public void ParameterizedTests(
IEnvelopeEncryption <byte[]> envelopeEncryptionJson,
Mock <IMetastore <JObject> > metastore,
KeyState cacheIK,
KeyState metaIK,
KeyState cacheSK,
KeyState metaSK,
Partition partition)
{
using (Session <JObject, byte[]> sessionJsonImpl =
new SessionJsonImpl <byte[]>(envelopeEncryptionJson))
{
EncryptMetastoreInteractions encryptMetastoreInteractions =
new EncryptMetastoreInteractions(cacheIK, metaIK, cacheSK, metaSK);
DecryptMetastoreInteractions decryptMetastoreInteractions =
new DecryptMetastoreInteractions(cacheIK, cacheSK);
// encrypt with library object(sessionJsonImpl)
byte[] encryptedPayload = sessionJsonImpl.Encrypt(payload);
Assert.NotNull(encryptedPayload);
VerifyEncryptFlow(metastore, encryptMetastoreInteractions, partition);
metastore.Invocations.Clear();
JObject decryptedPayload = sessionJsonImpl.Decrypt(encryptedPayload);
VerifyDecryptFlow(metastore, decryptMetastoreInteractions, partition);
Assert.True(JToken.DeepEquals(payload, decryptedPayload));
}
}
public void ParameterizedTests(
IEnvelopeEncryption <byte[]> envelopeEncryptionJson,
Mock <MemoryPersistenceImpl <JObject> > metastorePersistence,
KeyState cacheIK,
KeyState metaIK,
KeyState cacheSK,
KeyState metaSK,
AppEncryptionPartition appEncryptionPartition)
{
using (AppEncryption <JObject, byte[]> appEncryptionJsonImpl =
new AppEncryptionJsonImpl <byte[]>(envelopeEncryptionJson))
{
EncryptMetastoreInteractions encryptMetastoreInteractions =
new EncryptMetastoreInteractions(cacheIK, metaIK, cacheSK, metaSK);
DecryptMetastoreInteractions decryptMetastoreInteractions =
new DecryptMetastoreInteractions(cacheIK, cacheSK);
// encrypt with library object(appEncryptionJsonImpl)
byte[] encryptedPayload = appEncryptionJsonImpl.Encrypt(payload);
Assert.NotNull(encryptedPayload);
VerifyEncryptFlow(metastorePersistence, encryptMetastoreInteractions, appEncryptionPartition);
metastorePersistence.Reset();
JObject decryptedPayload = appEncryptionJsonImpl.Decrypt(encryptedPayload);
VerifyDecryptFlow(metastorePersistence, decryptMetastoreInteractions, appEncryptionPartition);
Assert.True(JToken.DeepEquals(payload, decryptedPayload));
}
}
private void VerifyEncryptFlow(
Mock <IMetastore <JObject> > metastore,
EncryptMetastoreInteractions metastoreInteractions,
Partition partition)
{
// If IK is stored to metastore
if (metastoreInteractions.ShouldStoreIK())
{
metastore.Verify(
x => x.Store(partition.IntermediateKeyId, It.IsAny <DateTimeOffset>(), It.IsAny <JObject>()),
Times.Once);
}
else
{
metastore.Verify(
x => x.Store(partition.IntermediateKeyId, It.IsAny <DateTimeOffset>(), It.IsAny <JObject>()),
Times.Never);
}
// If SK is stored to metastore
if (metastoreInteractions.ShouldStoreSK())
{
metastore.Verify(
x => x.Store(partition.SystemKeyId, It.IsAny <DateTimeOffset>(), It.IsAny <JObject>()),
Times.Once);
}
else
{
metastore.Verify(
x => x.Store(partition.SystemKeyId, It.IsAny <DateTimeOffset>(), It.IsAny <JObject>()),
Times.Never);
}
// If neither IK nor SK is stored
if (!metastoreInteractions.ShouldStoreIK() && !metastoreInteractions.ShouldStoreSK())
{
metastore.Verify(
x => x.Store(It.IsAny <string>(), It.IsAny <DateTimeOffset>(), It.IsAny <JObject>()),
Times.Never);
}
// NOTE: We do not read IK from the metastore in case of Encrypt
// If SK is loaded from metastore
if (metastoreInteractions.ShouldLoadSK())
{
metastore.Verify(
x => x.Load(partition.SystemKeyId, It.IsAny <DateTimeOffset>()),
Times.Once);
}
else
{
metastore.Verify(
x => x.Load(It.IsAny <string>(), It.IsAny <DateTimeOffset>()),
Times.Never);
}
// If latest IK is loaded from metastore
if (metastoreInteractions.ShouldLoadLatestIK())
{
metastore.Verify(x => x.LoadLatest(partition.IntermediateKeyId), Times.Once);
}
else
{
metastore.Verify(x => x.LoadLatest(partition.IntermediateKeyId), Times.Never);
}
// If latest SK is loaded from metastore
if (metastoreInteractions.ShouldLoadLatestSK())
{
metastore.Verify(x => x.LoadLatest(partition.SystemKeyId), Times.Once);
}
else
{
metastore.Verify(x => x.LoadLatest(partition.SystemKeyId), Times.Never);
}
// If neither latest IK or SK is loaded from metastore
if (!metastoreInteractions.ShouldLoadLatestSK() && !metastoreInteractions.ShouldLoadLatestIK())
{
metastore.Verify(
x => x.LoadLatest(It.IsAny <string>()),
Times.Never);
}
}
