mongoc_auto_encryption_opts_set_schema_map

mongoc_auto_encryption_opts_set_schema_map()

Synopsis

void
mongoc_auto_encryption_opts_set_schema_map (mongoc_auto_encryption_opts_t *opts,
                                            const bson_t *schema_map);

Parameters

Supplying a schema map provides more security than relying on JSON Schemas obtained from the server. It protects against a malicious server advertising a false JSON Schema, which could trick the client into sending unencrypted data that should be encrypted.

Schemas supplied in the schema map only apply to configuring automatic encryption for client side encryption. Other validation rules in the JSON schema will not be enforced by the driver and will result in an error.

The following is an example of a schema map which configures automatic encryption for the collection db.coll:

{
     "db.coll": {
         "properties": {
         "encrypted_string": {
             "encrypt": {
             "keyId": [
                 {
                 "$binary": {
                     "base64": "AAAAAAAAAAAAAAAAAAAAAA==",
                     "subType": "04"
                 }
                 }
             ],
             "bsonType": "string",
             "algorithm": "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
             }
         }
         },
         "bsonType": "object"
     }
 }

See Also

Author

MongoDB, Inc

Info

Feb 04, 2021 1.17.4 libmongoc