The MongoDB\Driver\ClientEncryption class

(mongodb >=1.7.0)

Introduction

The MongoDB\Driver\ClientEncryption class handles creation of data keys for client-side encryption, as well as manually encrypting and decrypting values.

Class synopsis

final class MongoDB\Driver\ClientEncryption {
/* Constants */
const string AEAD_AES_256_CBC_HMAC_SHA_512_DETERMINISTIC = AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic;
const string AEAD_AES_256_CBC_HMAC_SHA_512_RANDOM = AEAD_AES_256_CBC_HMAC_SHA_512-Random;
/* Methods */
final public createDataKey(string $kmsProvider, array $options = ?): MongoDB\BSON\Binary
final public decrypt(MongoDB\BSON\Binary $value): mixed
final public encrypt(mixed $value, array $options = ?): MongoDB\BSON\Binary
}

Predefined Constants

MongoDB\Driver\ClientEncryption::AEAD_AES_256_CBC_HMAC_SHA_512_DETERMINISTIC

Uses randomized encryption.

MongoDB\Driver\ClientEncryption::AEAD_AES_256_CBC_HMAC_SHA_512_RANDOM

Uses deterministic (queryable) encryption.

Table of Contents