Client-Side Field Level Encryption Methods客户端字段级加密方法¶

Note

~~For details on specific methods, including syntax and examples, click on the specific method to go to its reference page.~~有关特定方法的详细信息，包括语法和示例，请单击特定方法以转到其参考页面。

~~The mongo client-side field level encryption methods require a database connection with client-side field level encryption enabled.~~ mongo客户端字段级加密方法需要启用客户端字段级加密的数据库连接。~~If the current database connection was not initiated with client-side field level encryption enabled, either:~~如果当前数据库连接未在启用客户端字段级加密的情况下启动，则：

~~Use the Mongo() constructor from the mongo shell to establish a connection with the required client-side field level encryption options.~~ 使用mongo shell中的Mongo()构造函数与所需的客户端字段级加密选项建立连接。~~The Mongo() method supports both Amazon Web Services and Local Key Management Service (KMS) providers for Customer Master Key (CMK) management.~~Mongo()方法同时支持Amazon Web服务和本地密钥管理服务（KMS）提供者，用于客户主密钥（CMK）管理。

or
~~Use the mongo shell command line options to establish a connection with the required options.~~ 使用mongo shell命令行选项与所需选项建立连接。~~The command line options only support the AWS KMS provider for CMK management.~~命令行选项仅支持用于CMK管理的AWS KMS提供程序。

~~The following methods are for the MongoDB mongo shell only.~~ 以下方法仅适用于MongoDB mongo shell。~~For instructions on implementing client-side field level encryption using a MongoDB 4.2-compatible driver, defer to the driver documentation.~~ 有关使用MongoDB 4.2兼容驱动程序实现客户端字段级加密的说明，请参阅驱动程序文档。~~See Driver Compatibility Table for a complete list of 4.2-compatible drivers with support for client-side field level encryption.~~有关支持客户端字段级加密的4.2兼容驱动程序的完整列表，请参阅驱动程序兼容性表。

~~Name~~名称	~~Description~~描述
`getKeyVault()`	~~Returns the key vault object for the current MongoDB connection.~~返回当前MongoDB连接的密钥vault对象。
`KeyVault.createKey()`	~~Creates a data encryption key for use with client-side field level encryption.~~创建用于客户端字段级加密的数据加密密钥。
`KeyVault.deleteKey()`	~~Deletes the specified data encryption key from the key vault.~~从密钥库中删除指定的数据加密密钥。
`KeyVault.getKey()`	~~Retreives the specified data encryption key from the key vault.~~从密钥库中检索指定的数据加密密钥。
`KeyVault.getKeys()`	~~Retrieves all keys in the key vault.~~检索密钥库中的所有密钥。
`KeyVault.addKeyAlternateName()`	~~Associates a key alternative name to the specified data encryption key.~~将密钥替代名称与指定的数据加密密钥相关联。
`KeyVault.removeKeyAlternateName()`	~~Removes a key alternative name from the specified data encryption key.~~从指定的数据加密密钥中删除密钥替代名称。
`KeyVault.getKeyByAltName()`	~~Retrieves keys with the specified key alternative name.~~检索具有指定密钥替代名称的密钥。
`getClientEncryption()`	~~Returns the client encryption object for supporting explicit encryption/decryption of fields.~~返回支持字段显式加密/解密的客户端加密对象。
`ClientEncryption.encrypt()`	~~Encrypts a field using a specified data encryption key and encryption algorithm.~~使用指定的数据加密密钥和加密算法加密字段。
`ClientEncryption.decrypt()`	~~Decrypts a field using the associated data encryption key and encryption algorithm.~~使用关联的数据加密密钥和加密算法解密字段。