When creating a data encryption key via the createKey() method for client-side field level encryption, a new document is created that contains fields such as a UUID, encrypted key, creationDate, updateDate, status, and masterKey document.

 

Here are a few examples of documents that were created using the 3.11.0 sync driver:

{ "_id" : UUID("bdc04a10-a231-4a2e-b8d2-af32cf3f9b77"), "keyMaterial" : BinData(0,"F/J5R4YVcvxYh1QcdrZ1zXbqkEGEzH4UctOpzqHw3JfGeAf2wfv7nh6jsSMDSIpx0ueRX5aWPy/hWYe69A9wGryR5ecSRYgeNp2FdFzLjTQ73fZcEZ/Szf+pw6wzHI+mc0qDAM5cRwtthcXiNx4mvQcEQyaP7PLwglU5Dt182CvrbukcMDfkcHfVMA3wJRZlJ+sH/d0vaSwPc2P8F8wctg=="), "creationDate" : ISODate("20404-12-07T04:50:09Z"), "updateDate" : ISODate("20404-12-07T04:50:09Z"), "status" : 0, "masterKey" : \{ "provider" : "local" }

}

{ "_id" : UUID("222b2c28-49a8-417d-a711-0be15978625a"), "keyMaterial" : BinData(0,"7BlqwT30CgVT/8mGR0iU16JJvWrbXYRwCkgW5xHAmTWJV3fqZewJBEVfiGyuUg85qwAN2RsomX1MKiJnbtDOIacbtJIuLN1d7tucpt9D1tsXY5hBPCSs7ZGgOVipvdQdG/rFzthMnUnWR9SUoRSoXWdgsdWCw/vMv4RqegIgqsea09pOl9UyCZfJ4FSAgK2KsUTOZlpqWZRMebUvqH6jHA=="), "creationDate" : ISODate("20405-07-25T14:11:53Z"), "updateDate" : ISODate("20405-07-25T14:11:53Z"), "status" : 0, "masterKey" : \{ "provider" : "local" }

}

{ "_id" : UUID("450b1a1f-0462-4448-b81b-4bd1b4187823"), "keyMaterial" : BinData(0,"/e4RMEFJV0j5MAl/O3ohYgUeUyAVVqPMXGblRtjKbFUJk2uTcaeHISVifV1pq/djB6PIAEuPwpu/QDr3KDM+8ma4umPNfPc2cShk+++jpNDYWQOTbHkpjwdkpV09mnyIJ7h1N+78zwp35NUxL6sYH3Xj5vRjfecL7a1GaXARpzwP3QCcWEnhlmvppk8IwBhS8JCkdb3U6oQX47kwNDNCwA=="), "creationDate" : ISODate("20458-07-07T19:33:47Z"), "updateDate" : ISODate("20458-07-07T19:33:47Z"), "status" : 0, "masterKey" : \{ "provider" : "local" }

}

{ "_id" : UUID("31c062d2-2d74-4a9e-ac6f-914637163387"), "keyMaterial" : BinData(0,"ecsjyG4R8uZjI5Bu21j54F8PzSyyuW3yG5qIoaMUa1DTyiFmN2k9+RpzAA6CmTV4E7/5FBj2Po0vOmu6VjKROto0r6tEenMyxlN4soB2hQbZdVgT2ejl6WEVQIVCuVmc32IqTH+DhhuEEEu1SPNys7w6I3YBegHVFhNtpXjeHWNpDYnqg1iOdoeD5d8V1PaTbBWPi6tqKuNS2LeySgXfsQ=="), "creationDate" : ISODate("20830-06-26T18:44:26Z"), "updateDate" : ISODate("20830-06-26T18:44:26Z"), "status" : 0, "masterKey" : \{ "provider" : "local" }

}

{ "_id" : UUID("dad3a063-4f9b-48f8-bf4e-7ca9d323fd1c"), "keyMaterial" : BinData(0,"2ONi+GlkEKdVUjxoEFFkGI8aocBJlXo0enuKEuRQUZGbjbh11dschs50ongK5j7Si819v6lsx/kCkf6hybhPKoZkYbDtToKuhjIpS7KrfG//50gwEe/wtO7OK6CkIXxn1Mi9Z5HLOMzMfGb9chkhV3qohYaMxhKr3ZFiROU0gs+WMky2hKQdVQNg8I2wRHBWMydLDqPawWbJo7rs6GNCzQ=="), "creationDate" : ISODate("23600-04-13T02:22:54Z"), "updateDate" : ISODate("23600-04-13T02:22:54Z"), "status" : 0, "masterKey" : \{ "provider" : "local" }

}

{ "_id" : UUID("37541a82-b051-4338-97df-86a0780a6a22"), "keyMaterial" : BinData(0,"6sdjYoBmLaqsVs8vyMn+M1CLlNPKHwoEJvxf9vgcbuUl4RUywGzebR4GpnIb5K76v2tQnIkZDwkEFtYqRWpUEDq3AhvCBSA4RZNJV1d8ICLkeZRpGFCUTldrL5BBKFFMZmA5RMGgTh22VxSsy/9NTzAiRihdn4cIvYSttTXzgtRjIuSTOj5y+fDWhYvZt6Ey7PkotwFE75WG40GA/Ics/g=="), "creationDate" : ISODate("25770-08-11T07:31:17Z"), "updateDate" : ISODate("25770-08-11T07:31:17Z"), "status" : 0, "masterKey" : \{ "provider" : "local" }

}

 

 

 

 

These data encryption keys can be generated either with the sample code from the driver repo:

https://github.com/mongodb/mongo-java-driver/blob/master/driver-sync/src/examples/tour/ClientSideEncryptionSimpleTour.java

Or by following instructions in this use-case guide:

https://docs.mongodb.com/ecosystem/use-cases/sensitive-data-encryption