public async Task InvalidPathToEncrypt()
{
TestDoc testDoc = TestDoc.Create();
List <EncryptionOptions> propertyEncryptionOptionsWithInvalidPath = new List <EncryptionOptions>();
propertyEncryptionOptionsWithInvalidPath.Add(
new EncryptionOptions()
{
DataEncryptionKeyId = PropertyEncryptionProcessorTests.pdekId,
EncryptionAlgorithm = CosmosEncryptionAlgorithm.AEAD_AES_256_CBC_HMAC_SHA256,
PathsToEncrypt = new List <string>()
{
"/Name", "/Invalid"
}
});
try
{
await PropertyEncryptionProcessor.EncryptAsync(
testDoc.ToStream(),
PropertyEncryptionProcessorTests.mockEncryptor.Object,
propertyEncryptionOptionsWithInvalidPath,
new CosmosDiagnosticsContext(),
CancellationToken.None);
Assert.Fail("Invalid path to encrypt didn't result in exception.");
}
catch (ArgumentException ex)
{
Assert.AreEqual("PathsToEncrypt includes a path: '/Invalid' which was not found.", ex.Message);
}
}
public async Task EncryptDecryptPropertyWithNullValue()
{
TestDoc testDoc = TestDoc.Create();
JObject encryptedDoc = await PropertyEncryptionProcessorTests.VerifyEncryptionSucceeded(testDoc);
JObject decryptedDoc = await PropertyEncryptionProcessor.DecryptAsync(
encryptedDoc,
PropertyEncryptionProcessorTests.mockEncryptor.Object,
new CosmosDiagnosticsContext(),
PathsToEncrypt,
CancellationToken.None);
PropertyEncryptionProcessorTests.VerifyDecryptionSucceeded(
decryptedDoc,
testDoc);
}
private static async Task <JObject> VerifyEncryptionSucceeded(TestDoc testDoc)
{
Stream encryptedStream = await PropertyEncryptionProcessor.EncryptAsync(
testDoc.ToStream(),
PropertyEncryptionProcessorTests.mockEncryptor.Object,
PropertyEncryptionProcessorTests.propertyEncryptionOptions,
new CosmosDiagnosticsContext(),
CancellationToken.None);
JObject encryptedDoc = PropertyEncryptionProcessor.BaseSerializer.FromStream <JObject>(encryptedStream);
Assert.AreEqual(testDoc.Id, encryptedDoc.Property("id").Value.Value <string>());
Assert.AreEqual(testDoc.PK, encryptedDoc.Property(nameof(TestDoc.PK)).Value.Value <string>());
Assert.AreEqual(testDoc.SSN, encryptedDoc.Property(nameof(TestDoc.SSN)).Value.Value <int>());
Assert.AreNotEqual(testDoc.Name, encryptedDoc.Property(nameof(TestDoc.Name)).Value.Value <string>());
JProperty encrProp = encryptedDoc.Property(nameof(TestDoc.Name));//.Value.Value<string>();
Assert.IsNotNull(encrProp);
Assert.IsNotNull(encrProp.Value.Value <string>());
return(encryptedDoc);
}
public async Task ValidateDecryptStream()
{
TestDoc testDoc = TestDoc.Create();
Stream encryptedStream = await PropertyEncryptionProcessor.EncryptAsync(
testDoc.ToStream(),
PropertyEncryptionProcessorTests.mockEncryptor.Object,
PropertyEncryptionProcessorTests.propertyEncryptionOptions,
new CosmosDiagnosticsContext(),
CancellationToken.None);
Stream decryptedStream = await PropertyEncryptionProcessor.DecryptAsync(
encryptedStream,
PropertyEncryptionProcessorTests.mockEncryptor.Object,
new CosmosDiagnosticsContext(),
PropertyEncryptionProcessorTests.PathsToEncrypt,
CancellationToken.None);
JObject decryptedDoc = PropertyEncryptionProcessor.BaseSerializer.FromStream <JObject>(decryptedStream);
PropertyEncryptionProcessorTests.VerifyDecryptionSucceeded(
decryptedDoc,
testDoc);
}