public Guid GenerateKey(KmsCredentials credentials, KmsKeyId kmsKeyId)
{
var options = new CryptOptions(new[] { credentials });
BsonDocument key = null;
using (var cryptClient = CryptClientFactory.Create(options))
using (var context = cryptClient.StartCreateDataKeyContext(kmsKeyId))
{
key = ProcessState(context, _keyVault.Database, null);
}
_keyVault.InsertOne(key);
Guid g = key["_id"].AsGuid;
return(g);
}
static void Main(string[] args)
{
// The C# driver transmutes data unless you specify this stupid line!
BsonDefaults.GuidRepresentation = GuidRepresentation.Standard;
Console.WriteLine("Using url: " + args);
// or change me to use the mock
Uri kmsURL = Environment.GetEnvironmentVariable("FLE_AWS_SECRET_ACCESS_KEY") != null ? null : new Uri("https://*****:*****@"{
'find': 'test',
'filter' : { '$or': [{ '_id': 1},{ 'ssn': '123-45-6789'}]},
}");
var findCmd = new BsonDocumentCommand <BsonDocument>(controller.EncryptCommand(kmsCredentials, collection, findDoc));
Console.WriteLine("Find CMD: " + findCmd.Document);
findCmd.Document.Remove("$db");
var commandResult = database.RunCommand(findCmd);
Console.WriteLine("Find Result: " + commandResult);
var decryptedDocument = controller.DecryptCommand(kmsCredentials, database, commandResult);
Console.WriteLine("Find Result (DECRYPTED): " + decryptedDocument);
}
