Always Encrypted sporadically throwing errors related to secure enclaves

[fepettersen]

Describe the bug

First of all, I am not 100% sure that this is a bug, but since the behavior is not consistent I am reporting it as such.

I have a dotnet 6 web api that exposes some search functionality where a user can search an Azure Sql database encrypted with Always Encrypted. The database is enclave-enabled, but we are currently not using secure enclaves. The only encrypted columns we have exposed in this search use strict equality. We do use a sql like operator on a not-encrypted column and this is where I believe the problem to be. Users some times complain about the search just not returning anything, and when I check the logs I find multiple errors relating to secure enclaves. When the user refreshes the web page the error goes away.

Exception message: 
The statement requires a secure enclave, but the enclave is not available for the target database - see https://go.microsoft.com/fwlink/?linkid=2005337 for more details.
Stack trace:
Microsoft.Data.SqlClient.SqlException (0x80131904): The statement requires a secure enclave, but the enclave is not available for the target database - see https://go.microsoft.com/fwlink/?linkid=2005337 for more details.
   at Microsoft.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
   at Microsoft.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
   at Microsoft.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
   at Microsoft.Data.SqlClient.SqlDataReader.TryHasMoreRows(Boolean& moreRows)
   at Microsoft.Data.SqlClient.SqlDataReader.TryReadInternal(Boolean setTimeout, Boolean& more)
   at Microsoft.Data.SqlClient.SqlDataReader.ReadAsyncExecute(Task task, Object state)
   at Microsoft.Data.SqlClient.SqlDataReader.InvokeAsyncCall[T](AAsyncCallContext`1 context)
--- End of stack trace from previous location ---
   at Microsoft.EntityFrameworkCore.Query.Internal.BufferedDataReader.BufferedDataRecord.InitializeAsync(DbDataReader reader, IReadOnlyList`1 columns, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.BufferedDataReader.InitializeAsync(IReadOnlyList`1 columns, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.BufferedDataReader.InitializeAsync(IReadOnlyList`1 columns, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.InitializeReaderAsync(AsyncEnumerator enumerator, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.ExecutionStrategy.<>c__DisplayClass33_0`2.<<ExecuteAsync>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.EntityFrameworkCore.Storage.ExecutionStrategy.ExecuteImplementationAsync[TState,TResult](Func`4 operation, Func`4 verifySucceeded, TState state, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.ExecutionStrategy.ExecuteImplementationAsync[TState,TResult](Func`4 operation, Func`4 verifySucceeded, TState state, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.ExecutionStrategy.ExecuteAsync[TState,TResult](TState state, Func`4 operation, Func`4 verifySucceeded, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Query.Internal.SingleQueryingEnumerable`1.AsyncEnumerator.MoveNextAsync()
ClientConnectionId:4f8de770-8e60-43dc-856f-705e6aade9fb
Error Number:33545,State:3,Class:16
ClientConnectionId before routing:f8e60389-36b0-4b58-8fd4-b1781e1db2af
Routing Destination:d6457ef40b78.tr27815.westeurope1-a.worker.database.windows.net,11009

To reproduce

As this is a sporadic error I don't know what is needed to reproduce it. It might be related to #1422

Expected behavior

I expect the query not to fail with references to functionality I'm not using :)

Further technical details

Microsoft.Data.SqlClient version: 3.0.0 (referenced through Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider 3.0.0)
.NET target: net6.0
SQL Server version: Azure Sql database w/elastic service tier
Operating system: ...

Additional context
Add any other context about the problem here.

[ErikEJ]

Have you tried with an explicit reference to version 5.1.1 ?

[fepettersen]

I will give it a try and report back. Thank you for the response :)

[Kaur-Parminder]

@fepettersen fix for #1422 was made in 5.2.0-preview1. Error was occurring every 8 hours when session was expiring.