The MongoDB\Driver\ClientEncryption class

(mongodb >=1.7.0)

Introducción

The MongoDB\Driver\ClientEncryption class handles creation of data keys for client-side encryption, as well as manually encrypting and decrypting values.

Sinopsis de la Clase

final class MongoDB\Driver\ClientEncryption {

/* Constantes */

const string AEAD_AES_256_CBC_HMAC_SHA_512_DETERMINISTIC = AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic;

const string AEAD_AES_256_CBC_HMAC_SHA_512_RANDOM = AEAD_AES_256_CBC_HMAC_SHA_512-Random;

const string ALGORITHM_INDEXED = Indexed;

const string ALGORITHM_UNINDEXED = Unindexed;

const string ALGORITHM_RANGE = Range;

const string QUERY_TYPE_EQUALITY = equality;

const string QUERY_TYPE_RANGE = range;

/* Métodos */

final public addKeyAltName(MongoDB\BSON\Binary $keyId, string $keyAltName): ?object

final public __construct(array $options)

final public createDataKey(string $kmsProvider, ?array $options = null): MongoDB\BSON\Binary

final public decrypt(MongoDB\BSON\Binary $value): mixed

final public deleteKey(MongoDB\BSON\Binary $keyId): object

final public encrypt(mixed $value, ?array $options = null): MongoDB\BSON\Binary

final public encryptExpression(array|object $expr, ?array $options = null): object

final public getKey(MongoDB\BSON\Binary $keyId): ?object

final public getKeyByAltName(string $keyAltName): ?object

final public getKeys(): MongoDB\Driver\Cursor

final public removeKeyAltName(MongoDB\BSON\Binary $keyId, string $keyAltName): ?object

final public rewrapManyDataKey(array|object $filter, ?array $options = null): object

}

Constantes predefinidas

MongoDB\Driver\ClientEncryption::AEAD_AES_256_CBC_HMAC_SHA_512_DETERMINISTIC

Specifies an algorithm for » deterministic encryption, which is suitable for querying.

MongoDB\Driver\ClientEncryption::AEAD_AES_256_CBC_HMAC_SHA_512_RANDOM

Specifies an algorithm for » randomized encryption

MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED

Specifies an algorithm for an indexed, encrypted payload, which can be used with queryable encryption.

To insert or query with an indexed, encrypted payload, the MongoDB\Driver\Manager must be configured with the "autoEncryption" driver option. The "bypassQueryAnalysis" auto encryption option may be true. The "bypassAutoEncryption" auto encryption option must be false.

MongoDB\Driver\ClientEncryption::ALGORITHM_UNINDEXED

Specifies an algorithm for an unindexed, encrypted payload.

MongoDB\Driver\ClientEncryption::ALGORITHM_RANGE

Specifies an algorithm for a range encrypted payload, which can be used with queryable encryption.

To query with a range encrypted payload, the MongoDB\Driver\Manager must be configured with the "autoEncryption" driver option. The "bypassQueryAnalysis" auto encryption option may be true. The "bypassAutoEncryption" auto encryption option must be false.

Nota:
The extension does not yet support range queries for Decimal128 BSON field types.

MongoDB\Driver\ClientEncryption::QUERY_TYPE_EQUALITY

Specifies an equality query type, which is used in conjunction with MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED.

MongoDB\Driver\ClientEncryption::QUERY_TYPE_RANGE

Specifies a range query type, which is used in conjunction with MongoDB\Driver\ClientEncryption::ALGORITHM_RANGE.

Historial de cambios

Versión	Descripción
PECL mongodb 2.0.0	Removed `MongoDB\Driver\ClientEncryption::ALGORITHM_RANGE_PREVIEW` and `MongoDB\Driver\ClientEncryption::QUERY_TYPE_RANGE_PREVIEW`.
PECL mongodb 1.20.0	Added `MongoDB\Driver\ClientEncryption::ALGORITHM_RANGE` and `MongoDB\Driver\ClientEncryption::QUERY_TYPE_RANGE`. Deprecated `MongoDB\Driver\ClientEncryption::ALGORITHM_RANGE_PREVIEW` and `MongoDB\Driver\ClientEncryption::QUERY_TYPE_RANGE_PREVIEW`.
PECL mongodb 1.16.0	Added `MongoDB\Driver\ClientEncryption::ALGORITHM_RANGE_PREVIEW` and `MongoDB\Driver\ClientEncryption::QUERY_TYPE_RANGE_PREVIEW`.
PECL mongodb 1.14.0	Added `MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED`, `MongoDB\Driver\ClientEncryption::ALGORITHM_UNINDEXED`, and `MongoDB\Driver\ClientEncryption::QUERY_TYPE_EQUALITY`.

Ver también

MongoDB\Driver\Manager::createClientEncryption()

Tabla de contenidos

MongoDB\Driver\ClientEncryption::addKeyAltName — Adds an alternate name to a key document
MongoDB\Driver\ClientEncryption::__construct — Create a new ClientEncryption object
MongoDB\Driver\ClientEncryption::createDataKey — Creates a key document
MongoDB\Driver\ClientEncryption::decrypt — Decrypt a value
MongoDB\Driver\ClientEncryption::deleteKey — Deletes a key document
MongoDB\Driver\ClientEncryption::encrypt — Encrypt a value
MongoDB\Driver\ClientEncryption::encryptExpression — Encrypts a match or aggregate expression
MongoDB\Driver\ClientEncryption::getKey — Gets a key document
MongoDB\Driver\ClientEncryption::getKeyByAltName — Gets a key document by an alternate name
MongoDB\Driver\ClientEncryption::getKeys — Gets all key documents
MongoDB\Driver\ClientEncryption::removeKeyAltName — Removes an alternate name from a key document
MongoDB\Driver\ClientEncryption::rewrapManyDataKey — Rewraps data keys

Found A Problem?

Learn How To Improve This Page • Submit a Pull Request • Report a Bug

＋add a note

User Contributed Notes

There are no user contributed notes for this page.