Skip to content

Commit

Permalink
AKV Provider | Add new HSM endpoints
Browse files Browse the repository at this point in the history
  • Loading branch information
@cheenamalhotra
cheenamalhotra committed Oct 7, 2020
1 parent 6a9e4f1 commit aa7f7b5
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 4 deletions.
9 changes: 6 additions & 3 deletions src/Microsoft.Data.SqlClient/add-ons/AzureKeyVaultProvider/Constants.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,12 @@ internal static class Constants
@"vault.azure.net", // default
@"vault.azure.cn", // Azure China
@"vault.usgovcloudapi.net", // US Government
@"vault.microsoftazure.de" // Azure Germany
};
@"vault.microsoftazure.de", // Azure Germany
@"managedhsm.azure.net", // public HSM vault
@"managedhsm.azure.cn", // Azure China HSM vault
@"managedhsm.usgovcloudapi.net", // US Government HSM vault
@"managedhsm.microsoftazure.de" // Azure Germany HSM vault
};

/// <summary>
/// Always Encrypted Param names for exec handling
Expand All @@ -34,6 +38,5 @@ internal static class Constants
internal const string AeParamEncryptionAlgorithm = "encryptionAlgorithm";
internal const string AeParamMasterKeyPath = "masterKeyPath";
internal const string AeParamEncryptedCek = "encryptedColumnEncryptionKey";

}
}
2 changes: 1 addition & 1 deletion src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted/ExceptionTestAKVStore.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,7 @@ public void NullAKVKeyPath()
public void InvalidCertificatePath()
{
string dummyPath = @"https://www.microsoft.com";
string errorMessage = $@"Invalid Azure Key Vault key path specified: '{dummyPath}'. Valid trusted endpoints: vault.azure.net, vault.azure.cn, vault.usgovcloudapi.net, vault.microsoftazure.de.\s+\(?Parameter (name: )?'?masterKeyPath('\))?";
string errorMessage = $@"Invalid Azure Key Vault key path specified: '{dummyPath}'. Valid trusted endpoints: vault.azure.net, vault.azure.cn, vault.usgovcloudapi.net, vault.microsoftazure.de, managedhsm.azure.net, managedhsm.azure.cn, managedhsm.usgovcloudapi.net, managedhsm.microsoftazure.de.\s+\(?Parameter (name: )?'?masterKeyPath('\))?";

Exception ex1 = Assert.Throws<ArgumentException>(() => fixture.AkvStoreProvider.EncryptColumnEncryptionKey(dummyPath, MasterKeyEncAlgo, cek));
Assert.Matches(errorMessage, ex1.Message);
Expand Down

0 comments on commit aa7f7b5

Please sign in to comment.