Implement changes to BSON document size limits for client side encrpyption

When splitting a bulk write into multiple write commands, the driver now
allows a single write to be up to 16MiB, but when choosing where the
split point, it splits after reaching 2 MiB

JAVA-3464

Author: jyemin

bson/src/test/unit/util/JsonPoweredTestHelper.java

@@ -37,6 +37,10 @@ public static BsonDocument getTestDocument(final File file) throws IOException {
         return new BsonDocumentCodec().decode(new JsonReader(getFileAsString(file)), DecoderContext.builder().build());
     }
 
+    public static BsonDocument getTestDocument(final String resourcePath) throws IOException, URISyntaxException {
+        return getTestDocument(new File(JsonPoweredTestHelper.class.getResource(resourcePath).toURI()));
+    }
+
     public static List<File> getTestFiles(final String resourcePath) throws URISyntaxException {
         List<File> files = new ArrayList<File>();
         addFilesFromDirectory(new File(JsonPoweredTestHelper.class.getResource(resourcePath).toURI()), files);

driver-async/src/main/com/mongodb/async/client/internal/AsyncCryptConnection.java

@@ -31,6 +31,7 @@
 import com.mongodb.internal.connection.MessageSettings;
 import com.mongodb.internal.connection.SplittablePayloadBsonWriter;
 import com.mongodb.internal.validator.MappedFieldNameValidator;
+import com.mongodb.lang.Nullable;
 import com.mongodb.session.SessionContext;
 import org.bson.BsonBinaryReader;
 import org.bson.BsonBinaryWriter;
@@ -59,8 +60,7 @@
 @SuppressWarnings("deprecation")
 class AsyncCryptConnection implements AsyncConnection {
     private static final CodecRegistry REGISTRY = fromProviders(new BsonValueCodecProvider());
-    private static final int MAX_MESSAGE_SIZE = 6000000;
-    private static final int MAX_DOCUMENT_SIZE = 2097152;
+    private static final int MAX_SPLITTABLE_DOCUMENT_SIZE = 2097152;
 
     private final AsyncConnection wrapped;
     private final Crypt crypt;
@@ -103,19 +103,21 @@ public <T> void commandAsync(final String database, final BsonDocument command,
     public <T> void commandAsync(final String database, final BsonDocument command, final FieldNameValidator commandFieldNameValidator,
                                  final ReadPreference readPreference, final Decoder<T> commandResultDecoder,
                                  final SessionContext sessionContext, final boolean responseExpected,
-                                 final SplittablePayload payload, final FieldNameValidator payloadFieldNameValidator,
+                                 @Nullable final SplittablePayload payload, @Nullable final FieldNameValidator payloadFieldNameValidator,
                                  final SingleResultCallback<T> callback) {
 
         if (serverIsLessThanVersionFourDotTwo(wrapped.getDescription())) {
             callback.onResult(null, new MongoClientException("Auto-encryption requires a minimum MongoDB version of 4.2"));
         }
 
         BasicOutputBuffer bsonOutput = new BasicOutputBuffer();
-        BsonBinaryWriter bsonBinaryWriter = new BsonBinaryWriter(new BsonWriterSettings(), new BsonBinaryWriterSettings(MAX_DOCUMENT_SIZE),
+        BsonBinaryWriter bsonBinaryWriter = new BsonBinaryWriter(new BsonWriterSettings(),
+                new BsonBinaryWriterSettings(getDescription().getMaxDocumentSize()),
                 bsonOutput, getFieldNameValidator(payload, commandFieldNameValidator, payloadFieldNameValidator));
         BsonWriter writer = payload == null
                 ? bsonBinaryWriter
-                : new SplittablePayloadBsonWriter(bsonBinaryWriter, bsonOutput, createSplittablePayloadMessageSettings(), payload);
+                : new SplittablePayloadBsonWriter(bsonBinaryWriter, bsonOutput, createSplittablePayloadMessageSettings(), payload,
+                MAX_SPLITTABLE_DOCUMENT_SIZE);
 
         try {
             getEncoder(command).encode(writer, command, EncoderContext.builder().build());
@@ -174,9 +176,9 @@ private Codec<BsonDocument> getEncoder(final BsonDocument command) {
         return (Codec<BsonDocument>) REGISTRY.get(command.getClass());
     }
 
-    private FieldNameValidator getFieldNameValidator(final SplittablePayload payload,
+    private FieldNameValidator getFieldNameValidator(@Nullable final SplittablePayload payload,
                                                      final FieldNameValidator commandFieldNameValidator,
-                                                     final FieldNameValidator payloadFieldNameValidator) {
+                                                     @Nullable final FieldNameValidator payloadFieldNameValidator) {
         if (payload == null) {
             return commandFieldNameValidator;
         }
@@ -188,9 +190,9 @@ private FieldNameValidator getFieldNameValidator(final SplittablePayload payload
 
     private MessageSettings createSplittablePayloadMessageSettings() {
         return MessageSettings.builder()
-                .maxBatchCount(wrapped.getDescription().getMaxBatchCount())
-                .maxMessageSize(MAX_MESSAGE_SIZE)
-                .maxDocumentSize(MAX_DOCUMENT_SIZE)
+                .maxBatchCount(getDescription().getMaxBatchCount())
+                .maxMessageSize(getDescription().getMaxMessageSize())
+                .maxDocumentSize(getDescription().getMaxDocumentSize())
                 .build();
     }
 

driver-async/src/test/functional/com/mongodb/async/client/ClientSideEncryptionBsonSizeLimitsSpecification.groovy

@@ -0,0 +1,175 @@
+/*
+ * Copyright 2008-present MongoDB, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.mongodb.async.client
+
+import com.mongodb.AutoEncryptionSettings
+import com.mongodb.ClientEncryptionSettings
+import com.mongodb.MongoNamespace
+import com.mongodb.MongoWriteException
+import com.mongodb.async.FutureResultCallback
+import com.mongodb.async.client.vault.ClientEncryption
+import com.mongodb.async.client.vault.ClientEncryptions
+import com.mongodb.client.test.CollectionHelper
+import com.mongodb.internal.connection.TestCommandListener
+import org.bson.BsonDocument
+import org.bson.BsonString
+import org.bson.codecs.BsonDocumentCodec
+
+import static com.mongodb.ClusterFixture.isNotAtLeastJava8
+import static com.mongodb.ClusterFixture.serverVersionAtLeast
+import static com.mongodb.async.client.Fixture.getDefaultDatabaseName
+import static com.mongodb.async.client.Fixture.getMongoClientBuilderFromConnectionString
+import static com.mongodb.async.client.Fixture.getMongoClientSettings
+import static java.util.Collections.singletonMap
+import static org.junit.Assume.assumeFalse
+import static org.junit.Assume.assumeTrue
+import static util.JsonPoweredTestHelper.getTestDocument
+
+class ClientSideEncryptionBsonSizeLimitsSpecification extends FunctionalSpecification {
+
+    private final MongoNamespace keyVaultNamespace = new MongoNamespace('test.datakeys')
+    private final MongoNamespace autoEncryptingCollectionNamespace = new MongoNamespace(getDefaultDatabaseName(),
+            'ClientSideEncryptionProseTestSpecification')
+    private final TestCommandListener commandListener = new TestCommandListener()
+
+    private MongoClient autoEncryptingClient
+    private ClientEncryption clientEncryption
+    private MongoCollection<BsonDocument> autoEncryptingDataCollection
+
+    def setup() {
+        assumeFalse(isNotAtLeastJava8())
+        assumeTrue(serverVersionAtLeast(4, 2))
+        assumeTrue('Key vault tests disabled',
+                System.getProperty('org.mongodb.test.awsAccessKeyId') != null
+                        && !System.getProperty('org.mongodb.test.awsAccessKeyId').isEmpty())
+        Fixture.drop(keyVaultNamespace)
+        Fixture.drop(autoEncryptingCollectionNamespace)
+
+        new CollectionHelper<>(new BsonDocumentCodec(), keyVaultNamespace).insertDocuments(
+                getTestDocument('/client-side-encryption-limits/limits-key.json'))
+
+        def providerProperties =
+                ['local': ['key': Base64.getDecoder().decode('Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN'
+                        + '3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk')]
+                ]
+
+        autoEncryptingClient = MongoClients.create(getMongoClientBuilderFromConnectionString()
+                .autoEncryptionSettings(AutoEncryptionSettings.builder()
+                        .keyVaultNamespace(keyVaultNamespace.fullName)
+                        .kmsProviders(providerProperties)
+                        .schemaMap(singletonMap(autoEncryptingCollectionNamespace.fullName,
+                                getTestDocument('/client-side-encryption-limits/limits-schema.json')))
+                        .build())
+                .addCommandListener(commandListener)
+                .build())
+
+        autoEncryptingDataCollection = autoEncryptingClient.getDatabase(autoEncryptingCollectionNamespace.databaseName)
+                .getCollection(autoEncryptingCollectionNamespace.collectionName, BsonDocument)
+
+        clientEncryption = ClientEncryptions.create(ClientEncryptionSettings.builder()
+                .keyVaultMongoClientSettings(getMongoClientSettings())
+                .keyVaultNamespace(keyVaultNamespace.fullName)
+                .kmsProviders(providerProperties)
+                .build())
+    }
+
+    def 'test BSON size limits'() {
+        when:
+        def callback = new FutureResultCallback()
+        autoEncryptingDataCollection.insertOne(
+                new BsonDocument('_id', new BsonString('over_2mib_under_16mib'))
+                        .append('unencrypted', new BsonString('a' * 2097152)), callback)
+        callback.get()
+
+        then:
+        noExceptionThrown()
+
+        when:
+        callback = new FutureResultCallback()
+        autoEncryptingDataCollection.insertOne(getTestDocument('/client-side-encryption-limits/limits-doc.json')
+                .append('_id', new BsonString('encryption_exceeds_2mib'))
+                .append('unencrypted', new BsonString('a' * (2097152 - 2000))), callback)
+        callback.get()
+
+        then:
+        noExceptionThrown()
+
+        when:
+        commandListener.reset()
+        callback = new FutureResultCallback()
+        autoEncryptingDataCollection.insertMany(
+                [
+                        new BsonDocument('_id', new BsonString('over_2mib_1'))
+                                .append('unencrypted', new BsonString('a' * 2097152)),
+                        new BsonDocument('_id', new BsonString('over_2mib_2'))
+                                .append('unencrypted', new BsonString('a' * 2097152))
+                ], callback)
+        callback.get()
+
+        then:
+        noExceptionThrown()
+        countStartedEvents('insert') == 2
+
+        when:
+        commandListener.reset()
+        callback = new FutureResultCallback()
+        autoEncryptingDataCollection.insertMany(
+                [
+                        getTestDocument('/client-side-encryption-limits/limits-doc.json')
+                                .append('_id', new BsonString('encryption_exceeds_2mib_1'))
+                                .append('unencrypted', new BsonString('a' * (2097152 - 2000))),
+                        getTestDocument('/client-side-encryption-limits/limits-doc.json')
+                                .append('_id', new BsonString('encryption_exceeds_2mib_2'))
+                                .append('unencrypted', new BsonString('a' * (2097152 - 2000))),
+                ], callback)
+        callback.get()
+
+        then:
+        noExceptionThrown()
+        countStartedEvents('insert') == 2
+
+        when:
+        callback = new FutureResultCallback()
+        autoEncryptingDataCollection.insertOne(
+                new BsonDocument('_id', new BsonString('under_16mib'))
+                        .append('unencrypted', new BsonString('a' * (16777216 - 2000))), callback)
+        callback.get()
+
+        then:
+        noExceptionThrown()
+
+        when:
+        callback = new FutureResultCallback()
+        autoEncryptingDataCollection.insertOne(getTestDocument('/client-side-encryption-limits/limits-doc.json')
+                .append('_id', new BsonString('encryption_exceeds_16mib'))
+                .append('unencrypted', new BsonString('a' * (16777216 - 2000))), callback)
+        callback.get()
+
+        then:
+        thrown(MongoWriteException)
+    }
+
+    private int countStartedEvents(String name) {
+        int count = 0
+        for (def cur : commandListener.commandStartedEvents) {
+            if (cur.commandName == name) {
+                count++
+            }
+        }
+        count
+    }
+}

driver-async/src/test/functional/com/mongodb/async/client/ClientSideEncryptionProseTestSpecification.groovy renamed to driver-async/src/test/functional/com/mongodb/async/client/ClientSideEncryptionExternalKeyVaultSpecification.groovy

@@ -42,7 +42,7 @@ import static java.util.Collections.singletonMap
 import static org.junit.Assume.assumeFalse
 import static org.junit.Assume.assumeTrue
 
-class ClientSideEncryptionProseTestSpecification extends FunctionalSpecification {
+class ClientSideEncryptionExternalKeyVaultSpecification extends FunctionalSpecification {
 
     private final MongoNamespace keyVaultNamespace = new MongoNamespace('test.datakeys')
     private final MongoNamespace autoEncryptingCollectionNamespace = new MongoNamespace(getDefaultDatabaseName(),
@@ -107,7 +107,7 @@ class ClientSideEncryptionProseTestSpecification extends FunctionalSpecification
                 .build())
     }
 
-    def 'client encryption prose test'() {
+    def 'test external key vault'() {
         when:
         def callback = new FutureResultCallback()
         clientEncryption.createDataKey('local', new DataKeyOptions().keyAltNames(['local_altname']), callback)

driver-async/src/test/unit/com/mongodb/async/client/internal/AsyncCryptConnectionSpecification.groovy

@@ -16,7 +16,6 @@
 
 package com.mongodb.async.client.internal
 
-
 import com.mongodb.ReadPreference
 import com.mongodb.ServerAddress
 import com.mongodb.async.SingleResultCallback
@@ -35,7 +34,6 @@ import org.bson.BsonBinaryWriter
 import org.bson.BsonDocument
 import org.bson.BsonDocumentWrapper
 import org.bson.BsonInt32
-import org.bson.BsonMaximumSizeExceededException
 import org.bson.BsonString
 import org.bson.Document
 import org.bson.RawBsonDocument
@@ -211,33 +209,6 @@ class AsyncCryptConnectionSpecification extends Specification {
         payload.getPosition() == 2
     }
 
-    def 'should throw if command document is large than 2 MiB'() {
-        given:
-        def callback = Mock(SingleResultCallback)
-        def wrappedConnection = Mock(AsyncConnection)
-        def crypt = Mock(Crypt)
-        def cryptConnection = new AsyncCryptConnection(wrappedConnection, crypt)
-        def codec = new DocumentCodec()
-        def bytes = new byte[2097152 - 84]
-        def payload = new SplittablePayload(INSERT, [
-                new BsonDocumentWrapper(new Document('_id', 1).append('ssid', '555-55-5555').append('b', bytes), codec),
-        ])
-
-        when:
-        cryptConnection.commandAsync('db',
-                new BsonDocumentWrapper(new Document('insert', 'test'), codec),
-                new NoOpFieldNameValidator(), ReadPreference.primary(), new BsonDocumentCodec(),
-                NoOpSessionContext.INSTANCE, true,
-                payload, new NoOpFieldNameValidator(), callback)
-
-        then:
-        _ * wrappedConnection.getDescription() >> {
-            new ConnectionDescription(new ConnectionId(new ServerId(new ClusterId(), new ServerAddress())), 8, STANDALONE,
-                    1000, 1024 * 16_000, 1024 * 48_000, [])
-        }
-        1 * callback.onResult(null, _ as BsonMaximumSizeExceededException)
-    }
-
     RawBsonDocument toRaw(BsonDocument document) {
         def buffer = new BasicOutputBuffer()
         def writer = new BsonBinaryWriter(buffer)

driver-core/src/main/com/mongodb/internal/connection/BsonWriterHelper.java

@@ -46,17 +46,18 @@ static void writeElements(final BsonWriter writer, final List<BsonElement> bsonE
     }
 
     static void writePayloadArray(final BsonWriter writer, final BsonOutput bsonOutput, final MessageSettings settings,
-                                  final int messageStartPosition, final SplittablePayload payload) {
+                                  final int messageStartPosition, final SplittablePayload payload, final int maxSplittableDocumentSize) {
         writer.writeStartArray(payload.getPayloadName());
-        writePayload(writer, bsonOutput, getDocumentMessageSettings(settings), messageStartPosition, payload);
+        writePayload(writer, bsonOutput, getDocumentMessageSettings(settings), messageStartPosition, payload, maxSplittableDocumentSize);
         writer.writeEndArray();
     }
 
     static void writePayload(final BsonWriter writer, final BsonOutput bsonOutput, final MessageSettings settings,
-                             final int messageStartPosition, final SplittablePayload payload) {
+                             final int messageStartPosition, final SplittablePayload payload, final int maxSplittableDocumentSize) {
         MessageSettings payloadSettings = getPayloadMessageSettings(payload.getPayloadType(), settings);
         for (int i = 0; i < payload.getPayload().size(); i++) {
-            if (writeDocument(writer, bsonOutput, payloadSettings, payload.getPayload().get(i), messageStartPosition, i + 1)) {
+            if (writeDocument(writer, bsonOutput, payloadSettings, payload.getPayload().get(i), messageStartPosition, i + 1,
+                    maxSplittableDocumentSize)) {
                 payload.setPosition(i + 1);
             } else {
                 break;
@@ -70,12 +71,14 @@ static void writePayload(final BsonWriter writer, final BsonOutput bsonOutput, f
     }
 
     private static boolean writeDocument(final BsonWriter writer, final BsonOutput bsonOutput, final MessageSettings settings,
-                                         final BsonDocument document, final int messageStartPosition, final int batchItemCount) {
+                                         final BsonDocument document, final int messageStartPosition, final int batchItemCount,
+                                         final int maxSplittableDocumentSize) {
         int currentPosition = bsonOutput.getPosition();
         getCodec(document).encode(writer, document, ENCODER_CONTEXT);
         int messageSize = bsonOutput.getPosition() - messageStartPosition;
         int documentSize = bsonOutput.getPosition() - currentPosition;
-        if (exceedsLimits(settings, messageSize, documentSize, batchItemCount)) {
+        if (exceedsLimits(settings, messageSize, documentSize, batchItemCount)
+                || (batchItemCount > 1 && bsonOutput.getPosition() - messageStartPosition > maxSplittableDocumentSize)) {
             bsonOutput.truncateToPosition(currentPosition);
             return false;
         }

driver-core/src/main/com/mongodb/internal/connection/CommandMessage.java

@@ -145,7 +145,7 @@ protected EncodingMetadata encodeMessageBodyWithMetadata(final BsonOutput bsonOu
                 bsonOutput.writeInt32(0);         // size
                 bsonOutput.writeCString(payload.getPayloadName());
                 writePayload(new BsonBinaryWriter(bsonOutput, payloadFieldNameValidator), bsonOutput, getSettings(),
-                        messageStartPosition, payload);
+                        messageStartPosition, payload, getSettings().getMaxDocumentSize());
 
                 int payloadBsonOutputLength = bsonOutput.getPosition() - payloadBsonOutputStartPosition;
                 bsonOutput.writeInt32(payloadBsonOutputStartPosition, payloadBsonOutputLength);