oracular (3) mongoc_client_encryption_create_datakey.3.gz

Provided by: libmongoc-doc_1.27.5-1_all bug

SYNOPSIS
          bool
          mongoc_client_encryption_create_datakey (
             mongoc_client_encryption_t *client_encryption,
             const char *kms_provider,
             const mongoc_client_encryption_datakey_opts_t *opts,
             bson_value_t *keyid,
             bson_error_t *error);

       Creates  a  new  key document in the key vault collection and sets keyid to the UUID of the newly created
       key  if  keyid  is  not  NULL.  The  new  key  can  be  used  to  configure  automatic  encryption   (see
       mongoc_client_enable_auto_encryption()  and  mongoc_client_pool_enable_auto_encryption()) or for explicit
       encryption (see mongoc_client_encryption_encrypt()).

       The  created   key   document   is   inserted   into   the   key   vault   collection   (identified   via
       mongoc_client_encryption_opts_set_keyvault_namespace()) with majority write concern.

       keyid is always initialized (even on error). Caller must call bson_value_destroy() on keyid to free.


PARAMETERS
client_encryption: A mongoc_client_encryption_t.

       • kms_provider:  A  string  identifying  the  Key  Management  Service (KMS) provider used to encrypt the
         datakey (e.g. "aws" or "local").

       • opts: A mongoc_client_encryption_datakey_opts_tkeyid: Optional. An uninitialized bson_value_t set to the UUID (BSON binary subtype 0x04) of the  newly
         created key. Must be freed by bson_value_destroy().

       • error: Optional. A bson_error_t.


RETURNS
       Returns true if successful. Returns false and sets error otherwise.

       SEE ALSO:
          mongoc_client_encryption_datakey_opts_t


AUTHOR
       MongoDB, Inc


       2017-present, MongoDB, Inc