Method: Mongo::ClientEncryption#encrypt

Defined in:

lib/mongo/client_encryption.rb

#encrypt(value, options = {}) ⇒ BSON::Binary

Note:

The :key_id and :key_alt_name options are mutually exclusive. Only one is required to perform explicit encryption.

Encrypts a value using the specified encryption key and algorithm.

if encryption algorithm is set to “Indexed”. Query type should be set

only if encryption algorithm is set to "Indexed". The only allowed
value is "equality".

Parameters:

• value (Object) —

  The value to encrypt.

• options (Hash) (defaults to: {})

Options Hash (options):

• :key_id (BSON::Binary) —

  A BSON::Binary object of type :uuid representing the UUID of the encryption key as it is stored in the key vault collection.

• :key_alt_name (String) —

  The alternate name for the encryption key.

• :algorithm (String) —

  The algorithm used to encrypt the value. Valid algorithms are “AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic”, “AEAD_AES_256_CBC_HMAC_SHA_512-Random”, “Indexed”, “Unindexed”.

• :contention_factor (Integer | nil) —

  Contention factor to be applied if encryption algorithm is set to “Indexed”. If not provided, it defaults to a value of 0. Contention factor should be set only if encryption algorithm is set to “Indexed”.

• query_type (String | nil) —

  Query type to be applied

Returns:

• (BSON::Binary) —

  A BSON Binary object of subtype 6 (ciphertext) representing the encrypted value.

Raises:

• (ArgumentError) —

  if either contention_factor or query_type is set, and algorithm is not “Indexed”.

# File 'lib/mongo/client_encryption.rb', line 122

def encrypt(value, options={})
  @encrypter.encrypt(value, options)
end