Database Manual / Reference / mongosh Methods

In-Use Encryption Methods正在使用的加密方法

Note

~~For details on a specific method, including syntax and examples, click on the link to the method's reference page.~~有关特定方法的详细信息，包括语法和示例，请单击该方法参考页面的链接。

~~The mongosh ClientEncryption methods require a database connection with in-use encryption enabled. If the current database connection was not initiated with in-use encryption enabled, either:~~mongosh ClientEncryption方法需要启用正在使用的加密的数据库连接。如果当前数据库连接不是在启用使用中的加密的情况下启动的，则：

Use the Mongo() constructor from the mongosh to establish a connection with the required in-use encryption options. The Mongo() method supports the following Key Management Service (KMS) providers for Customer Master Key (CMK) management:使用mongosh中的Mongo()构造函数与所需的正在使用的加密选项建立连接。Mongo()方法支持以下用于客户主键（CMK）管理的键管理服务（KMS）提供程序：
or
~~Use the mongosh command line options to establish a connection with the required options.~~ 使用mongosh命令行选项建立与所需选项的连接。~~The command line options only support the Amazon Web Services KMS provider for CMK management.~~命令行选项仅支持用于CMK管理的Amazon Web Services KMS提供程序。

The following methods are for mongosh only. For instructions on implementing Client-Side Field Level Encryption (CSFLE) or Queryable Encryption (QE) using a MongoDB driver, defer to the driver documentation. 以下方法仅适用于mongosh。有关使用MongoDB驱动程序实现客户端字段级加密（CSFLE）或可查询加密（QE）的说明，请参阅驱动程序文档。~~See Client-Side Field Level Encryption Compatibility or Queryable Encryption Compatibility for supported drivers.~~有关支持的驱动程序，请参阅客户端字段级加密兼容性或可查询加密兼容性。

~~Commands with aliases are grouped together.~~带有别名的命令被组合在一起。

~~Name~~名称	CSFLE	QE	~~Description~~描述
`getKeyVault()`	✓	✓	~~Returns the key vault object for the current MongoDB connection.~~返回当前MongoDB连接的键保管库对象。
`KeyVault.createKey()` `KeyVault.createDataKey()`	✓	✓	~~Creates a data encryption key for use with Client-Side Field Level Encryption.~~创建用于客户端字段级加密的数据加密键。
`KeyVault.deleteKey()`	✓	✓	~~Deletes the specified data encryption key from the key vault.~~从键库中删除指定的数据加密键。
`KeyVault.getKey()`	✓	✓	~~Retrieves the specified data encryption key from the key vault.~~从键库中检索指定的数据加密键。
`KeyVault.getKeys()`	✓	✓	~~Retrieves all keys in the key vault.~~检索键库中的所有键。
`KeyVault.addKeyAlternateName()` `KeyVault.addKeyAltName()`	✓	✓	~~Associates a key alternative name to the specified data encryption key.~~将键备选名称与指定的数据加密键相关联。
`KeyVault.removeKeyAlternateName()` `KeyVault.removeKeyAltName()`	✓	✓	~~Removes a key alternative name from the specified data encryption key.~~从指定的数据加密键中删除键备选名称。
`KeyVault.getKeyByAltName()`	✓	✓	~~Retrieves keys with the specified key alternative name.~~使用指定的键替代名称检索键。
`KeyVault.rewrapManyDataKey()`	✓	✓	~~Decrypts multiple data keys and re-encrypts them with a new master key.~~解密多个数据键，并用新的主键重新加密。
`getClientEncryption()`	✓	✓	~~Returns the client encryption object for supporting explicit encryption/decryption of fields.~~返回用于支持字段显式加密/解密的客户端加密对象。
`ClientEncryption.createEncryptedCollection()`	✓	✓	~~Creates a collection with encrypted fields.~~创建包含加密字段的集合。
`ClientEncryption.encrypt()`	✓	✓	~~Encrypts a field using a specified data encryption key and encryption algorithm.~~使用指定的数据加密键和加密算法对字段进行加密。
`ClientEncryption.encryptExpression()`		✓	~~Encrypts a query expression using a specified data encryption key and encryption options.~~使用指定的数据加密键和加密选项加密查询表达式。
`ClientEncryption.decrypt()`	✓	✓	~~Decrypts a field using the associated data encryption key and encryption algorithm.~~使用关联的数据加密键和加密算法解密字段。

Back

SessionOptions

ClientEncryption.createEncryptedCollection