/// <summary>
/// Starts the create data key context.
/// </summary>
/// <param name="keyId">The key identifier.</param>
/// <returns>A crypt context for creating a data key</returns>
public CryptContext StartCreateDataKeyContext(IKmsKeyId keyId)
{
ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle);
IInternalKmsKeyId key = (IInternalKmsKeyId)keyId;
key.SetCredentials(handle, _status);
handle.Check(_status, Library.mongocrypt_ctx_datakey_init(handle));
return new CryptContext(handle);
}
public Guid GenerateKey(IKmsCredentials credentials, IKmsKeyId kmsKeyId)
{
CryptOptions options = new CryptOptions(credentials);
BsonDocument key = null;
using (var cryptClient = CryptClientFactory.Create(options))
using (var context = cryptClient.StartCreateDataKeyContext(kmsKeyId))
{
key = ProcessState(context, _keyVault.Database, null);
}
_keyVault.InsertOne(key);
Guid g = key["_id"].AsGuid;
return(g);
}
internal static void SetAlternateKeyNames(this IKmsKeyId kmsKeyId, ContextSafeHandle context, Status status)
{
foreach (var alternateKeyName in kmsKeyId.AlternateKeyNameBsonDocuments)
{
unsafe
{
fixed(byte *p = alternateKeyName)
{
IntPtr ptr = (IntPtr)p;
using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)alternateKeyName.Length))
{
context.Check(status, Library.mongocrypt_ctx_setopt_key_alt_name(context, pinned.Handle));
}
}
}
}
}
