ClientEncryption options for queryable encryption

https://jira.mongodb.org/browse/PHPC-2092

reference/mongodb/mongodb/driver/clientencryption.xml

@@ -49,6 +49,24 @@
      <varname linkend="mongodb-driver-clientencryption.constants.random">MongoDB\Driver\ClientEncryption::AEAD_AES_256_CBC_HMAC_SHA_512_RANDOM</varname>
      <initializer>AEAD_AES_256_CBC_HMAC_SHA_512-Random</initializer>
     </fieldsynopsis>
+    <fieldsynopsis>
+     <modifier>const</modifier>
+     <type>string</type>
+     <varname linkend="mongodb-driver-clientencryption.constants.algorithm-indexed">MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED</varname>
+     <initializer>Indexed</initializer>
+    </fieldsynopsis>
+    <fieldsynopsis>
+     <modifier>const</modifier>
+     <type>string</type>
+     <varname linkend="mongodb-driver-clientencryption.constants.algorithm-unindexed">MongoDB\Driver\ClientEncryption::ALGORITHM_UNINDEXED</varname>
+     <initializer>Unindexed</initializer>
+    </fieldsynopsis>
+    <fieldsynopsis>
+     <modifier>const</modifier>
+     <type>int</type>
+     <varname linkend="mongodb-driver-clientencryption.constants.query-type-equality">MongoDB\Driver\ClientEncryption::QUERY_TYPE_EQUALITY</varname>
+     <initializer>0</initializer>
+    </fieldsynopsis>
 
     <classsynopsisinfo role="comment">&Methods;</classsynopsisinfo>
     <xi:include xpointer="xmlns(db=http://docbook.org/ns/docbook) xpointer(id('class.mongodb-driver-clientencryption')/db:refentry/db:refsect1[@role='description']/descendant::db:methodsynopsis[not(@role='procedural')])" />
@@ -76,6 +94,28 @@
      </listitem>
     </varlistentry>
 
+    <varlistentry xml:id="mongodb-driver-clientencryption.constants.algorithm-indexed">
+     <term><constant>MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED</constant></term>
+     <listitem>
+      <para>Specifies an algorithm for an indexed, encrypted payload, which can be used with queryable encryption.</para>
+      <para>To insert or query with an indexed, encrypted payload, the <classname>MongoDB\Driver\Manager</classname> must be configured with the <literal>"autoEncryption"</literal> driver option. The <literal>"bypassQueryAnalysis"</literal> auto encryption option may be &true;. The <literal>"bypassAutoEncryption"</literal> auto encryption option must be &false;.</para>
+     </listitem>
+    </varlistentry>
+
+    <varlistentry xml:id="mongodb-driver-clientencryption.constants.algorithm-unindexed">
+     <term><constant>MongoDB\Driver\ClientEncryption::ALGORITHM_UNINDEXED</constant></term>
+     <listitem>
+      <para>Specifies an algorithm for an unindexed, encrypted payload.</para>
+     </listitem>
+    </varlistentry>
+
+    <varlistentry xml:id="mongodb-driver-clientencryption.constants.query-type-equality">
+     <term><constant>MongoDB\Driver\ClientEncryption::QUERY_TYPE_EQUALITY</constant></term>
+     <listitem>
+      <para>Specifies an equality query type, which is used in conjunction with <constant>MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED</constant>.</para>
+     </listitem>
+    </varlistentry>
+
    </variablelist>
   </section>
   <!-- }}} -->

reference/mongodb/mongodb/driver/clientencryption/encrypt.xml

@@ -52,8 +52,30 @@
           <entry><type>string</type></entry>
           <entry>
            <para>
-            The encryption algorithm to be used. Use the constants defined in
-            <classname>MongoDB\Driver\ClientEncryption</classname>.
+            The encryption algorithm to be used. This option is required.
+            Specify one of the following
+            <link linkend="mongodb-driver-clientencryption.constants">ClientEncryption constants</link>:
+           </para>
+           <simplelist>
+            <member><constant>MongoDB\Driver\ClientEncryption::AEAD_AES_256_CBC_HMAC_SHA_512_DETERMINISTIC</constant></member>
+            <member><constant>MongoDB\Driver\ClientEncryption::AEAD_AES_256_CBC_HMAC_SHA_512_RANDOM</constant></member>
+            <member><constant>MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED</constant></member>
+            <member><constant>MongoDB\Driver\ClientEncryption::ALGORITHM_UNINDEXED</constant></member>
+           </simplelist>
+          </entry>
+         </row>
+         <row>
+          <entry>contentionFactor</entry>
+          <entry><type>int</type></entry>
+          <entry>
+           <para>
+            The contention factor for evaluating queries with indexed, encrypted
+            payloads.
+           </para>
+           <para>
+            This option only applies and may only be specified when
+            <literal>algorithm</literal> is
+            <constant>MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED</constant>.
            </para>
           </entry>
          </row>
@@ -63,7 +85,8 @@
           <entry>
            <para>
             Identifies a key vault collection document by
-            <literal>keyAltName</literal>.
+            <literal>keyAltName</literal>. This option is mutually exclusive
+            with <literal>keyId</literal> and exactly one is required.
            </para>
           </entry>
          </row>
@@ -73,7 +96,26 @@
           <entry>
            <para>
             Identifies a data key by <literal>_id</literal>. The value is a UUID
-            (binary subtype 4).
+            (binary subtype 4). This option is mutually exclusive with
+            <literal>keyAltName</literal> and exactly one is required.
+           </para>
+          </entry>
+         </row>
+         <row>
+          <entry>queryType</entry>
+          <entry><type>int</type></entry>
+          <entry>
+           <para>
+            The query type for evaluating queries with indexed, encrypted
+            payloads. Specify one of the following
+            <link linkend="mongodb-driver-clientencryption.constants">ClientEncryption constants</link>:
+           </para>
+           <simplelist>
+            <member><constant>MongoDB\Driver\ClientEncryption::QUERY_TYPE_EQUALITY</constant></member>
+           </simplelist>
+           <para>This option only applies and may only be specified when
+            <literal>algorithm</literal> is
+            <constant>MongoDB\Driver\ClientEncryption::ALGORITHM_INDEXED</constant>.
            </para>
           </entry>
          </row>
@@ -81,12 +123,6 @@
        </tgroup>
       </table>
      </para>
-     <note>
-      <simpara>
-       Exactly one of <literal>keyId</literal> and <literal>keyAltName</literal>
-       must be provided. The <literal>algorithm</literal> option is required.
-      </simpara>
-     </note>
     </listitem>
    </varlistentry>
   </variablelist>
@@ -108,6 +144,31 @@
   </simplelist>
  </refsect1>
 
+ <refsect1 role="changelog">
+  &reftitle.changelog;
+  <para>
+   <informaltable>
+    <tgroup cols="2">
+     <thead>
+      <row>
+       <entry>&Version;</entry>
+       <entry>&Description;</entry>
+      </row>
+     </thead>
+     <tbody>
+      <row>
+       <entry>PECL mongodb 1.14.0</entry>
+       <entry>
+        Added the <literal>"contentionFactor"</literal> and
+        <literal>"queryType"</literal> options.
+       </entry>
+      </row>
+     </tbody>
+    </tgroup>
+   </informaltable>
+  </para>
+ </refsect1>
+
  <refsect1 role="seealso">
   &reftitle.seealso;
   <simplelist>

reference/mongodb/mongodb/driver/manager/construct.xml

@@ -764,7 +764,7 @@ mongodb://[username:password@]host1[:port1][,host2[:port2],...[,hostN[:portN]]][
                 <entry>
                  With this option set to &true;, <literal>mongocryptd</literal>
                  will not be spawned automatically. This is used to disable
-                 automatic encryption.
+                 automatic encryption. Defaults to &false;.
                 </entry>
                </row>
                <row>