Client-Side Field Level Encryption Methods客户端字段级加密方法

Note

~~For details on a specific method, including syntax and examples, click on the link to the method's reference page.~~有关特定方法的详细信息，包括语法和示例，请单击该方法参考页的链接。

~~The mongosh client-side field level encryption methods require a database connection with client-side field level encryption enabled.~~ mongosh客户端字段级加密方法需要启用客户端字段级密码的数据库连接。~~If the current database connection was not initiated with client-side field level encryption enabled, either:~~如果当前数据库连接未在启用客户端字段级加密的情况下启动，请执行以下任一操作：

~~Use the Mongo() constructor from the mongosh to establish a connection with the required client-side field level encryption options.~~ 使用mongosh中的Mongo()构造函数与所需的客户端字段级加密选项建立连接。~~The Mongo() method supports the following Key Management Service (KMS) providers for Customer Master Key (CMK) management:~~Mongo()方法支持以下用于客户主键（CMK）管理的键管理服务（KMS）提供程序：
or
~~Use the mongosh command line options to establish a connection with the required options.~~ 使用mongosh命令行选项可以建立与所需选项的连接。~~The command line options only support the Amazon Web Services KMS provider for CMK management.~~命令行选项仅支持用于CMK管理的Amazon Web Services KMS提供程序。

~~The following methods are for mongosh only. For instructions on implementing client-side field level encryption using a MongoDB 4.2+ compatible driver, defer to the driver documentation.~~ 以下方法仅适用于mongosh。有关使用MongoDB 4.2+兼容驱动程序实现客户端字段级加密的说明，请参阅驱动程序文档。~~See CSFLE Compatibility for a complete list of 4.2+ compatible drivers with support for client-side field level encryption.~~有关支持客户端字段级加密的4.2+兼容驱动程序的完整列表，请参阅CSFLE兼容性。

~~Name~~名称	~~Description~~描述
`getKeyVault()`	~~Returns the key vault object for the current MongoDB connection.~~返回当前MongoDB连接的键保管库对象。
`KeyVault.createKey()`	~~Creates a data encryption key for use with client-side field level encryption.~~创建用于客户端字段级加密的数据加密键。
`KeyVault.deleteKey()`	~~Deletes the specified data encryption key from the key vault.~~从键保管库中删除指定的数据加密键。
`KeyVault.getKey()`	~~Retreives the specified data encryption key from the key vault.~~从键保管库中检索指定的数据加密键。
`KeyVault.getKeys()`	~~Retrieves all keys in the key vault.~~检索键库中的所有键。
`KeyVault.addKeyAlternateName()`	~~Associates a key alternative name to the specified data encryption key.~~将键替代名称与指定的数据加密键相关联。
`KeyVault.removeKeyAlternateName()`	~~Removes a key alternative name from the specified data encryption key.~~从指定的数据加密键中删除键替代名称。
`KeyVault.rewrapManyDataKey()`	~~Decrypts multiple data keys and re-encrypts them with a new master key.~~解密多个数据键，并使用新的主键对其进行重新加密。
`KeyVault.getKeyByAltName()`	~~Retrieves keys with the specified key alternative name.~~检索具有指定键替代名称的键。
`getClientEncryption()`	~~Returns the client encryption object for supporting explicit encryption/decryption of fields.~~返回支持字段显式加密/解密的客户端加密对象。
`ClientEncryption.createEncryptedCollection()`	~~Creates a collection with encrypted fields.~~创建具有加密字段的集合。
`ClientEncryption.encrypt()`	~~Encrypts a field using a specified data encryption key and encryption algorithm.~~使用指定的数据加密键和加密算法对字段进行加密。
`ClientEncryption.decrypt()`	~~Decrypts a field using the associated data encryption key and encryption algorithm.~~使用关联的数据加密键和加密算法对字段进行解密。

← SessionOptions getKeyVault() →