def __init(self): """Internal init helper.""" kms_providers = self.__opts.kms_providers if 'aws' in kms_providers: access_key_id = str_to_bytes(kms_providers['aws']['accessKeyId']) secret_access_key = str_to_bytes( kms_providers['aws']['secretAccessKey']) if not lib.mongocrypt_setopt_kms_provider_aws( self.__crypt, access_key_id, len(access_key_id), secret_access_key, len(secret_access_key)): self.__raise_from_status() if 'local' in kms_providers: key = kms_providers['local']['key'] with MongoCryptBinaryIn(key) as binary_key: if not lib.mongocrypt_setopt_kms_provider_local( self.__crypt, binary_key.bin): self.__raise_from_status() schema_map = self.__opts.schema_map if schema_map is not None: with MongoCryptBinaryIn(schema_map) as binary_schema_map: if not lib.mongocrypt_setopt_schema_map( self.__crypt, binary_schema_map.bin): self.__raise_from_status() if not lib.mongocrypt_setopt_crypto_hooks( self.__crypt, aes_256_cbc_encrypt, aes_256_cbc_decrypt, secure_random, hmac_sha_512, hmac_sha_256, sha_256, ffi.NULL): self.__raise_from_status() if not lib.mongocrypt_init(self.__crypt): self.__raise_from_status()
def __init(self): """Internal init helper.""" kms_providers = self.__opts.kms_providers # Make fields that can be passed as binary or string safe to # encode to BSON. base64_or_bytes_fields = [("local", "key"), ("gcp", "privateKey")] for f1, f2 in base64_or_bytes_fields: value = kms_providers.get(f1, {}).get(f2, None) if value is not None: safe_value = safe_bytearray_or_base64(value) if value != safe_value: kms_providers = copy.deepcopy(kms_providers) kms_providers[f1][f2] = safe_value with MongoCryptBinaryIn( self.__callback.bson_encode(kms_providers)) as kmsopt: if not lib.mongocrypt_setopt_kms_providers(self.__crypt, kmsopt.bin): self.__raise_from_status() schema_map = self.__opts.schema_map if schema_map is not None: with MongoCryptBinaryIn(schema_map) as binary_schema_map: if not lib.mongocrypt_setopt_schema_map( self.__crypt, binary_schema_map.bin): self.__raise_from_status() if not lib.mongocrypt_setopt_crypto_hooks( self.__crypt, aes_256_cbc_encrypt, aes_256_cbc_decrypt, secure_random, hmac_sha_512, hmac_sha_256, sha_256, ffi.NULL): self.__raise_from_status() if not lib.mongocrypt_setopt_crypto_hook_sign_rsaes_pkcs1_v1_5( self.__crypt, sign_rsaes_pkcs1_v1_5, ffi.NULL): self.__raise_from_status() if not lib.mongocrypt_init(self.__crypt): self.__raise_from_status()