Skip to content

Commit

Permalink
protect tests
Browse files Browse the repository at this point in the history
  • Loading branch information
conorbros committed Nov 27, 2023
1 parent 618bffd commit c326777
Showing 1 changed file with 81 additions and 47 deletions.
128 changes: 81 additions & 47 deletions shotover-proxy/tests/cassandra_int_tests/protect.rs
Original file line number Diff line number Diff line change
Expand Up @@ -13,70 +13,44 @@ pub struct Protected {
_kek_id: String,
}

pub async fn test(shotover_session: &CassandraConnection, direct_session: &CassandraConnection) {
run_query(
shotover_session,
"CREATE KEYSPACE test_protect_keyspace WITH REPLICATION = { 'class' : 'SimpleStrategy', 'replication_factor' : 1 };"
).await;

run_query(
shotover_session,
"CREATE TABLE test_protect_keyspace.test_table (pk varchar PRIMARY KEY, cluster varchar, col1 blob, col2 int, col3 boolean);"
).await;

run_query(
shotover_session,
"INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk1', 'cluster', 'I am gonna get encrypted!!', 0, true);"
).await;

shotover_session.execute_batch(vec![
"INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk2', 'cluster', 'encrypted2', 1, true)".into(),
"INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk3', 'cluster', 'encrypted3', 2, false)".into()
]).await;

let insert_statement = "BEGIN BATCH
INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk4', 'cluster', 'encrypted4', 3, true);
INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk5', 'cluster', 'encrypted5', 4, false);
APPLY BATCH;";
run_query(shotover_session, insert_statement).await;

pub async fn select_all(shotover_session: &CassandraConnection) {
// assert that data is decrypted by shotover
assert_query_result(
shotover_session,
"SELECT pk, cluster, col1, col2, col3 FROM test_protect_keyspace.test_table",
&[
&[
ResultValue::Varchar("pk1".into()),
ResultValue::Varchar("pk0".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("I am gonna get encrypted!!".into()),
ResultValue::Blob("encrypted0".into()),
ResultValue::Int(0),
ResultValue::Boolean(true),
],
&[
ResultValue::Varchar("pk2".into()),
ResultValue::Varchar("pk1".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("encrypted2".into()),
ResultValue::Blob("encrypted1".into()),
ResultValue::Int(1),
ResultValue::Boolean(true),
],
&[
ResultValue::Varchar("pk3".into()),
ResultValue::Varchar("pk2".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("encrypted3".into()),
ResultValue::Blob("encrypted2".into()),
ResultValue::Int(2),
ResultValue::Boolean(false),
],
&[
ResultValue::Varchar("pk4".into()),
ResultValue::Varchar("pk3".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("encrypted4".into()),
ResultValue::Blob("encrypted3".into()),
ResultValue::Int(3),
ResultValue::Boolean(true),
],
&[
ResultValue::Varchar("pk5".into()),
ResultValue::Varchar("pk4".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("encrypted5".into()),
ResultValue::Blob("encrypted4".into()),
ResultValue::Int(4),
ResultValue::Boolean(false),
],
Expand All @@ -89,44 +63,104 @@ pub async fn test(shotover_session: &CassandraConnection, direct_session: &Cassa
"SELECT pk, cluster, col1, col2, col3 FROM test_protect_keyspace.test_table",
&[
&[
ResultValue::Varchar("pk1".into()),
ResultValue::Varchar("pk0".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("I am gonna get encrypted!!".into()),
ResultValue::Blob("encrypted0".into()),
ResultValue::Int(0),
ResultValue::Boolean(true),
],
&[
ResultValue::Varchar("pk2".into()),
ResultValue::Varchar("pk1".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("encrypted2".into()),
ResultValue::Blob("encrypted1".into()),
ResultValue::Int(1),
ResultValue::Boolean(true),
],
&[
ResultValue::Varchar("pk3".into()),
ResultValue::Varchar("pk2".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("encrypted3".into()),
ResultValue::Blob("encrypted2".into()),
ResultValue::Int(2),
ResultValue::Boolean(false),
],
&[
ResultValue::Varchar("pk4".into()),
ResultValue::Varchar("pk3".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("encrypted4".into()),
ResultValue::Blob("encrypted3".into()),
ResultValue::Int(3),
ResultValue::Boolean(true),
],
&[
ResultValue::Varchar("pk5".into()),
ResultValue::Varchar("pk4".into()),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob("encrypted5".into()),
ResultValue::Blob("encrypted4".into()),
ResultValue::Int(4),
ResultValue::Boolean(false),
],
],
)
.await;

for i in 0..5 {
assert_query_result(
shotover_session,
&format!("SELECT pk, cluster, col1, col2 FROM test_protect_keyspace.test_table WHERE pk = 'pk{}'", i),
&[
&[
ResultValue::Varchar(format!("pk{}", i)),
ResultValue::Varchar("cluster".into()),
ResultValue::Blob(format!("encrypted{}", i).into()),
ResultValue::Int(i),
],
],
)
.await;
}
}

async fn setup(shotover_session: &CassandraConnection) {
run_query(
shotover_session,
"CREATE KEYSPACE test_protect_keyspace WITH REPLICATION = { 'class' : 'SimpleStrategy', 'replication_factor' : 1 };"
).await;

run_query(
shotover_session,
"CREATE TABLE test_protect_keyspace.test_table (pk varchar PRIMARY KEY, cluster varchar, col1 blob, col2 int, col3 boolean);"
).await;
}

async fn insert_data(shotover_session: &CassandraConnection) {
let statements =[
"INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk0', 'cluster', 'encrypted0', 0, true);",
"INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk1', 'cluster', 'encrypted1', 1, true)",
"INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk2', 'cluster', 'encrypted2', 2, false)",
"INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk3', 'cluster', 'encrypted3', 3, true);",
"INSERT INTO test_protect_keyspace.test_table (pk, cluster, col1, col2, col3) VALUES ('pk4', 'cluster', 'encrypted4', 4, false);",
];

run_query(shotover_session, statements[0]).await;

shotover_session
.execute_batch(vec![statements[1].to_string(), statements[2].to_string()])
.await;

let insert_statement = format!(
"BEGIN BATCH
{}
{}
APPLY BATCH;",
statements[3], statements[4]
);
run_query(shotover_session, &insert_statement).await;
}

pub async fn test(shotover_session: &CassandraConnection, direct_session: &CassandraConnection) {
setup(shotover_session).await;
insert_data(shotover_session).await;

select_all(shotover_session).await;

// assert that data is encrypted on cassandra side
let result = direct_session
.execute("SELECT pk, cluster, col1, col2, col3 FROM test_protect_keyspace.test_table")
Expand Down

0 comments on commit c326777

Please sign in to comment.