The kms instructions (https://github.com/mongodb/libmongocrypt/blob/master/integrating.md#state-mongocrypt_ctx_need_kms) state that the driver is to iterate context and for each context:

1. create a tls socket
2. Write the message from mongocrypt_kms_ctx_message to the > socket.
3. Feed the reply back with mongocrypt_kms_ctx_feed. Repeat > until mongocrypt_kms_ctx_bytes_needed returns 0.

The last bullet point is unclear as to what it requires:

1. What is "the reply" and how was it obtained?
2. When should the driver call mongocrypt_kms_ctx_bytes_needed and how is this return value used?

Looking at the Python driver, what it does appears to be:

1. create a tls socket
2. write the message
3. call mongocrypt_kms_ctx_bytes_needed to get the maximum number of bytes that LMC would like to receive
4. if the number of bytes needed is zero, stop
5. read up to that many bytes from the socket
6. pass the read bytes (generally fewer than the value returned by mongocrypt_kms_ctx_bytes_needed) to LMC
7. go to step 3

If these are the required steps, I suggest incorporating them into the integration guide as a replacement for the current procedure.