DOCSP-24993 corrects encryptionAlgorithm docs on ClientEncryption.encrypt (#1786)

* DOCSP-24993 corrects encryptionAlgorithm docs on ClientEncryption.encrypt

* tech review feedback

Author: jmd-mongo

source/includes/5.1/removed-parameters.rst

@@ -1,13 +1,13 @@
 ref: csfle-requires-enabling-encryption
 content: |
 
-  The ``mongo`` client-side field level encryption methods
+  The :binary:`~bin.mongosh` client-side field level encryption methods
   require a database connection with client-side field level encryption
   enabled. If the current database connection was not initiated with
   client-side field level encryption enabled, either:
     
-  - Use the :method:`Mongo()` constructor from the ``mongo``
-    shell to establish a connection with the required client-side field
+  - Use the :method:`Mongo()` constructor from the :binary:`~bin.mongosh`
+    to establish a connection with the required client-side field
     level encryption options. The :method:`Mongo()` method supports the
     following Key Management Service (KMS) providers for Customer
     Master Key (CMK) management:
@@ -19,7 +19,8 @@ content: |
 
     *or*
 
-  - Use the ``mongo`` shell command line options to establish a
+  - Use the :binary:`~bin.mongosh` :ref:`command line options
+    <mongosh-client-side-field-level-encryption-options>` to establish a
     connection with the required options. The command line options only
     support the :ref:`Amazon Web Services KMS
     <field-level-encryption-aws-kms>` provider for CMK management. 
@@ -49,10 +50,10 @@ content: |
 
   To mitigate the risk of the AWS Access Key or AWS Secret Key leaking
   into logs, consider specifying an environment variable containing the
-  required values as part of the ``mongo`` startup. For
+  required values as part of the :binary:`~bin.mongosh` startup. For
   example, the following operation loads the ``AWS_ACCESS_KEY_ID`` and
   ``AWS_SECRET_ACCESS_KEY`` environment variables into local variables
-  in the ``mongo`` shell:
+  in :binary:`~bin.mongosh`:
 
   .. code-block:: bash
 
@@ -74,7 +75,7 @@ content: |
   managed key requires specifying a base64-encoded 96-byte
   string with no line breaks. The following operation generates
   a key that meets the stated requirements and loads it into
-  the ``mongo`` shell:
+  :binary:`~bin.mongosh`:
 
   .. code-block:: bash
      :emphasize-lines: 1

source/includes/extracts-client-side-field-level-encryption.yaml

@@ -0,0 +1,39 @@
+Configuring queryable encryption for a locally managed key requires 
+specifying a base64-encoded 96-byte string with no line breaks. The 
+following operation generates a key that meets the stated requirements 
+and loads it into :binary:`~bin.mongosh`:
+
+.. code-block:: bash
+  :emphasize-lines: 1
+
+  TEST_LOCAL_KEY=$(echo "$(head -c 96 /dev/urandom | base64 | tr -d '\n')")
+ 
+  mongosh --nodb
+
+Create the client-side field level encryption object using the
+generated local key string:
+
+.. code-block:: javascript
+  :emphasize-lines: 5
+
+  var autoEncryptionOpts = {
+    "keyVaultNamespace" : "encryption.__keyVault",
+    "kmsProviders" : {
+      "local" : {
+        "key" : BinData(0, process.env["TEST_LOCAL_KEY"])
+      }
+    }
+  }
+
+Use the :method:`Mongo()` constructor to create a database connection
+with the queryable encryption options. Replace the 
+``mongodb://myMongo.example.net`` URI with the :ref:`connection string
+URI <mongodb-uri>` of the target cluster.
+
+.. code-block:: javascript
+  :emphasize-lines: 2
+   
+  encryptedClient = Mongo( 
+    "mongodb://myMongo.example.net:27017/?replSetName=myMongo", 
+    autoEncryptionOpts
+  )