< Summary

Class:	Azure.Storage.Blobs.BlobClientSideDecryptor
Assembly:	Azure.Storage.Blobs
File(s):	C:\Git\azure-sdk-for-net\sdk\storage\Azure.Storage.Blobs\src\BlobClientSideDecryptor.cs
Covered lines:	0
Uncovered lines:	65
Coverable lines:	65
Total lines:	192
Line coverage:	0% (0 of 65)
Covered branches:	0
Total branches:	50
Branch coverage:	0% (0 of 50)

Metrics

Method	Cyclomatic complexity	Line coverage	Branch coverage
.ctor(...)	-	0%	100%
DecryptInternal()	-	0%	0%
TrimStreamInternal()	-	0%	0%
GetAndValidateEncryptionDataOrDefault(...)	-	0%	0%
CanIgnorePadding(...)	-	0%	0%
GetEncryptedBlobRange(...)	-	0%	0%

File(s)

C:\Git\azure-sdk-for-net\sdk\storage\Azure.Storage.Blobs\src\BlobClientSideDecryptor.cs

#	Line	Line coverage
	`1`	`// Copyright (c) Microsoft Corporation. All rights reserved.`
	`2`	`// Licensed under the MIT License.`
	`3`
	`4`	`using System.IO;`
	`5`	`using System.Threading;`
	`6`	`using System.Threading.Tasks;`
	`7`	`using Azure.Storage.Blobs.Models;`
	`8`	`using Azure.Storage.Cryptography;`
	`9`	`using Azure.Storage.Cryptography.Models;`
	`10`	`using Azure.Storage.Shared;`
	`11`	`using Metadata = System.Collections.Generic.IDictionary<string, string>;`
	`12`
	`13`	`namespace Azure.Storage.Blobs`
	`14`	`{`
	`15`	`internal class BlobClientSideDecryptor`
	`16`	`{`
	`17`	`private readonly ClientSideDecryptor _decryptor;`
	`18`
0	`19`	`public BlobClientSideDecryptor(ClientSideDecryptor decryptor)`
	`20`	`{`
0	`21`	`_decryptor = decryptor;`
0	`22`	`}`
	`23`
	`24`	`public async Task<Stream> DecryptInternal(`
	`25`	`Stream content,`
	`26`	`Metadata metadata,`
	`27`	`HttpRange originalRange,`
	`28`	`string receivedContentRange,`
	`29`	`bool async,`
	`30`	`CancellationToken cancellationToken)`
	`31`	`{`
0	`32`	`ContentRange? contentRange = string.IsNullOrWhiteSpace(receivedContentRange)`
0	`33`	`? default`
0	`34`	`: ContentRange.Parse(receivedContentRange);`
	`35`
0	`36`	`EncryptionData encryptionData = GetAndValidateEncryptionDataOrDefault(metadata);`
0	`37`	`if (encryptionData == default)`
	`38`	`{`
0	`39`	`return await TrimStreamInternal(content, originalRange, contentRange, pulledOutIV: false, async, cancell`
	`40`	`}`
	`41`
0	`42`	`bool ivInStream = originalRange.Offset >= Constants.ClientSideEncryption.EncryptionBlockSize;`
	`43`
	`44`	`// this method throws when key cannot be resolved. Blobs is intended to throw on this failure.`
0	`45`	`var plaintext = await _decryptor.DecryptInternal(`
0	`46`	`content,`
0	`47`	`encryptionData,`
0	`48`	`ivInStream,`
0	`49`	`CanIgnorePadding(contentRange),`
0	`50`	`async,`
0	`51`	`cancellationToken).ConfigureAwait(false);`
	`52`
0	`53`	`return await TrimStreamInternal(plaintext, originalRange, contentRange, ivInStream, async, cancellationToken`
0	`54`	`}`
	`55`
	`56`	`private static async Task<Stream> TrimStreamInternal(`
	`57`	`Stream stream,`
	`58`	`HttpRange originalRange,`
	`59`	`ContentRange? receivedRange,`
	`60`	`bool pulledOutIV,`
	`61`	`bool async,`
	`62`	`CancellationToken cancellationToken)`
	`63`	`{`
	`64`	`// retrim start of stream to original requested location`
	`65`	`// keeping in mind whether we already pulled the IV out of the stream as well`
0	`66`	`int gap = (int)(originalRange.Offset - (receivedRange?.Start ?? 0))`
0	`67`	`- (pulledOutIV ? Constants.ClientSideEncryption.EncryptionBlockSize : 0);`
	`68`
0	`69`	`int read = 0;`
0	`70`	`while (gap > read)`
	`71`	`{`
0	`72`	`int toRead = gap - read;`
	`73`	`// throw away initial bytes we want to trim off; stream cannot seek into future`
0	`74`	`if (async)`
	`75`	`{`
0	`76`	`read += await stream.ReadAsync(new byte[toRead], 0, toRead, cancellationToken).ConfigureAwait(false)`
	`77`	`}`
	`78`	`else`
	`79`	`{`
0	`80`	`read += stream.Read(new byte[toRead], 0, toRead);`
	`81`	`}`
	`82`	`}`
	`83`
0	`84`	`if (originalRange.Length.HasValue)`
	`85`	`{`
0	`86`	`stream = WindowStream.GetWindow(stream, originalRange.Length.Value);`
	`87`	`}`
	`88`
0	`89`	`return stream;`
0	`90`	`}`
	`91`
	`92`	`private static EncryptionData GetAndValidateEncryptionDataOrDefault(Metadata metadata)`
	`93`	`{`
0	`94`	`if (metadata == default)`
	`95`	`{`
0	`96`	`return default;`
	`97`	`}`
0	`98`	`if (!metadata.TryGetValue(Constants.ClientSideEncryption.EncryptionDataKey, out string encryptedDataString))`
	`99`	`{`
0	`100`	`return default;`
	`101`	`}`
	`102`
0	`103`	`EncryptionData encryptionData = EncryptionDataSerializer.Deserialize(encryptedDataString);`
	`104`
0	`105`	`_ = encryptionData.ContentEncryptionIV ?? throw Errors.ClientSideEncryption.MissingEncryptionMetadata(`
0	`106`	`nameof(EncryptionData.ContentEncryptionIV));`
0	`107`	`_ = encryptionData.WrappedContentKey.EncryptedKey ?? throw Errors.ClientSideEncryption.MissingEncryptionMeta`
0	`108`	`nameof(EncryptionData.WrappedContentKey.EncryptedKey));`
	`109`
0	`110`	`return encryptionData;`
	`111`	`}`
	`112`
	`113`	`/// <summary>`
	`114`	`/// Gets whether to ignore padding options for decryption.`
	`115`	`/// </summary>`
	`116`	`/// <param name="contentRange">Downloaded content range.</param>`
	`117`	`/// <returns>True if we should ignore padding.</returns>`
	`118`	`/// <remarks>`
	`119`	`/// If the last cipher block of the blob was returned, we need the padding. Otherwise, we can ignore it.`
	`120`	`/// </remarks>`
	`121`	`private static bool CanIgnorePadding(ContentRange? contentRange)`
	`122`	`{`
	`123`	`// if Content-Range not present, we requested the whole blob`
0	`124`	`if (contentRange == null)`
	`125`	`{`
0	`126`	`return false;`
	`127`	`}`
	`128`
	`129`	`// if range is wildcard, we requested the whole blob`
0	`130`	`if (!contentRange.Value.End.HasValue)`
	`131`	`{`
0	`132`	`return false;`
	`133`	`}`
	`134`
	`135`	`// blob storage will always return ContentRange.Size`
	`136`	`// we don't have to worry about the impossible decision of what to do if it doesn't`
	`137`
	`138`	`// did we request the last block?`
	`139`	`// end is inclusive/0-index, so end = n and size = n+1 means we requested the last block`
0	`140`	`if (contentRange.Value.Size - contentRange.Value.End == 1)`
	`141`	`{`
0	`142`	`return false;`
	`143`	`}`
	`144`
0	`145`	`return true;`
	`146`	`}`
	`147`
	`148`	`internal static HttpRange GetEncryptedBlobRange(HttpRange originalRange)`
	`149`	`{`
0	`150`	`int offsetAdjustment = 0;`
0	`151`	`long? adjustedDownloadCount = originalRange.Length;`
	`152`
	`153`	`// Calculate offsetAdjustment.`
0	`154`	`if (originalRange.Offset != 0)`
	`155`	`{`
	`156`	`// Align with encryption block boundary.`
	`157`	`int diff;`
0	`158`	`if ((diff = (int)(originalRange.Offset % Constants.ClientSideEncryption.EncryptionBlockSize)) != 0)`
	`159`	`{`
0	`160`	`offsetAdjustment += diff;`
0	`161`	`if (adjustedDownloadCount != default)`
	`162`	`{`
0	`163`	`adjustedDownloadCount += diff;`
	`164`	`}`
	`165`	`}`
	`166`
	`167`	`// Account for IV.`
0	`168`	`if (originalRange.Offset >= Constants.ClientSideEncryption.EncryptionBlockSize)`
	`169`	`{`
0	`170`	`offsetAdjustment += Constants.ClientSideEncryption.EncryptionBlockSize;`
	`171`	`// Increment adjustedDownloadCount if necessary.`
0	`172`	`if (adjustedDownloadCount != default)`
	`173`	`{`
0	`174`	`adjustedDownloadCount += Constants.ClientSideEncryption.EncryptionBlockSize;`
	`175`	`}`
	`176`	`}`
	`177`	`}`
	`178`
	`179`	`// Align adjustedDownloadCount with encryption block boundary at the end of the range. Note that it is impos`
	`180`	`// to adjust past the end of the blob as an encrypted blob was padded to align to an encryption block bounda`
0	`181`	`if (adjustedDownloadCount != null)`
	`182`	`{`
0	`183`	`adjustedDownloadCount += (`
0	`184`	`Constants.ClientSideEncryption.EncryptionBlockSize - (int)(adjustedDownloadCount`
0	`185`	`% Constants.ClientSideEncryption.EncryptionBlockSize)`
0	`186`	`) % Constants.ClientSideEncryption.EncryptionBlockSize;`
	`187`	`}`
	`188`
0	`189`	`return new HttpRange(originalRange.Offset - offsetAdjustment, adjustedDownloadCount);`
	`190`	`}`
	`191`	`}`
	`192`	`}`

< Summary

Metrics

File(s)

C:\Git\azure-sdk-for-net\sdk\storage\Azure.Storage.Blobs\src\BlobClientSideDecryptor.cs

Methods/Properties