Uploaded image for project: 'Libmongocrypt'
  1. Libmongocrypt
  2. MONGOCRYPT-286

Remove size limitation for mongocrypt_kms_ctx_feed

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Major - P3 Major - P3
    • None
    • None
    • C library
    • None

    Description

      Currently, libmongocrypt will return an error with the message "KMS response fed too much data" if mongocrypt_kms_ctx_feed is fed more bytes than indicated in mongocrypt_kms_ctx_bytes_needed. This is currently documented in the API for mongocrypt_kms_ctx_feed:

      /**
       * Feed bytes from the HTTP response.
       *
       * Feeding more bytes than what has been returned in @ref
       * mongocrypt_kms_ctx_bytes_needed is an error.
       *
       * @param[in] kms The @ref mongocrypt_kms_ctx_t.
       * @param[in] bytes The bytes to feed. The viewed data is copied. It is valid to
       * destroy @p bytes with @ref mongocrypt_binary_destroy immediately after.
       * @returns A boolean indicating success. If false, an error status is set.
       * Retrieve it with @ref mongocrypt_kms_ctx_status
       */
      MONGOCRYPT_EXPORT
      bool
      mongocrypt_kms_ctx_feed (mongocrypt_kms_ctx_t *kms, mongocrypt_binary_t *bytes);
      

      This is meant as a safeguard to prevent API misuse of passing more bytes than expected. But it creates an unnecessarily complicated API. We may be able to remove this limitation.

      Attachments

        Activity

          People

            Unassigned Unassigned
            kevin.albertson@mongodb.com Kevin Albertson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: