@Beta public interface ClientEncryption extends Closeable
Used to create data encryption keys, and to explicitly encrypt and decrypt values when auto-encryption is not an option.
Note: support for client-side encryption should be considered as beta. Backwards-breaking changes may be made before the final release.
Modifier and Type | Method and Description |
---|---|
void |
close() |
org.reactivestreams.Publisher<org.bson.BsonBinary> |
createDataKey(String kmsProvider)
Create a data key with the given KMS provider.
|
org.reactivestreams.Publisher<org.bson.BsonBinary> |
createDataKey(String kmsProvider,
com.mongodb.client.model.vault.DataKeyOptions dataKeyOptions)
Create a data key with the given KMS provider and options.
|
org.reactivestreams.Publisher<org.bson.BsonValue> |
decrypt(org.bson.BsonBinary value)
Decrypt the given value.
|
org.reactivestreams.Publisher<org.bson.BsonBinary> |
encrypt(org.bson.BsonValue value,
com.mongodb.client.model.vault.EncryptOptions options)
Encrypt the given value with the given options.
|
org.reactivestreams.Publisher<org.bson.BsonBinary> createDataKey(String kmsProvider)
Creates a new key document and inserts into the key vault collection.
kmsProvider
- the KMS providerorg.reactivestreams.Publisher<org.bson.BsonBinary> createDataKey(String kmsProvider, com.mongodb.client.model.vault.DataKeyOptions dataKeyOptions)
Creates a new key document and inserts into the key vault collection.
kmsProvider
- the KMS providerdataKeyOptions
- the options for data key creationorg.reactivestreams.Publisher<org.bson.BsonBinary> encrypt(org.bson.BsonValue value, com.mongodb.client.model.vault.EncryptOptions options)
The driver may throw an exception for prohibited BSON value types
value
- the value to encryptoptions
- the options for data encryptionorg.reactivestreams.Publisher<org.bson.BsonValue> decrypt(org.bson.BsonBinary value)
value
- the value to decrypt, which must be of subtype 6void close()
close
in interface AutoCloseable
close
in interface Closeable