@@ -27,31 +27,31 @@ encryption.
27
27
crypt_shared
28
28
~~~~~~~~~~~~
29
29
30
- The :manual:`Automatic Encryption Shared Library </manual/ core/queryable-encryption/reference/shared-library/>`
30
+ The :manual:`Automatic Encryption Shared Library </core/queryable-encryption/reference/shared-library/>`
31
31
(crypt_shared) provides the same functionality as mongocryptd_, but does not
32
32
require you to spawn another process to perform automatic encryption.
33
33
34
34
By default, the PHP driver attempts to load crypt_shared from the system path(s)
35
35
and uses it automatically if found. To load crypt_shared from another location,
36
36
use the ``cryptSharedLibPath`` auto encryption
37
- :php:`driver option <mongodb-driver-manager.construct.php#mongodb-driver-manager.construct-driveroptions>`
37
+ :php:`driver option <manual/en/ mongodb-driver-manager.construct.php#mongodb-driver-manager.construct-driveroptions>`
38
38
when constructing a client. If the driver cannot load crypt_shared it will
39
39
attempt to fallback to using mongocryptd by default. The
40
40
``cryptSharedLibRequired`` option may be used to always require crypt_shared and
41
41
fail if it cannot be loaded.
42
42
43
43
For detailed installation instructions see the MongoDB documentation for the
44
- :manual:`Automatic Encryption Shared Library </manual/ core/queryable-encryption/reference/shared-library/>`.
44
+ :manual:`Automatic Encryption Shared Library </core/queryable-encryption/reference/shared-library/>`.
45
45
46
46
47
47
mongocryptd
48
48
~~~~~~~~~~~
49
49
50
50
The mongocryptd binary is an alternative requirement for automatic client-side
51
51
encryption and is included as a component in the
52
- :manual:`MongoDB Enterprise Server package </manual/ administration/install-enterprise/>`.
52
+ :manual:`MongoDB Enterprise Server package </administration/install-enterprise/>`.
53
53
For detailed installation instructions see the
54
- :manual:`MongoDB documentation on mongocryptd </manual/ core/csfle/reference/mongocryptd/>`.
54
+ :manual:`MongoDB documentation on mongocryptd </core/csfle/reference/mongocryptd/>`.
55
55
56
56
mongocryptd performs the following:
57
57
@@ -64,12 +64,12 @@ mongocryptd performs the following:
64
64
65
65
- Rejects read/write operations that may return unexpected or incorrect results
66
66
when applied to an encrypted field. For supported and unsupported operations,
67
- see :manual:`Supported Operations for Automatic Encryption </manual/ core/csfle/reference/supported-operations/>`.
67
+ see :manual:`Supported Operations for Automatic Encryption </core/csfle/reference/supported-operations/>`.
68
68
69
69
A client configured with auto encryption will automatically spawn the
70
70
mongocryptd process from the application's ``PATH``. Applications can control
71
71
the spawning behavior via various auto encryption
72
- :php:`driver options <mongodb-driver-manager.construct.php#mongodb-driver-manager.construct-driveroptions>`.
72
+ :php:`driver options <manual/en/ mongodb-driver-manager.construct.php#mongodb-driver-manager.construct-driveroptions>`.
73
73
74
74
mongocryptd is only responsible for supporting automatic client-side encryption
75
75
and does not itself perform any encryption or decryption.
@@ -78,6 +78,7 @@ and does not itself perform any encryption or decryption.
78
78
Managing Encryption Keys
79
79
------------------------
80
80
81
+ .. seealso:: :manual:`Encryption Key Management </core/csfle/fundamentals/manage-keys/>` in the MongoDB manual
81
82
82
83
Creating an Encryption Key
83
84
~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -101,8 +102,6 @@ more than one encryption key or create them dynamically.
101
102
.. literalinclude:: /examples/create_data_key.php
102
103
:language: php
103
104
104
- .. seealso:: :manual:`Encryption Key Management </csfle/fundamentals/manage-keys/>` in the MongoDB manual
105
-
106
105
107
106
Referencing Encryption Keys by an Alternative Name
108
107
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -127,11 +126,11 @@ Client-Side Field Level Encryption
127
126
----------------------------------
128
127
129
128
Introduced in MongoDB 4.2,
130
- :manual:`Client-Side Field Level Encryption </manual/ core/csfle/>` allows an
129
+ :manual:`Client-Side Field Level Encryption </core/csfle/>` allows an
131
130
application to encrypt specific data fields in addition to pre-existing MongoDB
132
131
encryption features such as
133
- :manual:`Encryption at Rest </manual/ core/security-encryption-at-rest/>` and
134
- :manual:`TLS/SSL (Transport Encryption) </manual/ core/security-transport-encryption/>`.
132
+ :manual:`Encryption at Rest </core/security-encryption-at-rest/>` and
133
+ :manual:`TLS/SSL (Transport Encryption) </core/security-transport-encryption/>`.
135
134
136
135
With field level encryption, applications can encrypt fields in documents prior
137
136
to transmitting data over the wire to the server. Client-side field level
@@ -150,7 +149,7 @@ Automatic Client-Side Field Level Encryption
150
149
151
150
Automatic client-side field level encryption is enabled by creating a client and
152
151
specifying the ``autoEncryption``
153
- :php:`driver option <mongodb-driver-manager.construct.php#mongodb-driver-manager.construct-driveroptions>`.
152
+ :php:`driver option <manual/en/ mongodb-driver-manager.construct.php#mongodb-driver-manager.construct-driveroptions>`.
154
153
The following examples demonstrate how to setup automatic client-side field
155
154
level encryption and use a
156
155
:php:`MongoDB\\Driver\\ClientEncryption <class.mongodb-driver-clientencryption>`
@@ -184,7 +183,7 @@ Server-Side Field Level Encryption Enforcement
184
183
The MongoDB 4.2+ server supports using schema validation to enforce encryption
185
184
of specific fields in a collection. This schema validation will prevent an
186
185
application from inserting unencrypted values for any fields marked with the
187
- :manual:`"encrypt`` JSON schema keyword </core/csfle/reference/encryption-schemas/>`.
186
+ :manual:`"encrypt" JSON schema keyword </core/csfle/reference/encryption-schemas/>`.
188
187
189
188
The following example sets up a collection with automatic encryption using a
190
189
``$jsonSchema`` validator and
@@ -214,7 +213,7 @@ Although automatic encryption requires MongoDB 4.2+ enterprise or a MongoDB 4.2+
214
213
Atlas cluster, automatic *decryption* is supported for all users. To configure
215
214
automatic decryption without automatic encryption set the
216
215
``bypassAutoEncryption`` auto encryption
217
- :php:`driver option <mongodb-driver-manager.construct.php#mongodb-driver-manager.construct-driveroptions>`
216
+ :php:`driver option <manual/en/ mongodb-driver-manager.construct.php#mongodb-driver-manager.construct-driveroptions>`
218
217
when constructing a client.
219
218
220
219
.. literalinclude:: /examples/csfle-explicit_encryption_automatic_decryption.php
@@ -225,7 +224,7 @@ Queryable Encryption
225
224
--------------------
226
225
227
226
Introduced in MongoDB 7.0,
228
- :manual:`Queryable Encryption </manual/ core/queryable-encryption/>` is another
227
+ :manual:`Queryable Encryption </core/queryable-encryption/>` is another
229
228
form of in-use encryption. Data is encrypted client-side. Queryable Encryption
230
229
supports indexed encrypted fields, which are further processed server-side.
231
230
0 commit comments