Skip to content

Fix AKV keyword test for AE v2 behaviour #1061

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 10 commits into from
Nov 25, 2019
Merged

Fix AKV keyword test for AE v2 behaviour #1061

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
cdc107b
Master (#936)
david-puglielli Feb 22, 2019
3ba2693
5.6.1 hotfix (#959)
yitam Mar 19, 2019
5dabd47
Updated links and versions (#987)
yitam May 9, 2019
cc844fd
5.7.0-preview
david-puglielli Sep 5, 2019
fd700a8
Merge remote-tracking branch 'upstream/dev' into dev
david-puglielli Nov 7, 2019
2b7a16c
Merge remote-tracking branch 'upstream/dev' into dev
david-puglielli Nov 23, 2019
160a690
Fixed AKV keyword tests for AE v2
david-puglielli Nov 23, 2019
53c6d91
Added comment
david-puglielli Nov 25, 2019
871617c
Free proc cache before starting test
david-puglielli Nov 25, 2019
ff90b3f
Fixed comment
david-puglielli Nov 25, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 25 additions & 2 deletions test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_keywords.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,24 @@ $dataTypes = array("char(".SHORT_STRSIZE.")", "varchar(".SHORT_STRSIZE.")", "nva

$tableName = "akv_comparison_table";

// First determine if the server is AE v2 enabled
$isEnclaveEnabled = false;
$connectionOptions = "sqlsrv:Server=$server;Database=$databaseName";

$conn = new PDO($connectionOptions, $uid, $pwd);
if (!$conn) {
fatalError("Initial connection failed\n");
} else {
$query = "SELECT [name], [value], [value_in_use] FROM sys.configurations WHERE [name] = 'column encryption enclave type';";
$stmt = $conn->query($query);
$info = $stmt->fetch();
if ($info['value'] == 1 and $info['value_in_use'] == 1) {
$isEnclaveEnabled = true;
}
}

unset($conn);

// Test every combination of the keywords above.
// Leave out good credentials to ensure that caching does not influence the
// results. The cache timeout can only be changed with SQLSetConnectAttr, so
Expand Down Expand Up @@ -117,8 +135,11 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
unset($stmt);
} else {
// The INSERT query succeeded with bad credentials, which
// should only happen when encryption is not enabled.
if (isColEncrypted()) {
// should only happen when 1. encryption is not enabled or
// 2. when ColumnEncryption is set to something other than
// enabled or disabled (i.e. $1 == 2), and the server is
// not enclave-enabled
if (!(!isColEncrypted() or ($i == 2 and !$isEnclaveEnabled))) {
fatalError("Successful insertion with bad credentials\n");
}
}
Expand All @@ -135,6 +156,7 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
$errors,
array('CE258', '0'),
array('CE275', '0'),
array('CE400', '0'),
array('IMSSP', '-85'),
array('IMSSP', '-86'),
array('IMSSP', '-87'),
Expand All @@ -147,6 +169,7 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
$errors,
array('CE258', '0'),
array('CE275', '0'),
array('CE400', '0'),
array('IMSSP', '-85'),
array('IMSSP', '-86'),
array('IMSSP', '-87'),
Expand Down
32 changes: 29 additions & 3 deletions test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_keywords.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,28 @@ $dataTypes = array("char(".SHORT_STRSIZE.")", "varchar(".SHORT_STRSIZE.")", "nva

$tableName = "akv_comparison_table";

// First determine if the server is AE v2 enabled
$isEnclaveEnabled = false;
$connectionOptions = array("CharacterSet"=>"UTF-8",
"database"=>$databaseName,
"uid"=>$uid,
"pwd"=>$pwd,
"ConnectionPooling"=>0);

$conn = sqlsrv_connect($server, $connectionOptions);
if (!$conn) {
fatalError("Initial connection failed\n");
} else {
$query = "SELECT [name], [value], [value_in_use] FROM sys.configurations WHERE [name] = 'column encryption enclave type';";
$stmt = sqlsrv_query($conn, $query);
$info = sqlsrv_fetch_array($stmt);
if ($info['value'] == 1 and $info['value_in_use'] == 1) {
$isEnclaveEnabled = true;
}
}

unset($conn);

// Test every combination of the keywords above.
// Leave out good credentials to ensure that caching does not influence the
// results. The cache timeout can only be changed with SQLSetConnectAttr, so
Expand Down Expand Up @@ -96,7 +118,8 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
array('IMSSP','-110'),
array('IMSSP','-111'),
array('IMSSP','-112'),
array('IMSSP','-113')
array('IMSSP','-113'),
array('CE400','0')
);
} else {
$columns = array();
Expand Down Expand Up @@ -148,8 +171,11 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
sqlsrv_free_stmt($stmt);
} else {
// The INSERT query succeeded with bad credentials, which
// should only happen when encryption is not enabled.
if (AE\isDataEncrypted()) {
// should only happen when 1. encryption is not enabled or
// 2. when ColumnEncryption is set to something other than
// enabled or disabled (i.e. $1 == 2), and the server is
// not enclave-enabled
if (!(!AE\isDataEncrypted() or ($i == 2 and !$isEnclaveEnabled))) {
fatalError("Successful insertion with bad credentials\n");
}
}
Expand Down