Package io.vertx.mongo.client.vault
Interface ClientEncryption
-
public interface ClientEncryption
The Key vault.Used to create data encryption keys, and to explicitly encrypt and decrypt values when auto-encryption is not an option.
Note: support for client-side encryption should be considered as beta. Backwards-breaking changes may be made before the final release.
- Since:
- 1.12
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
close()
Future<byte[]>
createDataKey(java.lang.String kmsProvider)
Create a data key with the given KMS provider.void
createDataKey(java.lang.String kmsProvider, Handler<AsyncResult<byte[]>> resultHandler)
Create a data key with the given KMS provider.Future<byte[]>
createDataKey(java.lang.String kmsProvider, DataKeyOptions dataKeyOptions)
Create a data key with the given KMS provider and options.void
createDataKey(java.lang.String kmsProvider, DataKeyOptions dataKeyOptions, Handler<AsyncResult<byte[]>> resultHandler)
Create a data key with the given KMS provider and options.Future<java.lang.Object>
decrypt(byte[] value)
Decrypt the given value.void
decrypt(byte[] value, Handler<AsyncResult<java.lang.Object>> resultHandler)
Decrypt the given value.Future<byte[]>
encrypt(java.lang.Object value, EncryptOptions options)
Encrypt the given value with the given options.void
encrypt(java.lang.Object value, EncryptOptions options, Handler<AsyncResult<byte[]>> resultHandler)
Encrypt the given value with the given options.
-
-
-
Method Detail
-
createDataKey
Future<byte[]> createDataKey(java.lang.String kmsProvider)
Create a data key with the given KMS provider.Creates a new key document and inserts into the key vault collection.
- Parameters:
kmsProvider
- the KMS provider- Returns:
- a future containing the identifier for the created data key
-
createDataKey
void createDataKey(java.lang.String kmsProvider, Handler<AsyncResult<byte[]>> resultHandler)
Create a data key with the given KMS provider.Creates a new key document and inserts into the key vault collection.
- Parameters:
kmsProvider
- the KMS providerresultHandler
- an async result containing the identifier for the created data key
-
createDataKey
Future<byte[]> createDataKey(java.lang.String kmsProvider, DataKeyOptions dataKeyOptions)
Create a data key with the given KMS provider and options.Creates a new key document and inserts into the key vault collection.
- Parameters:
kmsProvider
- the KMS providerdataKeyOptions
- the options for data key creation- Returns:
- a future containing the identifier for the created data key
-
createDataKey
void createDataKey(java.lang.String kmsProvider, DataKeyOptions dataKeyOptions, Handler<AsyncResult<byte[]>> resultHandler)
Create a data key with the given KMS provider and options.Creates a new key document and inserts into the key vault collection.
- Parameters:
kmsProvider
- the KMS providerdataKeyOptions
- the options for data key creationresultHandler
- an async result containing the identifier for the created data key
-
encrypt
Future<byte[]> encrypt(java.lang.Object value, EncryptOptions options)
Encrypt the given value with the given options.The driver may throw an exception for prohibited BSON value types
- Parameters:
value
- the value to encryptoptions
- the options for data encryption- Returns:
- a future containing the encrypted value, a BSON binary of subtype 6
-
encrypt
void encrypt(java.lang.Object value, EncryptOptions options, Handler<AsyncResult<byte[]>> resultHandler)
Encrypt the given value with the given options.The driver may throw an exception for prohibited BSON value types
- Parameters:
value
- the value to encryptoptions
- the options for data encryptionresultHandler
- an async result containing the encrypted value, a BSON binary of subtype 6
-
decrypt
Future<java.lang.Object> decrypt(byte[] value)
Decrypt the given value.- Parameters:
value
- the value to decrypt, which must be of subtype 6- Returns:
- a future containing the decrypted value
-
decrypt
void decrypt(byte[] value, Handler<AsyncResult<java.lang.Object>> resultHandler)
Decrypt the given value.- Parameters:
value
- the value to decrypt, which must be of subtype 6resultHandler
- an async result containing the decrypted value
-
close
void close()
-
-