1MONGOC_CLIENT_ENCRYPTION_CREATE_DATAlKiMEbOYmN(oG3nO)gCo_cCLIENT_ENCRYPTION_CREATE_DATAKEY(3)
2
3
4
6 bool
7 mongoc_client_encryption_create_datakey (
8 mongoc_client_encryption_t *client_encryption,
9 const char *kms_provider,
10 const mongoc_client_encryption_datakey_opts_t *opts,
11 bson_value_t *keyid,
12 bson_error_t *error);
13
14 Creates a new key document in the key vault collection and sets keyid
15 to the UUID of the newly created key if keyid is not NULL. The new key
16 can be used to configure automatic encryption (see
17 mongoc_client_enable_auto_encryption() and
18 mongoc_client_pool_enable_auto_encryption()) or for explicit encryption
19 (see mongoc_client_encryption_encrypt()).
20
21 The created key document is inserted into the key vault collection
22 (identified via mongoc_client_encryption_opts_set_keyvault_namespace())
23 with majority write concern.
24
25 keyid is always initialized (even on error). Caller must call
26 bson_value_destroy() on keyid to free.
27
29 • client_encryption: A mongoc_client_encryption_t.
30
31 • kms_provider: A string identifying the Key Management Service (KMS)
32 provider used to encrypt the datakey (e.g. "aws" or "local").
33
34 • opts: A mongoc_client_encryption_datakey_opts_t
35
36 • keyid: Optional. An uninitialized bson_value_t set to the UUID (BSON
37 binary subtype 0x04) of the newly created key. Must be freed by
38 bson_value_destroy().
39
40 • error: Optional. A bson_error_t.
41
43 Returns true if successful. Returns false and sets error otherwise.
44
45 SEE ALSO:
46 mongoc_client_encryption_datakey_opts_t
47
48
50 MongoDB, Inc
51
53 2017-present, MongoDB, Inc
54
55
56
57
581.25.1 NovM0O8N,GO2C0_2C3LIENT_ENCRYPTION_CREATE_DATAKEY(3)