Client Encryption: Adds integration with latest CosmosDb package 3.19…

….0-preview1 and check for Client Encryption Policy format version. (Azure#2475)

This PR integrates the encryption package with the latest CosmosDb preview package and adds a check for Client Encryption
Policy format version.

Directory.Build.props

@@ -5,7 +5,7 @@
 		<ClientPreviewVersion>3.19.0</ClientPreviewVersion>
 		<ClientPreviewSuffixVersion>preview1</ClientPreviewSuffixVersion>
 		<DirectVersion>3.19.1</DirectVersion>
-		<EncryptionVersion>1.0.0-previewV14</EncryptionVersion>
+		<EncryptionVersion>1.0.0-previewV15</EncryptionVersion>
 		<HybridRowVersion>1.1.0-preview3</HybridRowVersion>
 		<AboveDirBuildProps>$([MSBuild]::GetPathOfFileAbove('Directory.Build.props', '$(MSBuildThisFileDirectory)../'))</AboveDirBuildProps>
 		<DefineConstants Condition=" '$(IsNightly)' == 'true' or '$(IsPreview)' == 'true' ">$(DefineConstants);PREVIEW</DefineConstants>

Microsoft.Azure.Cosmos.Encryption/changelog.md

@@ -3,10 +3,24 @@ Preview features are treated as a separate branch and will not be included in th
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+### <a name="1.0.0-previewV15"/> [1.0.0-previewV15](https://www.nuget.org/packages/Microsoft.Azure.Cosmos.Encryption/1.0.0-previewV15) - 2021-05-18
+
+#### Added 
+- [#2475](https://github.com/Azure/azure-cosmos-dotnet-v3/pull/2475) Adds integration with latest CosmosDb Preview Package - 3.19.0-preview1 and check for Client Encryption Policy format version.
+- [#2449](https://github.com/Azure/azure-cosmos-dotnet-v3/pull/2449) Adds validation that partition key paths are not encrypted.
+- [#2452](https://github.com/Azure/azure-cosmos-dotnet-v3/pull/2452) Adds the implementation for new ChangeFeed APIs.
+- [#2448](https://github.com/Azure/azure-cosmos-dotnet-v3/pull/2448) Adds client encryption support for patch.
+- [#2453](https://github.com/Azure/azure-cosmos-dotnet-v3/pull/2453) Removes Plaintext encryption type support.
+
+#### Fixes 
+- [#2445](https://github.com/Azure/azure-cosmos-dotnet-v3/pull/2445) Fixes query support on encrypted parameters and fixes samples.
+- [#2403](https://github.com/Azure/azure-cosmos-dotnet-v3/pull/2403) Fixes issue with clients using incorrect/stale Encryption Policy or Encryption Keys from the cache.
+
 ### <a name="1.0.0-previewV14"/> [1.0.0-previewV14](https://www.nuget.org/packages/Microsoft.Azure.Cosmos.Encryption/1.0.0-previewV14) - 2021-04-28
 
 #### Added 
 - [#2433](https://github.com/Azure/azure-cosmos-dotnet-v3/pull/2433) Adds integration with latest CosmosDb Preview Package - 3.19.0-preview.
+- [#2372](https://github.com/Azure/azure-cosmos-dotnet-v3/pull/2372) Adds decryption support for ChangeFeed Processor.
 
 ### <a name="1.0.0-previewV13"/> [1.0.0-previewV13](https://www.nuget.org/packages/Microsoft.Azure.Cosmos.Encryption/1.0.0-previewV13) - 2021-03-26
 

Microsoft.Azure.Cosmos.Encryption/src/Constants.cs

@@ -9,5 +9,6 @@ internal static class Constants
         public const string DocumentsResourcePropertyName = "Documents";
         public const string SubStatusHeader = "x-ms-substatus";
         public const string IncorrectContainerRidSubStatus = "1024";
+        public const int SupportedClientEncryptionPolicyFormatVersion = 1;
     }
 }

Microsoft.Azure.Cosmos.Encryption/src/EncryptionSettings.cs

@@ -86,6 +86,12 @@ private static async Task<EncryptionSettings> InitializeEncryptionSettingsAsync(
 
             if (clientEncryptionPolicy != null)
             {
+                if (clientEncryptionPolicy.PolicyFormatVersion > Constants.SupportedClientEncryptionPolicyFormatVersion)
+                {
+                    throw new InvalidOperationException("This version of Microsoft.Azure.Cosmos.Encryption cannot be used with this container." +
+                        " Please upgrade to the latest version of the same. Please refer to https://aka.ms/CosmosClientEncryption for more details. ");
+                }
+
                 // for each of the unique keys in the policy Add it in /Update the cache.
                 foreach (string clientEncryptionKeyId in clientEncryptionPolicy.IncludedPaths.Select(x => x.ClientEncryptionKeyId).Distinct())
                 {

Microsoft.Azure.Cosmos.Encryption/src/Microsoft.Azure.Cosmos.Encryption.csproj

@@ -25,7 +25,7 @@
   </ItemGroup>
 
 	<ItemGroup Condition=" '$(SdkProjectRef)' != 'True' ">
-		<PackageReference Include="Microsoft.Azure.Cosmos" Version="3.19.0-preview" />
+		<PackageReference Include="Microsoft.Azure.Cosmos" Version="3.19.0-preview1" />
 	</ItemGroup>
 
 	<ItemGroup Condition=" '$(SdkProjectRef)' == 'True' ">

Microsoft.Azure.Cosmos.Encryption/tests/EmulatorTests/MdeEncryptionTests.cs

@@ -835,15 +835,12 @@ public async Task EncryptionRestrictedProperties()
 
             ContainerProperties containerProperties = new ContainerProperties(Guid.NewGuid().ToString(), "/PK") { ClientEncryptionPolicy = clientEncryptionPolicyPk };
 
-            Container encryptionContainer = await database.CreateContainerAsync(containerProperties, 400);
-            await encryptionContainer.InitializeEncryptionAsync();
-
             try
             {
-                await MdeEncryptionTests.MdeCreateItemAsync(encryptionContainer);
-                Assert.Fail("Expected item creation with PK specified to be encrypted to fail.");
+                Container encryptionContainer = await database.CreateContainerAsync(containerProperties, 400);
+                Assert.Fail("CreateContainerAsync operation with PK specified to be encrypted should have failed. ");
             }
-            catch (CosmosException ex) when (ex.StatusCode == HttpStatusCode.BadRequest)
+            catch (ArgumentException)
             {
             }