Package com.mongodb.async.client.vault

Interface ClientEncryption

  • All Superinterfaces:
    java.lang.AutoCloseable, java.io.Closeable

    public interface ClientEncryption
extends java.io.Closeable
    The Key vault.

    Used to create data encryption keys, and to explicitly encrypt and decrypt values when auto-encryption is not an option.

    Since:
    3.11

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      void close​()  
      void createDataKey​(java.lang.String kmsProvider, com.mongodb.async.SingleResultCallback<org.bson.BsonBinary> callback)
      Create a data key with the given KMS provider.
      void createDataKey​(java.lang.String kmsProvider, com.mongodb.client.model.vault.DataKeyOptions dataKeyOptions, com.mongodb.async.SingleResultCallback<org.bson.BsonBinary> callback)
      Create a data key with the given KMS provider and options.
      void decrypt​(org.bson.BsonBinary value, com.mongodb.async.SingleResultCallback<org.bson.BsonValue> callback)
      Decrypt the given value.
      void encrypt​(org.bson.BsonValue value, com.mongodb.client.model.vault.EncryptOptions options, com.mongodb.async.SingleResultCallback<org.bson.BsonBinary> callback)
      Encrypt the given value with the given options.

    • Method Detail

      • createDataKey

        void createDataKey​(java.lang.String kmsProvider,
                   com.mongodb.async.SingleResultCallback<org.bson.BsonBinary> callback)
        Create a data key with the given KMS provider.

        Creates a new key document and inserts into the key vault collection.

        Parameters:
        kmsProvider - the KMS provider
        callback - the callback containing the identifier for the created data key

      • createDataKey

        void createDataKey​(java.lang.String kmsProvider,
                   com.mongodb.client.model.vault.DataKeyOptions dataKeyOptions,
                   com.mongodb.async.SingleResultCallback<org.bson.BsonBinary> callback)
        Create a data key with the given KMS provider and options.

        Creates a new key document and inserts into the key vault collection.

        Parameters:
        kmsProvider - the KMS provider
        dataKeyOptions - the options for data key creation
        callback - the callback containing the identifier for the created data key

      • encrypt

        void encrypt​(org.bson.BsonValue value,
             com.mongodb.client.model.vault.EncryptOptions options,
             com.mongodb.async.SingleResultCallback<org.bson.BsonBinary> callback)
        Encrypt the given value with the given options.

        The driver may throw an exception for prohibited BSON value types

        Parameters:
        value - the value to encrypt
        options - the options for data encryption
        callback - the callback containing the encrypted value, a BSON binary of subtype 6

      • decrypt

        void decrypt​(org.bson.BsonBinary value,
             com.mongodb.async.SingleResultCallback<org.bson.BsonValue> callback)
        Decrypt the given value.
        Parameters:
        value - the value to decrypt, which must be of subtype 6
        callback - the callback containing the decrypted value

      • close

        void close​()
        Specified by:
        close in interface java.lang.AutoCloseable
        Specified by:
        close in interface java.io.Closeable