private static async Task <DecryptionContext> MdeEncAlgoDecryptObjectAsync(
JObject document,
Encryptor encryptor,
EncryptionProperties encryptionProperties,
CosmosDiagnosticsContext diagnosticsContext,
CancellationToken cancellationToken)
{
JObject plainTextJObj = new JObject();
foreach (string path in encryptionProperties.EncryptedPaths)
{
string propertyName = path.Substring(1);
if (!document.TryGetValue(propertyName, out JToken propertyValue))
{
throw new InvalidOperationException($"{nameof(encryptionProperties.EncryptedPaths)} includes a path: '{path}' which was not found.");
}
byte[] cipherTextWithTypeMarker = propertyValue.ToObject <byte[]>();
if (cipherTextWithTypeMarker == null)
{
continue;
}
byte[] cipherText = new byte[cipherTextWithTypeMarker.Length - 1];
Buffer.BlockCopy(cipherTextWithTypeMarker, 1, cipherText, 0, cipherTextWithTypeMarker.Length - 1);
byte[] plainText = await EncryptionProcessor.MdeEncAlgoDecryptPropertyAsync(
encryptionProperties,
cipherText,
encryptor,
diagnosticsContext,
cancellationToken);
EncryptionProcessor.DeserializeAndAddProperty(
(TypeMarker)cipherTextWithTypeMarker[0],
plainText,
plainTextJObj,
propertyName);
}
List <string> pathsDecrypted = new List <string>();
foreach (JProperty property in plainTextJObj.Properties())
{
document[property.Name] = property.Value;
pathsDecrypted.Add("/" + property.Name);
}
DecryptionContext decryptionContext = EncryptionProcessor.CreateDecryptionContext(
pathsDecrypted,
encryptionProperties.DataEncryptionKeyId);
document.Remove(Constants.EncryptedInfo);
return(decryptionContext);
}
private static async Task <DecryptionContext> LegacyEncAlgoDecryptContentAsync(
JObject document,
EncryptionProperties encryptionProperties,
Encryptor encryptor,
CosmosDiagnosticsContext diagnosticsContext,
CancellationToken cancellationToken)
{
if (encryptionProperties.EncryptionFormatVersion != 2)
{
throw new NotSupportedException($"Unknown encryption format version: {encryptionProperties.EncryptionFormatVersion}. Please upgrade your SDK to the latest version.");
}
byte[] plainText = await encryptor.DecryptAsync(
encryptionProperties.EncryptedData,
encryptionProperties.DataEncryptionKeyId,
encryptionProperties.EncryptionAlgorithm,
cancellationToken);
if (plainText == null)
{
throw new InvalidOperationException($"{nameof(Encryptor)} returned null plainText from {nameof(DecryptAsync)}.");
}
JObject plainTextJObj;
using (MemoryStream memoryStream = new MemoryStream(plainText))
using (StreamReader streamReader = new StreamReader(memoryStream))
using (JsonTextReader jsonTextReader = new JsonTextReader(streamReader))
{
plainTextJObj = JObject.Load(jsonTextReader);
}
List <string> pathsDecrypted = new List <string>();
foreach (JProperty property in plainTextJObj.Properties())
{
document.Add(property.Name, property.Value);
pathsDecrypted.Add("/" + property.Name);
}
DecryptionContext decryptionContext = EncryptionProcessor.CreateDecryptionContext(
pathsDecrypted,
encryptionProperties.DataEncryptionKeyId);
document.Remove(Constants.EncryptedInfo);
return(decryptionContext);
}
