Summary

libmongocrypt is arbitrarily (and misleadingly) making an effort to return all fields of the key document(s) being rewrapped by rewrapManyDataKey. Only _id, keyMaterial, and masterKey are required to construct the bulk write operations to update rewrapped key documents in the key vault collection.

Motivation

Who is the affected end user?

Drivers implementing rewrapManyDataKey.

How does this affect the end user?

Avoids unnecessarily consuming memory for unused fields in the resulting documents.

How likely is it that this problem or use case will occur?

Unlikely; Drivers should not be using any of the extra fields in the key document(s). This is also asserted by the CSE unified spec tests.

If the problem does occur, what are the consequences and how severe are they?

Not severe. Returning a "full" key document gives the mistaken impression that a replaceOne operation may be appropriate to update the given key document in the key vault collection.

Is this issue urgent?

No.

Is this ticket required by a downstream team?

No.

Is this ticket only for tests?

No. It has functional impact, but the impact should be minimal/none.