Skip to content

[Client encryption]: Performance and Reliability improvements for StreamProcessor #5385

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 94 commits into
base: master
Choose a base branch
from
Draft

[Client encryption]: Performance and Reliability improvements for StreamProcessor #5385

wants to merge 94 commits into from

Conversation

@adamnova
Copy link
Contributor

@adamnova adamnova commented Sep 5, 2025
edited
Loading

Pull Request Template

Description

Please include a summary of the change and which issue is fixed. Include samples if adding new API, and include relevant motivation and context. List any dependencies that are required for this change.

Type of change

Please delete options that are not relevant.

  • [] Bug fix (non-breaking change which fixes an issue)
  • [] New feature (non-breaking change which adds functionality)
  • [] Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • [] This change requires a documentation update

Closing issues

#4678

adamnova added 30 commits August 21, 2025 11:01
@adamnova
tests: add coverlet.msbuild dependency for coverage instrumentation
884a340
@adamnova
tests(stream-processor): add encryptor tests (primitives, containers,…
ee84e4a 
… compression, null-skip, malformed number, comments)
@adamnova
tests(stream-processor): add comprehensive decryptor tests incl. erro…
cca71da 
…r paths (format, compression, base64, decompression)
@adamnova
tests: add StreamProcessor decrypt coverage for TypeMarker.Null and _…
5b6d22c 
…ei partial skip fallback
@adamnova
update contracts and bump coverlet to 6.0.0
3006f4d
@adamnova
coverlet collector
6120ba8
@adamnova
remove solution file from tracking to avoid local dev environment cha…
659bea2 
…nges
@adamnova
Added new tests
afb4dc6
@adamnova
Added tests
99e8340
@adamnova
Replaced parser with Utf8Parser
ad7bfeb
@adamnova
Added new tests
87c3f0b
@adamnova
Cleanup
96263aa
@adamnova
Update StreamProcessor.Decryptor.cs
6d82c06
@adamnova
Update StreamProcessor.Decryptor.cs
33cbc55
@adamnova
Merge branch 'master' into feature/stream-processor-tests-baseline
4a1a553
@adamnova
chore: restore Microsoft.Azure.Cosmos.sln from origin/master
782e194
@adamnova
Arrange Act Assert
5868509
@adamnova
StreamProcessor: fix end-of-stream buffer growth; adopt safe fallback…
7abd591 
… for unknown type markers with diagnostics; improve UTF-8 and deserialization error messages with path context; unify stream ownership (caller-owned); make initial buffer size per-instance with legacy default.
@adamnova
StreamProcessor: rename MdeEncryptor field to MdeEngine for clarity; …
1092ffe 
…update usages in encrypt/decrypt partials and tests.
@adamnova
ArrayPool: add Return() and early-return temp buffers in stream proce…
56beaa4 
…ssor; reduce allocations: use ValueTextEquals for _ei, precompute top-level encrypted path maps to avoid string concat and lookups.
@adamnova
Diagnostics: add basic metrics bag to CosmosDiagnosticsContext and in…
48538a6 
…strument decryptor to record bytesRead/bytesWritten/propertiesDecrypted/compressedPathsDecompressed/elapsedMs; use CountingStream for non-seekable outputs.
@adamnova
StreamProcessor: smarter buffer growth with 8MB cap and min increment…
2b92b99 
…; share JsonWriterOptions (Indented=false) across encrypt/decrypt for throughput predictability.
@adamnova
Merge branch 'master' into feature/stream-processor-improvements
baa05f3
@adamnova
Encryption.Custom: StreamProcessor.Decryptor – return old buffer to p…
bc00584 
…ool on growth and always return final rented buffer to prevent leaks
@adamnova
Encryption.Custom: StreamProcessor.Decryptor – robust cross-buffer sk…
4bcc056 
…ip for _ei value using state (no allocations), replacing brittle isIgnoredBlock handling
@adamnova
Encryption.Custom: StreamProcessor.Decryptor – support multi-segment …
6dd9795 
…String/Number tokens with pooled buffers; size ciphertext buffer from sequence length
@adamnova
Encryption.Custom: StreamProcessor.Decryptor – use stackalloc for sma…
1f8e775 
…ll base64 strings to reduce pooling on decrypt path
@adamnova
Encryption.Custom.Tests: add coverage for decrypt stream changes – cr…
7f88cf0 
…oss-buffer _ei skip (scalar), multi-segment string/number tokens, and small/large ciphertexts across buffers
@adamnova
tests(encryption-custom): temporarily ignore ContractChanges API base…
3d576bb 
…line test; select baseline by TFM (net8 vs net6) and re-enable when API stabilizes
@adamnova
Encryption.Custom: avoid per-hit /name concat; reduce path lookups; z…
ad329c8 
…ero-alloc top-level name match in decryptor+encryptor; leave logger args unchanged
@adamnova
Encryption: make EncryptionProperties.EncryptedPaths IReadOnlyCollect…
d9ce6bf 
…ion and remove runtime ICollection checks; update producers/consumers and tests
@adamnova
Encryption.Custom: Remove non-seekable probe logic and related tests;…
8a27b76 
… simplify decrypt streaming path
@adamnova
Remove payload compression support from encryption
d66de4a 
Eliminates all code, tests, and metadata related to payload compression in the custom Cosmos encryption implementation. CompressionOptions, compressed path handling, and associated validation logic are removed from both runtime and test code, restricting encryption to the MDE format only.
@adamnova
Pass Utf8JsonWriter to EncryptionPipelineState constructor
a7ef854 
Added the Utf8JsonWriter parameter to the EncryptionPipelineState constructor and updated its initialization. This change ensures the writer is available for encryption processing within the pipeline state.
@adamnova
Remove manual bucketing from StreamProcessor
0656584 
- Remove Bucket() method and manual power-of-two bucketing logic
- Simplify buffer allocation to rely on ArrayPool's internal bucketing
- Update EnsureCapacity to use direct size capping instead of bucketing
- Simplify buffer growth logic in streaming decrypt path
@adamnova
Remove TryProcessSmallSeekableAsync micro optimization
818ca62 
- Remove small seekable stream fast path optimization
- Simplify DecryptStreamAsync to always use StreamProcessAsync
- Remove SmallPayloadMaxBytes constant no longer needed
- Streamline code path for all stream sizes
@adamnova
Refactor Base64 decoding in Decryptor
fcccb07 
Introduced a local helper method to validate Base64 decoding and replaced repeated decoding logic with this method for improved readability and maintainability. Removed redundant comments and streamlined variable usage in the decryption process.
@adamnova
test(stream-processor): add strong encrypted plaintext absence verifi…
45ac643 
…cation helper; integrate across encryptor/decryptor + emulator tests; include boolean/numeric checks
@adamnova
test(stream-processor): unify encryption verification via base64 + ty…
2cad2c0 
…pe marker decoding (AssertEncryptedDocument) and update tests
@adamnova
Refactor EncryptionVerificationTestHelper imports and types
9a19b66 
Updated using statements to include System.Text.Json and relevant namespaces. Improved type declarations for variables in foreach loops and method bodies for clarity and consistency.
@adamnova
Delete encustom-.net8.0.info
72a7560
@adamnova
Refactor DecodeValidated to static method with more args
f0ae5b4 
Changed DecodeValidated to a static method and added cipher, expectedLen, and pathLabel as parameters. Updated all calls to pass the required arguments, improving clarity and reducing reliance on outer scope.
@adamnova
Refactor ValidateRawEncryptedAsync to use property map
5835bba 
Changed ValidateRawEncryptedAsync to accept an IReadOnlyDictionary of encrypted properties instead of an IEnumerable of plaintext values. Updated all test calls to provide explicit property-value mappings, improving clarity and flexibility in encrypted document validation.
@adamnova
Refactor plainMap initialization in test helper
926dc5d 
Simplifies the initialization of plainMap in ValidateRawEncryptedAsync by removing unnecessary comments and explicit type casting. This improves code clarity in the StreamProcessorEmulatorTests.
@adamnova
Update type check for MdeEncryptor in Decryptor
bc7fae1 
Replaces strict type comparison with 'is not' to allow MdeEncryptor hierarchy. Updates exception message to reflect support for MdeEncryptor subclasses.
@adamnova
Re-enable ContractChanges test
a7c1431 
Removed the Ignore attribute from the ContractChanges test in ContractEnforcementTests, allowing it to run again. This change reflects that contract enforcement is no longer temporarily ignored.
@adamnova adamnova marked this pull request as ready for review October 2, 2025 07:15
@kirankumarkolli
Copy link
Member

kirankumarkolli commented Oct 8, 2025

/azp run

@azure-pipelines
Copy link

azure-pipelines bot commented Oct 8, 2025

Azure Pipelines successfully started running 1 pipeline(s).

@adamnova adamnova marked this pull request as draft October 22, 2025 08:21
@adamnova
Merge branch 'master' into feature/stream-processor-improvements
9076ba9
@adamnova
Remove ENCRYPTION_CUSTOM_PREVIEW flag and add tests for ValueSequence…
f449464 
… handling

Replaces '#if ENCRYPTION_CUSTOM_PREVIEW && NET8_0_OR_GREATER' with '#if NET8_0_OR_GREATER' in source and test files, enabling code for all NET8_0_OR_GREATER builds. Adds comprehensive unit tests for CandidatePaths and extensive tests for StreamProcessorEncryptor/Decryptor to cover edge cases involving Utf8JsonReader's ValueSequence, fragmented streams, and error handling. Also comments out obsolete assertions related to removed compression support.
@adamnova
Merge branch 'master' into feature/stream-processor-improvements
f4e3759
@adamnova
Add diagnostics context to EncryptAsync interface
5855757 
Updated the IMdeJsonProcessorAdapter interface and its implementations to include a CosmosDiagnosticsContext parameter in the EncryptAsync method. This change enables telemetry and diagnostics support during encryption operations.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kirankumarkolli kirankumarkolli Awaiting requested review from kirankumarkolli kirankumarkolli is a code owner

@FabianMeiswinkel FabianMeiswinkel Awaiting requested review from FabianMeiswinkel FabianMeiswinkel is a code owner

@sboshra sboshra Awaiting requested review from sboshra sboshra is a code owner

@Pilchie Pilchie Awaiting requested review from Pilchie Pilchie is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@adamnova @kirankumarkolli