Client Encryption : Adds support to expose Type in EncryptionKeyWrapMetadata constructor.

Microsoft.Azure.Cosmos/src/Resource/ClientEncryptionKey/EncryptionKeyWrapMetadata.cs

@@ -25,20 +25,12 @@ private EncryptionKeyWrapMetadata()
 
         /// <summary>
         /// Creates a new instance of key wrap metadata.
-        /// </summary>
+        /// </summary> 
+        /// <param name="type">ProviderName of KeyStoreProvider.</param>
         /// <param name="name">Name of the metadata.</param>
         /// <param name="value">Value of the metadata.</param>
-        public EncryptionKeyWrapMetadata(string name, string value)
-            : this(type: "custom", name: name, value: value)
-        {
-        }
-
-        /// <summary>
-        /// Creates a new instance of key wrap metadata based on an existing instance.
-        /// </summary>
-        /// <param name="source">Existing instance from which to initialize.</param>
-        public EncryptionKeyWrapMetadata(EncryptionKeyWrapMetadata source)
-            : this(source?.Type, source?.Name, source?.Value, source?.Algorithm)
+        public EncryptionKeyWrapMetadata(string type, string name, string value)
+            : this(type: type, name: name, value: value, algorithm: null)
         {
         }
 
@@ -50,6 +42,15 @@ internal EncryptionKeyWrapMetadata(string type, string name, string value, strin
             this.Algorithm = algorithm;
         }
 
+        /// <summary>
+        /// Creates a new instance of key wrap metadata based on an existing instance.
+        /// </summary>
+        /// <param name="source">Existing instance from which to initialize.</param>
+        public EncryptionKeyWrapMetadata(EncryptionKeyWrapMetadata source)
+            : this(source?.Type, source?.Name, source?.Value, source?.Algorithm)
+        {
+        }  
+
         [JsonProperty(PropertyName = "type", NullValueHandling = NullValueHandling.Ignore)]
         internal string Type { get; private set; }
 

Microsoft.Azure.Cosmos/src/Resource/Settings/ClientEncryptionPolicy.cs

@@ -86,9 +86,10 @@ private void ValidateClientEncryptionIncludedPath(ClientEncryptionIncludedPath c
             }
 
             if (!string.Equals(clientEncryptionIncludedPath.EncryptionType, "Deterministic") &&
-                !string.Equals(clientEncryptionIncludedPath.EncryptionType, "Randomized"))
+                !string.Equals(clientEncryptionIncludedPath.EncryptionType, "Randomized") &&
+                !string.Equals(clientEncryptionIncludedPath.EncryptionType, "Plaintext"))
             {
-                throw new ArgumentException("EncryptionType should be either 'Deterministic' or 'Randomized'.", nameof(clientEncryptionIncludedPath));
+                throw new ArgumentException("EncryptionType should be either 'Deterministic' or 'Randomized' or 'Plaintext'.", nameof(clientEncryptionIncludedPath));
             }
 
             if (string.IsNullOrWhiteSpace(clientEncryptionIncludedPath.EncryptionAlgorithm))

Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.EmulatorTests/CosmosDatabaseTests.cs

@@ -416,7 +416,7 @@ public async Task EncryptionCreateReplaceCek()
             Assert.IsNotNull(cekProperties.ResourceId);
 
             Assert.AreEqual(
-                new EncryptionKeyWrapMetadata("metadataName", "metadataValue"),
+                new EncryptionKeyWrapMetadata("custom", "metadataName", "metadataValue"),
                 cekProperties.EncryptionKeyWrapMetadata);
 
             // Use a different client instance to avoid (unintentional) cache impact
@@ -433,7 +433,7 @@ public async Task EncryptionCreateReplaceCek()
             Assert.IsNotNull(cekProperties.ResourceId);
 
             Assert.AreEqual(
-                new EncryptionKeyWrapMetadata("metadataName", "updatedMetadataValue"),
+                new EncryptionKeyWrapMetadata("custom", "metadataName", "updatedMetadataValue"),
                 cekProperties.EncryptionKeyWrapMetadata);
 
             // Use a different client instance to avoid (unintentional) cache impact
@@ -454,7 +454,7 @@ private static async Task<ClientEncryptionKeyProperties> CreateCekAsync(Database
                 rngCsp.GetBytes(rawCek);
             }
 
-            ClientEncryptionKeyProperties cekProperties = new ClientEncryptionKeyProperties(cekId, "AEAD_AES_256_CBC_HMAC_SHA256", rawCek, new EncryptionKeyWrapMetadata("metadataName", "metadataValue"));
+            ClientEncryptionKeyProperties cekProperties = new ClientEncryptionKeyProperties(cekId, "AEAD_AES_256_CBC_HMAC_SHA256", rawCek, new EncryptionKeyWrapMetadata("custom", "metadataName", "metadataValue"));
 
             ClientEncryptionKeyResponse cekResponse = await databaseCore.CreateClientEncryptionKeyAsync(cekProperties);
 
@@ -482,7 +482,7 @@ private static async Task<ClientEncryptionKeyProperties> ReplaceCekAsync(Databas
                 rngCsp.GetBytes(rawCek);
             }
 
-            ClientEncryptionKeyProperties cekProperties = new ClientEncryptionKeyProperties(cekId, "AEAD_AES_256_CBC_HMAC_SHA256", rawCek, new EncryptionKeyWrapMetadata("metadataName", "updatedMetadataValue"));
+            ClientEncryptionKeyProperties cekProperties = new ClientEncryptionKeyProperties(cekId, "AEAD_AES_256_CBC_HMAC_SHA256", rawCek, new EncryptionKeyWrapMetadata("custom", "metadataName", "updatedMetadataValue"));
 
             ClientEncryptionKeyResponse cekResponse = await cek.ReplaceAsync(cekProperties);
             Assert.AreEqual(HttpStatusCode.OK, cekResponse.StatusCode);
@@ -513,7 +513,7 @@ public async Task VerifyCekFeedIterator()
                 rngCsp.GetBytes(rawCek1);
             }
 
-            ClientEncryptionKeyProperties cekProperties = new ClientEncryptionKeyProperties(cekId, "AEAD_AES_256_CBC_HMAC_SHA256", rawCek1, new EncryptionKeyWrapMetadata("metadataName", "metadataValue"));
+            ClientEncryptionKeyProperties cekProperties = new ClientEncryptionKeyProperties(cekId, "AEAD_AES_256_CBC_HMAC_SHA256", rawCek1, new EncryptionKeyWrapMetadata("custom", "metadataName", "metadataValue"));
 
             ClientEncryptionKeyResponse cekResponse = await databaseCore.CreateClientEncryptionKeyAsync(cekProperties);
 
@@ -528,7 +528,7 @@ public async Task VerifyCekFeedIterator()
                 rngCsp.GetBytes(rawCek2);
             }
 
-            cekProperties = new ClientEncryptionKeyProperties(cekId, "AEAD_AES_256_CBC_HMAC_SHA256", rawCek2, new EncryptionKeyWrapMetadata("metadataName", "metadataValue"));
+            cekProperties = new ClientEncryptionKeyProperties(cekId, "AEAD_AES_256_CBC_HMAC_SHA256", rawCek2, new EncryptionKeyWrapMetadata("custom", "metadataName", "metadataValue"));
 
             cekResponse = await databaseCore.CreateClientEncryptionKeyAsync(cekProperties);
 
@@ -552,6 +552,7 @@ public async Task VerifyCekFeedIterator()
             {
                 readDekIds.Add(clientEncryptionKeyProperties.Id);
                 Assert.AreEqual("AEAD_AES_256_CBC_HMAC_SHA256", clientEncryptionKeyProperties.EncryptionAlgorithm);
+                Assert.AreEqual(cekProperties.EncryptionKeyWrapMetadata.Type, clientEncryptionKeyProperties.EncryptionKeyWrapMetadata.Type);
                 Assert.AreEqual(cekProperties.EncryptionKeyWrapMetadata.Name, clientEncryptionKeyProperties.EncryptionKeyWrapMetadata.Name);
                 Assert.AreEqual(cekProperties.EncryptionKeyWrapMetadata.Value, clientEncryptionKeyProperties.EncryptionKeyWrapMetadata.Value);
             }

Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.EmulatorTests/Fluent/ContainerSettingsTests.cs

@@ -677,7 +677,7 @@ public async Task WithClientEncryptionPolicyFailureTest()
             }
             catch (ArgumentException ex)
             {
-                Assert.IsTrue(ex.Message.Contains("EncryptionType should be either 'Deterministic' or 'Randomized'."));
+                Assert.IsTrue(ex.Message.Contains("EncryptionType should be either 'Deterministic' or 'Randomized' or 'Plaintext'."));
             }
 
             path1.EncryptionType = "Deterministic";

Microsoft.Azure.Cosmos/tests/Microsoft.Azure.Cosmos.Tests/Contracts/DotNetPreviewSDKAPI.json

@@ -817,10 +817,10 @@
           "Attributes": [],
           "MethodInfo": "[Void .ctor(Microsoft.Azure.Cosmos.EncryptionKeyWrapMetadata), Void .ctor(Microsoft.Azure.Cosmos.EncryptionKeyWrapMetadata)]"
         },
-        "Void .ctor(System.String, System.String)": {
+        "Void .ctor(System.String, System.String, System.String, System.String)": {
           "Type": "Constructor",
           "Attributes": [],
-          "MethodInfo": "[Void .ctor(System.String, System.String), Void .ctor(System.String, System.String)]"
+          "MethodInfo": "[Void .ctor(System.String, System.String, System.String, System.String), Void .ctor(System.String, System.String, System.String, System.String)]"
         }
       },
       "NestedTypes": {}