Exemplos de AwsKmsCredentials em C# (CSharp)

Exemplo n.º 1

Arquivo: BasicTests.cs Projeto: skilld-labs/libmongocrypt

        public void TestAwsKeyCreationWithkeyAltNamesStepwise()
        {
            var keyAltNames         = new[] { "KeyMaker", "Architect" };
            var keyAltNameDocuments = keyAltNames.Select(name => new BsonDocument("keyAltName", name));
            var keyAltNameBuffers   = keyAltNameDocuments.Select(BsonUtil.ToBytes);
            var keyId = new AwsKeyId(customerMasterKey: "cmk", region: "us-east-1", alternateKeyNamesBsonDocuments: keyAltNameBuffers);
            var key   = new AwsKmsCredentials(awsSecretAccessKey: "us-east-1", awsAccessKeyId: "us-east-1");

            using (var cryptClient = CryptClientFactory.Create(new CryptOptions(CreateCredentialsMap(key))))
                using (var context =
                           cryptClient.StartCreateDataKeyContext(keyId))
                {
                    BsonDocument dataKeyDocument;
                    var(state, _, _) = ProcessState(context, isKmsDecrypt: false);
                    state.Should().Be(CryptContext.StateCode.MONGOCRYPT_CTX_NEED_KMS);

                    (state, _, dataKeyDocument) = ProcessState(context, isKmsDecrypt: false);
                    state.Should().Be(CryptContext.StateCode.MONGOCRYPT_CTX_READY);
                    dataKeyDocument.Should().NotBeNull();
                    var actualKeyAltNames   = dataKeyDocument["keyAltNames"].AsBsonArray.Select(x => x.AsString);
                    var expectedKeyAltNames = keyAltNames.Reverse(); // https://jira.mongodb.org/browse/CDRIVER-3277?
                    actualKeyAltNames.Should().BeEquivalentTo(expectedKeyAltNames);

                    (state, _, _) = ProcessState(context, isKmsDecrypt: false);
                    state.Should().Be(CryptContext.StateCode.MONGOCRYPT_CTX_DONE);
                }
        }

Exemplo n.º 2

Arquivo: BasicTests.cs Projeto: skilld-labs/libmongocrypt

        public void TestAwsKeyCreationWithEndPoint()
        {
            var endpoint = "kms.us-east-1.amazonaws.com";
            var keyId    = new AwsKeyId(
                customerMasterKey: "cmk",
                region: "us-east-1",
                endpoint: endpoint);
            var key = new AwsKmsCredentials(awsSecretAccessKey: "us-east-1", awsAccessKeyId: "us-east-1");

            using (var cryptClient = CryptClientFactory.Create(new CryptOptions(CreateCredentialsMap(key))))
                using (var context = cryptClient.StartCreateDataKeyContext(keyId))
                {
                    var(_, dataKeyDocument) = ProcessContextToCompletion(context, isKmsDecrypt: false);
                    dataKeyDocument["masterKey"]["endpoint"].Should().Be(endpoint);
                }
        }

Exemplo n.º 3

Arquivo: BasicTests.cs Projeto: skilld-labs/libmongocrypt

        public void TestAwsKeyCreationWithEndpointStepwise()
        {
            var endpoint = "kms.us-east-1.amazonaws.com";
            var keyId    = new AwsKeyId(
                customerMasterKey: "cmk",
                region: "us-east-1",
                endpoint: endpoint);
            var key = new AwsKmsCredentials(awsSecretAccessKey: "us-east-1", awsAccessKeyId: "us-east-1");

            using (var cryptClient = CryptClientFactory.Create(new CryptOptions(CreateCredentialsMap(key))))
                using (var context = cryptClient.StartCreateDataKeyContext(keyId))
                {
                    BsonDocument dataKeyDocument;
                    var(state, _, _) = ProcessState(context, isKmsDecrypt: false);
                    state.Should().Be(CryptContext.StateCode.MONGOCRYPT_CTX_NEED_KMS);

                    (state, _, dataKeyDocument) = ProcessState(context, isKmsDecrypt: false);
                    state.Should().Be(CryptContext.StateCode.MONGOCRYPT_CTX_READY);
                    dataKeyDocument["masterKey"]["endpoint"].Should().Be(endpoint);

                    (state, _, _) = ProcessState(context, isKmsDecrypt: false);
                    state.Should().Be(CryptContext.StateCode.MONGOCRYPT_CTX_DONE);
                }
        }

Exemplo n.º 4

Arquivo: Program.cs Projeto: VonRosenchild/libmongocrypt

        static void Main(string[] args)
        {
            // The C# driver transmutes data unless you specify this stupid line!
            BsonDefaults.GuidRepresentation = GuidRepresentation.Standard;

            Console.WriteLine("Using url: " + args);
            // or change me to use the mock
            Uri kmsURL = Environment.GetEnvironmentVariable("AWS_SECRET_ACCESS_KEY") != null ? null :  new Uri("https://*****:*****@"{
'find': 'test',
'filter' :  { '$or': [{ '_id': 1},{ 'ssn': '123-45-6789'}]},
        }");


            var findCmd = new BsonDocumentCommand <BsonDocument>(controller.EncryptCommand(kmsCredentials, collection, findDoc));

            Console.WriteLine("Find CMD: " + findCmd.Document);

            findCmd.Document.Remove("$db");

            var commandResult = database.RunCommand(findCmd);

            Console.WriteLine("Find Result: " + commandResult);

            var decryptedDocument = controller.DecryptCommand(kmsCredentials, database, commandResult);

            Console.WriteLine("Find Result (DECRYPTED): " + decryptedDocument);
        }