1 // Copyright (C) MongoDB, Inc. 2017-present. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); you may 4 // not use this file except in compliance with the License. You may obtain 5 // a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 6 7 package options 8 9 import ( 10 "go.mongodb.org/mongo-driver/bson" 11 "go.mongodb.org/mongo-driver/bson/primitive" 12 ) 13 14 // These constants specify valid values for QueryType 15 // QueryType is used for Queryable Encryption. 16 const ( 17 QueryTypeEquality string = "equality" 18 ) 19 20 // RangeOptions specifies index options for a Queryable Encryption field supporting "rangePreview" queries. 21 // Beta: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes. 22 type RangeOptions struct { 23 Min *bson.RawValue 24 Max *bson.RawValue 25 Sparsity int64 26 Precision *int32 27 } 28 29 // EncryptOptions represents options to explicitly encrypt a value. 30 type EncryptOptions struct { 31 KeyID *primitive.Binary 32 KeyAltName *string 33 Algorithm string 34 QueryType string 35 ContentionFactor *int64 36 RangeOptions *RangeOptions 37 } 38 39 // Encrypt creates a new EncryptOptions instance. 40 func Encrypt() *EncryptOptions { 41 return &EncryptOptions{} 42 } 43 44 // SetKeyID specifies an _id of a data key. This should be a UUID (a primitive.Binary with subtype 4). 45 func (e *EncryptOptions) SetKeyID(keyID primitive.Binary) *EncryptOptions { 46 e.KeyID = &keyID 47 return e 48 } 49 50 // SetKeyAltName identifies a key vault document by 'keyAltName'. 51 func (e *EncryptOptions) SetKeyAltName(keyAltName string) *EncryptOptions { 52 e.KeyAltName = &keyAltName 53 return e 54 } 55 56 // SetAlgorithm specifies an algorithm to use for encryption. This should be one of the following: 57 // - AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic 58 // - AEAD_AES_256_CBC_HMAC_SHA_512-Random 59 // - Indexed 60 // - Unindexed 61 // This is required. 62 // Indexed and Unindexed are used for Queryable Encryption. 63 func (e *EncryptOptions) SetAlgorithm(algorithm string) *EncryptOptions { 64 e.Algorithm = algorithm 65 return e 66 } 67 68 // SetQueryType specifies the intended query type. It is only valid to set if algorithm is "Indexed". 69 // This should be one of the following: 70 // - equality 71 // QueryType is used for Queryable Encryption. 72 func (e *EncryptOptions) SetQueryType(queryType string) *EncryptOptions { 73 e.QueryType = queryType 74 return e 75 } 76 77 // SetContentionFactor specifies the contention factor. It is only valid to set if algorithm is "Indexed". 78 // ContentionFactor is used for Queryable Encryption. 79 func (e *EncryptOptions) SetContentionFactor(contentionFactor int64) *EncryptOptions { 80 e.ContentionFactor = &contentionFactor 81 return e 82 } 83 84 // SetRangeOptions specifies the options to use for explicit encryption with range. It is only valid to set if algorithm is "rangePreview". 85 // Beta: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes. 86 func (e *EncryptOptions) SetRangeOptions(ro RangeOptions) *EncryptOptions { 87 e.RangeOptions = &ro 88 return e 89 } 90 91 // SetMin sets the range index minimum value. 92 // Beta: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes. 93 func (ro *RangeOptions) SetMin(min bson.RawValue) *RangeOptions { 94 ro.Min = &min 95 return ro 96 } 97 98 // SetMax sets the range index maximum value. 99 // Beta: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes. 100 func (ro *RangeOptions) SetMax(max bson.RawValue) *RangeOptions { 101 ro.Max = &max 102 return ro 103 } 104 105 // SetSparsity sets the range index sparsity. 106 // Beta: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes. 107 func (ro *RangeOptions) SetSparsity(sparsity int64) *RangeOptions { 108 ro.Sparsity = sparsity 109 return ro 110 } 111 112 // SetPrecision sets the range index precision. 113 // Beta: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes. 114 func (ro *RangeOptions) SetPrecision(precision int32) *RangeOptions { 115 ro.Precision = &precision 116 return ro 117 } 118 119 // MergeEncryptOptions combines the argued EncryptOptions in a last-one wins fashion. 120 // 121 // Deprecated: Merging options structs will not be supported in Go Driver 2.0. Users should create a 122 // single options struct instead. 123 func MergeEncryptOptions(opts ...*EncryptOptions) *EncryptOptions { 124 eo := Encrypt() 125 for _, opt := range opts { 126 if opt == nil { 127 continue 128 } 129 130 if opt.KeyID != nil { 131 eo.KeyID = opt.KeyID 132 } 133 if opt.KeyAltName != nil { 134 eo.KeyAltName = opt.KeyAltName 135 } 136 if opt.Algorithm != "" { 137 eo.Algorithm = opt.Algorithm 138 } 139 if opt.QueryType != "" { 140 eo.QueryType = opt.QueryType 141 } 142 if opt.ContentionFactor != nil { 143 eo.ContentionFactor = opt.ContentionFactor 144 } 145 if opt.RangeOptions != nil { 146 eo.RangeOptions = opt.RangeOptions 147 } 148 } 149 150 return eo 151 } 152