use of com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionAzureKeyVaultProvider in project mssql-jdbc by Microsoft.
the class JDBCEncryptionDecryptionTest method testAkvBadEncryptColumnEncryptionKey.
/*
* Test bad encryptColumnEncryptionKey for AKV
*/
@ParameterizedTest
@MethodSource("enclaveParams")
@Tag(Constants.reqExternalSetup)
public void testAkvBadEncryptColumnEncryptionKey(String serverName, String url, String protocol) throws Exception {
setAEConnectionString(serverName, url, protocol);
SQLServerColumnEncryptionAzureKeyVaultProvider akv = null;
akv = new SQLServerColumnEncryptionAzureKeyVaultProvider(applicationClientID, applicationKey);
// null encryptedColumnEncryptionKey
try {
akv.encryptColumnEncryptionKey(keyIDs[0], Constants.CEK_ALGORITHM, null);
fail(TestResource.getResource("R_expectedExceptionNotThrown"));
} catch (SQLServerException e) {
assertTrue(e.getMessage().matches(TestUtils.formatErrorMsg("R_NullColumnEncryptionKey")));
}
// empty encryptedColumnEncryptionKey
try {
byte[] emptyCek = new byte[0];
akv.encryptColumnEncryptionKey(keyIDs[0], Constants.CEK_ALGORITHM, emptyCek);
fail(TestResource.getResource("R_expectedExceptionNotThrown"));
} catch (SQLServerException e) {
assertTrue(e.getMessage().matches(TestUtils.formatErrorMsg("R_EmptyCEK")));
}
}
use of com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionAzureKeyVaultProvider in project mssql-jdbc by Microsoft.
the class JDBCEncryptionDecryptionTest method testAkvBadEncryptColumnEncryptionKeyWithAuthCallback.
@ParameterizedTest
@MethodSource("enclaveParams")
@Tag(Constants.reqExternalSetup)
public void testAkvBadEncryptColumnEncryptionKeyWithAuthCallback(String serverName, String url, String protocol) throws Exception {
setAEConnectionString(serverName, url, protocol);
SQLServerColumnEncryptionAzureKeyVaultProvider akv = null;
try {
akv = new SQLServerColumnEncryptionAzureKeyVaultProvider(authenticationCallback);
} catch (SQLServerException e) {
fail(TestResource.getResource("R_unexpectedException") + e.getMessage());
}
// null encryptedColumnEncryptionKey
try {
akv.encryptColumnEncryptionKey(keyIDs[0], Constants.CEK_ALGORITHM, null);
fail(TestResource.getResource("R_expectedExceptionNotThrown"));
} catch (SQLServerException e) {
assertTrue(e.getMessage().matches(TestUtils.formatErrorMsg("R_NullColumnEncryptionKey")));
}
// empty encryptedColumnEncryptionKey
try {
byte[] emptyCek = new byte[0];
akv.encryptColumnEncryptionKey(keyIDs[0], Constants.CEK_ALGORITHM, emptyCek);
fail(TestResource.getResource("R_expectedExceptionNotThrown"));
} catch (SQLServerException e) {
assertTrue(e.getMessage().matches(TestUtils.formatErrorMsg("R_EmptyCEK")));
}
}
use of com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionAzureKeyVaultProvider in project mssql-jdbc by Microsoft.
the class JDBCEncryptionDecryptionTest method testAkvNameWithAuthCallback.
@ParameterizedTest
@MethodSource("enclaveParams")
@Tag(Constants.reqExternalSetup)
public void testAkvNameWithAuthCallback(String serverName, String url, String protocol) throws Exception {
setAEConnectionString(serverName, url, protocol);
try {
SQLServerColumnEncryptionAzureKeyVaultProvider akv = new SQLServerColumnEncryptionAzureKeyVaultProvider(authenticationCallback);
String keystoreName = "keystoreName";
akv.setName(keystoreName);
assertTrue(akv.getName().equals(keystoreName));
} catch (SQLServerException e) {
fail(TestResource.getResource("R_unexpectedException") + e.getMessage());
}
}
use of com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionAzureKeyVaultProvider in project mssql-jdbc by Microsoft.
the class AbstractTest method setup.
/**
* This will take care of all initialization before running the Test Suite.
*
* @throws Exception
* when an error occurs
*/
@BeforeAll
public static void setup() throws Exception {
// Invoke fine logging...
invokeLogging();
// get Properties from config file
try (InputStream input = new FileInputStream(Constants.CONFIG_PROPERTIES_FILE)) {
configProperties = new Properties();
configProperties.load(input);
} catch (FileNotFoundException | SecurityException e) {
// no config file used
}
connectionString = getConfiguredPropertyOrEnv(Constants.MSSQL_JDBC_TEST_CONNECTION_PROPERTIES);
connectionStringNTLM = connectionString;
applicationClientID = getConfiguredProperty("applicationClientID");
applicationKey = getConfiguredProperty("applicationKey");
tenantID = getConfiguredProperty("tenantID");
javaKeyPath = TestUtils.getCurrentClassPath() + Constants.JKS_NAME;
keyIDs = getConfiguredProperty("keyID", "").split(Constants.SEMI_COLON);
windowsKeyPath = getConfiguredProperty("windowsKeyPath");
String prop;
prop = getConfiguredProperty("enclaveServer", null);
if (null == prop) {
// default to server in connection string
String serverName = (connectionString.substring(Constants.JDBC_PREFIX.length()).split(Constants.SEMI_COLON)[0]).split(":")[0];
enclaveServer = new String[1];
enclaveServer[0] = new String(serverName);
} else {
enclaveServer = prop.split(Constants.SEMI_COLON);
}
prop = getConfiguredProperty("enclaveAttestationUrl", null);
enclaveAttestationUrl = null != prop ? prop.split(Constants.SEMI_COLON) : null;
prop = getConfiguredProperty("enclaveAttestationProtocol", null);
enclaveAttestationProtocol = null != prop ? prop.split(Constants.SEMI_COLON) : null;
clientCertificate = getConfiguredProperty("clientCertificate", null);
clientKey = getConfiguredProperty("clientKey", null);
clientKeyPassword = getConfiguredProperty("clientKeyPassword", "");
trustStorePath = getConfiguredProperty("trustStore", "");
Map<String, SQLServerColumnEncryptionKeyStoreProvider> map = new HashMap<String, SQLServerColumnEncryptionKeyStoreProvider>();
if (null == jksProvider) {
jksProvider = new SQLServerColumnEncryptionJavaKeyStoreProvider(javaKeyPath, Constants.JKS_SECRET.toCharArray());
map.put(Constants.CUSTOM_KEYSTORE_NAME, jksProvider);
}
if (null == akvProvider && null != applicationClientID && null != applicationKey) {
File file = null;
try {
file = new File(Constants.MSSQL_JDBC_PROPERTIES);
try (OutputStream os = new FileOutputStream(file)) {
Properties props = new Properties();
// Append to the list of hardcoded endpoints.
props.setProperty(Constants.AKV_TRUSTED_ENDPOINTS_KEYWORD, ";vault.azure.net");
props.store(os, "");
}
akvProvider = new SQLServerColumnEncryptionAzureKeyVaultProvider(applicationClientID, applicationKey);
map.put(Constants.AZURE_KEY_VAULT_NAME, akvProvider);
} finally {
if (null != file) {
file.delete();
}
}
}
if (!isKspRegistered) {
SQLServerConnection.registerColumnEncryptionKeyStoreProviders(map);
isKspRegistered = true;
}
// if these properties are defined then NTLM is desired, modify connection string accordingly
String domain = getConfiguredProperty("domainNTLM");
String user = getConfiguredProperty("userNTLM");
String password = getConfiguredProperty("passwordNTLM");
if (null != domain) {
connectionStringNTLM = TestUtils.addOrOverrideProperty(connectionStringNTLM, "domain", domain);
}
if (null != user) {
connectionStringNTLM = TestUtils.addOrOverrideProperty(connectionStringNTLM, "user", user);
}
if (null != password) {
connectionStringNTLM = TestUtils.addOrOverrideProperty(connectionStringNTLM, "password", password);
}
if (null != user && null != password) {
connectionStringNTLM = TestUtils.addOrOverrideProperty(connectionStringNTLM, "authenticationScheme", "NTLM");
connectionStringNTLM = TestUtils.addOrOverrideProperty(connectionStringNTLM, "integratedSecurity", "true");
}
// MSI properties
msiClientId = getConfiguredProperty("msiClientId");
keyStorePrincipalId = getConfiguredProperty("keyStorePrincipalId");
keyStoreSecret = getConfiguredProperty("keyStoreSecret");
ds = updateDataSource(connectionString, new SQLServerDataSource());
dsXA = updateDataSource(connectionString, new SQLServerXADataSource());
dsPool = updateDataSource(connectionString, new SQLServerConnectionPoolDataSource());
try {
Assertions.assertNotNull(connectionString, TestResource.getResource("R_ConnectionStringNull"));
Class.forName(Constants.MSSQL_JDBC_PACKAGE + ".SQLServerDriver");
if (!SQLServerDriver.isRegistered()) {
SQLServerDriver.register();
}
if (null == connection || connection.isClosed()) {
connection = getConnection();
}
isSqlAzureOrAzureDW(connection);
checkSqlOS(connection);
} catch (Exception e) {
throw e;
}
}
use of com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionAzureKeyVaultProvider in project mssql-jdbc by microsoft.
the class JDBCEncryptionDecryptionTest method testAkvNameWithAuthCallback.
@ParameterizedTest
@MethodSource("enclaveParams")
@Tag(Constants.reqExternalSetup)
public void testAkvNameWithAuthCallback(String serverName, String url, String protocol) throws Exception {
setAEConnectionString(serverName, url, protocol);
try {
SQLServerColumnEncryptionAzureKeyVaultProvider akv = new SQLServerColumnEncryptionAzureKeyVaultProvider(authenticationCallback);
String keystoreName = "keystoreName";
akv.setName(keystoreName);
assertTrue(akv.getName().equals(keystoreName));
} catch (SQLServerException e) {
fail(TestResource.getResource("R_unexpectedException") + e.getMessage());
}
}
Aggregations