more database setup
This commit is contained in:
parent
82e3d61d12
commit
6b4be0c13e
|
@ -26,11 +26,11 @@ $database = $MySQL.Databases[$databaseName]
|
|||
$cmkSettings = New-SqlCertificateStoreColumnMasterKeySettings -CertificateStoreLocation "CurrentUser" -Thumbprint $cert1.Thumbprint
|
||||
|
||||
# Create column master key metadata in the database.
|
||||
$cmkName = "CMK2"
|
||||
$cmkName = "CMK1"
|
||||
New-SqlColumnMasterKey -Name $cmkName -InputObject $database -ColumnMasterKeySettings $cmkSettings
|
||||
|
||||
# Generate a column encryption key, encrypt it with the column master key and create column encryption key metadata in the database.
|
||||
$cekName = "CEK2"
|
||||
$cekName = "CEK1"
|
||||
New-SqlColumnEncryptionKey -Name $cekName -InputObject $database -ColumnMasterKey $cmkName
|
||||
|
||||
# Disconnect
|
||||
|
|
|
@ -66,9 +66,11 @@ def is_ae_qualified( server, uid, pwd ):
|
|||
return false
|
||||
return true;
|
||||
|
||||
def setupAETestDatabase( server, dbname, uid, pwd):
|
||||
def setupAE( server, dbname, uid, pwd):
|
||||
if platform.system() == 'Windows':
|
||||
inst_command = 'powershell -executionPolicy Unrestricted certificate.ps1 ' + server + ' ' + dbname + ' ' + uid + ' ' + pwd
|
||||
dir_name = os.path.realpath(__file__)
|
||||
cert_name = os.path.join(dir_name, "certificate.ps1")
|
||||
inst_command = 'powershell -executionPolicy Unrestricted -file ' + cert_name + ' ' + server + ' ' + dbname + ' ' + uid + ' ' + pwd
|
||||
executeCommmand(inst_command)
|
||||
|
||||
if __name__ == '__main__':
|
||||
|
@ -101,7 +103,7 @@ if __name__ == '__main__':
|
|||
setupTestDatabase(conn_options, args.DBNAME, args.AZURE)
|
||||
# populate these tables
|
||||
populateTables(conn_options, args.DBNAME)
|
||||
|
||||
# setup AE (certificate, column master key and column encryption key)
|
||||
if is_ae_qualified( server, uid, pwd ):
|
||||
setupAE(server, args.DBNAME, uid, pwd)
|
||||
|
||||
|
|
|
@ -52,4 +52,37 @@ $varbinarymax_params = array('max indicates that the maximum storage size is 2^3
|
|||
'This can create an implicit limit to the number of non-null varchar(max) or nvarchar(max) columns that can be created in a table.',
|
||||
'No special error is provided when the table is created (beyond the usual warning that the maximum row size exceeds the allowed maximum of 8060 bytes) or at the time of data insertion.', 'This large row size can cause errors (such as error 512) during some normal operations, such as a clustered index key update, or sorts of the full column set, which users cannot anticipate until performing an operation.');
|
||||
|
||||
// this function creates a table that contain columns of $dataTypes and all encryption types
|
||||
// for example, if $dataTyptes = array("bigint", "int"), then the table created has 6 columns:
|
||||
// normbigint, detbigint, randbigint, normint, detint, randint
|
||||
// column names with prefix norm means it'll not be encrypted
|
||||
// column names with prefix det mean it'll be encrypted with deterministic encryption
|
||||
// column names with prefix rand mean it'll be encrypted with randomized encryption
|
||||
// return the column names in order in the table
|
||||
function CreateAETable($conn, $tableName, $dataTypes) {
|
||||
include 'MsCommon.inc';
|
||||
$encTypes = array("norm", "det", "rand");
|
||||
$dataTypes_str = "";
|
||||
$col_names = array();
|
||||
foreach ($dataTypes as $dataType){
|
||||
foreach ($encTypes as $encType) {
|
||||
$col_name = $encType . $dataType;
|
||||
$dataTypes_str = $dataTypes_str . "[" . $col_name . "] " . $dataType . ", ";
|
||||
array_push($col_names, $col_name);
|
||||
}
|
||||
}
|
||||
$dataTypes_str = rtrim($dataTypes_str, ", ");
|
||||
CreateTableEx( $conn, $tbname, $dataTypes_str);
|
||||
return $col_names;
|
||||
}
|
||||
|
||||
function EncryptColumns($col_names){
|
||||
include 'MsCommon.inc';
|
||||
$dir_name = realpath(dirname(__FILE__));
|
||||
$enc_name = $dir_name . DIRECTORY_SEPARATOR . "encrypttable.ps1";
|
||||
$col_name_str = implode(",", $col_names);
|
||||
$runCMD = "powershell -executionPolicy Unrestricted -file " . $enc_name . " " . $server . " " . $database . " " . $userName . " " . $userPassword . " " . $tbname . " " . $col_name_str;
|
||||
$retval = shell_exec($runCMD);
|
||||
}
|
||||
|
||||
?>
|
|
@ -15,6 +15,8 @@ Param(
|
|||
# Import the SqlServer module.
|
||||
Import-Module "SqlServer"
|
||||
|
||||
Write-Host $columnNames
|
||||
|
||||
#For SQL Server Authentication
|
||||
Add-Type -AssemblyName "Microsoft.SqlServer.Smo"
|
||||
$MySQL = new-object('Microsoft.SqlServer.Management.Smo.Server') $serverName
|
||||
|
|
|
@ -1,38 +0,0 @@
|
|||
<?php
|
||||
include 'MsCommon.inc';
|
||||
include 'AEData.inc';
|
||||
include 'MsSetup.inc';
|
||||
|
||||
try{
|
||||
$conn = Connect( array("ColumnEncryption"=>"Enabled"));
|
||||
|
||||
// create table
|
||||
$tbname = GetTempTableName("", false);
|
||||
$dataTypes = array("bigint", "int", "smallint");
|
||||
$encTypes = array("norm", "det", "rand");
|
||||
$dataTypes_str = "";
|
||||
$col_names = array();
|
||||
foreach ($dataType in $dataTypes){
|
||||
foreach ($encType in $encTypes) {
|
||||
$col_name = $encType + $dataType;
|
||||
$dataTypes_str = $dataTypes_str + "[" + $col_name + "] " + $dataTypes + ", ";
|
||||
array_push($col_names, $col_name);
|
||||
}
|
||||
}
|
||||
$dataTypes_str = rtrim($dataTypes_str, ", ");
|
||||
CreateTableEx( $conn, $tbname, $dataTypes_str);
|
||||
|
||||
// populate table
|
||||
$data_arr = array_merge( array_slice($bigint_params, 0, 3), array_slice($int_params, 0, 3), array_slice($smallint_params, 0, 3) );
|
||||
$data_str = implode(", ", $data_arr);
|
||||
sqlsrv_query( $conn, "INSERT INTO $tbname VALUES ( $data_str )");
|
||||
|
||||
// encrypt columns
|
||||
$col_name_str = implode($col_names);
|
||||
$runCMD = "powershell -executionPolicy Unrestricted encrypttable.ps1 " . $server . " " . $database . " " . $userName . " " . $userPassword . " " . $tbname . " " . $col_name_str;
|
||||
shell_exec($runCMD);
|
||||
|
||||
DropTable($conn, $tbname);
|
||||
sqlsrv_close($conn);
|
||||
}
|
||||
?>
|
73
test/functional/sqlsrv/sqlsrv_fetch_ae_int.phpt
Normal file
73
test/functional/sqlsrv/sqlsrv_fetch_ae_int.phpt
Normal file
|
@ -0,0 +1,73 @@
|
|||
--TEST--
|
||||
Test for fetching integer columns with column encryption
|
||||
--SKIPIF--
|
||||
--FILE--
|
||||
<?php
|
||||
include 'MsCommon.inc';
|
||||
include 'AEData.inc';
|
||||
include 'MsSetup.inc';
|
||||
|
||||
$conn = Connect(array("ColumnEncryption"=>"Enabled"));
|
||||
//$conn = Connect();
|
||||
|
||||
// create table
|
||||
$tbname = GetTempTableName("", false);
|
||||
$dataTypes = array("bigint", "int", "smallint");
|
||||
$encTypes = array("norm", "det", "rand");
|
||||
$dataTypes_str = "";
|
||||
$col_names = array();
|
||||
foreach ($dataTypes as $dataType){
|
||||
foreach ($encTypes as $encType) {
|
||||
$col_name = $encType . $dataType;
|
||||
$dataTypes_str = $dataTypes_str . "[" . $col_name . "] " . $dataType . ", ";
|
||||
array_push($col_names, $col_name);
|
||||
}
|
||||
}
|
||||
$dataTypes_str = rtrim($dataTypes_str, ", ");
|
||||
CreateTableEx( $conn, $tbname, $dataTypes_str);
|
||||
|
||||
// populate table
|
||||
$data_arr = array_merge( array_slice($bigint_params, 0, 3), array_slice($int_params, 0, 3), array_slice($smallint_params, 0, 3) );
|
||||
$data_str = implode(", ", $data_arr);
|
||||
sqlsrv_query( $conn, "INSERT INTO $tbname VALUES ( $data_str )");
|
||||
|
||||
// encrypt columns
|
||||
$dir_name = realpath(dirname(__FILE__));
|
||||
$enc_name = $dir_name . DIRECTORY_SEPARATOR . "encrypttable.ps1";
|
||||
$col_name_str = implode(",", $col_names);
|
||||
$runCMD = "powershell -executionPolicy Unrestricted -file " . $enc_name . " " . $server . " " . $database . " " . $userName . " " . $userPassword . " " . $tbname . " " . $col_name_str;
|
||||
$retval = shell_exec($runCMD);
|
||||
|
||||
//Fetch encrypted values with ColumnEncryption Enabled
|
||||
$sql = "SELECT * FROM $tbname";
|
||||
$stmt = sqlsrv_query($conn, $sql);
|
||||
$decrypted_row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_NUMERIC);
|
||||
|
||||
var_dump($decrypted_row);
|
||||
|
||||
DropTable($conn, $tbname);
|
||||
sqlsrv_free_stmt($stmt);
|
||||
sqlsrv_close($conn);
|
||||
|
||||
?>
|
||||
--EXPECT--
|
||||
array(9) {
|
||||
[0]=>
|
||||
string(10) "2147483648"
|
||||
[1]=>
|
||||
string(19) "-922337203685479936"
|
||||
[2]=>
|
||||
string(18) "922337203685479936"
|
||||
[3]=>
|
||||
int(32768)
|
||||
[4]=>
|
||||
int(-2147483647)
|
||||
[5]=>
|
||||
int(2147483647)
|
||||
[6]=>
|
||||
int(256)
|
||||
[7]=>
|
||||
int(-32767)
|
||||
[8]=>
|
||||
int(32767)
|
||||
}
|
Loading…
Reference in a new issue