public void SignInvalidAKVPath(string masterKeyPath) { Exception ex = Assert.Throws <ArgumentException>(() => { SqlColumnEncryptionAzureKeyVaultProvider azureKeyProvider = new SqlColumnEncryptionAzureKeyVaultProvider( new SqlClientCustomTokenCredential()); azureKeyProvider.SignColumnMasterKeyMetadata(masterKeyPath, false); }); if (masterKeyPath == null) { Assert.Matches("Internal error. Azure Key Vault key path cannot be null.", ex.Message); } else { Assert.Matches("Invalid Azure Key Vault key path specified", ex.Message); } }
private static void createCMK(SqlConnection sqlConnection, string cmkName, SqlColumnEncryptionAzureKeyVaultProvider sqlColumnEncryptionAzureKeyVaultProvider) { string KeyStoreProviderName = SqlColumnEncryptionAzureKeyVaultProvider.ProviderName; byte[] cmkSign = sqlColumnEncryptionAzureKeyVaultProvider.SignColumnMasterKeyMetadata(s_akvUrl, true); string cmkSignStr = string.Concat("0x", BitConverter.ToString(cmkSign).Replace("-", string.Empty)); string sql = $@"CREATE COLUMN MASTER KEY [{cmkName}] WITH ( KEY_STORE_PROVIDER_NAME = N'{KeyStoreProviderName}', KEY_PATH = N'{s_akvUrl}' );"; using (SqlCommand command = sqlConnection.CreateCommand()) { command.CommandText = sql; command.ExecuteNonQuery(); } }