Пример #1
0
        /// <summary>
        /// Starts an explicit encryption context.
        /// </summary>
        /// <param name="key">The key id.</param>
        /// <param name="encryptionAlgorithm">The encryption algorithm.</param>
        /// <param name="message">The BSON message.</param>
        /// <returns>A encryption context. </returns>
        public CryptContext StartExplicitEncryptionContextWithKeyId(byte[] keyId, EncryptionAlgorithm encryptionAlgorithm, byte[] message)
        {
            ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle);

            unsafe
            {
                fixed(byte *p = keyId)
                {
                    IntPtr ptr = (IntPtr)p;

                    using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)keyId.Length))
                    {
                        handle.Check(_status, Library.mongocrypt_ctx_setopt_key_id(handle, pinned.Handle));
                    }
                }
            }

            handle.Check(_status, Library.mongocrypt_ctx_setopt_algorithm(handle, Helpers.EncryptionAlgorithmToString(encryptionAlgorithm), -1));

            unsafe
            {
                fixed(byte *p = message)
                {
                    IntPtr ptr = (IntPtr)p;

                    using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)message.Length))
                    {
                        handle.Check(_status, Library.mongocrypt_ctx_explicit_encrypt_init(handle, pinned.Handle));
                    }
                }
            }

            return(new CryptContext(handle));
        }
Пример #2
0
        /// <summary>Creates a CryptClient with the specified options.</summary>
        /// <param name="options">The options.</param>
        /// <returns>A CryptClient</returns>
        public static CryptClient Create(CryptOptions options)
        {
            MongoCryptSafeHandle handle = Library.mongocrypt_new();

            Status status = new Status();

            foreach (var kmsCredentials in options.KmsCredentialsMap)
            {
                ((IInternalKmsCredentials)kmsCredentials.Value).SetCredentials(handle, status);
            }

            if (options.Schema != null)
            {
                unsafe
                {
                    fixed(byte *schema = options.Schema)
                    {
                        var schemaPtr = (IntPtr)schema;

                        using (var pinnedSchema = new PinnedBinary(schemaPtr, (uint)options.Schema.Length))
                        {
                            handle.Check(status, Library.mongocrypt_setopt_schema_map(handle, schema: pinnedSchema.Handle));
                        }
                    }
                }
            }
            Library.mongocrypt_init(handle);

            return(new CryptClient(handle, status));
        }
Пример #3
0
        /// <summary>
        /// Starts the encryption context.
        /// </summary>
        /// <param name="db">The database of the collection.</param>
        /// <param name="command">The command.</param>
        /// <returns>A encryption context.</returns>
        public CryptContext StartEncryptionContext(string db, byte[] command)
        {
            ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle);

            IntPtr stringPointer = (IntPtr)Marshal.StringToHGlobalAnsi(db);

            try
            {
                unsafe
                {
                    fixed(byte *c = command)
                    {
                        var commandPtr = (IntPtr)c;

                        using (var pinnedCommand = new PinnedBinary(commandPtr, (uint)command.Length))
                        {
                            // Let mongocrypt run strlen
                            handle.Check(_status, Library.mongocrypt_ctx_encrypt_init(handle, stringPointer, -1, pinnedCommand.Handle));
                        }
                    }
                }
            }
            finally
            {
                Marshal.FreeHGlobal(stringPointer);
            }

            return(new CryptContext(handle));
        }
Пример #4
0
        /// <summary>Creates a CryptClient with the specified options.</summary>
        /// <param name="options">The options.</param>
        /// <returns>A CryptClient</returns>
        public static CryptClient Create(CryptOptions options)
        {
            var handle = Library.mongocrypt_new();

            var status = new Status();

            // The below code can be avoided on Windows. So, we don't call it on this system
            // to avoid restrictions on target frameworks that present in some of below
            if (OperatingSystemHelper.CurrentOperatingSystem != OperatingSystemPlatform.Windows)
            {
                handle.Check(
                    status,
                    Library.mongocrypt_setopt_crypto_hooks(
                        handle,
                        __crypto256EncryptCallback,
                        __crypto256DecryptCallback,
                        __randomCallback,
                        __cryptoHmacSha512Callback,
                        __cryptoHmacSha256Callback,
                        __cryptoHashCallback,
                        IntPtr.Zero));

                handle.Check(
                    status,
                    Library.mongocrypt_setopt_crypto_hook_sign_rsaes_pkcs1_v1_5(
                        handle,
                        __signRsaesPkcs1HmacCallback,
                        IntPtr.Zero));
            }

            foreach (var kmsCredentials in options.KmsCredentials)
            {
                kmsCredentials.SetCredentials(handle, status);
            }

            if (options.Schema != null)
            {
                unsafe
                {
                    fixed(byte *schema = options.Schema)
                    {
                        var schemaPtr = (IntPtr)schema;

                        using (var pinnedSchema = new PinnedBinary(schemaPtr, (uint)options.Schema.Length))
                        {
                            handle.Check(status, Library.mongocrypt_setopt_schema_map(handle, schema: pinnedSchema.Handle));
                        }
                    }
                }
            }
            Library.mongocrypt_init(handle);

            return(new CryptClient(handle, status));
        }
Пример #5
0
        // internal methods
        internal void SetCredentials(MongoCryptSafeHandle handle, Status status)
        {
            unsafe
            {
                fixed(byte *p = _credentialsBytes)
                {
                    IntPtr ptr = (IntPtr)p;

                    using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)_credentialsBytes.Length))
                    {
                        handle.Check(status, Library.mongocrypt_setopt_kms_providers(handle, pinned.Handle));
                    }
                }
            }
        }
Пример #6
0
        /// <summary>
        /// Feeds the response back to the libmongocrypt
        /// </summary>
        /// <param name="buffer">The response.</param>
        public void Feed(byte[] buffer)
        {
            unsafe
            {
                fixed(byte *p = buffer)
                {
                    IntPtr ptr = (IntPtr)p;

                    using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)buffer.Length))
                    {
                        Check(Library.mongocrypt_kms_ctx_feed(_id, pinned.Handle));
                    }
                }
            }
        }
Пример #7
0
        void IInternalKmsCredentials.SetCredentials(MongoCryptSafeHandle handle, Status status)
        {
            unsafe
            {
                fixed(byte *p = Key)
                {
                    IntPtr ptr = (IntPtr)p;

                    using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)Key.Length))
                    {
                        handle.Check(status, Library.mongocrypt_setopt_kms_provider_local(handle, pinned.Handle));
                    }
                }
            }
        }
Пример #8
0
        internal void SetCredentials(ContextSafeHandle context, Status status)
        {
            unsafe
            {
                fixed(byte *p = _dataKeyOptionsBytes)
                {
                    IntPtr ptr = (IntPtr)p;

                    using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)_dataKeyOptionsBytes.Length))
                    {
                        context.Check(status, Library.mongocrypt_ctx_setopt_key_encryption_key(context, pinned.Handle));
                    }
                }
            }
            SetAlternateKeyNames(context, status);
        }
Пример #9
0
        internal static void SetAlternateKeyNames(this IKmsKeyId kmsKeyId, ContextSafeHandle context, Status status)
        {
            foreach (var alternateKeyName in kmsKeyId.AlternateKeyNameBsonDocuments)
            {
                unsafe
                {
                    fixed(byte *p = alternateKeyName)
                    {
                        IntPtr ptr = (IntPtr)p;

                        using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)alternateKeyName.Length))
                        {
                            context.Check(status, Library.mongocrypt_ctx_setopt_key_alt_name(context, pinned.Handle));
                        }
                    }
                }
            }
        }
Пример #10
0
        // internal methods
        internal void SetAlternateKeyNames(ContextSafeHandle context, Status status)
        {
            foreach (var alternateKeyNameBytes in _alternateKeyNameBytes)
            {
                unsafe
                {
                    fixed(byte *p = alternateKeyNameBytes)
                    {
                        IntPtr ptr = (IntPtr)p;

                        using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)alternateKeyNameBytes.Length))
                        {
                            context.Check(status, Library.mongocrypt_ctx_setopt_key_alt_name(context, pinned.Handle));
                        }
                    }
                }
            }
        }
Пример #11
0
        /// <summary>
        /// Starts an explicit decryption context.
        /// </summary>
        /// <param name="buffer">The buffer.</param>
        /// <returns>A encryption context</returns>
        public CryptContext StartExplicitDecryptionContext(byte[] buffer)
        {
            ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle);

            unsafe
            {
                fixed(byte *p = buffer)
                {
                    IntPtr ptr = (IntPtr)p;

                    using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)buffer.Length))
                    {
                        // Let mongocrypt run strlen
                        handle.Check(_status, Library.mongocrypt_ctx_explicit_decrypt_init(handle, pinned.Handle));
                    }
                }
            }

            return(new CryptContext(handle));
        }
Пример #12
0
        /// <summary>
        /// Starts the decryption context.
        /// </summary>
        /// <param name="buffer">The bson document to decrypt.</param>
        /// <returns>A decryption context</returns>
        public CryptContext StartDecryptionContext(byte[] buffer)
        {
            ContextSafeHandle handle = Library.mongocrypt_ctx_new(_handle);

            GCHandle gch = GCHandle.Alloc(buffer, GCHandleType.Pinned);

            unsafe
            {
                fixed(byte *p = buffer)
                {
                    IntPtr ptr = (IntPtr)p;

                    using (PinnedBinary pinned = new PinnedBinary(ptr, (uint)buffer.Length))
                    {
                        handle.Check(_status, Library.mongocrypt_ctx_decrypt_init(handle, pinned.Handle));
                    }
                }
            }

            return(new CryptContext(handle));
        }