fix(NODE-6241): allow Binary as local kms provider key for auto encryption (#4165)

Author: baileympearson

src/client-side-encryption/auto_encrypter.ts

@@ -26,85 +26,7 @@ export interface AutoEncryptionOptions {
  /** The namespace where keys are stored in the key vault */
  keyVaultNamespace?: string;
  /** Configuration options that are used by specific KMS providers during key generation, encryption, and decryption. */
- kmsProviders?: {
- /** Configuration options for using 'aws' as your KMS provider */
- aws?:
- | {
- /** The access key used for the AWS KMS provider */
- accessKeyId: string;
- /** The secret access key used for the AWS KMS provider */
- secretAccessKey: string;
- /**
- * An optional AWS session token that will be used as the
- * X-Amz-Security-Token header for AWS requests.
- */
- sessionToken?: string;
- }
- | Record<string, never>;
- /** Configuration options for using 'local' as your KMS provider */
- local?: {
- /**
- * The master key used to encrypt/decrypt data keys.
- * A 96-byte long Buffer or base64 encoded string.
- */
- key: Buffer | string;
- };
- /** Configuration options for using 'azure' as your KMS provider */
- azure?:
- | {
- /** The tenant ID identifies the organization for the account */
- tenantId: string;
- /** The client ID to authenticate a registered application */
- clientId: string;
- /** The client secret to authenticate a registered application */
- clientSecret: string;
- /**
- * If present, a host with optional port. E.g. "example.com" or "example.com:443".
- * This is optional, and only needed if customer is using a non-commercial Azure instance
- * (e.g. a government or China account, which use different URLs).
- * Defaults to "login.microsoftonline.com"
- */
- identityPlatformEndpoint?: string | undefined;
- }
- | {
- /**
- * If present, an access token to authenticate with Azure.
- */
- accessToken: string;
- }
- | Record<string, never>;
- /** Configuration options for using 'gcp' as your KMS provider */
- gcp?:
- | {
- /** The service account email to authenticate */
- email: string;
- /** A PKCS#8 encrypted key. This can either be a base64 string or a binary representation */
- privateKey: string | Buffer;
- /**
- * If present, a host with optional port. E.g. "example.com" or "example.com:443".
- * Defaults to "oauth2.googleapis.com"
- */
- endpoint?: string | undefined;
- }
- | {
- /**
- * If present, an access token to authenticate with GCP.
- */
- accessToken: string;
- }
- | Record<string, never>;
- /**
- * Configuration options for using 'kmip' as your KMS provider
- */
- kmip?: {
- /**
- * The output endpoint string.
- * The endpoint consists of a hostname and port separated by a colon.
- * E.g. "example.com:123". A port is always present.
- */
- endpoint?: string;
- };
- };
+ kmsProviders?: KMSProviders;
  /**
  * A map of namespaces to a local JSON schema for encryption
  *