[Client Encryption]: Removes Plaintext encryption type support. (#2453)

The PR removes the support for Plaintext encryption type.
Azure · May 13, 2021 · a0a646c · a0a646c
1 parent 33e6d9e
commit a0a646c
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 12 deletions.
diff --git a/Microsoft.Azure.Cosmos.Encryption/src/CosmosEncryptionType.cs b/Microsoft.Azure.Cosmos.Encryption/src/CosmosEncryptionType.cs
@@ -9,11 +9,6 @@ namespace Microsoft.Azure.Cosmos.Encryption
     /// </summary>
     internal static class CosmosEncryptionType
     {
-        /// <summary>
-        ///  Plaintext, unencrypted data.
-        /// </summary>
-        public const string Plaintext = "Plaintext";
-
         /// <summary>
         /// Deterministic encryption always generates the same encrypted value for any given plain text value.
         /// </summary>

diff --git a/Microsoft.Azure.Cosmos.Encryption/src/EncryptionSettings.cs b/Microsoft.Azure.Cosmos.Encryption/src/EncryptionSettings.cs
@@ -60,7 +60,6 @@ private static EncryptionType GetEncryptionTypeForProperty(ClientEncryptionInclu
             {
                 CosmosEncryptionType.Deterministic => EncryptionType.Deterministic,
                 CosmosEncryptionType.Randomized => EncryptionType.Randomized,
-                CosmosEncryptionType.Plaintext => EncryptionType.Plaintext,
                 _ => throw new ArgumentException($"Invalid encryption type {clientEncryptionIncludedPath.EncryptionType}. Please refer to https://aka.ms/CosmosClientEncryption for more details. "),
             };
         }

diff --git a/Microsoft.Azure.Cosmos/src/Resource/Settings/ClientEncryptionPolicy.cs b/Microsoft.Azure.Cosmos/src/Resource/Settings/ClientEncryptionPolicy.cs
@@ -86,10 +86,9 @@ private void ValidateClientEncryptionIncludedPath(ClientEncryptionIncludedPath c
             }
 
             if (!string.Equals(clientEncryptionIncludedPath.EncryptionType, "Deterministic") &&
-                !string.Equals(clientEncryptionIncludedPath.EncryptionType, "Randomized") &&
-                !string.Equals(clientEncryptionIncludedPath.EncryptionType, "Plaintext"))
+                !string.Equals(clientEncryptionIncludedPath.EncryptionType, "Randomized"))
             {
-                throw new ArgumentException("EncryptionType should be either 'Deterministic' or 'Randomized' or 'Plaintext'.", nameof(clientEncryptionIncludedPath));
+                throw new ArgumentException("EncryptionType should be either 'Deterministic' or 'Randomized'. ", nameof(clientEncryptionIncludedPath));
             }
 
             if (string.IsNullOrWhiteSpace(clientEncryptionIncludedPath.EncryptionAlgorithm))
@@ -99,7 +98,7 @@ private void ValidateClientEncryptionIncludedPath(ClientEncryptionIncludedPath c
 
             if (!string.Equals(clientEncryptionIncludedPath.EncryptionAlgorithm, "AEAD_AES_256_CBC_HMAC_SHA256"))
             {
-                throw new ArgumentException("EncryptionAlgorithm should be 'AEAD_AES_256_CBC_HMAC_SHA256'.", nameof(clientEncryptionIncludedPath));
+                throw new ArgumentException("EncryptionAlgorithm should be 'AEAD_AES_256_CBC_HMAC_SHA256'. ", nameof(clientEncryptionIncludedPath));
             }
         }
     }

diff --git a/....Azure.Cosmos/tests/Microsoft.Azure.Cosmos.EmulatorTests/Fluent/ContainerSettingsTests.cs b/....Azure.Cosmos/tests/Microsoft.Azure.Cosmos.EmulatorTests/Fluent/ContainerSettingsTests.cs
@@ -699,7 +699,25 @@ public async Task WithClientEncryptionPolicyFailureTest()
             }
             catch (ArgumentException ex)
             {
-                Assert.IsTrue(ex.Message.Contains("EncryptionType should be either 'Deterministic' or 'Randomized' or 'Plaintext'."));
+                Assert.IsTrue(ex.Message.Contains("EncryptionType should be either 'Deterministic' or 'Randomized'. "));
+            }
+
+            path1.EncryptionType = "Plaintext";
+
+            // Invalid EncryptionType
+            try
+            {
+                ContainerResponse containerResponse = await this.database.DefineContainer(containerName, partitionKeyPath)
+                    .WithClientEncryptionPolicy()
+                        .WithIncludedPath(path1)
+                        .Attach()
+                    .CreateAsync();
+
+                Assert.Fail("CreateCollection with invalid ClientEncryptionPolicy should have failed.");
+            }
+            catch (ArgumentException ex)
+            {
+                Assert.IsTrue(ex.Message.Contains("EncryptionType should be either 'Deterministic' or 'Randomized'. "));
             }
 
             path1.EncryptionType = "Deterministic";
@@ -717,7 +735,7 @@ public async Task WithClientEncryptionPolicyFailureTest()
             }
             catch (ArgumentException ex)
             {
-                Assert.IsTrue(ex.Message.Contains("EncryptionAlgorithm should be 'AEAD_AES_256_CBC_HMAC_SHA256'."));
+                Assert.IsTrue(ex.Message.Contains("EncryptionAlgorithm should be 'AEAD_AES_256_CBC_HMAC_SHA256'. "));
             }
         }