DOCSP-23032 ensure FLE2 options are passed through to driver (#1417)

jmd-mongo · web-flow · commit 9cb8ad60e9eb · 2022-07-11T11:30:55.000-04:00
* ensure FLE2 options are passed through to driver

* internal review

* external review feedback

* external review feedback
diff --git a/source/reference/method/ClientEncryption.encrypt.txt b/source/reference/method/ClientEncryption.encrypt.txt
@@ -61,19 +61,40 @@ ClientEncryption.encrypt()
 
         - The value to encrypt.
 
-      * - ``encryptionAlgorithm``
+      * - ``encryptionAlgorithm`` or ``encryptionOptions``
         
-        - string
+        - string or document
         
-        - The encryption algorithm to use for encrypting the ``value``.
+        - When specifying ``encryptionAlgorithm``:
+
+          The encryption algorithm to use for encrypting the ``value``.
 
           - ``AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic``
 
           - ``AEAD_AES_256_CBC_HMAC_SHA_512-Random``
+
+          - ``Indexed``
+
+          - ``Unindexed``
           
           For complete documentation on the supported encryption
           algorithms, see :ref:`field-level-encryption-algorithms`.
 
+        - When specifying ``encryptionOptions``:
+
+          - ``algorithm``: The encryption algorithm to use for 
+            encrypting the ``value``.
+           
+          - ``keyId``: ID of the data decryption key.
+
+          - ``contentionFactor``: Required when ``algorithm`` is set
+            to ``Indexed``. Related to the frequency of the values for 
+            this field.
+
+          - ``queryType``: The only query type currently supported is
+            ``"equality"``. ``queryType`` must be set when algorithm is 
+            not ``Indexed``.
+
    :returns:
   
      A :bsontype:`binary data <Binary>`  object with
diff --git a/source/reference/method/KeyVault.createKey.txt b/source/reference/method/KeyVault.createKey.txt
@@ -148,6 +148,18 @@ KeyVault.createKey()
           <index-type-partial>` filter for only documents where
           ``keyAltNames`` exists.
 
+      * - ``options``
+        - document
+        - *Optional*
+        
+          A document that specifies options for the new key.
+          ``options`` has the following fields:
+
+          - ``masterKey``: the new master key to encrypt data.
+          - ``keyAltNames``: an array of alternate names, one per 
+            master key.
+          - ``keyMaterial``: bindata used to create the key.
+
    :returns:
   
      The ``UUID`` unique identifier of the created data encryption
