ApiView requested changes (#2493)

* ApiView requested changes

* update test

* Apply suggestions from code review

Co-authored-by: Ahson Khan <ahkha@microsoft.com>

* update private field name

Co-authored-by: Ahson Khan <ahkha@microsoft.com>

sdk/keyvault/azure-security-keyvault-keys/CHANGELOG.md

@@ -4,13 +4,20 @@
 
 ### Features Added
 
+- Added `GetIv()` to `EncryptParameters` and `DecryptParameters`.
+
 ### Breaking Changes
 
+- Removed `Azure::Security::KeyVault::Keys::ServiceVersion::V7_0` and `V7_1`.
+- Removed `Azure::Security::KeyVault::Keys::Cryptography::ServiceVersion::V7_0` and `V7_1`.
+- Removed `CryptographyClient::RemoteClient()` and `CryptographyClient::LocalOnly()`.
+- Removed the general constructor from `EncryptParameters` and `DecryptParameters`.
+- Removed access to `Iv` field member from `EncryptParameters` and `DecryptParameters`.
+
 ### Key Bugs Fixed
 
 ### Fixed
 
-
 ## 4.0.0-beta.3 (2021-06-08)
 
 ### Breaking Changes

sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/cryptography/cryptography_client.hpp

@@ -52,6 +52,24 @@ namespace Azure {
 
     void Initialize(std::string const& operation, Azure::Core::Context const& context);
 
+    /**
+     * @brief Provides a #CryptographyProvider that performs operations in the Key Vault Keys
+     * Server.
+     *
+     * @return A cryptographic client to perform operations on the server.
+     */
+    std::shared_ptr<Azure::Security::KeyVault::Keys::Cryptography::_detail::CryptographyProvider>
+    RemoteClient() const
+    {
+      return m_remoteProvider;
+    }
+
+    /**
+     * @brief Gets whether this #CryptographyClient runs only local operations.
+     *
+     */
+    bool LocalOnly() const noexcept { return m_remoteProvider == nullptr; }
+
   public:
     /**
      * @brief Initializes a new instance of the #CryptographyClient class.
@@ -71,24 +89,6 @@ namespace Azure {
     {
     }
 
-    /**
-     * @brief Provides a #CryptographyProvider that performs operations in the Key Vault Keys
-     * Server.
-     *
-     * @return A cryptographic client to perform operations on the server.
-     */
-    std::shared_ptr<Azure::Security::KeyVault::Keys::Cryptography::_detail::CryptographyProvider>
-    RemoteClient() const
-    {
-      return m_remoteProvider;
-    }
-
-    /**
-     * @brief Gets whether this #CryptographyClient runs only local operations.
-     *
-     */
-    bool LocalOnly() const noexcept { return m_remoteProvider == nullptr; }
-
     /**
      * @brief Encrypts plaintext.
      *

sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/cryptography/cryptography_client_options.hpp

@@ -49,18 +49,6 @@ namespace Azure {
      */
     std::string const& ToString() const { return m_version; }
 
-    /**
-     * @brief Use to send request to the 7.0 version of Key Vault service.
-     *
-     */
-    AZ_SECURITY_KEYVAULT_KEYS_DLLEXPORT static const ServiceVersion V7_0;
-
-    /**
-     * @brief Use to send request to the 7.1 version of Key Vault service.
-     *
-     */
-    AZ_SECURITY_KEYVAULT_KEYS_DLLEXPORT static const ServiceVersion V7_1;
-
     /**
      * @brief Use to send request to the 7.2 version of Key Vault service.
      *

sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/cryptography/decrypt_parameters.hpp

@@ -24,8 +24,8 @@ namespace Azure {
    * @brief Parameters for decrypting ciphertext.
    *
    */
-  struct DecryptParameters final
-  {
+  class DecryptParameters final {
+  private:
     /**
      * @brief Construct a new Decrypt Parameters object.
      *
@@ -43,22 +43,17 @@ namespace Azure {
         std::vector<uint8_t> iv,
         std::vector<uint8_t> additionalAuthenticatedData,
         std::vector<uint8_t> authenticationTag)
-        : Algorithm(std::move(algorithm)), Ciphertext(std::move(ciphertext)), Iv(std::move(iv)),
+        : m_iv(std::move(iv)), Algorithm(std::move(algorithm)), Ciphertext(std::move(ciphertext)),
           AdditionalAuthenticatedData(std::move(additionalAuthenticatedData)),
           AuthenticationTag(std::move(authenticationTag))
     {
     }
 
-    DecryptParameters(EncryptionAlgorithm algorithm, std::vector<uint8_t> const ciphertext)
-        : Algorithm(std::move(algorithm)), Ciphertext(std::move(ciphertext))
-    {
-    }
-
     DecryptParameters(
         EncryptionAlgorithm algorithm,
         std::vector<uint8_t> ciphertext,
         std::vector<uint8_t> iv)
-        : Algorithm(std::move(algorithm)), Ciphertext(std::move(ciphertext)), Iv(std::move(iv))
+        : m_iv(std::move(iv)), Algorithm(std::move(algorithm)), Ciphertext(std::move(ciphertext))
     {
     }
 
@@ -68,6 +63,24 @@ namespace Azure {
      */
     DecryptParameters() = delete;
 
+    /**
+     * @brief Gets the initialization vector for decryption.
+     *
+     */
+    std::vector<uint8_t> m_iv;
+
+  public:
+    /**
+     * @brief Construct a new Decrypt Parameters object
+     *
+     * @param algorithm The #EncryptionAlgorithm to use for decrypt operation.
+     * @param ciphertext The content to decrypt.
+     */
+    DecryptParameters(EncryptionAlgorithm algorithm, std::vector<uint8_t> const ciphertext)
+        : Algorithm(std::move(algorithm)), Ciphertext(std::move(ciphertext))
+    {
+    }
+
     /**
      * @brief Gets or sets the #EncryptionAlgorithm.
      *
@@ -84,7 +97,7 @@ namespace Azure {
      * @brief Gets the initialization vector for decryption.
      *
      */
-    std::vector<uint8_t> Iv;
+    std::vector<uint8_t> const& GetIv() const { return m_iv; }
 
     /**
      * @brief Gets additional data that is authenticated during decryption but not encrypted.

sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/cryptography/encrypt_parameters.hpp

@@ -24,8 +24,17 @@ namespace Azure {
    * @brief Parameters for encrypting plaintext.
    *
    */
-  struct EncryptParameters final
-  {
+  class EncryptParameters final {
+  private:
+    /**
+     * @brief Gets the initialization vector for encryption.
+     *
+     * @note Initialization vector should not be set for some encryption algorithms. That's why it
+     * is private so it is only set by the factory methods.
+     *
+     */
+    std::vector<uint8_t> m_iv;
+
     /**
      * @brief Construct a new Encrypt Parameters object.
      *
@@ -40,11 +49,18 @@ namespace Azure {
         std::vector<uint8_t> plaintext,
         std::vector<uint8_t> iv,
         std::vector<uint8_t> additionalAuthenticatedData)
-        : Algorithm(std::move(algorithm)), Plaintext(std::move(plaintext)), Iv(std::move(iv)),
+        : m_iv(std::move(iv)), Algorithm(std::move(algorithm)), Plaintext(std::move(plaintext)),
           AdditionalAuthenticatedData(std::move(additionalAuthenticatedData))
     {
     }
 
+    /**
+     * @brief Encrypt Parameters can't be default constructed.
+     *
+     */
+    EncryptParameters() = delete;
+
+  public:
     /**
      * @brief Construct a new Encrypt Parameters object
      *
@@ -56,12 +72,6 @@ namespace Azure {
     {
     }
 
-    /**
-     * @brief Encrypt Parameters can't be default constructed.
-     *
-     */
-    EncryptParameters() = delete;
-
     /**
      * @brief Gets the #EncryptionAlgorithm.
      *
@@ -74,18 +84,18 @@ namespace Azure {
      */
     std::vector<uint8_t> Plaintext;
 
-    /**
-     * @brief Gets the initialization vector for encryption.
-     *
-     */
-    std::vector<uint8_t> Iv;
-
     /**
      * @brief Gets additional data that is authenticated during decryption but not encrypted.
      *
      */
     std::vector<uint8_t> AdditionalAuthenticatedData;
 
+    /**
+     * @brief Gets the initialization vector for encryption.
+     *
+     */
+    std::vector<uint8_t> const& GetIv() const { return m_iv; }
+
     /**
      * @brief Creates an instance of the #EncryptParameters class for the
      * #EncryptionAlgorithm::Rsa15 encryption algorithm.

sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_client_options.hpp

@@ -41,18 +41,6 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
      */
     std::string const& ToString() const { return m_version; }
 
-    /**
-     * @brief Use to send request to the 7.0 version of Key Vault service.
-     *
-     */
-    AZ_SECURITY_KEYVAULT_KEYS_DLLEXPORT static const ServiceVersion V7_0;
-
-    /**
-     * @brief Use to send request to the 7.1 version of Key Vault service.
-     *
-     */
-    AZ_SECURITY_KEYVAULT_KEYS_DLLEXPORT static const ServiceVersion V7_1;
-
     /**
      * @brief Use to send request to the 7.2 version of Key Vault service.
      *

sdk/keyvault/azure-security-keyvault-keys/src/cryptography/cryptography_client_options.cpp

@@ -8,7 +8,5 @@ namespace Azure {
     namespace KeyVault {
       namespace Keys {
         namespace Cryptography {
-  const ServiceVersion ServiceVersion::V7_0("7.0");
-  const ServiceVersion ServiceVersion::V7_1("7.1");
   const ServiceVersion ServiceVersion::V7_2("7.2");
 }}}}} // namespace Azure::Security::KeyVault::Keys::Cryptography

sdk/keyvault/azure-security-keyvault-keys/src/cryptography/decrypt_parameters.cpp

@@ -25,10 +25,11 @@ namespace Azure {
     using namespace Azure::Security::KeyVault::_internal;
     payload[AlgorithmValue] = parameters.Algorithm.ToString();
     payload[ValueParameterValue] = Base64Url::Base64UrlEncode(parameters.Ciphertext);
+    auto& iv = parameters.GetIv();
 
-    if (parameters.Iv.size() > 0)
+    if (iv.size() > 0)
     {
-      payload[IvValue] = Base64Url::Base64UrlEncode(parameters.Iv);
+      payload[IvValue] = Base64Url::Base64UrlEncode(iv);
     }
 
     if (parameters.AdditionalAuthenticatedData.size() > 0)

sdk/keyvault/azure-security-keyvault-keys/src/cryptography/encrypt_parameters.cpp

@@ -25,10 +25,11 @@ namespace Azure {
     using namespace Azure::Security::KeyVault::_internal;
     payload[AlgorithmValue] = parameters.Algorithm.ToString();
     payload[ValueParameterValue] = Base64Url::Base64UrlEncode(parameters.Plaintext);
+    auto& iv = parameters.GetIv();
 
-    if (parameters.Iv.size() > 0)
+    if (iv.size() > 0)
     {
-      payload[IvValue] = Base64Url::Base64UrlEncode(parameters.Iv);
+      payload[IvValue] = Base64Url::Base64UrlEncode(iv);
     }
 
     if (parameters.AdditionalAuthenticatedData.size() > 0)

sdk/keyvault/azure-security-keyvault-keys/src/key_client_options.cpp

@@ -4,7 +4,5 @@
 #include "azure/keyvault/keys/key_client_options.hpp"
 
 namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
-  const ServiceVersion ServiceVersion::V7_0("7.0");
-  const ServiceVersion ServiceVersion::V7_1("7.1");
   const ServiceVersion ServiceVersion::V7_2("7.2");
 }}}} // namespace Azure::Security::KeyVault::Keys

sdk/keyvault/azure-security-keyvault-keys/test/ut/key_client_test.cpp

@@ -30,18 +30,6 @@ TEST(KeyClient, ServiceVersion)
 {
   auto credential
       = std::make_shared<Azure::Identity::ClientSecretCredential>("tenantID", "AppId", "SecretId");
-  {
-    // 7.0
-    EXPECT_NO_THROW(auto options = KeyClientOptions(ServiceVersion::V7_0);
-                    KeyClient keyClient("vaultUrl", credential, options);
-                    EXPECT_EQ(options.Version.ToString(), "7.0"););
-  }
-  {
-    // 7.1
-    EXPECT_NO_THROW(auto options = KeyClientOptions(ServiceVersion::V7_1);
-                    KeyClient keyClient("vaultUrl", credential, options);
-                    EXPECT_EQ(options.Version.ToString(), "7.1"););
-  }
   {
     // 7.2
     EXPECT_NO_THROW(auto options = KeyClientOptions(ServiceVersion::V7_2);