/// <summary> /// Starts an explicit encryption context. /// </summary> /// <param name="key">The key.</param> /// <param name="encryptionAlgorithm">The encryption algorithm.</param> /// <param name="command">The BSON command.</param> /// <returns>A encryption context. </returns> public CryptContext StartExplicitEncryptionContext(Guid key, EncryptionAlgorithm encryptionAlgorithm, byte[] command) { ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle); byte[] keyBuffer = key.ToByteArray(); unsafe { fixed (byte* p = keyBuffer) { IntPtr ptr = (IntPtr)p; using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)keyBuffer.Length)) { handle.Check(_status, Library.mongocrypt_ctx_setopt_key_id(handle, pinned.Handle)); } } } handle.Check(_status, Library.mongocrypt_ctx_setopt_algorithm(handle, Helpers.EncryptionAlgorithmToString(encryptionAlgorithm), -1)); unsafe { fixed (byte* p = command) { IntPtr ptr = (IntPtr)p; using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)command.Length)) { handle.Check(_status, Library.mongocrypt_ctx_explicit_encrypt_init(handle, pinned.Handle)); } } } return new CryptContext(handle); }
/// <inheritdoc /> void IInternalKmsKeyId.SetCredentials(ContextSafeHandle context, Status status) { IntPtr regionPointer = (IntPtr)Marshal.StringToHGlobalAnsi(Region); try { IntPtr keyPointer = (IntPtr)Marshal.StringToHGlobalAnsi(CustomerMasterKey); try { // Let mongocrypt run strlen context.Check( status, Library.mongocrypt_ctx_setopt_masterkey_aws(context, regionPointer, -1, keyPointer, -1)); ((IInternalKmsKeyId)this).SetAlternateKeyNames(context, status); } finally { Marshal.FreeHGlobal(keyPointer); } } finally { Marshal.FreeHGlobal(regionPointer); } }
/// <summary> /// Starts the encryption context. /// </summary> /// <param name="db">The database of the collection.</param> /// <param name="command">The command.</param> /// <returns>A encryption context.</returns> public CryptContext StartEncryptionContext(string db, byte[] command) { ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle); IntPtr stringPointer = (IntPtr)Marshal.StringToHGlobalAnsi(db); try { unsafe { fixed (byte* c = command) { var commandPtr = (IntPtr)c; using (var pinnedCommand = new PinnedBinary(commandPtr, (uint)command.Length)) { // Let mongocrypt run strlen handle.Check(_status, Library.mongocrypt_ctx_encrypt_init(handle, stringPointer, -1, pinnedCommand.Handle)); } } } } finally { Marshal.FreeHGlobal(stringPointer); } return new CryptContext(handle); }
/// <summary> /// Starts the create data key context. /// </summary> /// <param name="keyId">The key identifier.</param> /// <returns>A crypt context for creating a data key</returns> public CryptContext StartCreateDataKeyContext(IKmsKeyId keyId) { ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle); IInternalKmsKeyId key = (IInternalKmsKeyId)keyId; key.SetCredentials(handle, _status); handle.Check(_status, Library.mongocrypt_ctx_datakey_init(handle)); return new CryptContext(handle); }
internal static void SetAlternateKeyNames(this IKmsKeyId kmsKeyId, ContextSafeHandle context, Status status) { foreach (var alternateKeyName in kmsKeyId.AlternateKeyNameBsonDocuments) { unsafe { fixed(byte *p = alternateKeyName) { IntPtr ptr = (IntPtr)p; using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)alternateKeyName.Length)) { context.Check(status, Library.mongocrypt_ctx_setopt_key_alt_name(context, pinned.Handle)); } } } } }
/// <summary> /// Starts an explicit decryption context. /// </summary> /// <param name="buffer">The buffer.</param> /// <returns>A encryption context</returns> public CryptContext StartExplicitDecryptionContext(byte[] buffer) { ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle); unsafe { fixed (byte* p = buffer) { IntPtr ptr = (IntPtr)p; using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)buffer.Length)) { // Let mongocrypt run strlen handle.Check(_status, Library.mongocrypt_ctx_explicit_decrypt_init(handle, pinned.Handle)); } } } return new CryptContext(handle); }
/// <summary> /// Starts the decryption context. /// </summary> /// <param name="buffer">The bson document to decrypt.</param> /// <returns>A decryption context</returns> public CryptContext StartDecryptionContext(byte[] buffer) { ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle); GCHandle gch = GCHandle.Alloc(buffer, GCHandleType.Pinned); unsafe { fixed (byte* p = buffer) { IntPtr ptr = (IntPtr)p; using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)buffer.Length)) { handle.Check(_status, Library.mongocrypt_ctx_decrypt_init(handle, pinned.Handle)); } } } return new CryptContext(handle); }
/// <inheritdoc /> void IInternalKmsKeyId.SetCredentials(ContextSafeHandle context, Status status) { context.Check(status, Library.mongocrypt_ctx_setopt_masterkey_local(context)); ((IInternalKmsKeyId)this).SetAlternateKeyNames(context, status); }