diff --git a/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc b/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc index 5a92168c2c..6e14887729 100644 --- a/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc +++ b/src/main/antora/modules/ROOT/pages/mongodb/mongo-encryption.adoc @@ -140,11 +140,17 @@ Manual Collection Setup:: ==== [source,java,indent=0,subs="verbatim,quotes",role="primary"] ---- + +BsonBinary pinDK = clientEncryption.createDataKey("local", new com.mongodb.client.model.vault.DataKeyOptions()); +BsonBinary ssnDK = clientEncryption.createDataKey("local", new com.mongodb.client.model.vault.DataKeyOptions()); +BsonBinary ageDK = clientEncryption.createDataKey("local", new com.mongodb.client.model.vault.DataKeyOptions()); +BsonBinary signDK = clientEncryption.createDataKey("local", new com.mongodb.client.model.vault.DataKeyOptions()); + CollectionOptions collectionOptions = CollectionOptions.encryptedCollection(options -> options - .queryable(encrypted(string("ssn")).algorithm("Indexed"), equality().contention(0)) - .queryable(encrypted(int32("age")).algorithm("Range"), range().contention(8).min(0).max(150)) - .encrypted(string("pin")) - .queryable(encrypted(int64("address.sign")).algorithm("Range"), range().contention(2).min(-10L).max(10L)) + .encrypted(int32("pin"), pinDK) + .queryable(encrypted(string("ssn")).algorithm("Indexed").keyId(ssnDK.asUuid()), equality().contention(0)) + .queryable(encrypted(int32("age")).algorithm("Range").keyId(ageDK.asUuid()), range().contention(8).min(0).max(150)) + .queryable(encrypted(int64("address.sign")).algorithm("Range").keyId(signDK.asUuid()), range().contention(2).min(-10L).max(10L)) ); mongoTemplate.createCollection(Patient.class, collectionOptions); <1> @@ -161,16 +167,13 @@ class Patient { @Id String id; - @Encrypted(algorithm = "Indexed") + @Encrypted(algorithm = "Indexed") // @Queryable(queryType = "equality", contentionFactor = 0) String ssn; @RangeEncrypted(contentionFactor = 8, rangeOptions = "{ 'min' : 0, 'max' : 150 }") Integer age; - @Encrypted(algorithm = "Unindexed") - String pin; - Address address; } @@ -214,11 +217,6 @@ MongoDB Collection Info:: bsonType: 'int', queries: [ { queryType: 'range', contention: Long('8'), min: 0, max: 150 } ] }, - { - keyId: ..., - path: 'pin', - bsonType: 'string' - }, { keyId: ..., path: 'address.sign',