From 102258c2bca6389a3ccc6a405cc6f298d593f061 Mon Sep 17 00:00:00 2001 From: Bailey Pearson Date: Mon, 3 Jun 2024 15:54:29 -0600 Subject: [PATCH 1/3] add TS support for KMIP data key options --- .../client_encryption.ts | 35 ++++++++++++------- 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/src/client-side-encryption/client_encryption.ts b/src/client-side-encryption/client_encryption.ts index a9e77ed191..fc6800fab6 100644 --- a/src/client-side-encryption/client_encryption.ts +++ b/src/client-side-encryption/client_encryption.ts @@ -773,6 +773,7 @@ export interface ClientEncryptionRewrapManyDataKeyProviderOptions { | AWSEncryptionKeyOptions | AzureEncryptionKeyOptions | GCPEncryptionKeyOptions + | KMIPEncryptionKeyOptions | undefined; } @@ -885,6 +886,26 @@ export interface AzureEncryptionKeyOptions { keyVersion?: string | undefined; } + +/** + * @public + * Configuration options for making an Azure encryption key + */ +export interface KMIPEncryptionKeyOptions { + /** + * keyId is the KMIP Unique Identifier to a 96 byte KMIP Secret Data managed object. + * + * If keyId is omitted, the driver creates a random 96 byte KMIP Secret Data managed object. + */ + keyId?: string; + + /** + * Host with optional port. + */ + endpoint?: string; +} + + /** * @public * Options to provide when creating a new data key. @@ -897,6 +918,7 @@ export interface ClientEncryptionCreateDataKeyProviderOptions { | AWSEncryptionKeyOptions | AzureEncryptionKeyOptions | GCPEncryptionKeyOptions + | KMIPEncryptionKeyOptions | undefined; /** @@ -909,19 +931,6 @@ export interface ClientEncryptionCreateDataKeyProviderOptions { keyMaterial?: Buffer | Binary; } -/** - * @public - * @experimental - */ -export interface ClientEncryptionRewrapManyDataKeyProviderOptions { - provider: ClientEncryptionDataKeyProvider; - masterKey?: - | AWSEncryptionKeyOptions - | AzureEncryptionKeyOptions - | GCPEncryptionKeyOptions - | undefined; -} - /** * @public * @experimental From 6296cb8ac16ee95234bf66bed4b725eceeb1db50 Mon Sep 17 00:00:00 2001 From: Bailey Pearson Date: Mon, 3 Jun 2024 16:21:17 -0600 Subject: [PATCH 2/3] fix docs on FLE type --- src/client-side-encryption/client_encryption.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/client-side-encryption/client_encryption.ts b/src/client-side-encryption/client_encryption.ts index fc6800fab6..620cd7def8 100644 --- a/src/client-side-encryption/client_encryption.ts +++ b/src/client-side-encryption/client_encryption.ts @@ -895,7 +895,7 @@ export interface KMIPEncryptionKeyOptions { /** * keyId is the KMIP Unique Identifier to a 96 byte KMIP Secret Data managed object. * - * If keyId is omitted, the driver creates a random 96 byte KMIP Secret Data managed object. + * If keyId is omitted, a random 96 byte KMIP Secret Data managed object will be created. */ keyId?: string; From 0663097d8c02da9a56121de6706e4f8fa13f53e8 Mon Sep 17 00:00:00 2001 From: Bailey Pearson Date: Tue, 4 Jun 2024 10:40:34 -0600 Subject: [PATCH 3/3] ae-forgotten-export --- src/client-side-encryption/client_encryption.ts | 4 +--- src/index.ts | 1 + 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/src/client-side-encryption/client_encryption.ts b/src/client-side-encryption/client_encryption.ts index 620cd7def8..3a663e905f 100644 --- a/src/client-side-encryption/client_encryption.ts +++ b/src/client-side-encryption/client_encryption.ts @@ -886,10 +886,9 @@ export interface AzureEncryptionKeyOptions { keyVersion?: string | undefined; } - /** * @public - * Configuration options for making an Azure encryption key + * Configuration options for making a KMIP encryption key */ export interface KMIPEncryptionKeyOptions { /** @@ -905,7 +904,6 @@ export interface KMIPEncryptionKeyOptions { endpoint?: string; } - /** * @public * Options to provide when creating a new data key. diff --git a/src/index.ts b/src/index.ts index 7c0bfdf841..daeae592d2 100644 --- a/src/index.ts +++ b/src/index.ts @@ -225,6 +225,7 @@ export type { ClientEncryptionRewrapManyDataKeyResult, DataKey, GCPEncryptionKeyOptions, + KMIPEncryptionKeyOptions, RangeOptions } from './client-side-encryption/client_encryption'; export {