setopt_crypto_hooks(handle, aes_encrypt_cb, aes_decrypt_cb, random_cb, hmac_sha_512_cb, hmac_sha_256_cb, hmac_hash_cb)  
  



  

    

Set crypto callbacks on the Handle


  





  
Parameters:


    
  
  • 
    handle
    (Mongo::Crypt::Handle)
  
    • 
  
  • 
    aes_encrypt_cb
    (Method)
    

    An AES encryption method
    

    
  
    • 
  
  • 
    aes_decrypt_cb
    (Method)
    

    A AES decryption method
    

    
  
    • 
  
  • 
    random_cb
    (Method)
    

    A method that returns a string of random bytes
    

    
  
    • 
  
  • 
    hmac_sha_512_cb
    (Method)
    

    A HMAC SHA-512 method
    

    
  
    • 
  
  • 
    hmac_sha_256_cb
    (Method)
    

    A HMAC SHA-256 method
    

    
  
    • 
  
  • 
    hmac_hash_cb
    (Method)
    

    A SHA-256 hash method
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1295



def self.setopt_crypto_hooks(handle,
  aes_encrypt_cb, aes_decrypt_cb, random_cb,
  hmac_sha_512_cb, hmac_sha_256_cb, hmac_hash_cb
)
  check_status(handle) do
    mongocrypt_setopt_crypto_hooks(handle.ref,
      aes_encrypt_cb, aes_decrypt_cb, random_cb,
      hmac_sha_512_cb, hmac_sha_256_cb, hmac_hash_cb, nil
    )
  end
end


  








  

    .setopt_encrypted_field_config_map(handle, efc_map)  
  



  

    

Set a local EncryptedFieldConfigMap for encryption.


  





  
Parameters:


    
  
  • 
    handle
    (Mongo::Crypt::Handle)
  
    • 
  
  • 
    efc_map
    (BSON::Document)
    

    A BSON document representing the EncryptedFieldConfigMap supplied by the user. The keys are collection namespaces and values are EncryptedFieldConfigMap documents.
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1376



def self.setopt_encrypted_field_config_map(handle, efc_map)
  validate_document(efc_map)
  data = efc_map.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_status(handle) do
      mongocrypt_setopt_encrypted_field_config_map(
        handle.ref,
        data_p
      )
    end
  end
end


  








  

    .setopt_kms_providers(handle, kms_providers)  
  



  

    

Set KMS providers options on the Mongo::Crypt::Handle object


  





  
Parameters:


    
  
  • 
    handle
    (Mongo::Crypt::Handle)
  
    • 
  
  • 
    kms_providers
    (BSON::Document)
    

    BSON document mapping the KMS provider names to credentials.
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 349



def self.setopt_kms_providers(handle, kms_providers)
  validate_document(kms_providers)
  data = kms_providers.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_status(handle) do
      mongocrypt_setopt_kms_providers(handle.ref, data_p)
    end
  end
end


  








  

    .setopt_log_handler(handle, log_callback)  
  



  

    

Set the logger callback function on the Mongo::Crypt::Handle object


  





  
Parameters:



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 319



def self.setopt_log_handler(handle, log_callback)
  check_status(handle) do
    mongocrypt_setopt_log_handler(handle, log_callback, nil)
  end
end


  








  

    .setopt_schema_map(handle, schema_map_doc)  
  



  

    

Set schema map on the Mongo::Crypt::Handle object


  





  
Parameters:


    
  
  • 
    handle
    (Mongo::Crypt::Handle)
  
    • 
  
  • 
    schema_map_doc
    (BSON::Document)
    

    The schema map as a BSON::Document object
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 376



def self.setopt_schema_map(handle, schema_map_doc)
  validate_document(schema_map_doc)
  data = schema_map_doc.to_bson.to_s
  Binary.wrap_string(data) do |data_p|
    check_status(handle) do
      mongocrypt_setopt_schema_map(handle.ref, data_p)
    end
  end
end


  








  

    .setopt_set_crypt_shared_lib_path_override(handle, path)  
  



  

    

Set a single override path for loading the crypt shared library.


  





  
Parameters:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1503



def self.setopt_set_crypt_shared_lib_path_override(handle, path)
  check_status(handle) do
    mongocrypt_setopt_set_crypt_shared_lib_path_override(handle.ref, path)
  end
end


  








  

    .setopt_use_need_kms_credentials_state(handle)  
  



  

    

Opt-into handling the MONGOCRYPT_CTX_NEED_KMS_CREDENTIALS state.



If set, before entering the MONGOCRYPT_CTX_NEED_KMS state, contexts may enter the MONGOCRYPT_CTX_NEED_KMS_CREDENTIALS state and then wait for credentials to be supplied through ‘mongocrypt_ctx_provide_kms_providers`.



A context will only enter MONGOCRYPT_CTX_NEED_KMS_CREDENTIALS if an empty document was set for a KMS provider in ‘mongocrypt_setopt_kms_providers`.


  





  
Parameters:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1587



def self.setopt_use_need_kms_credentials_state(handle)
  mongocrypt_setopt_use_need_kms_credentials_state(handle.ref)
end


  








  

    .validate_document(data)  
  



  

    
  

    Note:
    


All BSON::Document instances are also Hash instances



  




Checks that the specified data is a Hash before serializing it to BSON to prevent errors from libmongocrypt


  





  
Parameters:


    
  
  • 
    data
    (Object)
    

    The data to be passed to libmongocrypt
    

    
  
    • 



Raises:





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1780



def self.validate_document(data)
  return if data.is_a?(Hash)

  if data.nil?
    message = "Attempted to pass nil data to libmongocrypt. " +
      "Data must be a Hash"
  else
    message = "Attempted to pass invalid data to libmongocrypt: #{data} " +
      "Data must be a Hash"
  end

  raise Error::CryptError.new(message)
end


  








  

    .validate_version(lmc_version)  
  



  

    

Validates if provided version of libmongocrypt is valid, i.e. equal or greater than minimum required version. Raises a LoadError if not.


  





  
Parameters:


    
  
  • 
    lmc_version
    (String)
    

    String representing libmongocrypt version.
    

    
  
    • 



Raises:


    
  
  • 
    (LoadError)
    

    if given version is lesser than minimum required version.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 131



def self.validate_version(lmc_version)
  if (actual_version = parse_version(lmc_version)) < MIN_LIBMONGOCRYPT_VERSION
    raise LoadError, "libmongocrypt version #{MIN_LIBMONGOCRYPT_VERSION} or above is required, " +
      "but version #{actual_version} was found."
  end
end


  







Instance Method Details



  

    #mongocrypt_crypto_fn(ctx, key, iv, input, output, status)  ⇒ Bool 
  



  

    
  

    Note:
    


This defines a method signature for an FFI callback; it is not an instance method on the Binding class.



  




A callback to a function that performs AES encryption or decryption.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer | nil)
    

    An optional pointer to a context object that may have been set when hooks were enabled.
    

    
  
    • 
  
  • 
    key
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the 32-byte AES encryption key.
    

    
  
    • 
  
  • 
    iv
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the 16-byte AES IV.
    

    
  
    • 
  
  • 
    input
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the value to be encrypted/decrypted.
    

    
  
    • 
  
  • 
    output
    (FFI::Pointer)
    

    (out param) A pointer to a mongocrypt_binary_t object will have a reference to the encrypted/ decrypted value written to it by libmongocrypt.
    

    
  
    • 
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t object to which an error message will be written if encryption fails.
    

    
  
    • 



Returns:


    
  
  • 
    (Bool)
    

    Whether encryption/decryption was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1187



callback(
  :mongocrypt_crypto_fn,
  [:pointer, :pointer, :pointer, :pointer, :pointer, :pointer, :pointer],
  :bool
)


  








  

    #mongocrypt_hash_fn(ctx, input, output, status)  ⇒ Bool 
  



  

    
  

    Note:
    


This defines a method signature for an FFI callback; it is not an instance method on the Binding class.



  




A callback to a SHA-256 hash function.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer | nil)
    

    An optional pointer to a context object that may have been set when hooks were enabled.
    

    
  
    • 
  
  • 
    input
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the value to be hashed.
    

    
  
    • 
  
  • 
    output
    (FFI::Pointer)
    

    (out param) A pointer to a mongocrypt_binary_t object will have a reference to the output value written to it by libmongocrypt.
    

    
  
    • 
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t object to which an error message will be written if encryption fails.
    

    
  
    • 



Returns:


    
  
  • 
    (Bool)
    

    Whether hashing was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1235



callback :mongocrypt_hash_fn, [:pointer, :pointer, :pointer, :pointer], :bool


  








  

    #mongocrypt_hmac_fn(ctx, key, input, output, status)  ⇒ Bool 
  



  

    
  

    Note:
    


This defines a method signature for an FFI callback; it is not an instance method on the Binding class.



  




A callback to a function that performs HMAC SHA-512 or SHA-256.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer | nil)
    

    An optional pointer to a context object that may have been set when hooks were enabled.
    

    
  
    • 
  
  • 
    key
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the 32-byte HMAC SHA encryption key.
    

    
  
    • 
  
  • 
    input
    (FFI::Pointer)
    

    A pointer to a mongocrypt_binary_t object that references the input value.
    

    
  
    • 
  
  • 
    output
    (FFI::Pointer)
    

    (out param) A pointer to a mongocrypt_binary_t object will have a reference to the output value written to it by libmongocrypt.
    

    
  
    • 
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t object to which an error message will be written if encryption fails.
    

    
  
    • 



Returns:


    
  
  • 
    (Bool)
    

    Whether HMAC-SHA was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1212



callback(
  :mongocrypt_hmac_fn,
  [:pointer, :pointer, :pointer, :pointer, :pointer],
  :bool
)


  








  

    #mongocrypt_log_fn_t(level, message, len, ctx)  ⇒ nil 
  



  

    
  

    Note:
    


This defines a method signature for an FFI callback; it is not an instance method on the Binding class.



  




A callback to the mongocrypt log function. Set a custom log callback



with the mongocrypt_setopt_log_handler method


  





  
Parameters:


    
  
  • 
    level
    (Symbol)
    

    The log level; possible values defined by the log_level enum
    

    
  
    • 
  
  • 
    message
    (String)
    

    The log message
    

    
  
    • 
  
  • 
    len
    (Integer)
    

    The length of the message param, or -1 if the string is null terminated
    

    
  
    • 
  
  • 
    ctx
    (FFI::Pointer | nil)
    

    An optional pointer to a context object when this callback was set
    

    
  
    • 



Returns:


    
  
  • 
    (nil)
    

    Always nil.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 288



callback :mongocrypt_log_fn_t, [:log_level, :string, :int, :pointer], :void


  








  

    #mongocrypt_random_fn(ctx, output, count, status)  ⇒ Bool 
  



  

    
  

    Note:
    


This defines a method signature for an FFI callback; it is not an instance method on the Binding class.



  




A callback to a crypto secure random function.


  





  
Parameters:


    
  
  • 
    ctx
    (FFI::Pointer | nil)
    

    An optional pointer to a context object that may have been set when hooks were enabled.
    

    
  
    • 
  
  • 
    output
    (FFI::Pointer)
    

    (out param) A pointer to a mongocrypt_binary_t object will have a reference to the output value written to it by libmongocrypt.
    

    
  
    • 
  
  • 
    count
    (Integer)
    

    The number of random bytes to return.
    

    
  
    • 
  
  • 
    status
    (FFI::Pointer)
    

    A pointer to a mongocrypt_status_t object to which an error message will be written if encryption fails.
    

    
  
    • 



Returns:


    
  
  • 
    (Bool)
    

    Whether hashing was successful.
    

    
  
    • 





  [ GitHub ]


  

  


# File 'lib/mongo/crypt/binding.rb', line 1253



callback :mongocrypt_random_fn, [:pointer, :pointer, :int, :pointer], :bool