Scroll to navigation

MONGOC_AUTO_ENCRYPTION_OPTS_SET_SCHEMA_MAP(3) libmongoc MONGOC_AUTO_ENCRYPTION_OPTS_SET_SCHEMA_MAP(3)

NAME

mongoc_auto_encryption_opts_set_schema_map - mongoc_auto_encryption_opts_set_schema_map()

SYNOPSIS

void
mongoc_auto_encryption_opts_set_schema_map (mongoc_auto_encryption_opts_t *opts,

const bson_t *schema_map);


PARAMETERS

  • opts: The mongoc_auto_encryption_opts_t
  • schema_map: A bson_t where keys are collection namespaces and values are JSON schemas.

Supplying a schema map provides more security than relying on JSON Schemas obtained from the server. It protects against a malicious server advertising a false JSON Schema, which could trick the client into sending unencrypted data that should be encrypted.

Schemas supplied in the schema map only apply to configuring automatic encryption for client side encryption. Other validation rules in the JSON schema will not be enforced by the driver and will result in an error.

The following is an example of a schema map which configures automatic encryption for the collection db.coll:

{

"db.coll": {
"properties": {
"encrypted_string": {
"encrypt": {
"keyId": [
{
"$binary": {
"base64": "AAAAAAAAAAAAAAAAAAAAAA==",
"subType": "04"
}
}
],
"bsonType": "string",
"algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
}
}
},
"bsonType": "object"
}
}


SEE ALSO:

mongoc_client_enable_auto_encryption()

The guide for Using Client-Side Field Level Encryption



AUTHOR

MongoDB, Inc

COPYRIGHT

2017-present, MongoDB, Inc

October 20, 2022 1.23.1