using MongoDB.Bson;
|
using MongoDB.Driver;
|
using MongoDB.Driver.Encryption;
|
using System;
|
using System.Collections.Generic;
|
using System.Linq;
|
using System.Threading;
|
using System.Web.Http;
|
|
namespace WebApplication1.Controllers
|
{
|
public class ValuesController : ApiController
|
{
|
private MongoClient GetCSFLEClient()
|
{
|
var localMasterKey = Convert.FromBase64String("Mng0NCt4ZHVUYUJCa1kxNkVyNUR1QURhZ2h2UzR2d2RrZzh0cFBwM3R6NmdWMDFBMUN3YkQ5aXRRMkhGRGdQV09wOGVNYUMxT2k3NjZKelhaQmRCZGJkTXVyZG9uSjFk");
|
|
var kmsProviders = new Dictionary<string, IReadOnlyDictionary<string, object>>();
|
var localKey = new Dictionary<string, object>
|
{
|
{ "key", localMasterKey }
|
};
|
kmsProviders.Add("local", localKey);
|
|
var keyVaultNamespace = CollectionNamespace.FromFullName("admin.datakeys");
|
var keyVaultMongoClient = new MongoClient();
|
var clientEncryptionSettings = new ClientEncryptionOptions(
|
keyVaultMongoClient,
|
keyVaultNamespace,
|
kmsProviders);
|
|
var clientEncryption = new ClientEncryption(clientEncryptionSettings);
|
var dataKeyId = clientEncryption.CreateDataKey("local", new DataKeyOptions(), CancellationToken.None);
|
var base64DataKeyId = Convert.ToBase64String(GuidConverter.ToBytes(dataKeyId, GuidRepresentation.Standard));
|
clientEncryption.Dispose();
|
var schemaMap = $@"{{
|
properties: {{
|
encryptedField: {{
|
encrypt: {{
|
keyId: [{{
|
'$binary' : {{
|
'base64' : '{base64DataKeyId}',
|
'subType' : '04'
|
}}
|
}}],
|
bsonType: 'string',
|
algorithm: 'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic'
|
}}
|
}}
|
}},
|
'bsonType': 'object'
|
}}";
|
|
var collectionNamespace = CollectionNamespace.FromFullName("test.coll");
|
|
var autoEncryptionSettings = new AutoEncryptionOptions(
|
keyVaultNamespace,
|
kmsProviders,
|
schemaMap: new Dictionary<string, BsonDocument>()
|
{
|
{ collectionNamespace.ToString(), BsonDocument.Parse(schemaMap) }
|
});
|
|
var clientSettings = new MongoClientSettings
|
{
|
AutoEncryptionOptions = autoEncryptionSettings
|
};
|
|
return new MongoClient(clientSettings);
|
}
|
|
// GET api/values
|
public IEnumerable<string> Get(bool csfle)
|
{
|
var client = (csfle) ? GetCSFLEClient() : new MongoClient();
|
var database = client.GetDatabase("test");
|
database.DropCollection("coll");
|
var collection = database.GetCollection<BsonDocument>("coll");
|
|
collection.InsertOne(new BsonDocument("encryptedField", "123456789"));
|
|
var result = collection.Find(FilterDefinition<BsonDocument>.Empty).First();
|
|
return new string[] { result.ToJson() };
|
}
|
}
|
}
|