mongodb · ShaneHarvey · Jun 1, 2022 · Jun 1, 2022 · Jun 1, 2022 · Jun 1, 2022
@@ -450,8 +450,8 @@ functions:
             export LIBMONGOCRYPT_URL="${libmongocrypt_url}"
             export TEST_ENCRYPTION=1
           fi
-          if [ -n "${test_csfle}" ]; then
-            export TEST_CSFLE=1
+          if [ -n "${test_crypt_shared}" ]; then
+            export TEST_CRYPT_SHARED=1
           fi
           if [ -n "${test_pyopenssl}" ]; then
             export TEST_PYOPENSSL=1
@@ -2163,15 +2163,14 @@ axes:
         variables:
           test_encryption: true
         batchtime: 10080  # 7 days
-      - id: "encryption_with_csfle"
-        display_name: "Encryption with CSFLE"
-        tags: ["encryption_tag", "csfle"]
+      - id: "encryption_crypt_shared"
+        display_name: "Encryption shared lib"
+        tags: ["encryption_tag"]
         variables:
           test_encryption: true
-          test_csfle: true
+          test_crypt_shared: true
         batchtime: 10080  # 7 days
 
-
   # Run pyopenssl tests?
   - id: pyopenssl
     display_name: "PyOpenSSL"
@@ -2306,7 +2305,7 @@ buildvariants:
         platform: "*"
         auth: "*"
         ssl: "*"
-        encryption: [ "encryption_with_csfle" ]
+        encryption: [ "encryption_crypt_shared" ]
       then:
         remove_tasks:
           - ".5.0"
@@ -2400,7 +2399,7 @@ buildvariants:
         platform: "*"
         python-version: "*"
         auth-ssl: "*"
-        encryption: [ "encryption_with_csfle" ]
+        encryption: [ "encryption_crypt_shared" ]
       then:
         remove_tasks:
           - ".5.0"
@@ -2509,7 +2508,7 @@ buildvariants:
         platform: "*"
         python-version-windows: "*"
         auth-ssl: "*"
-        encryption: [ "encryption_with_csfle" ]
+        encryption: [ "encryption_crypt_shared" ]
       then:
         remove_tasks:
           - ".5.0"

@@ -11,7 +11,7 @@ set -o errexit  # Exit the script with error if any of the commands fail
 #  COVERAGE           If non-empty, run the test suite with coverage.
 #  TEST_ENCRYPTION    If non-empty, install pymongocrypt.
 #  LIBMONGOCRYPT_URL  The URL to download libmongocrypt.
-#  TEST_CSFLE         If non-empty, install CSFLE
+#  TEST_CRYPT_SHARED  If non-empty, install crypt_shared lib.
 
 if [ -n "${SET_XTRACE_ON}" ]; then
     set -o xtrace
@@ -28,9 +28,10 @@ COVERAGE=${COVERAGE:-}
 COMPRESSORS=${COMPRESSORS:-}
 MONGODB_API_VERSION=${MONGODB_API_VERSION:-}
 TEST_ENCRYPTION=${TEST_ENCRYPTION:-}
-TEST_CSFLE=${TEST_CSFLE:-}
+TEST_CRYPT_SHARED=${TEST_CRYPT_SHARED:-}
 LIBMONGOCRYPT_URL=${LIBMONGOCRYPT_URL:-}
 DATA_LAKE=${DATA_LAKE:-}
+TEST_ARGS=""
 
 if [ -n "$COMPRESSORS" ]; then
     export COMPRESSORS=$COMPRESSORS
@@ -148,23 +149,23 @@ if [ -n "$TEST_ENCRYPTION" ]; then
     # Get access to the AWS temporary credentials:
     # CSFLE_AWS_TEMP_ACCESS_KEY_ID, CSFLE_AWS_TEMP_SECRET_ACCESS_KEY, CSFLE_AWS_TEMP_SESSION_TOKEN
     . $DRIVERS_TOOLS/.evergreen/csfle/set-temp-creds.sh
+
+    if [ -n "$TEST_CRYPT_SHARED" ]; then
+        echo "Testing CSFLE with crypt_shared lib"
+        $PYTHON $DRIVERS_TOOLS/.evergreen/mongodl.py --component crypt_shared \
+            --version latest --out ../crypt_shared/
+        export DYLD_FALLBACK_LIBRARY_PATH=../crypt_shared/lib/:$DYLD_FALLBACK_LIBRARY_PATH
+        export LD_LIBRARY_PATH=../crypt_shared/lib:$LD_LIBRARY_PATH
+        export PATH=../crypt_shared/bin:$PATH
+    fi
+    # Only run the encryption tests.
+    TEST_ARGS="-s test.test_encryption"
 fi
 
-if [ -z "$DATA_LAKE" ]; then
-    TEST_ARGS=""
-else
+if [ -n "$DATA_LAKE" ]; then
     TEST_ARGS="-s test.test_data_lake"
 fi
-if [ -z $TEST_CSFLE ]; then
-    echo "CSFLE not being tested"
-else
-    $PYTHON $DRIVERS_TOOLS/.evergreen/mongodl.py --component csfle \
-        --version latest --out ../csfle/
-    export DYLD_FALLBACK_LIBRARY_PATH=../csfle/lib/:$DYLD_FALLBACK_LIBRARY_PATH
-    export LD_LIBRARY_PATH=../csfle/lib:$LD_LIBRARY_PATH
-    export PATH=../csfle/bin:$PATH
-    TEST_ARGS="-s test.test_encryption"
-fi
+
 # Don't download unittest-xml-reporting from pypi, which often fails.
 if $PYTHON -c "import xmlrunner"; then
     # The xunit output dir must be a Python style absolute path.

@@ -300,8 +300,8 @@ def _get_internal_client(encrypter, mongo_client):
             MongoCryptOptions(
                 opts._kms_providers,
                 schema_map,
-                csfle_path=opts._csfle_path,
-                csfle_required=opts._csfle_required,
+                crypt_shared_lib_path=opts._crypt_shared_lib_path,
+                crypt_shared_lib_required=opts._crypt_shared_lib_required,
                 bypass_encryption=opts._bypass_auto_encryption,
             ),
         )

@@ -45,8 +45,8 @@ def __init__(
         mongocryptd_spawn_path: str = "mongocryptd",
         mongocryptd_spawn_args: Optional[List[str]] = None,
         kms_tls_options: Optional[Mapping[str, Any]] = None,
-        csfle_path: Optional[str] = None,
-        csfle_required: bool = False,
+        crypt_shared_lib_path: Optional[str] = None,
+        crypt_shared_lib_required: bool = False,
     ) -> None:
         """Options to configure automatic client-side field level encryption.
 
@@ -142,12 +142,12 @@ def __init__(
             Or to supply a client certificate::
 
               kms_tls_options={'kmip': {'tlsCertificateKeyFile': 'client.pem'}}
-          - `csfle_path` (optional): Override the path to load the CSFLE library.
-          - `csfle_required` (optional): If 'true', refuse to continue encryption without a CSFLE
-            library
+          - `crypt_shared_lib_path` (optional): Override the path to load the crypt_shared library.
+          - `crypt_shared_lib_required` (optional): If True, raise an error if libmongocrypt is
+            unable to load the crypt_shared library.
 
         .. versionchanged:: 4.2
-           Added `csfle_path` and `csfle_required` parameters
+           Added `crypt_shared_lib_path` and `crypt_shared_lib_required` parameters
 
         .. versionchanged:: 4.0
            Added the `kms_tls_options` parameter and the "kmip" KMS provider.
@@ -160,8 +160,8 @@ def __init__(
                 "install a compatible version with: "
                 "python -m pip install 'pymongo[encryption]'"
             )
-        self._csfle_path = csfle_path
-        self._csfle_required = csfle_required
+        self._crypt_shared_lib_path = crypt_shared_lib_path
+        self._crypt_shared_lib_required = crypt_shared_lib_required
         self._kms_providers = kms_providers
         self._key_vault_namespace = key_vault_namespace
         self._key_vault_client = key_vault_client

@@ -83,12 +83,12 @@ def get_client_opts(client):
 
 class TestAutoEncryptionOpts(PyMongoTestCase):
     @unittest.skipUnless(_HAVE_PYMONGOCRYPT, "pymongocrypt is not installed")
-    @unittest.skipUnless(os.environ.get("TEST_CSFLE"), "csfle is not installed")
-    def test_csfle(self):
-        # Test that we can pick up csfle automatically
+    @unittest.skipUnless(os.environ.get("TEST_CRYPT_SHARED"), "crypt_shared lib is not installed")
+    def test_crypt_shared(self):
+        # Test that we can pick up crypt_shared lib automatically
         client = MongoClient(
             auto_encryption_opts=AutoEncryptionOpts(
-                KMS_PROVIDERS, "keyvault.datakeys", csfle_required=True
+                KMS_PROVIDERS, "keyvault.datakeys", crypt_shared_lib_required=True
             ),
             connect=False,
         )
@@ -1762,8 +1762,9 @@ def test_case_8(self):
 # https://github.com/mongodb/specifications/blob/master/source/client-side-encryption/tests/README.rst#bypass-spawning-mongocryptd
 class TestBypassSpawningMongocryptdProse(EncryptionIntegrationTest):
     @unittest.skipIf(
-        os.environ.get("TEST_CSFLE"),
-        "this prose test does not work when CSFLE is on a system dynamic library search path.",
+        os.environ.get("TEST_CRYPT_SHARED"),
+        "this prose test does not work when crypt_shared is on a system dynamic "
+        "library search path.",
     )
     def test_mongocryptd_bypass_spawn(self):
         # Lower the mongocryptd timeout to reduce the test run time.