the buffer containing the serialized set of BSON documents.
returns the deserialized Javascript Object.
Serialize a Javascript object.
the Javascript object to serialize.
Buffer object containing the serialized object.
Allows the user to bypass auto encryption, maintaining implicit decryption
If true, autoEncryption will not attempt to spawn a mongocryptd before connecting
Command line arguments to use when auto-spawning a mongocryptd
The path to the mongocryptd executable on the system
A local process the driver communicates with to determine how to encrypt values in a command. Defaults to "mongodb://%2Fvar%2Fmongocryptd.sock" if domain sockets are available or "mongodb://localhost:27020" otherwise
A MongoClient
used to fetch keys from a key vault
The namespace where keys are stored in the key vault
Configuration options that are used by specific KMS providers during key generation, encryption, and decryption.
Configuration options for using 'aws' as your KMS provider
The access key used for the AWS KMS provider
The secret access key used for the AWS KMS provider
An optional AWS session token that will be used as the X-Amz-Security-Token header for AWS requests.
Configuration options for using 'azure' as your KMS provider
The client ID to authenticate a registered application
The client secret to authenticate a registered application
If present, a host with optional port. E.g. "example.com" or "example.com:443". This is optional, and only needed if customer is using a non-commercial Azure instance (e.g. a government or China account, which use different URLs). Defaults to "login.microsoftonline.com"
The tenant ID identifies the organization for the account
Configuration options for using 'gcp' as your KMS provider
The service account email to authenticate
If present, a host with optional port. E.g. "example.com" or "example.com:443". Defaults to "oauth2.googleapis.com"
A PKCS#8 encrypted key. This can either be a base64 string or a binary representation
Configuration options for using 'kmip' as your KMS provider
The output endpoint string. The endpoint consists of a hostname and port separated by a colon. E.g. "example.com:123". A port is always present.
Configuration options for using 'local' as your KMS provider
The master key used to encrypt/decrypt data keys. A 96-byte long Buffer or base64 encoded string.
An optional hook to catch logging messages from the underlying encryption engine
A map of namespaces to a local JSON schema for encryption
NOTE: Supplying options.schemaMap provides more security than relying on JSON Schemas obtained from the server. It protects against a malicious server advertising a false JSON Schema, which could trick the client into sending decrypted data that should be encrypted. Schemas supplied in the schemaMap only apply to configuring automatic encryption for client side encryption. Other validation rules in the JSON schema will not be enforced by the driver and will result in an error.
The TLS options to use connecting to the KMS provider
Generated using TypeDoc
Deserialize data as BSON.