Class supporting operations for MongoDB Client-Side Field Level Encryption. More...

#include <client_encryption.hpp>

Public Member Functions
	client_encryption (options::client_encryption opts)
	Creates a client_encryption object.

	~client_encryption () noexcept
	Destroys a client_encryption.

	client_encryption (client_encryption &&)
	Move-constructs a client_encryption object.

client_encryption &	operator= (client_encryption &&)
	Move-assigns a client_encryption object.

bsoncxx::types::bson_value::value	create_data_key (std::string kms_provider, const options::data_key &opts={})
	Creates a new key document and inserts into the key vault collection.

bsoncxx::types::bson_value::value	encrypt (bsoncxx::types::bson_value::view value, const options::encrypt &opts)
	Encrypts a BSON value with a given key and algorithm.

bsoncxx::types::bson_value::value	decrypt (bsoncxx::types::bson_value::view value)
	Decrypts an encrypted value (BSON binary of subtype 6).

Detailed Description

Class supporting operations for MongoDB Client-Side Field Level Encryption.

Constructor & Destructor Documentation

◆ client_encryption()

mongocxx::client_encryption::client_encryption ( options::client_encryption opts )

Creates a client_encryption object.

Parameters

opts	An object representing encryption options.

See also: https://docs.mongodb.com/ecosystem/use-cases/client-side-field-level-encryption-guide

Member Function Documentation

◆ create_data_key()

bsoncxx::types::bson_value::value mongocxx::client_encryption::create_data_key	(	std::string	kms_provider,
		const options::data_key &	opts = `{}`
	)

Creates a new key document and inserts into the key vault collection.

Parameters

kms_provider	A string identifying the KMS service to use to encrypt the datakey. Must be one of "aws", "azure", "gcp", "kmip", or "local".
opts	Optional arguments, see options::data_key.

Returns: The id of the created document as a bson_value::value containing a UUID (BSON binary subtype 4).

Exceptions

mongocxx::exception if there is an error creating the key.

See also: https://docs.mongodb.com/ecosystem/use-cases/client-side-field-level-encryption-guide/#b-create-a-data-encryption-key

◆ decrypt()

bsoncxx::types::bson_value::value mongocxx::client_encryption::decrypt ( bsoncxx::types::bson_value::view value )

Decrypts an encrypted value (BSON binary of subtype 6).

Parameters

value The encrypted value.

Returns: The original BSON value.

Exceptions

mongocxx::exception if there is an error decrypting the value.

See also: https://docs.mongodb.com/manual/reference/method/ClientEncryption.decrypt/#ClientEncryption.decrypt

◆ encrypt()

bsoncxx::types::bson_value::value mongocxx::client_encryption::encrypt	(	bsoncxx::types::bson_value::view	value,
		const options::encrypt &	opts
	)

Encrypts a BSON value with a given key and algorithm.

Parameters

value	The BSON value to encrypt.
opts	Options must be given in order to specify an encryption algorithm and a key_id or key_alt_name. See options::encrypt.

Returns: The encrypted value (BSON binary subtype 6).

Exceptions

mongocxx::exception if there is an error encrypting the value.

See also: https://docs.mongodb.com/manual/reference/method/ClientEncryption.encrypt/#ClientEncryption.encrypt

The documentation for this class was generated from the following file:

src/mongocxx/client_encryption.hpp

Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ client_encryption()

Member Function Documentation

◆ create_data_key()

◆ decrypt()

◆ encrypt()