Skip to content

Instantly share code, notes, and snippets.

@sarjarapu

sarjarapu/csfle-create-clientobj.js

Last active January 23, 2020 14:57
Show Gist options
  • Save sarjarapu/0595253abb10c52c7a9e0eec5fb3a5ca to your computer and use it in GitHub Desktop.
Save sarjarapu/0595253abb10c52c7a9e0eec5fb3a5ca to your computer and use it in GitHub Desktop.
Download ZIP
A JavaScript to make use of the client-side field-level encryptions, create the MongoDB client objects, and create data encryption keys for SSN and Mobile fields
Raw
csfle-create-clientobj.js
// Create a mongo clients for plain text operations and another with client-side Field-Level encryption options
var csfleOptions = {
"keyVaultNamespace" : "encryption.__dataKeys",
"kmsProviders" : {
"local" : {
"key" : BinData(0, LOCAL_KEY)
}
},
"schemaMap" : {}
};
var plainClient = Mongo("mongodb://localhost:28000");
var csfleClient = Mongo("mongodb://localhost:28000", csfleOptions);
// Create the data encryption keys on key vault for encrypting ssn, mobile fields
const altKeyNameSSN = "akn-ssn";
const altKeyNameMobile = "akn-mobile";
if (csfleClient.getKeyVault().getKeyByAltName(altKeyNameSSN).toArray().length === 0) {
csfleClient.getKeyVault().createKey("local", "", [altKeyNameSSN]);
}
if (csfleClient.getKeyVault().getKeyByAltName(altKeyNameMobile).toArray().length === 0) {
csfleClient.getKeyVault().createKey("local", "", [altKeyNameMobile]);
}
// Search the encryption keys using alt key names and load the _id / UUID
var SSN_ENCRYPTION_KEY_UUID = csfleClient.getKeyVault().getKeyByAltName(altKeyNameSSN).toArray()[0]._id;
var MOBILE_ENCRYPTION_KEY_UUID = csfleClient.getKeyVault().getKeyByAltName(altKeyNameMobile).toArray()[0]._id;
// load the database objects for both the clients
var csfleDB = csfleClient.getDB("health_care_app");
var plainDB = plainClient.getDB("health_care_app");
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment