MongoDB C++ Driver current
Loading...
Searching...
No Matches
client_encryption.hpp
1// Copyright 2020 MongoDB Inc.
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15#pragma once
16
17#include <bsoncxx/types/bson_value/value.hpp>
18#include <bsoncxx/types/bson_value/view.hpp>
19#include <mongocxx/cursor.hpp>
20#include <mongocxx/options/client_encryption.hpp>
21#include <mongocxx/options/data_key.hpp>
22#include <mongocxx/options/encrypt.hpp>
23#include <mongocxx/options/rewrap_many_datakey.hpp>
24#include <mongocxx/result/delete.hpp>
25#include <mongocxx/result/rewrap_many_datakey.hpp>
26#include <mongocxx/stdx.hpp>
27
28#include <mongocxx/config/prelude.hpp>
29
30namespace mongocxx {
31inline namespace v_noabi {
32class database;
33class collection;
34
38class MONGOCXX_API client_encryption {
39 public:
50
55
60
65
66 client_encryption(const client_encryption&) = delete;
67 client_encryption& operator=(const client_encryption&) = delete;
68
86 bsoncxx::types::bson_value::value create_data_key(std::string kms_provider,
87 const options::data_key& opts = {});
88
104 const database& db,
105 const std::string& coll_name,
106 const bsoncxx::document::view& options,
107 bsoncxx::document::value& out_options,
108 const std::string& kms_provider,
109 const stdx::optional<bsoncxx::document::view>& masterkey = stdx::nullopt);
110
128 const options::encrypt& opts);
129
143 bsoncxx::document::value encrypt_expression(bsoncxx::document::view_or_value expr,
144 const options::encrypt& opts);
145
160
182 result::rewrap_many_datakey rewrap_many_datakey(bsoncxx::document::view_or_value filter,
183 const options::rewrap_many_datakey& opts);
184
198
210 stdx::optional<bsoncxx::document::value> get_key(bsoncxx::types::bson_value::view_or_value id);
211
222
237 stdx::optional<bsoncxx::document::value> add_key_alt_name(
238 bsoncxx::types::bson_value::view_or_value id, bsoncxx::string::view_or_value key_alt_name);
239
254 stdx::optional<bsoncxx::document::value> remove_key_alt_name(
255 bsoncxx::types::bson_value::view_or_value id, bsoncxx::string::view_or_value key_alt_name);
256
268 stdx::optional<bsoncxx::document::value> get_key_by_alt_name(
269 bsoncxx::string::view_or_value key_alt_name);
270
271 private:
272 class MONGOCXX_PRIVATE impl;
273
274 std::unique_ptr<impl> _impl;
275};
276
277} // namespace v_noabi
278} // namespace mongocxx
279
280#include <mongocxx/config/postlude.hpp>
A variant owning type that represents any BSON type.
Definition value.hpp:43
A view-only variant that can contain any BSON type.
Definition view.hpp:44
Class representing a view-or-value variant type.
Definition view_or_value.hpp:29
Class supporting operations for MongoDB Client-Side Field Level Encryption.
Definition client_encryption.hpp:38
stdx::optional< bsoncxx::document::value > get_key(bsoncxx::types::bson_value::view_or_value id)
Finds a single key document with the given UUID (BSON binary subtype 0x04).
mongocxx::cursor get_keys()
Finds all documents in the key vault collection.
result::delete_result delete_key(bsoncxx::types::bson_value::view_or_value id)
Removes the key document with the given UUID (BSON binary subtype 0x04) from the key vault collection...
bsoncxx::document::value encrypt_expression(bsoncxx::document::view_or_value expr, const options::encrypt &opts)
Encrypts a Match Expression or Aggregate Expression to query a range index.
bsoncxx::types::bson_value::value decrypt(bsoncxx::types::bson_value::view value)
Decrypts an encrypted value (BSON binary of subtype 6).
bsoncxx::types::bson_value::value encrypt(bsoncxx::types::bson_value::view value, const options::encrypt &opts)
Encrypts a BSON value with a given key and algorithm.
stdx::optional< bsoncxx::document::value > get_key_by_alt_name(bsoncxx::string::view_or_value key_alt_name)
Get the key document from the key vault collection with the provided name.
result::rewrap_many_datakey rewrap_many_datakey(bsoncxx::document::view_or_value filter, const options::rewrap_many_datakey &opts)
Decrypts multiple data keys and (re-)encrypts them with a new masterKey, or with their current master...
collection create_encrypted_collection(const database &db, const std::string &coll_name, const bsoncxx::document::view &options, bsoncxx::document::value &out_options, const std::string &kms_provider, const stdx::optional< bsoncxx::document::view > &masterkey=stdx::nullopt)
Create a collection with client-side-encryption enabled, automatically filling any datakeys for encry...
stdx::optional< bsoncxx::document::value > remove_key_alt_name(bsoncxx::types::bson_value::view_or_value id, bsoncxx::string::view_or_value key_alt_name)
Removes a keyAltName from the keyAltNames array of the key document in the key vault collection with ...
stdx::optional< bsoncxx::document::value > add_key_alt_name(bsoncxx::types::bson_value::view_or_value id, bsoncxx::string::view_or_value key_alt_name)
Adds a keyAltName to the keyAltNames array of the key document in the key vault collection with the g...
client_encryption(options::client_encryption opts)
Creates a client_encryption object.
~client_encryption() noexcept
Destroys a client_encryption.
Class representing server side document groupings within a MongoDB database.
Definition collection.hpp:85
Class representing a pointer to the result set of a query on a MongoDB server.
Definition cursor.hpp:36
Class representing a MongoDB database.
Definition database.hpp:44
Class representing options for the object managing explicit client-side encryption.
Definition client_encryption.hpp:35
Class representing options for explicit client-side encryption.
Definition encrypt.hpp:34
Class representing options for a rewrap many datakey operation.
Definition rewrap_many_datakey.hpp:34
Class representing the result of a MongoDB delete operation.
Definition delete.hpp:30
Class representing the result of a MongoDB rewrap_many_datakey operation.
Definition rewrap_many_datakey.hpp:28
The top-level namespace for bsoncxx library entities.
Definition element.hpp:24
The top-level namespace for mongocxx library entities.
Definition bulk_write.hpp:24