MongoDB C++ Driver 4.4.0
Loading...
Searching...
No Matches
client_encryption.hpp
Go to the documentation of this file.
1// Copyright 2009-present MongoDB, Inc.
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15#pragma once
16
17#include <mongocxx/v1/client_encryption-fwd.hpp> // IWYU pragma: export
18
19//
20
21#include <mongocxx/v1/detail/prelude.hpp>
22
23#include <bsoncxx/v1/document/value-fwd.hpp>
24#include <bsoncxx/v1/document/view-fwd.hpp>
25#include <bsoncxx/v1/types/value-fwd.hpp>
26
27#include <mongocxx/v1/client-fwd.hpp>
28#include <mongocxx/v1/collection-fwd.hpp>
29#include <mongocxx/v1/cursor-fwd.hpp>
30#include <mongocxx/v1/data_key_options-fwd.hpp>
31#include <mongocxx/v1/database-fwd.hpp>
32#include <mongocxx/v1/delete_one_result-fwd.hpp>
33#include <mongocxx/v1/encrypt_options-fwd.hpp>
34#include <mongocxx/v1/rewrap_many_datakey_options-fwd.hpp>
35#include <mongocxx/v1/rewrap_many_datakey_result-fwd.hpp>
36
37#include <bsoncxx/v1/stdx/optional.hpp>
38#include <bsoncxx/v1/stdx/string_view.hpp>
39
40#include <mongocxx/v1/config/export.hpp>
41
42#include <string>
43#include <utility>
44
45namespace mongocxx {
46namespace v1 {
47
59class client_encryption {
60 private:
61 void* _impl; // mongoc_client_encryption_t
62
63 public:
64 class options;
65
71 MONGOCXX_ABI_EXPORT_CDECL() ~client_encryption();
72
79 MONGOCXX_ABI_EXPORT_CDECL() client_encryption(client_encryption&& other) noexcept;
80
87 MONGOCXX_ABI_EXPORT_CDECL(client_encryption&) operator=(client_encryption&& other) noexcept;
88
92 client_encryption(client_encryption const& other) = delete;
93
97 client_encryption& operator=(client_encryption const& other) = delete;
98
102 explicit MONGOCXX_ABI_EXPORT_CDECL() client_encryption(options const& opts);
103
113 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::types::value) create_data_key(
114 bsoncxx::v1::stdx::string_view kms_provider,
115 v1::data_key_options const& opts);
116
117 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::types::value) create_data_key(bsoncxx::v1::stdx::string_view kms_provider);
120
135 MONGOCXX_ABI_EXPORT_CDECL(v1::collection) create_encrypted_collection(
136 v1::database& db,
137 bsoncxx::v1::stdx::string_view name,
138 bsoncxx::v1::document::view opts,
139 bsoncxx::v1::document::value& coll_opts,
140 bsoncxx::v1::stdx::string_view kms_provider,
141 bsoncxx::v1::document::view master_key);
142
156 MONGOCXX_ABI_EXPORT_CDECL(v1::collection) create_encrypted_collection(
157 v1::database& db,
158 bsoncxx::v1::stdx::string_view name,
159 bsoncxx::v1::document::view opts,
160 bsoncxx::v1::document::value& coll_opts,
161 bsoncxx::v1::stdx::string_view kms_provider);
162
171 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::types::value) encrypt(
172 bsoncxx::v1::types::value value,
173 v1::encrypt_options const& opts);
174
186 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::document::value) encrypt_expression(
187 bsoncxx::v1::document::view expr,
188 v1::encrypt_options const& opts);
189
196 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::types::value) decrypt(bsoncxx::v1::types::value value);
197
210 MONGOCXX_ABI_EXPORT_CDECL(v1::rewrap_many_datakey_result) rewrap_many_datakey(
211 bsoncxx::v1::document::view filter,
212 v1::rewrap_many_datakey_options const& opts);
213
220 MONGOCXX_ABI_EXPORT_CDECL(v1::delete_one_result) delete_key(bsoncxx::v1::types::value id);
221
230 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::document::value) get_key(bsoncxx::v1::types::value id);
231
238 MONGOCXX_ABI_EXPORT_CDECL(v1::cursor) get_keys();
239
248 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::document::value) add_key_alt_name(
249 bsoncxx::v1::types::value id,
250 bsoncxx::v1::stdx::string_view key_alt_name);
251
260 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::document::value) remove_key_alt_name(
261 bsoncxx::v1::types::value id,
262 bsoncxx::v1::stdx::string_view key_alt_name);
263
270 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::document::value) get_key_by_alt_name(
271 bsoncxx::v1::stdx::string_view key_alt_name);
272
273 class internal;
274
275 private:
276 /* explicit(false) */ client_encryption(void* impl);
277};
278
288class client_encryption::options {
289 private:
290 class impl;
291 void* _impl;
292
293 public:
299 MONGOCXX_ABI_EXPORT_CDECL() ~options();
300
307 MONGOCXX_ABI_EXPORT_CDECL() options(options&& other) noexcept;
308
315 MONGOCXX_ABI_EXPORT_CDECL(options&) operator=(options&& other) noexcept;
316
320 MONGOCXX_ABI_EXPORT_CDECL() options(options const& other);
321
325 MONGOCXX_ABI_EXPORT_CDECL(options&) operator=(options const& other);
326
333 MONGOCXX_ABI_EXPORT_CDECL() options();
334
342 MONGOCXX_ABI_EXPORT_CDECL(options&) key_vault_client(v1::client* v);
343
347 MONGOCXX_ABI_EXPORT_CDECL(v1::client*) key_vault_client() const;
348
356 using ns_pair = std::pair<std::string, std::string>;
357
361 MONGOCXX_ABI_EXPORT_CDECL(options&) key_vault_namespace(ns_pair v);
362
366 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::stdx::optional<ns_pair>) key_vault_namespace() const;
367
371 MONGOCXX_ABI_EXPORT_CDECL(options&) kms_providers(bsoncxx::v1::document::value v);
372
376 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::stdx::optional<bsoncxx::v1::document::view>) kms_providers() const;
377
381 MONGOCXX_ABI_EXPORT_CDECL(options&) tls_opts(bsoncxx::v1::document::value v);
382
386 MONGOCXX_ABI_EXPORT_CDECL(bsoncxx::v1::stdx::optional<bsoncxx::v1::document::view>) tls_opts() const;
387
388 class internal;
389};
390
391} // namespace v1
392} // namespace mongocxx
393
394#include <mongocxx/v1/detail/postlude.hpp>
395
mongocxx::v1::client_encryption::options
Options for mongocxx::v1::client_encryption.
Definition client_encryption.hpp:288
mongocxx::v1::client_encryption::options::key_vault_namespace
options & key_vault_namespace(ns_pair v)
Set the "keyVaultNamespace" field.
mongocxx::v1::client_encryption::options::tls_opts
options & tls_opts(bsoncxx::v1::document::value v)
Set the "tlsOptions" field.
mongocxx::v1::client_encryption::options::key_vault_client
options & key_vault_client(v1::client *v)
Set the "keyVaultClient" field.
mongocxx::v1::client_encryption::options::kms_providers
options & kms_providers(bsoncxx::v1::document::value v)
Set the "kmsProviders" field.
mongocxx::v1::client_encryption::options::options
options(options &&other) noexcept
Move constructor.
mongocxx::v1::client_encryption::options::~options
~options()
Destroy this object.
mongocxx::v1::client_encryption::options::ns_pair
std::pair< std::string, std::string > ns_pair
The name of a database and a collection.
Definition client_encryption.hpp:356
mongocxx::v1::client_encryption::get_key_by_alt_name
bsoncxx::v1::document::value get_key_by_alt_name(bsoncxx::v1::stdx::string_view key_alt_name)
Return the specified data key.
mongocxx::v1::client_encryption::create_data_key
bsoncxx::v1::types::value create_data_key(bsoncxx::v1::stdx::string_view kms_provider, v1::data_key_options const &opts)
Create a new data key within the key vault collection.
mongocxx::v1::client_encryption::encrypt
bsoncxx::v1::types::value encrypt(bsoncxx::v1::types::value value, v1::encrypt_options const &opts)
Encrypt the given value.
mongocxx::v1::client_encryption::client_encryption
client_encryption(client_encryption &&other) noexcept
Move constructor.
mongocxx::v1::client_encryption::remove_key_alt_name
bsoncxx::v1::document::value remove_key_alt_name(bsoncxx::v1::types::value id, bsoncxx::v1::stdx::string_view key_alt_name)
Remove the given keyAltName from the specified data key.
mongocxx::v1::client_encryption::encrypt_expression
bsoncxx::v1::document::value encrypt_expression(bsoncxx::v1::document::view expr, v1::encrypt_options const &opts)
Encrypt the given Match Expression or Aggregate Expression.
mongocxx::v1::client_encryption::get_keys
v1::cursor get_keys()
Return all data keys within the associated key vault collection.
mongocxx::v1::client_encryption::~client_encryption
~client_encryption()
Destroy this object.
mongocxx::v1::client_encryption::rewrap_many_datakey
v1::rewrap_many_datakey_result rewrap_many_datakey(bsoncxx::v1::document::view filter, v1::rewrap_many_datakey_options const &opts)
Decrypt and (re-)encrypt multiple data keys.
mongocxx::v1::client_encryption::create_encrypted_collection
v1::collection create_encrypted_collection(v1::database &db, bsoncxx::v1::stdx::string_view name, bsoncxx::v1::document::view opts, bsoncxx::v1::document::value &coll_opts, bsoncxx::v1::stdx::string_view kms_provider, bsoncxx::v1::document::view master_key)
Create a collection with encrypted fields.
mongocxx::v1::client_encryption::decrypt
bsoncxx::v1::types::value decrypt(bsoncxx::v1::types::value value)
Decrypt the given value.
mongocxx::v1::client_encryption::delete_key
v1::delete_one_result delete_key(bsoncxx::v1::types::value id)
Delete the specified data key.
mongocxx::v1::client_encryption::add_key_alt_name
bsoncxx::v1::document::value add_key_alt_name(bsoncxx::v1::types::value id, bsoncxx::v1::stdx::string_view key_alt_name)
Add a new keyAltName to the specified data key.
mongocxx::v1::client_encryption::get_key
bsoncxx::v1::document::value get_key(bsoncxx::v1::types::value id)
Return the requested data key.
mongocxx::v1::client
A connection to a MongoDB deployment.
Definition client.hpp:60
mongocxx::v1::collection
A MongoDB collection.
Definition collection.hpp:81
mongocxx::v1::cursor
A MongoDB cursor.
Definition cursor.hpp:39
mongocxx::v1::data_key_options
A Data Encryption Key (DEK) for In-Use Encryption.
Definition data_key_options.hpp:48
mongocxx::v1::database
A MongoDB database.
Definition database.hpp:55
mongocxx::v1::delete_one_result
The result of a "deleteOne" operation.
Definition delete_one_result.hpp:40
mongocxx::v1::encrypt_options
Options related to explicit encryption for In-Use Encryption.
Definition encrypt_options.hpp:57
mongocxx::v1::rewrap_many_datakey_options
Options for a "rewrapManyDataKey" operation.
Definition rewrap_many_datakey_options.hpp:46
mongocxx::v1::rewrap_many_datakey_result
The result of a "rewrapManyDataKey" operation.
Definition rewrap_many_datakey_result.hpp:40
data_key_options-fwd.hpp
Declares mongocxx::v1::data_key_options.
delete_one_result-fwd.hpp
Declares mongocxx::v1::delete_one_result.
encrypt_options-fwd.hpp
Declares mongocxx::v1::encrypt_options.
export.hpp
Provides macros to control the set of symbols exported in the ABI.
MONGOCXX_ABI_EXPORT_CDECL
#define MONGOCXX_ABI_EXPORT_CDECL(...)
Equivalent to MONGOCXX_ABI_EXPORT with MONGOCXX_ABI_CDECL.
Definition export.hpp:52
prelude.hpp
The mongocxx v1 macro guard prelude header.
bsoncxx
The top-level namespace within which all bsoncxx library entities are declared.
mongocxx::v1
Declares entities whose ABI stability is guaranteed for documented symbols.
mongocxx
The top-level namespace within which all mongocxx library entities are declared.
rewrap_many_datakey_options-fwd.hpp
Declares mongocxx::v1::rewrap_many_datakey_options.
rewrap_many_datakey_result-fwd.hpp
Declares mongocxx::v1::rewrap_many_datakey_result.
client-fwd.hpp
Declares mongocxx::v1::client.
client_encryption-fwd.hpp
Declares mongocxx::v1::client_encryption.
collection-fwd.hpp
Declares mongocxx::v1::collection.
cursor-fwd.hpp
Declares mongocxx::v1::cursor.
database-fwd.hpp
Declares mongocxx::v1::database.
value-fwd.hpp
Declares bsoncxx::v1::document::value.
view-fwd.hpp
Declares bsoncxx::v1::document::view.
optional.hpp
Provides std::optional-related polyfills for library API usage.
string_view.hpp
Provides std::string_view-related polyfills for library API usage.
value-fwd.hpp
Declares bsoncxx::v1::types::value.