public async Task ValidateEncryptDecrypt()
{
byte[] plainText = TestCommon.GenerateRandomByteArray();
byte[] cipherText = await CosmosEncryptorTests.cosmosEncryptor.EncryptAsync(
plainText,
CosmosEncryptorTests.dekId,
CosmosEncryptionAlgorithm.AEAes256CbcHmacSha256Randomized);
CosmosEncryptorTests.mockDataEncryptionKey.Verify(
m => m.EncryptData(plainText),
Times.Once);
byte[] decryptedText = await CosmosEncryptorTests.cosmosEncryptor.DecryptAsync(
cipherText,
CosmosEncryptorTests.dekId,
CosmosEncryptionAlgorithm.AEAes256CbcHmacSha256Randomized);
CosmosEncryptorTests.mockDataEncryptionKey.Verify(
m => m.DecryptData(cipherText),
Times.Once);
CosmosEncryptorTests.mockDataEncryptionKeyProvider.Verify(
m => m.FetchDataEncryptionKeyAsync(
CosmosEncryptorTests.dekId,
CosmosEncryptionAlgorithm.AEAes256CbcHmacSha256Randomized,
It.IsAny <CancellationToken>()), Times.Exactly(2));
Assert.IsTrue(plainText.SequenceEqual(decryptedText));
}
public async Task EncryptWithUnknownDek()
{
try
{
await CosmosEncryptorTests.cosmosEncryptor.EncryptAsync(
TestCommon.GenerateRandomByteArray(),
"unknownDek",
CosmosEncryptionAlgorithm.AEAes256CbcHmacSha256Randomized);
Assert.Fail("Encryption shoudn't have succeeded with uninitialized DEK.");
}
catch (InvalidOperationException ex)
{
Assert.AreEqual("Null DataEncryptionKey returned from FetchDataEncryptionKeyAsync.", ex.Message);
}
}