docs: generate docs

bindings/node/README.md

@@ -56,9 +56,25 @@ npm test
 </dd>
 </dl>
 
+## Functions
+
+<dl>
+<dt><a href="#loadCredentials">loadCredentials(kmsProviders)</a> ⇒ <code>Promise</code></dt>
+<dd><p>Load cloud provider credentials for the user provided kms providers.
+Credentials will only attempt to get loaded if they do not exist
+and no existing credentials will get overwritten.</p>
+</dd>
+</dl>
+
 ## Typedefs
 
 <dl>
+<dt><a href="#BSONValue">BSONValue</a> : <code>*</code></dt>
+<dd><p>any serializable BSON value</p>
+</dd>
+<dt><a href="#Long">Long</a> : <code>BSON.Long</code></dt>
+<dd><p>A 64 bit integer, represented by the js-bson Long type.</p>
+</dd>
 <dt><a href="#KMSProviders">KMSProviders</a> : <code>object</code></dt>
 <dd><p>Configuration options that are used by specific KMS providers during key generation, encryption, and decryption.</p>
 </dd>
@@ -100,6 +116,13 @@ query for the data key itself against the key vault namespace.</p>
 <dd></dd>
 <dt><a href="#ClientEncryptionEncryptCallback">ClientEncryptionEncryptCallback</a> : <code>function</code></dt>
 <dd></dd>
+<dt><a href="#RangeOptions">RangeOptions</a> : <code>object</code></dt>
+<dd><p>min, max, sparsity, and range must match the values set in the encryptedFields of the destination collection.
+For double and decimal128, min/max/precision must all be set, or all be unset.</p>
+</dd>
+<dt><a href="#EncryptOptions">EncryptOptions</a> : <code>object</code></dt>
+<dd><p>Options to provide when encrypting data.</p>
+</dd>
 </dl>
 
 <a name="AutoEncrypter"></a>
@@ -265,10 +288,14 @@ The public interface for explicit in-use encryption
 
         * [.encrypt(value, options, [callback])](#ClientEncryption+encrypt)
 
+        * [.encryptExpression(expression, options)](#ClientEncryption+encryptExpression)
+
         * [.decrypt(value, callback)](#ClientEncryption+decrypt)
 
         * [.askForKMSCredentials()](#ClientEncryption+askForKMSCredentials)
 
+        * [._encrypt(value, expressionMode, options)](#ClientEncryption+_encrypt)
+
     * _inner_
         * [~decryptCallback](#ClientEncryption..decryptCallback)
 
@@ -534,10 +561,7 @@ if (!oldKey) {
 | Param | Type | Description |
 | --- | --- | --- |
 | value | <code>\*</code> | The value that you wish to serialize. Must be of a type that can be serialized into BSON |
-| options | <code>object</code> |  |
-| [options.keyId] | [<code>ClientEncryptionDataKeyId</code>](#ClientEncryptionDataKeyId) | The id of the Binary dataKey to use for encryption |
-| [options.keyAltName] | <code>string</code> | A unique string name corresponding to an already existing dataKey. |
-| [options.algorithm] |  | The algorithm to use for encryption. Must be either `'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic'`, `'AEAD_AES_256_CBC_HMAC_SHA_512-Random'`, `'Indexed'` or `'Unindexed'` |
+| options | [<code>EncryptOptions</code>](#EncryptOptions) |  |
 | [callback] | [<code>ClientEncryptionEncryptCallback</code>](#ClientEncryptionEncryptCallback) | Optional callback to invoke when value is encrypted |
 
 Explicitly encrypt a provided value. Note that either `options.keyId` or `options.keyAltName` must
@@ -572,6 +596,21 @@ async function encryptMyData(value) {
   return clientEncryption.encrypt(value, { keyAltName: 'mySpecialKey', algorithm: 'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic' });
 }
 ```
+<a name="ClientEncryption+encryptExpression"></a>
+
+### *clientEncryption*.encryptExpression(expression, options)
+**Experimental**: The Range algorithm is experimental only. It is not intended for public use. It is subject to breaking changes.The aggregation or match expression you wish to encrypt.  The value must be in the form  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| expression | <code>object</code> | a BSON document of one of the following forms:  1. A Match Expression of this form:      `{$and: [{<field>: {$gt: <value1>}}, {<field>: {$lt: <value2> }}]}`  2. An Aggregate Expression of this form:      `{$and: [{$gt: [<fieldpath>, <value1>]}, {$lt: [<fieldpath>, <value2>]}]}`    `$gt` may also be `$gte`. `$lt` may also be `$lte`. |
+| options | [<code>EncryptOptions</code>](#EncryptOptions) |  |
+
+Encrypts a Match Expression or Aggregate Expression to query a range index.
+
+Only supported when queryType is "rangePreview" and algorithm is "RangePreview".
+
+**Returns**: <code>Promise.&lt;object&gt;</code> - Returns a Promise that either resolves with the encrypted value or rejects with an error.  
 <a name="ClientEncryption+decrypt"></a>
 
 ### *clientEncryption*.decrypt(value, callback)
@@ -607,6 +646,23 @@ This returns anything that looks like the kmsProviders original input
 option. It can be empty, and any provider specified here will override
 the original ones.
 
+<a name="ClientEncryption+_encrypt"></a>
+
+### *clientEncryption*._encrypt(value, expressionMode, options)
+**Internal**:   
+
+| Param | Type | Description |
+| --- | --- | --- |
+| value | <code>\*</code> | The value that you wish to encrypt. Must be of a type that can be serialized into BSON |
+| expressionMode | <code>boolean</code> | a boolean that indicates whether or not to encrypt the value as an expression |
+| options | [<code>EncryptOptions</code>](#EncryptOptions) |  |
+
+A helper that perform explicit encryption of values and expressions.
+Explicitly encrypt a provided value. Note that either `options.keyId` or `options.keyAltName` must
+be specified. Specifying both `options.keyId` and `options.keyAltName` is considered an error.
+
+**Returns**: the raw result of the call to stateMachine.execute().  When expressionMode is set to true, the return
+         value will be a bson document.  When false, the value will be a BSON Binary.  
 <a name="ClientEncryption..decryptCallback"></a>
 
 ### *ClientEncryption*~decryptCallback
@@ -621,6 +677,29 @@ the original ones.
 ## MongoCryptError
 An error indicating that something went wrong specifically with MongoDB Client Encryption
 
+<a name="loadCredentials"></a>
+
+## loadCredentials(kmsProviders)
+
+| Param | Type | Description |
+| --- | --- | --- |
+| kmsProviders | <code>Object</code> | The user provided kms providers. |
+
+Load cloud provider credentials for the user provided kms providers.
+Credentials will only attempt to get loaded if they do not exist
+and no existing credentials will get overwritten.
+
+**Returns**: <code>Promise</code> - The new kms providers.  
+<a name="BSONValue"></a>
+
+## BSONValue
+any serializable BSON value
+
+<a name="Long"></a>
+
+## Long
+A 64 bit integer, represented by the js-bson Long type.
+
 <a name="KMSProviders"></a>
 
 ## KMSProviders
@@ -771,3 +850,34 @@ Configuration options for making an Azure encryption key
 | [err] | <code>Error</code> | If present, indicates an error that occurred in the process of encryption |
 | [result] | <code>Buffer</code> | If present, is the encrypted result |
 
+<a name="RangeOptions"></a>
+
+## RangeOptions
+**Properties**
+
+| Name | Type | Description |
+| --- | --- | --- |
+| min | [<code>BSONValue</code>](#BSONValue) | is required if precision is set. |
+| max | [<code>BSONValue</code>](#BSONValue) | is required if precision is set. |
+| sparsity | <code>BSON.Long</code> |  |
+| precision | <code>number</code> \| <code>undefined</code> | (may only be set for double or decimal128). |
+
+min, max, sparsity, and range must match the values set in the encryptedFields of the destination collection.
+For double and decimal128, min/max/precision must all be set, or all be unset.
+
+<a name="EncryptOptions"></a>
+
+## EncryptOptions
+**Properties**
+
+| Name | Type | Description |
+| --- | --- | --- |
+| [keyId] | [<code>ClientEncryptionDataKeyId</code>](#ClientEncryptionDataKeyId) | The id of the Binary dataKey to use for encryption. |
+| [keyAltName] | <code>string</code> | A unique string name corresponding to an already existing dataKey. |
+| [algorithm] | <code>string</code> | The algorithm to use for encryption. Must be either `'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic'`, `'AEAD_AES_256_CBC_HMAC_SHA_512-Random'`, `'Indexed'` or `'Unindexed'` |
+| [contentionFactor] | <code>bigint</code> \| <code>number</code> | (experimental) - the contention factor. |
+| queryType | <code>&#x27;equality&#x27;</code> \| <code>&#x27;rangePreview&#x27;</code> | (experimental) - the query type supported. |
+| [rangeOptions] | [<code>RangeOptions</code>](#RangeOptions) | (experimental) The index options for a Queryable Encryption field supporting "rangePreview" queries. |
+
+Options to provide when encrypting data.
+