在.NET内核中使用Mongodb Client Side Field Level Encryption (CSFLE) 对类属性进行加密的步骤如下:
using MongoDB.Driver;
var connectionString = "mongodb://localhost:27017";
var client = new MongoClient(connectionString);
var localKeyManager = new LocalKeyManagementOptions(keyVaultNamespace: "myKeyVault.dataKeys");
var kmsProviders = new Dictionary<string, IReadOnlyDictionary<string, object>>
{
["local"] = new Dictionary<string, object>
{
["key"] = localKeyManager
}
};
var encryptionOptions = new EncryptionOptions(
kmsProviders,
keyVaultNamespace: "myKeyVault.keyvault",
keyVaultClient: new MongoClient(connectionString),
bypassAutoEncryption: false
);
var clientSettings = new MongoClientSettings
{
Server = new MongoServerAddress("localhost"),
ConnectionMode = ConnectionMode.Direct,
AllowInsecureTls = true,
AutoEncryptionOptions = encryptionOptions
};
var encryptedClient = new MongoClient(clientSettings);
using MongoDB.Bson.Serialization.Attributes;
public class MyModel
{
[BsonElement("sensitiveData")]
public string SensitiveData { get; set; }
}
var database = encryptedClient.GetDatabase("myDatabase");
var collection = database.GetCollection<MyModel>("myCollection");
var dataToInsert = new MyModel
{
SensitiveData = "My sensitive data"
};
collection.InsertOne(dataToInsert);
var query = Builders<MyModel>.Filter.Eq("sensitiveData", "My sensitive data");
var encryptedData = collection.Find(query).ToList();
在上述代码中,我们使用Mongodb.Driver和Mongodb.Driver.Core来创建一个Mongodb客户端和加密选项,然后使用这些对象来插入和查询加密数据。注意,字段级别的加密只适用于指定了加密选项的加密客户端。
这里推荐使用腾讯云的云数据库MongoDB产品作为Mongodb的托管服务。你可以访问腾讯云官网获取更多关于腾讯云数据库MongoDB的信息:腾讯云数据库MongoDB
腾讯位置服务技术沙龙
第四期Techo TVP开发者峰会
云+社区技术沙龙[第17期]
腾讯云GAME-TECH游戏开发者技术沙龙
DB TALK 技术分享会
腾讯云GAME-TECH沙龙
Elastic 中国开发者大会
腾讯云GAME-TECH游戏开发者技术沙龙
云+社区技术沙龙[第9期]
云+社区技术沙龙[第6期]
领取专属 10元无门槛券
手把手带您无忧上云