public async Task EncryptionUTCreateItem() { Container container = this.GetContainerWithMockSetup(); MyItem item = await EncryptionUnitTests.CreateItemAsync(container, EncryptionUnitTests.DekId, MyItem.PathsToEncrypt); // Validate server state Assert.IsTrue(this.testHandler.Items.TryGetValue(item.Id, out JObject serverItem)); Assert.IsNotNull(serverItem); Assert.AreEqual(item.Id, serverItem.Property(Constants.Properties.Id).Value.Value <string>()); Assert.AreEqual(item.PK, serverItem.Property(nameof(MyItem.PK)).Value.Value <string>()); Assert.IsNull(serverItem.Property(nameof(MyItem.EncStr1))); Assert.IsNull(serverItem.Property(nameof(MyItem.EncInt))); JProperty eiJProp = serverItem.Property(Constants.Properties.EncryptedInfo); Assert.IsNotNull(eiJProp); Assert.IsNotNull(eiJProp.Value); Assert.AreEqual(JTokenType.Object, eiJProp.Value.Type); EncryptionProperties encryptionPropertiesAtServer = ((JObject)eiJProp.Value).ToObject <EncryptionProperties>(); Assert.IsNotNull(encryptionPropertiesAtServer); Assert.AreEqual(EncryptionUnitTests.DekId, encryptionPropertiesAtServer.DataEncryptionKeyId); Assert.AreEqual(2, encryptionPropertiesAtServer.EncryptionFormatVersion); Assert.IsNotNull(encryptionPropertiesAtServer.EncryptedData); JObject decryptedJObj = EncryptionUnitTests.ParseStream(new MemoryStream(EncryptionUnitTests.DecryptData(encryptionPropertiesAtServer.EncryptedData))); Assert.AreEqual(2, decryptedJObj.Properties().Count()); Assert.AreEqual(item.EncStr1, decryptedJObj.Property(nameof(MyItem.EncStr1)).Value.Value <string>()); Assert.AreEqual(item.EncInt, decryptedJObj.Property(nameof(MyItem.EncInt)).Value.Value <int>()); }
public async Task EncryptionUTCreateItemWithUnknownDek() { Container container = this.GetContainerWithMockSetup(); MyItem item = EncryptionUnitTests.GetNewItem(); try { await container.CreateItemAsync( item, new Cosmos.PartitionKey(item.PK), new ItemRequestOptions { EncryptionOptions = new EncryptionOptions { DataEncryptionKeyId = "random", EncryptionAlgorithm = EncryptionUnitTests.Algo, PathsToEncrypt = MyItem.PathsToEncrypt } }); Assert.Fail("Expected CreateItemAsync with unknown data encryption key to fail"); } catch (Exception) { // todo: Should we expose a exception class in the contract too } }
public async Task EncryptionUTReadItem() { Container container = this.GetContainerWithMockSetup(); MyItem item = await EncryptionUnitTests.CreateItemAsync(container, EncryptionUnitTests.DekId, MyItem.PathsToEncrypt); ItemResponse <MyItem> readResponse = await container.ReadItemAsync <MyItem>(item.Id, new Cosmos.PartitionKey(item.PK)); Assert.AreEqual(item, readResponse.Resource); }
private static async Task <MyItem> CreateItemAsync(Container container, string dekId, List <string> pathsToEncrypt) { MyItem item = EncryptionUnitTests.GetNewItem(); ItemResponse <MyItem> response = await container.CreateItemAsync <MyItem>( item, requestOptions : new ItemRequestOptions { EncryptionOptions = new EncryptionOptions { DataEncryptionKeyId = dekId, EncryptionAlgorithm = EncryptionUnitTests.Algo, PathsToEncrypt = pathsToEncrypt } }); Assert.AreEqual(HttpStatusCode.Created, response.StatusCode); Assert.AreEqual(item, response.Resource); return(item); }
public override async Task <ResponseMessage> SendAsync( RequestMessage request, CancellationToken cancellationToken) { // We clone the request message as the Content is disposed before we can use it in the test assertions later. this.Received.Add(EncryptionTestHandler.CloneRequestMessage(request)); if (this.func != null) { return(await this.func(request)); } HttpStatusCode httpStatusCode = HttpStatusCode.InternalServerError; if (request.ResourceType == ResourceType.Document) { JObject item = null; if (request.OperationType == OperationType.Create) { item = EncryptionUnitTests.ParseStream(request.Content); string itemId = item.Property("id").Value.Value <string>(); httpStatusCode = HttpStatusCode.Created; if (!this.Items.TryAdd(itemId, item)) { httpStatusCode = HttpStatusCode.Conflict; } } else if (request.OperationType == OperationType.Read) { string itemId = EncryptionTestHandler.ParseItemUri(request.RequestUri); httpStatusCode = HttpStatusCode.OK; if (!this.Items.TryGetValue(itemId, out item)) { httpStatusCode = HttpStatusCode.NotFound; } } else if (request.OperationType == OperationType.Replace) { string itemId = EncryptionTestHandler.ParseItemUri(request.RequestUri); item = EncryptionUnitTests.ParseStream(request.Content); httpStatusCode = HttpStatusCode.OK; if (!this.Items.TryGetValue(itemId, out JObject existingItem)) { httpStatusCode = HttpStatusCode.NotFound; } if (!this.Items.TryUpdate(itemId, item, existingItem)) { throw new InvalidOperationException("Concurrency not handled in tests."); } } else if (request.OperationType == OperationType.Delete) { string itemId = EncryptionTestHandler.ParseItemUri(request.RequestUri); httpStatusCode = HttpStatusCode.NoContent; if (!this.Items.TryRemove(itemId, out _)) { httpStatusCode = HttpStatusCode.NotFound; } } ResponseMessage responseMessage = new ResponseMessage(httpStatusCode, request) { Content = item != null?this.serializer.ToStream(item) : null, }; responseMessage.Headers.RequestCharge = EncryptionUnitTests.requestCharge; return(responseMessage); } return(new ResponseMessage(httpStatusCode, request)); }
private Container GetContainerWithMockSetup(EncryptionTestHandler encryptionTestHandler = null) { this.testHandler = encryptionTestHandler ?? new EncryptionTestHandler(); this.mockEncryptor = new Mock <Encryptor>(); this.mockEncryptor.Setup(m => m.EncryptAsync(It.IsAny <byte[]>(), It.IsAny <string>(), It.IsAny <string>(), It.IsAny <CancellationToken>())) .ReturnsAsync((byte[] plainText, string dekId, string algo, CancellationToken t) => EncryptionUnitTests.EncryptData(plainText)); this.mockEncryptor.Setup(m => m.DecryptAsync(It.IsAny <byte[]>(), It.IsAny <string>(), It.IsAny <string>(), It.IsAny <CancellationToken>())) .ReturnsAsync((byte[] cipherText, string dekId, string algo, CancellationToken t) => EncryptionUnitTests.DecryptData(cipherText)); CosmosClient client = MockCosmosUtil.CreateMockCosmosClient((builder) => builder .AddCustomHandlers(this.testHandler) .WithEncryptor(this.mockEncryptor.Object)); DatabaseCore database = new DatabaseCore(client.ClientContext, EncryptionUnitTests.DatabaseId); return(new ContainerInlineCore(new ContainerCore(client.ClientContext, database, EncryptionUnitTests.ContainerId))); }