Skip to content

Tests | Remove hardcoded credentials from ManualTests #3204

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 19 commits into from
Jun 5, 2025
Merged

Tests | Remove hardcoded credentials from ManualTests #3204

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
bbe8410
Initial removal of CertificateUtility.CreateCertificate
edwardneal Dec 23, 2024
3d3230d
Hotfix for Azure Key Vault tests
edwardneal Dec 28, 2024
41f5002
Removed hardcoded references to Azure Key Vault key
edwardneal Dec 28, 2024
d2ca8e5
Removed hardcoded references to CertificateUtilityWin
edwardneal Dec 29, 2024
a935c62
Merge branch 'main' into tests/manual-tests-certificate-generation
edwardneal Feb 24, 2025
7eef910
Code review changes
edwardneal Feb 24, 2025
23214ce
Code review
edwardneal Feb 24, 2025
1f369c6
Update src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted…
benrr101 Mar 27, 2025
8d7c393
Update src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted…
benrr101 Mar 27, 2025
407ad04
Merge branch 'main' into dev/russellben/en-manual-tests-certificate-gen
benrr101 Apr 16, 2025
c51fb67
Fixes as per @edwardneal's suggestions
benrr101 Apr 29, 2025
142a632
Fix as per @edwardneal's suggestion
benrr101 May 5, 2025
3564f63
Fix missing `new`
benrr101 May 7, 2025
a497697
Update src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted…
benrr101 May 15, 2025
b5220b0
Update src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted…
benrr101 May 19, 2025
3dfd7ca
Merge branch 'main' into dev/russellben/en-manual-tests-certificate-gen
benrr101 Jun 3, 2025
9d06173
Address comment that we don't need a CspParameters object as part of …
benrr101 Jun 3, 2025
f394b97
Address comment regarding readonly member variables
benrr101 Jun 3, 2025
02470f2
Addressing the last of the comments.
benrr101 Jun 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted/AKVTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,15 +133,15 @@ public void ForcedColumnDecryptErrorTestShouldFail()
[PlatformSpecific(TestPlatforms.Windows)]
public void TestRoundTripWithAKVAndCertStoreProvider()
{
using SQLSetupStrategyCertStoreProvider certStoreFixture = new();
SqlColumnEncryptionCertificateStoreProvider certStoreProvider = new SqlColumnEncryptionCertificateStoreProvider();
byte[] plainTextColumnEncryptionKey = ColumnEncryptionKey.GenerateRandomBytes(ColumnEncryptionKey.KeySizeInBytes);
byte[] encryptedColumnEncryptionKeyUsingAKV = _fixture.AkvStoreProvider.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, @"RSA_OAEP", plainTextColumnEncryptionKey);
byte[] columnEncryptionKeyReturnedAKV2Cert = certStoreFixture.CertStoreProvider.DecryptColumnEncryptionKey(certStoreFixture.CspColumnMasterKey.KeyPath, @"RSA_OAEP", encryptedColumnEncryptionKeyUsingAKV);
byte[] encryptedColumnEncryptionKeyUsingAKV = _fixture.AkvStoreProvider.EncryptColumnEncryptionKey(_fixture.AkvKeyUrl, @"RSA_OAEP", plainTextColumnEncryptionKey);
byte[] columnEncryptionKeyReturnedAKV2Cert = certStoreProvider.DecryptColumnEncryptionKey(_fixture.ColumnMasterKeyPath, @"RSA_OAEP", encryptedColumnEncryptionKeyUsingAKV);
Assert.True(plainTextColumnEncryptionKey.SequenceEqual(columnEncryptionKeyReturnedAKV2Cert), @"Roundtrip failed");

// Try the opposite.
byte[] encryptedColumnEncryptionKeyUsingCert = certStoreFixture.CertStoreProvider.EncryptColumnEncryptionKey(certStoreFixture.CspColumnMasterKey.KeyPath, @"RSA_OAEP", plainTextColumnEncryptionKey);
byte[] columnEncryptionKeyReturnedCert2AKV = _fixture.AkvStoreProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, @"RSA_OAEP", encryptedColumnEncryptionKeyUsingCert);
byte[] encryptedColumnEncryptionKeyUsingCert = certStoreProvider.EncryptColumnEncryptionKey(_fixture.ColumnMasterKeyPath, @"RSA_OAEP", plainTextColumnEncryptionKey);
byte[] columnEncryptionKeyReturnedCert2AKV = _fixture.AkvStoreProvider.DecryptColumnEncryptionKey(_fixture.AkvKeyUrl, @"RSA_OAEP", encryptedColumnEncryptionKeyUsingCert);
Assert.True(plainTextColumnEncryptionKey.SequenceEqual(columnEncryptionKeyReturnedCert2AKV), @"Roundtrip failed");
}

Expand Down
77 changes: 42 additions & 35 deletions src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted/AKVUnitTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,20 @@

namespace Microsoft.Data.SqlClient.ManualTesting.Tests.AlwaysEncrypted
{
public static class AKVUnitTests
public class AKVUnitTests : IClassFixture<AzureKeyVaultKeyFixture>
{
const string EncryptionAlgorithm = "RSA_OAEP";
public static readonly byte[] s_columnEncryptionKey = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32 };
private const string cekCacheName = "_columnEncryptionKeyCache";
private const string signatureVerificationResultCacheName = "_columnMasterKeyMetadataSignatureVerificationCache";

private readonly AzureKeyVaultKeyFixture _fixture;

public AKVUnitTests(AzureKeyVaultKeyFixture fixture)
{
_fixture = fixture;
}

private static void ValidateAKVTraces(List<EventWrittenEventArgs> eventData, Guid threadActivityId)
{
Assert.NotNull(eventData);
Expand Down Expand Up @@ -64,36 +71,36 @@ private static void ValidateAKVTraces(List<EventWrittenEventArgs> eventData, Gui
}

[ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsAKVSetupAvailable))]
public static void LegacyAuthenticationCallbackTest()
public void LegacyAuthenticationCallbackTest()
{
Guid activityId = Trace.CorrelationManager.ActivityId = Guid.NewGuid();
using DataTestUtility.AKVEventListener AKVListener = new();

// SqlClientCustomTokenCredential implements legacy authentication callback to request access token at client-side.
SqlColumnEncryptionAzureKeyVaultProvider akvProvider = new SqlColumnEncryptionAzureKeyVaultProvider(new SqlClientCustomTokenCredential());
byte[] encryptedCek = akvProvider.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, EncryptionAlgorithm, s_columnEncryptionKey);
byte[] decryptedCek = akvProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, EncryptionAlgorithm, encryptedCek);
byte[] encryptedCek = akvProvider.EncryptColumnEncryptionKey(_fixture.GeneratedKeyUri, EncryptionAlgorithm, s_columnEncryptionKey);
byte[] decryptedCek = akvProvider.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, EncryptionAlgorithm, encryptedCek);

Assert.Equal(s_columnEncryptionKey, decryptedCek);
ValidateAKVTraces(AKVListener.EventData, activityId);
}

[ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsAKVSetupAvailable))]
public static void TokenCredentialTest()
public void TokenCredentialTest()
{
Guid activityId = Trace.CorrelationManager.ActivityId = Guid.NewGuid();
using DataTestUtility.AKVEventListener AKVListener = new();

SqlColumnEncryptionAzureKeyVaultProvider akvProvider = new SqlColumnEncryptionAzureKeyVaultProvider(DataTestUtility.GetTokenCredential());
byte[] encryptedCek = akvProvider.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, EncryptionAlgorithm, s_columnEncryptionKey);
byte[] decryptedCek = akvProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, EncryptionAlgorithm, encryptedCek);
byte[] encryptedCek = akvProvider.EncryptColumnEncryptionKey(_fixture.GeneratedKeyUri, EncryptionAlgorithm, s_columnEncryptionKey);
byte[] decryptedCek = akvProvider.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, EncryptionAlgorithm, encryptedCek);

Assert.Equal(s_columnEncryptionKey, decryptedCek);
ValidateAKVTraces(AKVListener.EventData, activityId);
}

[ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsAKVSetupAvailable))]
public static void TokenCredentialRotationTest()
public void TokenCredentialRotationTest()
{
Guid activityId = Trace.CorrelationManager.ActivityId = Guid.NewGuid();
using DataTestUtility.AKVEventListener AKVListener = new();
Expand All @@ -103,19 +110,19 @@ public static void TokenCredentialRotationTest()

SqlColumnEncryptionAzureKeyVaultProvider newAkvProvider = new SqlColumnEncryptionAzureKeyVaultProvider(DataTestUtility.GetTokenCredential());

byte[] encryptedCekWithNewProvider = newAkvProvider.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, EncryptionAlgorithm, s_columnEncryptionKey);
byte[] decryptedCekWithOldProvider = oldAkvProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, EncryptionAlgorithm, encryptedCekWithNewProvider);
byte[] encryptedCekWithNewProvider = newAkvProvider.EncryptColumnEncryptionKey(_fixture.GeneratedKeyUri, EncryptionAlgorithm, s_columnEncryptionKey);
byte[] decryptedCekWithOldProvider = oldAkvProvider.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, EncryptionAlgorithm, encryptedCekWithNewProvider);
Assert.Equal(s_columnEncryptionKey, decryptedCekWithOldProvider);

byte[] encryptedCekWithOldProvider = oldAkvProvider.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, EncryptionAlgorithm, s_columnEncryptionKey);
byte[] decryptedCekWithNewProvider = newAkvProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, EncryptionAlgorithm, encryptedCekWithOldProvider);
byte[] encryptedCekWithOldProvider = oldAkvProvider.EncryptColumnEncryptionKey(_fixture.GeneratedKeyUri, EncryptionAlgorithm, s_columnEncryptionKey);
byte[] decryptedCekWithNewProvider = newAkvProvider.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, EncryptionAlgorithm, encryptedCekWithOldProvider);
Assert.Equal(s_columnEncryptionKey, decryptedCekWithNewProvider);

ValidateAKVTraces(AKVListener.EventData, activityId);
}

[ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsAKVSetupAvailable))]
public static void ReturnSpecifiedVersionOfKeyWhenItIsNotTheMostRecentVersion()
public void ReturnSpecifiedVersionOfKeyWhenItIsNotTheMostRecentVersion()
{
Uri keyPathUri = new Uri(DataTestUtility.AKVOriginalUrl);
Uri vaultUri = new Uri(keyPathUri.GetLeftPart(UriPartial.Authority));
Expand Down Expand Up @@ -161,7 +168,7 @@ public static void ThrowWhenUrlHasLessThanThreeSegments()
}

[ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsAKVSetupAvailable))]
public static void DecryptedCekIsCachedDuringDecryption()
public void DecryptedCekIsCachedDuringDecryption()
{
Guid activityId = Trace.CorrelationManager.ActivityId = Guid.NewGuid();
using DataTestUtility.AKVEventListener AKVListener = new();
Expand All @@ -170,67 +177,67 @@ public static void DecryptedCekIsCachedDuringDecryption()
byte[] plaintextKey1 = { 1, 2, 3 };
byte[] plaintextKey2 = { 1, 2, 3 };
byte[] plaintextKey3 = { 0, 1, 2, 3 };
byte[] encryptedKey1 = akvProvider.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", plaintextKey1);
byte[] encryptedKey2 = akvProvider.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", plaintextKey2);
byte[] encryptedKey3 = akvProvider.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", plaintextKey3);
byte[] encryptedKey1 = akvProvider.EncryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", plaintextKey1);
byte[] encryptedKey2 = akvProvider.EncryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", plaintextKey2);
byte[] encryptedKey3 = akvProvider.EncryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", plaintextKey3);

byte[] decryptedKey1 = akvProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", encryptedKey1);
byte[] decryptedKey1 = akvProvider.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", encryptedKey1);
Assert.Equal(1, GetCacheCount(cekCacheName, akvProvider));
Assert.Equal(plaintextKey1, decryptedKey1);

decryptedKey1 = akvProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", encryptedKey1);
decryptedKey1 = akvProvider.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", encryptedKey1);
Assert.Equal(1, GetCacheCount(cekCacheName, akvProvider));
Assert.Equal(plaintextKey1, decryptedKey1);

byte[] decryptedKey2 = akvProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", encryptedKey2);
byte[] decryptedKey2 = akvProvider.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", encryptedKey2);
Assert.Equal(2, GetCacheCount(cekCacheName, akvProvider));
Assert.Equal(plaintextKey2, decryptedKey2);

byte[] decryptedKey3 = akvProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", encryptedKey3);
byte[] decryptedKey3 = akvProvider.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", encryptedKey3);
Assert.Equal(3, GetCacheCount(cekCacheName, akvProvider));
Assert.Equal(plaintextKey3, decryptedKey3);

ValidateAKVTraces(AKVListener.EventData, activityId);
}

[ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsAKVSetupAvailable))]
public static void SignatureVerificationResultIsCachedDuringVerification()
public void SignatureVerificationResultIsCachedDuringVerification()
{
Guid activityId = Trace.CorrelationManager.ActivityId = Guid.NewGuid();
using DataTestUtility.AKVEventListener AKVListener = new();

SqlColumnEncryptionAzureKeyVaultProvider akvProvider = new(new SqlClientCustomTokenCredential());
byte[] signature = akvProvider.SignColumnMasterKeyMetadata(DataTestUtility.AKVUrl, true);
byte[] signature2 = akvProvider.SignColumnMasterKeyMetadata(DataTestUtility.AKVUrl, true);
byte[] signatureWithoutEnclave = akvProvider.SignColumnMasterKeyMetadata(DataTestUtility.AKVUrl, false);
byte[] signature = akvProvider.SignColumnMasterKeyMetadata(_fixture.GeneratedKeyUri, true);
byte[] signature2 = akvProvider.SignColumnMasterKeyMetadata(_fixture.GeneratedKeyUri, true);
byte[] signatureWithoutEnclave = akvProvider.SignColumnMasterKeyMetadata(_fixture.GeneratedKeyUri, false);

Assert.True(akvProvider.VerifyColumnMasterKeyMetadata(DataTestUtility.AKVUrl, true, signature));
Assert.True(akvProvider.VerifyColumnMasterKeyMetadata(_fixture.GeneratedKeyUri, true, signature));
Assert.Equal(1, GetCacheCount(signatureVerificationResultCacheName, akvProvider));

Assert.True(akvProvider.VerifyColumnMasterKeyMetadata(DataTestUtility.AKVUrl, true, signature));
Assert.True(akvProvider.VerifyColumnMasterKeyMetadata(_fixture.GeneratedKeyUri, true, signature));
Assert.Equal(1, GetCacheCount(signatureVerificationResultCacheName, akvProvider));

Assert.True(akvProvider.VerifyColumnMasterKeyMetadata(DataTestUtility.AKVUrl, true, signature2));
Assert.True(akvProvider.VerifyColumnMasterKeyMetadata(_fixture.GeneratedKeyUri, true, signature2));
Assert.Equal(1, GetCacheCount(signatureVerificationResultCacheName, akvProvider));

Assert.True(akvProvider.VerifyColumnMasterKeyMetadata(DataTestUtility.AKVUrl, false, signatureWithoutEnclave));
Assert.True(akvProvider.VerifyColumnMasterKeyMetadata(_fixture.GeneratedKeyUri, false, signatureWithoutEnclave));
Assert.Equal(2, GetCacheCount(signatureVerificationResultCacheName, akvProvider));

ValidateAKVTraces(AKVListener.EventData, activityId);
}

[ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsAKVSetupAvailable))]
public static void CekCacheEntryIsEvictedAfterTtlExpires()
public void CekCacheEntryIsEvictedAfterTtlExpires()
{
Guid activityId = Trace.CorrelationManager.ActivityId = Guid.NewGuid();
using DataTestUtility.AKVEventListener AKVListener = new();

SqlColumnEncryptionAzureKeyVaultProvider akvProvider = new(new SqlClientCustomTokenCredential());
akvProvider.ColumnEncryptionKeyCacheTtl = TimeSpan.FromSeconds(5);
byte[] plaintextKey = { 1, 2, 3 };
byte[] encryptedKey = akvProvider.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", plaintextKey);
byte[] encryptedKey = akvProvider.EncryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", plaintextKey);

akvProvider.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", encryptedKey);
akvProvider.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", encryptedKey);
Assert.True(CekCacheContainsKey(encryptedKey, akvProvider));
Assert.Equal(1, GetCacheCount(cekCacheName, akvProvider));

Expand All @@ -242,7 +249,7 @@ public static void CekCacheEntryIsEvictedAfterTtlExpires()
}

[ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsAKVSetupAvailable))]
public static void CekCacheShouldBeDisabledWhenCustomProviderIsRegisteredGlobally()
public void CekCacheShouldBeDisabledWhenCustomProviderIsRegisteredGlobally()
{
if (SQLSetupStrategyAzureKeyVault.IsAKVProviderRegistered)
{
Expand All @@ -255,9 +262,9 @@ public static void CekCacheShouldBeDisabledWhenCustomProviderIsRegisteredGloball
SqlColumnEncryptionAzureKeyVaultProvider akvProviderInGlobalCache =
globalProviders["AZURE_KEY_VAULT"] as SqlColumnEncryptionAzureKeyVaultProvider;
byte[] plaintextKey = { 1, 2, 3 };
byte[] encryptedKey = akvProviderInGlobalCache.EncryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", plaintextKey);
byte[] encryptedKey = akvProviderInGlobalCache.EncryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", plaintextKey);

akvProviderInGlobalCache.DecryptColumnEncryptionKey(DataTestUtility.AKVUrl, "RSA_OAEP", encryptedKey);
akvProviderInGlobalCache.DecryptColumnEncryptionKey(_fixture.GeneratedKeyUri, "RSA_OAEP", encryptedKey);
Assert.Equal(0, GetCacheCount(cekCacheName, akvProviderInGlobalCache));
}
}
Expand Down
29 changes: 15 additions & 14 deletions src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted/ConversionTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,12 @@
using System.Security.Cryptography.X509Certificates;
using Xunit;
using Microsoft.Data.SqlClient.ManualTesting.Tests.AlwaysEncrypted.Setup;
using Microsoft.Data.SqlClient.TestUtilities.Fixtures;

namespace Microsoft.Data.SqlClient.ManualTesting.Tests.AlwaysEncrypted
{
[PlatformSpecific(TestPlatforms.Windows)]
public sealed class ConversionTests : IDisposable
public sealed class ConversionTests : IDisposable, IClassFixture<ColumnMasterKeyCertificateFixture>
{

private const string IdentityColumnName = "IdentityColumn";
Expand All @@ -29,8 +30,6 @@ public sealed class ConversionTests : IDisposable
private const decimal SmallMoneyMinValue = -214748.3648M;
private const int MaxLength = 10000;
private int NumberOfRows = DataTestUtility.EnclaveEnabled ? 10 : 100;
private static X509Certificate2 certificate;
private ColumnMasterKey columnMasterKey;
private ColumnEncryptionKey columnEncryptionKey;
private SqlColumnEncryptionCertificateStoreProvider certStoreProvider = new SqlColumnEncryptionCertificateStoreProvider();
private List<DbObject> _databaseObjects = new List<DbObject>();
Expand All @@ -54,18 +53,20 @@ public ColumnMetaData(SqlDbType columnType, int columnSize, int precision, int s
public bool UseMax { get; set; }
}

public ConversionTests()
public ConversionTests(ColumnMasterKeyCertificateFixture fixture)
{
if (certificate == null)
{
certificate = CertificateUtility.CreateCertificate();
}
columnMasterKey = new CspColumnMasterKey(DatabaseHelper.GenerateUniqueName("CMK"), certificate.Thumbprint, certStoreProvider, DataTestUtility.EnclaveEnabled);
_databaseObjects.Add(columnMasterKey);

columnEncryptionKey = new ColumnEncryptionKey(DatabaseHelper.GenerateUniqueName("CEK"),
columnMasterKey,
certStoreProvider);
X509Certificate2 certificate = fixture.ColumnMasterKeyCertificate;
ColumnMasterKey columnMasterKey1 = new CspColumnMasterKey(
DatabaseHelper.GenerateUniqueName("CMK"),
certificate.Thumbprint,
certStoreProvider,
DataTestUtility.EnclaveEnabled);
_databaseObjects.Add(columnMasterKey1);

columnEncryptionKey = new ColumnEncryptionKey(
DatabaseHelper.GenerateUniqueName("CEK"),
columnMasterKey1,
certStoreProvider);
_databaseObjects.Add(columnEncryptionKey);

foreach (string connectionStr in DataTestUtility.AEConnStringsSetup)
Expand Down
Loading
Loading