public void TokenCredentialWorks() { ColumnEncryptionAzureKeyVaultProvider akvProvider = new ColumnEncryptionAzureKeyVaultProvider(new ClientSecretCredential(TenantId, ClientId, ClientSecret)); byte[] encryptedCek = akvProvider.EncryptColumnEncryptionKey(MasterKeyPath, EncryptionAlgorithm, ColumnEncryptionKey); byte[] decryptedCek = akvProvider.DecryptColumnEncryptionKey(MasterKeyPath, EncryptionAlgorithm, encryptedCek); Assert.Equal(ColumnEncryptionKey, decryptedCek); }
public void BackwardCompatibilityWithAuthenticationCallbackWorks() { ColumnEncryptionAzureKeyVaultProvider akvProvider = new ColumnEncryptionAzureKeyVaultProvider(AzureActiveDirectoryAuthenticationCallback); byte[] encryptedCek = akvProvider.EncryptColumnEncryptionKey(MasterKeyPath, EncryptionAlgorithm, ColumnEncryptionKey); byte[] decryptedCek = akvProvider.DecryptColumnEncryptionKey(MasterKeyPath, EncryptionAlgorithm, encryptedCek); Assert.Equal(ColumnEncryptionKey, decryptedCek); }
public void IsCompatibleWithProviderUsingLegacyClient() { ColumnEncryptionAzureKeyVaultProvider newAkvProvider = new ColumnEncryptionAzureKeyVaultProvider(new ClientSecretCredential(TenantId, ClientId, ClientSecret)); SqlColumnEncryptionAzureKeyVaultProvider oldAkvProvider = new SqlColumnEncryptionAzureKeyVaultProvider(AzureActiveDirectoryAuthenticationCallback); byte[] encryptedCekWithNewProvider = newAkvProvider.EncryptColumnEncryptionKey(MasterKeyPath, EncryptionAlgorithm, ColumnEncryptionKey); byte[] decryptedCekWithOldProvider = oldAkvProvider.DecryptColumnEncryptionKey(MasterKeyPath, EncryptionAlgorithm, encryptedCekWithNewProvider); Assert.Equal(ColumnEncryptionKey, decryptedCekWithOldProvider); byte[] encryptedCekWithOldProvider = oldAkvProvider.EncryptColumnEncryptionKey(MasterKeyPath, EncryptionAlgorithm, ColumnEncryptionKey); byte[] decryptedCekWithNewProvider = newAkvProvider.DecryptColumnEncryptionKey(MasterKeyPath, EncryptionAlgorithm, encryptedCekWithOldProvider); Assert.Equal(ColumnEncryptionKey, decryptedCekWithNewProvider); }