示例#1
0
        public Guid GenerateKey(KmsCredentials credentials, KmsKeyId kmsKeyId)
        {
            var options = new CryptOptions(new[] { credentials });

            BsonDocument key = null;

            using (var cryptClient = CryptClientFactory.Create(options))
                using (var context = cryptClient.StartCreateDataKeyContext(kmsKeyId))
                {
                    key = ProcessState(context, _keyVault.Database, null);
                }

            _keyVault.InsertOne(key);
            Guid g = key["_id"].AsGuid;

            return(g);
        }
示例#2
0
        static void Main(string[] args)
        {
            // The C# driver transmutes data unless you specify this stupid line!
            BsonDefaults.GuidRepresentation = GuidRepresentation.Standard;

            Console.WriteLine("Using url: " + args);
            // or change me to use the mock
            Uri kmsURL = Environment.GetEnvironmentVariable("FLE_AWS_SECRET_ACCESS_KEY") != null ? null : new Uri("https://*****:*****@"{
'find': 'test',
'filter' :  { '$or': [{ '_id': 1},{ 'ssn': '123-45-6789'}]},
        }");


            var findCmd = new BsonDocumentCommand <BsonDocument>(controller.EncryptCommand(kmsCredentials, collection, findDoc));

            Console.WriteLine("Find CMD: " + findCmd.Document);

            findCmd.Document.Remove("$db");

            var commandResult = database.RunCommand(findCmd);

            Console.WriteLine("Find Result: " + commandResult);

            var decryptedDocument = controller.DecryptCommand(kmsCredentials, database, commandResult);

            Console.WriteLine("Find Result (DECRYPTED): " + decryptedDocument);
        }