internal byte[] GetSerializedAttestationParameters(SqlEnclaveAttestationParameters sqlEnclaveAttestationParameters, string enclaveType)
{
byte[] attestationProtocolBytes = null;
byte[] attestationProtocolInputLengthBytes = null;
byte[] clientDHPublicKeyLengthBytes = null;
int attestationProtocolInt = sqlEnclaveAttestationParameters.Protocol;
attestationProtocolBytes = GetUintBytes(enclaveType, attestationProtocolInt, "attestationProtocol");
if (attestationProtocolBytes == null)
{
throw SQL.NullArgumentInternal(nameof(attestationProtocolBytes), nameof(EnclaveDelegate), nameof(GetSerializedAttestationParameters));
}
byte[] attestationProtocolInputBytes = sqlEnclaveAttestationParameters.GetInput();
attestationProtocolInputLengthBytes = GetUintBytes(enclaveType, attestationProtocolInputBytes.Length, "attestationProtocolInputLength");
if (attestationProtocolInputLengthBytes == null)
{
throw SQL.NullArgumentInternal(nameof(attestationProtocolInputLengthBytes), nameof(EnclaveDelegate), nameof(GetSerializedAttestationParameters));
}
byte[] clientDHPublicKey = KeyConverter.GetECDiffieHellmanPublicKeyBlob(sqlEnclaveAttestationParameters.ClientDiffieHellmanKey);
clientDHPublicKeyLengthBytes = GetUintBytes(enclaveType, clientDHPublicKey.Length, "clientDHPublicKeyLength");
if (clientDHPublicKeyLengthBytes == null)
{
throw SQL.NullArgumentInternal(nameof(clientDHPublicKeyLengthBytes), nameof(EnclaveDelegate), nameof(GetSerializedAttestationParameters));
}
return(CombineByteArrays(attestationProtocolBytes, attestationProtocolInputLengthBytes, attestationProtocolInputBytes, clientDHPublicKeyLengthBytes, clientDHPublicKey));
}
/// <summary>
/// Create a new enclave session
/// </summary>
/// <param name="attestationProtocol">attestation protocol</param>
/// <param name="enclaveType">enclave type</param>
/// <param name="serverName">servername</param>
/// <param name="attestationUrl">attestation url for attestation service endpoint</param>
/// <param name="attestationInfo">attestation info from SQL Server</param>
/// <param name="attestationParameters">attestation parameters</param>
/// <param name="customData">A set of extra data needed for attestating the enclave.</param>
/// <param name="customDataLength">The length of the extra data needed for attestating the enclave.</param>
internal void CreateEnclaveSession(SqlConnectionAttestationProtocol attestationProtocol, string enclaveType, string serverName, string attestationUrl,
byte[] attestationInfo, SqlEnclaveAttestationParameters attestationParameters, byte[] customData, int customDataLength)
{
lock (_lock)
{
SqlColumnEncryptionEnclaveProvider sqlColumnEncryptionEnclaveProvider = GetEnclaveProvider(attestationProtocol, enclaveType);
long counter;
SqlEnclaveSession sqlEnclaveSession = null;
byte[] dummyCustomData = null;
int dummyCustomDataLength;
sqlColumnEncryptionEnclaveProvider.GetEnclaveSession(serverName, attestationUrl, false, out sqlEnclaveSession, out counter, out dummyCustomData, out dummyCustomDataLength);
if (sqlEnclaveSession != null)
{
return;
}
sqlColumnEncryptionEnclaveProvider.CreateEnclaveSession(attestationInfo, attestationParameters.ClientDiffieHellmanKey, attestationUrl, serverName, customData, customDataLength, out sqlEnclaveSession, out counter);
if (sqlEnclaveSession == null)
{
throw SQL.NullEnclaveSessionReturnedFromProvider(enclaveType, attestationUrl);
}
}
}
internal byte[] GetSerializedAttestationParameters(SqlEnclaveAttestationParameters sqlEnclaveAttestationParameters, string enclaveType)
{
byte[] attestationProtocolBytes = null;
byte[] attestationProtocolInputLengthBytes = null;
byte[] clientDHPublicKeyLengthBytes = null;
int attestationProtocolInt = sqlEnclaveAttestationParameters.Protocol;
// attestation protocol
attestationProtocolBytes = GetUintBytes(enclaveType, attestationProtocolInt, "attestationProtocol");
if (attestationProtocolBytes == null)
{
throw SQL.NullArgumentInternal("attestationProtocolBytes", ClassName, GetSerializedAttestationParametersName);
}
// attestationProtocolInput
byte[] attestationProtocolInputBytes = sqlEnclaveAttestationParameters.GetInput();
// attestationProtocolInput length
attestationProtocolInputLengthBytes = GetUintBytes(enclaveType, attestationProtocolInputBytes.Length, "attestationProtocolInputLength");
if (attestationProtocolInputLengthBytes == null)
{
throw SQL.NullArgumentInternal("attestationProtocolInputLengthBytes", ClassName, GetSerializedAttestationParametersName);
}
// clientDHPublicKey
byte[] clientDHPublicKey = KeyConverter.ECDHPublicKeyToECCKeyBlob(sqlEnclaveAttestationParameters.ClientDiffieHellmanKey.PublicKey);
// clientDHPublicKey length
clientDHPublicKeyLengthBytes = GetUintBytes(enclaveType, clientDHPublicKey.Length, "clientDHPublicKeyLength");
if (clientDHPublicKeyLengthBytes == null)
{
throw SQL.NullArgumentInternal("clientDHPublicKeyLengthBytes", ClassName, GetSerializedAttestationParametersName);
}
return(CombineByteArrays(new[] { attestationProtocolBytes, attestationProtocolInputLengthBytes,
attestationProtocolInputBytes, clientDHPublicKeyLengthBytes, clientDHPublicKey }));
}
/// <summary>
/// Create a new enclave session
/// </summary>
/// <param name="enclaveType">enclave type</param>
/// <param name="serverName">servername</param>
/// <param name="attestationUrl">attestation url for attestation service endpoint</param>
/// <param name="attestationInfo">attestation info from SQL Server</param>
/// <param name="attestationParameters">attestation parameters</param>
internal void CreateEnclaveSession(string enclaveType, string serverName, string attestationUrl,
byte[] attestationInfo, SqlEnclaveAttestationParameters attestationParameters)
{
lock (_lock) {
SqlColumnEncryptionEnclaveProvider sqlColumnEncryptionEnclaveProvider = GetEnclaveProvider(enclaveType);
long counter;
SqlEnclaveSession sqlEnclaveSession = null;
sqlColumnEncryptionEnclaveProvider.GetEnclaveSession(serverName, attestationUrl, out sqlEnclaveSession, out counter);
if (sqlEnclaveSession != null)
{
return;
}
sqlColumnEncryptionEnclaveProvider.CreateEnclaveSession(attestationInfo, attestationParameters.ClientDiffieHellmanKey, attestationUrl, serverName, out sqlEnclaveSession, out counter);
if (sqlEnclaveSession == null)
{
throw SQL.NullEnclaveSessionReturnedFromProvider(enclaveType, attestationUrl);
}
}
}
/// <summary>
/// Create a new enclave session
/// </summary>
/// <param name="attestationProtocol">attestation protocol</param>
/// <param name="enclaveType">enclave type</param>
/// <param name="enclaveSessionParameters">The set of parameters required for enclave session.</param>
/// <param name="attestationInfo">attestation info from SQL Server</param>
/// <param name="attestationParameters">attestation parameters</param>
/// <param name="customData">A set of extra data needed for attestating the enclave.</param>
/// <param name="customDataLength">The length of the extra data needed for attestating the enclave.</param>
internal void CreateEnclaveSession(SqlConnectionAttestationProtocol attestationProtocol, string enclaveType, EnclaveSessionParameters enclaveSessionParameters,
byte[] attestationInfo, SqlEnclaveAttestationParameters attestationParameters, byte[] customData, int customDataLength)
{
lock (_lock)
{
SqlColumnEncryptionEnclaveProvider sqlColumnEncryptionEnclaveProvider = GetEnclaveProvider(attestationProtocol, enclaveType);
sqlColumnEncryptionEnclaveProvider.GetEnclaveSession(
enclaveSessionParameters,
generateCustomData: false,
sqlEnclaveSession: out SqlEnclaveSession sqlEnclaveSession,
counter: out _,
customData: out _,
customDataLength: out _
);
if (sqlEnclaveSession != null)
{
return;
}
sqlColumnEncryptionEnclaveProvider.CreateEnclaveSession(
attestationInfo,
attestationParameters.ClientDiffieHellmanKey,
enclaveSessionParameters,
customData,
customDataLength,
out sqlEnclaveSession,
counter: out _
);
if (sqlEnclaveSession == null)
{
throw SQL.NullEnclaveSessionReturnedFromProvider(enclaveType, enclaveSessionParameters.AttestationUrl);
}
}
}
/// <summary>
/// Create a new enclave session
/// </summary>
/// <param name="attestationProtocol">attestation protocol</param>
/// <param name="enclaveType">enclave type</param>
/// <param name="enclaveSessionParameters">The set of parameters required for enclave session.</param>
/// <param name="attestationInfo">attestation info from SQL Server</param>
/// <param name="attestationParameters">attestation parameters</param>
/// <param name="customData">A set of extra data needed for attestating the enclave.</param>
/// <param name="customDataLength">The length of the extra data needed for attestating the enclave.</param>
internal void CreateEnclaveSession(SqlConnectionAttestationProtocol attestationProtocol, string enclaveType, EnclaveSessionParameters enclaveSessionParameters,
byte[] attestationInfo, SqlEnclaveAttestationParameters attestationParameters, byte[] customData, int customDataLength)
{
throw new PlatformNotSupportedException();
}
internal byte[] GetSerializedAttestationParameters(
SqlEnclaveAttestationParameters sqlEnclaveAttestationParameters, string enclaveType)
{
throw new PlatformNotSupportedException();
}
/// <summary>
/// Create a new enclave session
/// </summary>
/// <param name="enclaveType">enclave type</param>
/// <param name="serverName">servername</param>
/// <param name="attestationUrl">attestation url for attestation service endpoint</param>
/// <param name="attestationInfo">attestation info from SQL Server</param>
/// <param name="attestationParameters">attestation parameters</param>
internal void CreateEnclaveSession(string enclaveType, string serverName, string attestationUrl,
byte[] attestationInfo, SqlEnclaveAttestationParameters attestationParameters)
{
throw new PlatformNotSupportedException();
}
