/// <summary>Creates a CryptClient with the specified options.</summary>
/// <param name="options">The options.</param>
/// <returns>A CryptClient</returns>
public static CryptClient Create(CryptOptions options)
{
MongoCryptSafeHandle handle = Library.mongocrypt_new();
Status status = new Status();
foreach (var kmsCredentials in options.KmsCredentialsMap)
{
((IInternalKmsCredentials)kmsCredentials.Value).SetCredentials(handle, status);
}
if (options.Schema != null)
{
unsafe
{
fixed(byte *schema = options.Schema)
{
var schemaPtr = (IntPtr)schema;
using (var pinnedSchema = new PinnedBinary(schemaPtr, (uint)options.Schema.Length))
{
handle.Check(status, Library.mongocrypt_setopt_schema_map(handle, schema: pinnedSchema.Handle));
}
}
}
}
Library.mongocrypt_init(handle);
return(new CryptClient(handle, status));
}
/// <summary>
/// Starts an explicit encryption context.
/// </summary>
/// <param name="key">The key.</param>
/// <param name="encryptionAlgorithm">The encryption algorithm.</param>
/// <param name="command">The BSON command.</param>
/// <returns>A encryption context. </returns>
public CryptContext StartExplicitEncryptionContext(Guid key, EncryptionAlgorithm encryptionAlgorithm, byte[] command)
{
ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle);
byte[] keyBuffer = key.ToByteArray();
unsafe
{
fixed (byte* p = keyBuffer)
{
IntPtr ptr = (IntPtr)p;
using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)keyBuffer.Length))
{
handle.Check(_status, Library.mongocrypt_ctx_setopt_key_id(handle, pinned.Handle));
}
}
}
handle.Check(_status, Library.mongocrypt_ctx_setopt_algorithm(handle, Helpers.EncryptionAlgorithmToString(encryptionAlgorithm), -1));
unsafe
{
fixed (byte* p = command)
{
IntPtr ptr = (IntPtr)p;
using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)command.Length))
{
handle.Check(_status, Library.mongocrypt_ctx_explicit_encrypt_init(handle, pinned.Handle));
}
}
}
return new CryptContext(handle);
}
/// <summary>
/// Starts the encryption context.
/// </summary>
/// <param name="db">The database of the collection.</param>
/// <param name="command">The command.</param>
/// <returns>A encryption context.</returns>
public CryptContext StartEncryptionContext(string db, byte[] command)
{
ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle);
IntPtr stringPointer = (IntPtr)Marshal.StringToHGlobalAnsi(db);
try
{
unsafe
{
fixed (byte* c = command)
{
var commandPtr = (IntPtr)c;
using (var pinnedCommand = new PinnedBinary(commandPtr, (uint)command.Length))
{
// Let mongocrypt run strlen
handle.Check(_status, Library.mongocrypt_ctx_encrypt_init(handle, stringPointer, -1, pinnedCommand.Handle));
}
}
}
}
finally
{
Marshal.FreeHGlobal(stringPointer);
}
return new CryptContext(handle);
}
/// <summary>
/// Feeds the response back to the libmongocrypt
/// </summary>
/// <param name="buffer">The response.</param>
public void Feed(byte[] buffer)
{
unsafe
{
fixed(byte *p = buffer)
{
IntPtr ptr = (IntPtr)p;
using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)buffer.Length))
{
Check(Library.mongocrypt_kms_ctx_feed(_id, pinned.Handle));
}
}
}
}
void IInternalKmsCredentials.SetCredentials(MongoCryptSafeHandle handle, Status status)
{
unsafe
{
fixed(byte *p = Key)
{
IntPtr ptr = (IntPtr)p;
using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)Key.Length))
{
handle.Check(status, Library.mongocrypt_setopt_kms_provider_local(handle, pinned.Handle));
}
}
}
}
internal static void SetAlternateKeyNames(this IKmsKeyId kmsKeyId, ContextSafeHandle context, Status status)
{
foreach (var alternateKeyName in kmsKeyId.AlternateKeyNameBsonDocuments)
{
unsafe
{
fixed(byte *p = alternateKeyName)
{
IntPtr ptr = (IntPtr)p;
using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)alternateKeyName.Length))
{
context.Check(status, Library.mongocrypt_ctx_setopt_key_alt_name(context, pinned.Handle));
}
}
}
}
}
/// <summary>
/// Starts an explicit decryption context.
/// </summary>
/// <param name="buffer">The buffer.</param>
/// <returns>A encryption context</returns>
public CryptContext StartExplicitDecryptionContext(byte[] buffer)
{
ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle);
unsafe
{
fixed (byte* p = buffer)
{
IntPtr ptr = (IntPtr)p;
using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)buffer.Length))
{
// Let mongocrypt run strlen
handle.Check(_status, Library.mongocrypt_ctx_explicit_decrypt_init(handle, pinned.Handle));
}
}
}
return new CryptContext(handle);
}
/// <summary>
/// Starts the decryption context.
/// </summary>
/// <param name="buffer">The bson document to decrypt.</param>
/// <returns>A decryption context</returns>
public CryptContext StartDecryptionContext(byte[] buffer)
{
ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle);
GCHandle gch = GCHandle.Alloc(buffer, GCHandleType.Pinned);
unsafe
{
fixed (byte* p = buffer)
{
IntPtr ptr = (IntPtr)p;
using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)buffer.Length))
{
handle.Check(_status, Library.mongocrypt_ctx_decrypt_init(handle, pinned.Handle));
}
}
}
return new CryptContext(handle);
}