The MongoDB\Driver\ClientEncryption class
(mongodb >=1.7.0)
Introduction
The MongoDB\Driver\ClientEncryption class handles creation of data keys for client-side encryption, as well as manually encrypting and decrypting values.
Class synopsis
Predefined Constants
MongoDB\Driver\ClientEncryption::AEAD_AES_256_CBC_HMAC_SHA_512_DETERMINISTIC
-
Specifies an algorithm for » deterministic encryption, which is suitable for querying.
MongoDB\Driver\ClientEncryption::AEAD_AES_256_CBC_HMAC_SHA_512_RANDOM
-
Specifies an algorithm for » randomized encryption
MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED
-
Specifies an algorithm for an indexed, encrypted payload, which can be used with queryable encryption.
To insert or query with an indexed, encrypted payload, the MongoDB\Driver\Manager must be configured with the
"autoEncryption"
driver option. The"bypassQueryAnalysis"
auto encryption option may betrue
. The"bypassAutoEncryption"
auto encryption option must befalse
. MongoDB\Driver\ClientEncryption::ALGORITHM_UNINDEXED
-
Specifies an algorithm for an unindexed, encrypted payload.
MongoDB\Driver\ClientEncryption::QUERY_TYPE_EQUALITY
-
Specifies an equality query type, which is used in conjunction with
MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED
.Note: Queryable Encryption is in public preview and available for evaluation purposes. It is not yet recommended for production deployments as breaking changes may be introduced. See the » Queryable Encryption Preview blog post for more information.
Changelog
Version | Description |
---|---|
PECL mongodb 1.14.0 |
Added MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED , MongoDB\Driver\ClientEncryption::ALGORITHM_UNINDEXED , and MongoDB\Driver\ClientEncryption::QUERY_TYPE_EQUALITY
|
Table of Contents
- MongoDB\Driver\ClientEncryption::__construct — Create a new ClientEncryption object
- MongoDB\Driver\ClientEncryption::createDataKey — Create a new encryption data key
- MongoDB\Driver\ClientEncryption::decrypt — Decrypt a value
- MongoDB\Driver\ClientEncryption::encrypt — Encrypt a value