forked from mongodb-js/mongodb-client-encryption
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.ts
More file actions
140 lines (126 loc) · 4.24 KB
/
index.ts
File metadata and controls
140 lines (126 loc) · 4.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
import { cryptoCallbacks } from './crypto_callbacks';
export { cryptoCallbacks };
function load() {
try {
return require('../build/Release/mongocrypt.node');
} catch {
// Webpack will fail when just returning the require, so we need to wrap
// in a try/catch and rethrow.
/* eslint no-useless-catch: 0 */
try {
return require('../build/Debug/mongocrypt.node');
} catch (error) {
throw error;
}
}
}
const mc: MongoCryptBindings = load();
/**
* The value returned by the native bindings
* reference the `Init(Env env, Object exports)` function in the c++
*/
type MongoCryptBindings = {
MongoCrypt: MongoCryptConstructor;
MongoCryptContextCtor: MongoCryptContextCtor;
MongoCryptKMSRequestCtor: MongoCryptKMSRequest;
};
export interface MongoCryptKMSRequest {
addResponse(response: Uint8Array): void;
fail(): boolean;
readonly status: MongoCryptStatus;
readonly bytesNeeded: number;
readonly uSleep: number;
readonly kmsProvider: string;
readonly endpoint: string;
readonly message: Buffer;
}
export interface MongoCryptStatus {
type: number;
code: number;
message?: string;
}
export interface MongoCryptContext {
nextMongoOperation(): Buffer;
addMongoOperationResponse(response: Uint8Array): void;
finishMongoOperation(): void;
nextKMSRequest(): MongoCryptKMSRequest | null;
provideKMSProviders(providers: Uint8Array): void;
finishKMSRequests(): void;
finalize(): Buffer;
get status(): MongoCryptStatus;
get state(): number;
}
type MongoCryptConstructorOptions = {
kmsProviders?: Uint8Array;
schemaMap?: Uint8Array;
encryptedFieldsMap?: Uint8Array;
logger?: unknown;
cryptoCallbacks?: Record<string, unknown>;
cryptSharedLibSearchPaths?: string[];
cryptSharedLibPath?: string;
bypassQueryAnalysis?: boolean;
/** Configure the time to expire the DEK from the cache. */
keyExpirationMS?: number;
};
export interface MongoCryptConstructor {
new(options: MongoCryptConstructorOptions): MongoCrypt;
libmongocryptVersion: string;
}
export interface MongoCrypt {
makeEncryptionContext(ns: string, command: Uint8Array): MongoCryptContext;
makeExplicitEncryptionContext(
value: Uint8Array,
options?: {
keyId?: Uint8Array;
keyAltName?: Uint8Array;
algorithm?: string;
rangeOptions?: Uint8Array;
textOptions?: Uint8Array;
contentionFactor?: bigint | number;
queryType?: string;
/**
* node-binding specific option
*
* When true, creates a `mongocrypt_ctx_explicit_encrypt_expression` context.
* When false, creates a `mongocrypt_ctx_explicit_encrypt`
*/
expressionMode: boolean;
}
): MongoCryptContext;
makeDecryptionContext(buffer: Uint8Array): MongoCryptContext;
makeExplicitDecryptionContext(buffer: Uint8Array): MongoCryptContext;
makeDataKeyContext(
optionsBuffer: Uint8Array,
options: {
keyAltNames?: Uint8Array[];
keyMaterial?: Uint8Array;
}
): MongoCryptContext;
makeRewrapManyDataKeyContext(filter: Uint8Array, encryptionKey?: Uint8Array): MongoCryptContext;
readonly status: MongoCryptStatus;
readonly cryptSharedLibVersionInfo: {
version: bigint;
versionStr: string;
} | null;
readonly cryptoHooksProvider: 'js' | 'native_openssl' | null;
}
export type ExplicitEncryptionContextOptions = NonNullable<
Parameters<MongoCrypt['makeExplicitEncryptionContext']>[1]
>;
export type DataKeyContextOptions = NonNullable<Parameters<MongoCrypt['makeDataKeyContext']>[1]>;
export type MongoCryptOptions = NonNullable<ConstructorParameters<MongoCryptConstructor>[0]>;
export const MongoCrypt: MongoCryptConstructor = class MongoCrypt extends mc.MongoCrypt {
constructor(options: MongoCryptConstructorOptions) {
// Pass in JS cryptoCallbacks implementation by default.
// If the Node.js openssl version is supported this will be ignored.
super(
// @ts-expect-error: intentionally passing in an argument that will throw to preserve existing behavior
options == null || typeof options !== 'object' ? undefined : { cryptoCallbacks, ...options }
);
}
};
/** exported for testing only. */
interface MongoCryptContextCtor {
new(): MongoCryptContext;
}
export const MongoCryptContextCtor: MongoCryptContextCtor = mc.MongoCryptContextCtor;