From bd9d85b862c7c9d1999457543bdf82a52ff2f2ed Mon Sep 17 00:00:00 2001
From: David Puglielli <v-dapugl@microsoft.com>
Date: Fri, 25 May 2018 13:08:35 -0700
Subject: [PATCH] Refactored some akv tests, other small changes

---
 .../pdo_ae_azure_key_vault_client_secret.phpt |  42 ++++
 ...phpt => pdo_ae_azure_key_vault_common.php} | 216 ++++++++---------
 .../pdo_ae_azure_key_vault_keywords.phpt      |  32 +--
 ..._ae_azure_key_vault_username_password.phpt |  42 ++++
 ...o_ae_azure_key_vault_usernamepassword.phpt | 122 ----------
 test/functional/pdo_sqlsrv/values.php         |   6 +-
 ...lsrv_ae_azure_key_vault_client_secret.phpt |  45 ++++
 ...t => sqlsrv_ae_azure_key_vault_common.php} | 217 ++++++++----------
 .../sqlsrv_ae_azure_key_vault_keywords.phpt   |  33 +--
 ..._ae_azure_key_vault_username_password.phpt |  45 ++++
 ...v_ae_azure_key_vault_usernamepassword.phpt | 124 ----------
 test/functional/sqlsrv/values.php             |   6 +-
 12 files changed, 372 insertions(+), 558 deletions(-)
 create mode 100644 test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_client_secret.phpt
 rename test/functional/pdo_sqlsrv/{pdo_ae_azure_key_vault_clientsecret.phpt => pdo_ae_azure_key_vault_common.php} (66%)
 create mode 100644 test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_username_password.phpt
 delete mode 100644 test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_usernamepassword.phpt
 create mode 100644 test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_client_secret.phpt
 rename test/functional/sqlsrv/{sqlsrv_ae_azure_key_vault_clientsecret.phpt => sqlsrv_ae_azure_key_vault_common.php} (64%)
 create mode 100644 test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_username_password.phpt
 delete mode 100644 test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_usernamepassword.phpt

diff --git a/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_client_secret.phpt b/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_client_secret.phpt
new file mode 100644
index 00000000..bf26b4c0
--- /dev/null
+++ b/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_client_secret.phpt
@@ -0,0 +1,42 @@
+--TEST--
+Test client ID/secret credentials for Azure Key Vault for Always Encrypted.
+--SKIPIF--
+<?php require('skipif_mid-refactor.inc'); ?>
+--FILE--
+<?php
+require_once('pdo_ae_azure_key_vault_common.php');
+
+$strsize = 64;
+
+$dataTypes = array("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
+                    "decimal", "float", "real", "bigint", "int", "bit"
+                    );
+
+$connectionOptions = "sqlsrv:Server=$server;Database=$databaseName";
+
+$connectionOptions .= ";ColumnEncryption=enabled";
+$connectionOptions .= ";KeyStoreAuthentication=KeyVaultClientSecret";
+$connectionOptions .= ";KeyStorePrincipalId=".$AKVClientID;
+$connectionOptions .= ";KeyStoreSecret=".$AKVSecret;
+$connectionOptions .= ";";
+
+$tableName = "akv_comparison_table";
+
+// Connect to the AE-enabled database, insert the data, and verify
+try {
+    $conn = new PDO($connectionOptions, $uid, $pwd);
+    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+    insertDataAndVerify($conn, $tableName, $dataTypes, $small_values);
+
+    echo "Successful insertion and retrieval with client ID/secret.\n";
+
+    unset($conn);
+} catch (Exception $e) {
+    echo "Unexpected error.\n";
+    print_r($e->errorInfo);
+}
+
+?>
+--EXPECT--
+Successful insertion and retrieval with client ID/secret.
diff --git a/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_clientsecret.phpt b/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_common.php
similarity index 66%
rename from test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_clientsecret.phpt
rename to test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_common.php
index 876a166b..e0eb991e 100644
--- a/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_clientsecret.phpt
+++ b/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_common.php
@@ -1,122 +1,94 @@
---TEST--
-Test client ID/secret credentials for Azure Key Vault for Always Encrypted.
---SKIPIF--
-<?php require('skipif_mid-refactor.inc'); ?>
---FILE--
-<?php
-require_once("MsCommon_mid-refactor.inc");
-require_once("MsSetup.inc");
-require_once('values.php');
-
-// Set up the columns and build the insert query. Each data type has an
-// AE-encrypted and a non-encrypted column side by side in the table.
-function formulateSetupQuery($tableName, &$dataTypes, &$columns, &$insertQuery)
-{
-    $columns = array();
-    $queryTypes = "(";
-    $queryTypesAE = "(";
-    $valuesString = "VALUES (";
-    $numTypes = sizeof($dataTypes);
-
-    for ($i = 0; $i < $numTypes; ++$i) {
-        // Replace parentheses for column names
-        $colname = str_replace(array("(", ",", ")"), array("_", "_", ""), $dataTypes[$i]);
-        $columns[] = new ColumnMeta($dataTypes[$i], "c_".$colname."_AE", null, "deterministic", false);
-        $columns[] = new ColumnMeta($dataTypes[$i], "c_".$colname, null, "none", false);
-        $queryTypes .= "c_"."$colname, ";
-        $queryTypes .= "c_"."$colname"."_AE, ";
-        $valuesString .= "?, ?, ";
-    }
-
-    $queryTypes = substr($queryTypes, 0, -2).")";
-    $valuesString = substr($valuesString, 0, -2).")";
-
-    $insertQuery = "INSERT INTO $tableName ".$queryTypes." ".$valuesString;
-}
-
-$strsize = 64;
-
-$dataTypes = array("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
-                    "decimal", "float", "real", "bigint", "int", "bit"
-                    );
-
-$tableName = "akv_comparison_table";
-
-$connectionOptions = "sqlsrv:Server=$server;Database=$databaseName";
-
-$connectionOptions .= ";ColumnEncryption=enabled";
-$connectionOptions .= ";KeyStoreAuthentication=KeyVaultClientSecret";
-$connectionOptions .= ";KeyStorePrincipalId=".$AKVClientID;
-$connectionOptions .= ";KeyStoreSecret=".$AKVSecret;
-$connectionOptions .= ";";
-
-try {
-    // Connect to the AE-enabled database
-    $conn = new PDO($connectionOptions, $uid, $pwd);
-    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-
-    $columns = array();
-    $insertQuery = "";
-
-    // Generate the INSERT query
-    formulateSetupQuery($tableName, $dataTypes, $columns, $insertQuery);
-
-    createTable($conn, $tableName, $columns);
-
-    // Duplicate all values for insertion - one is encrypted, one is not
-    $testValues = array();
-    for ($n = 0; $n < sizeof($small_values); ++$n) {
-        $testValues[] = $small_values[$n];
-        $testValues[] = $small_values[$n];
-    }
-
-    // Prepare the INSERT query
-    // This is never expected to fail
-    $stmt = $conn->prepare($insertQuery);
-    if ($stmt == false) {
-        print_r($conn->errorInfo());
-        fatalError("sqlsrv_prepare failed\n");
-    }
-
-    // Execute the INSERT query
-    // This should not fail since our credentials are correct
-    if ($stmt->execute($testValues) == false) {
-        print_r($stmt->errorInfo());
-        fatalError("INSERT query execution failed with good credentials.\n");
-    } else {
-        // Get the data back and compare encrypted and non-encrypted versions
-        $selectQuery = "SELECT * FROM $tableName";
-
-        $stmt1 = $conn->query($selectQuery);
-
-        $data = $stmt1->fetchAll(PDO::FETCH_NUM);
-        $data = $data[0];
-
-        if (sizeof($data) != 2*sizeof($dataTypes)) {
-            fatalError("Incorrect number of fields returned.\n");
-        }
-
-        for ($n = 0; $n < sizeof($data); $n += 2) {
-            if ($data[$n] != $data[$n + 1]) {
-                echo "Failed on field $n: ".$data[$n]." ".$data[$n + 1]."\n";
-                fatalError("AE and non-AE values do not match.\n");
-            }
-        }
-
-        echo "Successful insertion and retrieval with client ID/secret.\n";
-
-        unset($stmt);
-        unset($stmt1);
-    }
-
-    // Free the statement and close the connection
-    unset($stmt);
-    unset($conn);
-} catch (Exception $e) {
-    echo "Unexpected error.\n";
-    print_r($e->errorInfo);
-}
-
-?>
---EXPECT--
-Successful insertion and retrieval with client ID/secret.
+<?php
+require_once("MsCommon_mid-refactor.inc");
+require_once("MsSetup.inc");
+require_once('values.php');
+
+// Set up the columns and build the insert query. Each data type has an
+// AE-encrypted and a non-encrypted column side by side in the table.
+// If column encryption is not set in MsSetup.inc, this function simply
+// creates two non-encrypted columns side-by-side for each type.
+function formulateSetupQuery($tableName, &$dataTypes, &$columns, &$insertQuery)
+{
+    $columns = array();
+    $queryTypes = "(";
+    $queryTypesAE = "(";
+    $valuesString = "VALUES (";
+    $numTypes = sizeof($dataTypes);
+
+    for ($i = 0; $i < $numTypes; ++$i) {
+        // Replace parentheses for column names
+        $colname = str_replace(array("(", ",", ")"), array("_", "_", ""), $dataTypes[$i]);
+        $columns[] = new ColumnMeta($dataTypes[$i], "c_".$colname."_AE", null, "deterministic", false);
+        $columns[] = new ColumnMeta($dataTypes[$i], "c_".$colname, null, "none", false);
+        $queryTypes .= "c_"."$colname, ";
+        $queryTypes .= "c_"."$colname"."_AE, ";
+        $valuesString .= "?, ?, ";
+    }
+
+    $queryTypes = substr($queryTypes, 0, -2).")";
+    $valuesString = substr($valuesString, 0, -2).")";
+
+    $insertQuery = "INSERT INTO $tableName ".$queryTypes." ".$valuesString;
+}
+
+// Create the table and insert the data, then retrieve it back and make
+// sure the encrypted and non-encrypted values are identical.
+function insertDataAndVerify($conn, $tableName, $dataTypes, $values)
+{
+    $columns = array();
+    $insertQuery = "";
+
+    // Generate the INSERT query
+    formulateSetupQuery($tableName, $dataTypes, $columns, $insertQuery);
+
+    createTable($conn, $tableName, $columns);
+
+    // Duplicate all values for insertion - one is encrypted, one is not
+    $testValues = array();
+    for ($n = 0; $n < sizeof($values); ++$n) {
+        $testValues[] = $values[$n];
+        $testValues[] = $values[$n];
+    }
+
+    // Prepare the INSERT query
+    // This is never expected to fail
+    $stmt = $conn->prepare($insertQuery);
+    if ($stmt == false) {
+        print_r($conn->errorInfo());
+        fatalError("sqlsrv_prepare failed\n");
+    }
+
+    // Execute the INSERT query
+    // This should not fail since our credentials are correct
+    if ($stmt->execute($testValues) == false) {
+        print_r($stmt->errorInfo());
+        fatalError("INSERT query execution failed with good credentials.\n");
+    } else {
+        // Get the data back and compare encrypted and non-encrypted versions
+        $selectQuery = "SELECT * FROM $tableName";
+
+        $stmt1 = $conn->query($selectQuery);
+
+        $data = $stmt1->fetchAll(PDO::FETCH_NUM);
+        $data = $data[0];
+
+        if (sizeof($data) != 2*sizeof($dataTypes)) {
+            fatalError("Incorrect number of fields returned.\n");
+        }
+
+        for ($n = 0; $n < sizeof($data); $n += 2) {
+            if ($data[$n] != $data[$n + 1]) {
+                echo "Failed on field $n: ".$data[$n]." ".$data[$n + 1]."\n";
+                fatalError("AE and non-AE values do not match.\n");
+            }
+        }
+
+
+        unset($stmt);
+        unset($stmt1);
+    }
+
+    // Drop the table
+    dropTable($conn, $tableName);
+}
+?>
diff --git a/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_keywords.phpt b/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_keywords.phpt
index 33adfce2..c28a0c61 100644
--- a/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_keywords.phpt
+++ b/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_keywords.phpt
@@ -4,9 +4,7 @@ Test connection keywords for Azure Key Vault for Always Encrypted.
 <?php require('skipif_mid-refactor.inc'); ?>
 --FILE--
 <?php
-require_once("MsCommon_mid-refactor.inc");
-require_once("MsSetup.inc");
-require_once('values.php');
+require_once('pdo_ae_azure_key_vault_common.php');
 
 // We will test the direct product (set of all possible combinations) of the following
 $columnEncryption = ['enabled', 'disabled', 'notvalid', ''];
@@ -35,34 +33,6 @@ function checkErrors($errors, ...$codes)
     }
 }
 
-// Set up the columns and build the insert query. Each data type has an
-// AE-encrypted and a non-encrypted column side by side in the table.
-// If column encryption is not set in MsSetup.inc, this function simply
-// creates two non-encrypted columns side-by-side for each type.
-function formulateSetupQuery($tableName, &$dataTypes, &$columns, &$insertQuery)
-{
-    $columns = array();
-    $queryTypes = "(";
-    $queryTypesAE = "(";
-    $valuesString = "VALUES (";
-    $numTypes = sizeof($dataTypes);
-
-    for ($i = 0; $i < $numTypes; ++$i) {
-        // Replace parentheses for column names
-        $colname = str_replace(array("(", ",", ")"), array("_", "_", ""), $dataTypes[$i]);
-        $columns[] = new ColumnMeta($dataTypes[$i], "c_".$colname."_AE", null, "deterministic", false);
-        $columns[] = new ColumnMeta($dataTypes[$i], "c_".$colname, null, "none", false);
-        $queryTypes .= "c_"."$colname, ";
-        $queryTypes .= "c_"."$colname"."_AE, ";
-        $valuesString .= "?, ?, ";
-    }
-
-    $queryTypes = substr($queryTypes, 0, -2).")";
-    $valuesString = substr($valuesString, 0, -2).")";
-
-    $insertQuery = "INSERT INTO $tableName ".$queryTypes." ".$valuesString;
-}
-
 $strsize = 64;
 
 $dataTypes = array("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
diff --git a/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_username_password.phpt b/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_username_password.phpt
new file mode 100644
index 00000000..fec42ffa
--- /dev/null
+++ b/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_username_password.phpt
@@ -0,0 +1,42 @@
+--TEST--
+Test username/password credentials for Azure Key Vault for Always Encrypted.
+--SKIPIF--
+<?php require('skipif_mid-refactor.inc'); ?>
+--FILE--
+<?php
+require_once('pdo_ae_azure_key_vault_common.php');
+
+$strsize = 64;
+
+$dataTypes = array("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
+                    "decimal", "float", "real", "bigint", "int", "bit"
+                    );
+
+$connectionOptions = "sqlsrv:Server=$server;Database=$databaseName";
+
+$connectionOptions .= ";ColumnEncryption=enabled";
+$connectionOptions .= ";KeyStoreAuthentication=KeyVaultPassword";
+$connectionOptions .= ";KeyStorePrincipalId=".$AKVPrincipalName;
+$connectionOptions .= ";KeyStoreSecret=".$AKVPassword;
+$connectionOptions .= ";";
+
+$tableName = "akv_comparison_table";
+
+// Connect to the AE-enabled database, insert the data, and verify
+try {
+    $conn = new PDO($connectionOptions, $uid, $pwd);
+    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+    insertDataAndVerify($conn, $tableName, $dataTypes, $small_values);
+
+    echo "Successful insertion and retrieval with username/password.\n";
+
+    unset($conn);
+} catch (Exception $e) {
+    echo "Unexpected error.\n";
+    print_r($e->errorInfo);
+}
+
+?>
+--EXPECT--
+Successful insertion and retrieval with username/password.
diff --git a/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_usernamepassword.phpt b/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_usernamepassword.phpt
deleted file mode 100644
index 85efe5a8..00000000
--- a/test/functional/pdo_sqlsrv/pdo_ae_azure_key_vault_usernamepassword.phpt
+++ /dev/null
@@ -1,122 +0,0 @@
---TEST--
-Test username/password credentials for Azure Key Vault for Always Encrypted.
---SKIPIF--
-<?php require('skipif_mid-refactor.inc'); ?>
---FILE--
-<?php
-require_once("MsCommon_mid-refactor.inc");
-require_once("MsSetup.inc");
-require_once('values.php');
-
-// Set up the columns and build the insert query. Each data type has an
-// AE-encrypted and a non-encrypted column side by side in the table.
-function formulateSetupQuery($tableName, &$dataTypes, &$columns, &$insertQuery)
-{
-    $columns = array();
-    $queryTypes = "(";
-    $queryTypesAE = "(";
-    $valuesString = "VALUES (";
-    $numTypes = sizeof($dataTypes);
-
-    for ($i = 0; $i < $numTypes; ++$i) {
-        // Replace parentheses for column names
-        $colname = str_replace(array("(", ",", ")"), array("_", "_", ""), $dataTypes[$i]);
-        $columns[] = new ColumnMeta($dataTypes[$i], "c_".$colname."_AE", null, "deterministic", false);
-        $columns[] = new ColumnMeta($dataTypes[$i], "c_".$colname, null, "none", false);
-        $queryTypes .= "c_"."$colname, ";
-        $queryTypes .= "c_"."$colname"."_AE, ";
-        $valuesString .= "?, ?, ";
-    }
-
-    $queryTypes = substr($queryTypes, 0, -2).")";
-    $valuesString = substr($valuesString, 0, -2).")";
-
-    $insertQuery = "INSERT INTO $tableName ".$queryTypes." ".$valuesString;
-}
-
-$strsize = 64;
-
-$dataTypes = array("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
-                    "decimal", "float", "real", "bigint", "int", "bit"
-                    );
-
-$connectionOptions = "sqlsrv:Server=$server;Database=$databaseName";
-
-$connectionOptions .= ";ColumnEncryption=enabled";
-$connectionOptions .= ";KeyStoreAuthentication=KeyVaultPassword";
-$connectionOptions .= ";KeyStorePrincipalId=".$AKVPrincipalName;
-$connectionOptions .= ";KeyStoreSecret=".$AKVPassword;
-$connectionOptions .= ";";
-
-$tableName = "akv_comparison_table";
-
-try {
-    // Connect to the AE-enabled database
-    $conn = new PDO($connectionOptions, $uid, $pwd);
-    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-
-    $columns = array();
-    $insertQuery = "";
-
-    // Generate the INSERT query
-    formulateSetupQuery($tableName, $dataTypes, $columns, $insertQuery);
-
-    createTable($conn, $tableName, $columns);
-
-    // Duplicate all values for insertion - one is encrypted, one is not
-    $testValues = array();
-    for ($n = 0; $n < sizeof($small_values); ++$n) {
-        $testValues[] = $small_values[$n];
-        $testValues[] = $small_values[$n];
-    }
-
-    // Prepare the INSERT query
-    // This is never expected to fail
-    $stmt = $conn->prepare($insertQuery);
-    if ($stmt == false) {
-        print_r($conn->errorInfo());
-        fatalError("sqlsrv_prepare failed\n");
-    }
-
-    // Execute the INSERT query
-    // This should not fail since our credentials are correct
-    if ($stmt->execute($testValues) == false) {
-        print_r($stmt->errorInfo());
-        fatalError("INSERT query execution failed with good credentials.\n");
-    } else {
-        // Get the data back and compare encrypted and non-encrypted versions
-        $selectQuery = "SELECT * FROM $tableName";
-
-        $stmt1 = $conn->query($selectQuery);
-
-        $data = $stmt1->fetchAll(PDO::FETCH_NUM);
-        $data = $data[0];
-
-        if (sizeof($data) != 2*sizeof($dataTypes)) {
-            fatalError("Incorrect number of fields returned.\n");
-        }
-
-        for ($n = 0; $n < sizeof($data); $n += 2) {
-            if ($data[$n] != $data[$n + 1]) {
-                echo "Failed on field $n: ".$data[$n]." ".$data[$n + 1]."\n";
-                fatalError("AE and non-AE values do not match.\n");
-            }
-        }
-
-        echo "Successful insertion and retrieval with username/password.\n";
-
-        unset($stmt);
-        unset($stmt1);
-    }
-
-    // Free the statement and close the connection
-    unset($stmt);
-    unset($conn);
-} catch (Exception $e) {
-    echo "Unexpected error.\n";
-    print_r($e->errorInfo);
-}
-
-?>
---EXPECT--
-Successful insertion and retrieval with username/password.
diff --git a/test/functional/pdo_sqlsrv/values.php b/test/functional/pdo_sqlsrv/values.php
index cf3d5181..becbdc17 100644
--- a/test/functional/pdo_sqlsrv/values.php
+++ b/test/functional/pdo_sqlsrv/values.php
@@ -3,10 +3,12 @@
 // This file holds different data of many different types for testing 
 // Always Encrypted. Currently, the tests that use this data are:
 // pdo__ae_azure_key_vault_keywords.phpt ($small_values)
-// pdo_ae_azure_key_vault_verification.phpt ($small_values)
+// pdo_ae_azure_key_vault_username_password.phpt ($small_values)
+// pdo_ae_azure_key_vault_client_secret.phpt ($small_values)
 // sqlsrv_ae_fetch_phptypes.phpt ($values)
 // sqlsrv_ae_azure_key_vault_keywords.phpt ($small_values)
-// sqlsrv_ae_azure_key_vault_verification.phpt ($small_values)
+// sqlsrv_ae_azure_key_vault_username_password.phpt ($small_values)
+// sqlsrv_ae_azure_key_vault_client_secret.phpt ($small_values)
 
 $values = array();
 $values[] = array(array(("BA3EA123EA8FFF46A01"), null, SQLSRV_PHPTYPE_STRING(SQLSRV_ENC_CHAR), SQLSRV_SQLTYPE_BINARY(256)),
diff --git a/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_client_secret.phpt b/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_client_secret.phpt
new file mode 100644
index 00000000..f459753f
--- /dev/null
+++ b/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_client_secret.phpt
@@ -0,0 +1,45 @@
+--TEST--
+Test client ID/secret credentials for Azure Key Vault for Always Encrypted.
+--SKIPIF--
+<?php require('skipif_versions_old.inc'); ?>
+--FILE--
+<?php
+require_once('sqlsrv_ae_azure_key_vault_common.php');
+
+$strsize = 64;
+
+$dataTypes = array ("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
+                    "decimal", "float", "real", "bigint", "int", "bit"
+                    );
+
+// Test data insertion and retrieval with username/password
+// and client Id/client secret combinations.
+$connectionOptions = array("CharacterSet"=>"UTF-8",
+                           "database"=>$databaseName,
+                           "uid"=>$uid,
+                           "pwd"=>$pwd,
+                           "ConnectionPooling"=>0);
+
+$connectionOptions['ColumnEncryption'] = "enabled";
+$connectionOptions['KeyStoreAuthentication'] = "KeyVaultClientSecret";
+$connectionOptions['KeyStorePrincipalId'] = $AKVClientID;
+$connectionOptions['KeyStoreSecret'] = $AKVSecret;
+
+$tableName = "akv_comparison_table";
+
+// Connect to the AE-enabled database, insert the data, and verify
+$conn = sqlsrv_connect($server, $connectionOptions);
+if (!$conn) {
+    $errors = sqlsrv_errors();
+    fatalError("Connection failed while testing good credentials.\n");
+} else {
+    insertDataAndVerify($conn, $tableName, $dataTypes, $small_values);
+
+    echo "Successful insertion and retrieval with client ID/secret.\n";
+
+    sqlsrv_close($conn);
+}
+
+?>
+--EXPECT--
+Successful insertion and retrieval with client ID/secret.
diff --git a/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_clientsecret.phpt b/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_common.php
similarity index 64%
rename from test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_clientsecret.phpt
rename to test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_common.php
index 5f6d9311..0f0ff617 100644
--- a/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_clientsecret.phpt
+++ b/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_common.php
@@ -1,124 +1,93 @@
---TEST--
-Test client ID/secret credentials for Azure Key Vault for Always Encrypted.
---SKIPIF--
-<?php require('skipif_versions_old.inc'); ?>
---FILE--
-<?php
-require_once('MsCommon.inc');
-require_once('values.php');
-
-// Set up the columns and build the insert query. Each data type has an
-// AE-encrypted and a non-encrypted column side by side in the table.
-function formulateSetupQuery($tableName, &$dataTypes, &$columns, &$insertQuery)
-{
-    $columns = array();
-    $queryTypes = "(";
-    $queryTypesAE = "(";
-    $valuesString = "VALUES (";
-    $numTypes = sizeof($dataTypes);
-
-    for ($i = 0; $i < $numTypes; ++$i) {
-        // Replace parentheses for column names
-        $colname = str_replace(array("(", ",", ")"), array("_", "_", ""), $dataTypes[$i]);
-        $columns[] = new AE\ColumnMeta($dataTypes[$i], "c_".$colname."_AE");
-        $columns[] = new AE\ColumnMeta($dataTypes[$i], "c_".$colname, null, true, true);
-        $queryTypes .= "c_"."$colname, ";
-        $queryTypes .= "c_"."$colname"."_AE, ";
-        $valuesString .= "?, ?, ";
-    }
-
-    $queryTypes = substr($queryTypes, 0, -2).")";
-    $valuesString = substr($valuesString, 0, -2).")";
-
-    $insertQuery = "INSERT INTO $tableName ".$queryTypes." ".$valuesString;
-}
-
-$strsize = 64;
-
-$dataTypes = array ("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
-                    "decimal", "float", "real", "bigint", "int", "bit"
-                    );
-
-// Test data insertion and retrieval with username/password
-// and client Id/client secret combinations.
-$connectionOptions = array("CharacterSet"=>"UTF-8",
-                           "database"=>$databaseName,
-                           "uid"=>$uid,
-                           "pwd"=>$pwd,
-                           "ConnectionPooling"=>0);
-
-$tableName = "akv_comparison_table";
-
-$connectionOptions['ColumnEncryption'] = "enabled";
-$connectionOptions['KeyStoreAuthentication'] = "KeyVaultClientSecret";
-$connectionOptions['KeyStorePrincipalId'] = $AKVClientID;
-$connectionOptions['KeyStoreSecret'] = $AKVSecret;
-
-// Connect to the AE-enabled database
-$conn = sqlsrv_connect($server, $connectionOptions);
-if (!$conn) {
-    $errors = sqlsrv_errors();
-    fatalError("Connection failed while testing good credentials.\n");
-} else {
-    $columns = array();
-    $insertQuery = "";
-
-    // Generate the INSERT query
-    formulateSetupQuery($tableName, $dataTypes, $columns, $insertQuery);
-
-    $stmt = AE\createTable($conn, $tableName, $columns);
-    if (!$stmt) {
-        fatalError("Failed to create table $tableName\n");
-    }
-
-    // Duplicate all values for insertion - one is encrypted, one is not
-    $testValues = array();
-    for ($n = 0; $n < sizeof($small_values); ++$n) {
-        $testValues[] = $small_values[$n];
-        $testValues[] = $small_values[$n];
-    }
-
-    // Prepare the INSERT query
-    // This is never expected to fail
-    $stmt = sqlsrv_prepare($conn, $insertQuery, $testValues);
-    if ($stmt == false) {
-        print_r(sqlsrv_errors());
-        fatalError("sqlsrv_prepare failed\n");
-    }
-
-    // Execute the INSERT query
-    // This should not fail since our credentials are correct
-    if (sqlsrv_execute($stmt) == false) {
-        $errors = sqlsrv_errors();
-        fatalError("INSERT query execution failed with good credentials.\n");
-    } else {
-        // Get the data back and compare encrypted and non-encrypted versions
-        $selectQuery = "SELECT * FROM $tableName";
-
-        $stmt1 = sqlsrv_query($conn, $selectQuery);
-        $data = sqlsrv_fetch_array($stmt1, SQLSRV_FETCH_NUMERIC);
-
-        if (sizeof($data) != 2*sizeof($dataTypes)) {
-            fatalError("Incorrect number of fields returned.\n");
-        }
-
-        for ($n = 0; $n < sizeof($data); $n += 2) {
-            if ($data[$n] != $data[$n + 1]) {
-                echo "Failed on field $n: ".$data[$n]." ".$data[$n + 1]."\n";
-                fatalError("AE and non-AE values do not match.\n");
-            }
-        }
-
-        echo "Successful insertion and retrieval with client ID/secret.\n";
-
-        sqlsrv_free_stmt($stmt);
-        sqlsrv_free_stmt($stmt1);
-    }
-
-    // Free the statement and close the connection
-    sqlsrv_close($conn);
-}
-
-?>
---EXPECT--
-Successful insertion and retrieval with client ID/secret.
+<?php
+require_once('MsCommon.inc');
+require_once('values.php');
+
+// Set up the columns and build the insert query. Each data type has an
+// AE-encrypted and a non-encrypted column side by side in the table.
+// If column encryption is not set in MsSetup.inc, this function simply
+// creates two non-encrypted columns side-by-side for each type.
+function formulateSetupQuery($tableName, &$dataTypes, &$columns, &$insertQuery)
+{
+    $columns = array();
+    $queryTypes = "(";
+    $queryTypesAE = "(";
+    $valuesString = "VALUES (";
+    $numTypes = sizeof($dataTypes);
+
+    for ($i = 0; $i < $numTypes; ++$i) {
+        // Replace parentheses for column names
+        $colname = str_replace(array("(", ",", ")"), array("_", "_", ""), $dataTypes[$i]);
+        $columns[] = new AE\ColumnMeta($dataTypes[$i], "c_".$colname."_AE");
+        $columns[] = new AE\ColumnMeta($dataTypes[$i], "c_".$colname, null, true, true);
+        $queryTypes .= "c_"."$colname, ";
+        $queryTypes .= "c_"."$colname"."_AE, ";
+        $valuesString .= "?, ?, ";
+    }
+
+    $queryTypes = substr($queryTypes, 0, -2).")";
+    $valuesString = substr($valuesString, 0, -2).")";
+
+    $insertQuery = "INSERT INTO $tableName ".$queryTypes." ".$valuesString;
+}
+
+// Create the table and insert the data, then retrieve it back and make
+// sure the encrypted and non-encrypted values are identical.
+function insertDataAndVerify($conn, $tableName, $dataTypes, $values)
+{
+    $columns = array();
+    $insertQuery = "";
+
+    // Generate the INSERT query
+    formulateSetupQuery($tableName, $dataTypes, $columns, $insertQuery);
+
+    $stmt = AE\createTable($conn, $tableName, $columns);
+    if (!$stmt) {
+        fatalError("Failed to create table $tableName\n");
+    }
+
+    // Duplicate all values for insertion - one is encrypted, one is not
+    $testValues = array();
+    for ($n = 0; $n < sizeof($values); ++$n) {
+        $testValues[] = $values[$n];
+        $testValues[] = $values[$n];
+    }
+
+    // Prepare the INSERT query
+    // This is never expected to fail
+    $stmt = sqlsrv_prepare($conn, $insertQuery, $testValues);
+    if ($stmt == false) {
+        print_r(sqlsrv_errors());
+        fatalError("sqlsrv_prepare failed\n");
+    }
+
+    // Execute the INSERT query
+    // This should not fail since our credentials are correct
+    if (sqlsrv_execute($stmt) == false) {
+        $errors = sqlsrv_errors();
+        fatalError("INSERT query execution failed with good credentials.\n");
+    } else {
+        // Get the data back and compare encrypted and non-encrypted versions
+        $selectQuery = "SELECT * FROM $tableName";
+
+        $stmt1 = sqlsrv_query($conn, $selectQuery);
+        $data = sqlsrv_fetch_array($stmt1, SQLSRV_FETCH_NUMERIC);
+
+        if (sizeof($data) != 2*sizeof($dataTypes)) {
+            fatalError("Incorrect number of fields returned.\n");
+        }
+
+        for ($n = 0; $n < sizeof($data); $n += 2) {
+            if ($data[$n] != $data[$n + 1]) {
+                echo "Failed on field $n: ".$data[$n]." ".$data[$n + 1]."\n";
+                fatalError("AE and non-AE values do not match.\n");
+            }
+        }
+
+        sqlsrv_free_stmt($stmt);
+        sqlsrv_free_stmt($stmt1);
+    }
+
+    // Drop the table
+    dropTable($conn, $tableName);
+}
+?>
diff --git a/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_keywords.phpt b/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_keywords.phpt
index d5f7ef83..6c561345 100644
--- a/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_keywords.phpt
+++ b/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_keywords.phpt
@@ -4,8 +4,7 @@ Test connection keywords for Azure Key Vault for Always Encrypted.
 <?php require('skipif_versions_old.inc'); ?>
 --FILE--
 <?php
-require_once('MsCommon.inc');
-require_once('values.php');
+require_once('sqlsrv_ae_azure_key_vault_common.php');
 
 // We will test the direct product (set of all possible combinations) of the following
 $columnEncryption = ['enabled', 'disabled', 'notvalid', ''];
@@ -13,8 +12,6 @@ $keyStoreAuthentication = ['KeyVaultPassword', 'KeyVaultClientSecret', 'KeyVault
 $keyStorePrincipalId = [$AKVPrincipalName, $AKVClientID, 'notaname', ''];
 $keyStoreSecret = [$AKVPassword, $AKVSecret, 'notasecret', ''];
 
-$is_win = (strtoupper(substr(php_uname('s'), 0, 3)) === 'WIN');
-
 function checkErrors($errors, ...$codes)
 {
     $codeFound = false;
@@ -35,32 +32,6 @@ function checkErrors($errors, ...$codes)
     }
 }
 
-// Set up the columns and build the insert query. Each data type has an
-// AE-encrypted and a non-encrypted column side by side in the table.
-function formulateSetupQuery($tableName, &$dataTypes, &$columns, &$insertQuery)
-{
-    $columns = array();
-    $queryTypes = "(";
-    $queryTypesAE = "(";
-    $valuesString = "VALUES (";
-    $numTypes = sizeof($dataTypes);
-
-    for ($i = 0; $i < $numTypes; ++$i) {
-        // Replace parentheses for column names
-        $colname = str_replace(array("(", ",", ")"), array("_", "_", ""), $dataTypes[$i]);
-        $columns[] = new AE\ColumnMeta($dataTypes[$i], "c_".$colname."_AE");
-        $columns[] = new AE\ColumnMeta($dataTypes[$i], "c_".$colname, null, true, true);
-        $queryTypes .= "c_"."$colname, ";
-        $queryTypes .= "c_"."$colname"."_AE, ";
-        $valuesString .= "?, ?, ";
-    }
-
-    $queryTypes = substr($queryTypes, 0, -2).")";
-    $valuesString = substr($valuesString, 0, -2).")";
-
-    $insertQuery = "INSERT INTO $tableName ".$queryTypes." ".$valuesString;
-}
-
 $strsize = 64;
 
 $dataTypes = array("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
@@ -114,7 +85,7 @@ for ($i = 0; $i < sizeof($columnEncryption); ++$i) {
                     checkErrors(
                         $errors,
                         array('08001','0'),
-                        array('08001','-1'),    // SSL error occurs in Ubuntu
+                        array('08001','-1'),    // SSL error on some Linuxes
                         array('IMSSP','-110'),
                         array('IMSSP','-111'),
                         array('IMSSP','-112'),
diff --git a/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_username_password.phpt b/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_username_password.phpt
new file mode 100644
index 00000000..6feb04ba
--- /dev/null
+++ b/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_username_password.phpt
@@ -0,0 +1,45 @@
+--TEST--
+Test username/password credentials for Azure Key Vault for Always Encrypted.
+--SKIPIF--
+<?php require('skipif_versions_old.inc'); ?>
+--FILE--
+<?php
+require_once('sqlsrv_ae_azure_key_vault_common.php');
+
+$strsize = 64;
+
+$dataTypes = array ("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
+                    "decimal", "float", "real", "bigint", "int", "bit"
+                    );
+
+// Test data insertion and retrieval with username/password
+// and client Id/client secret combinations.
+$connectionOptions = array("CharacterSet"=>"UTF-8",
+                           "database"=>$databaseName,
+                           "uid"=>$uid,
+                           "pwd"=>$pwd,
+                           "ConnectionPooling"=>0);
+
+$connectionOptions['ColumnEncryption'] = "enabled";
+$connectionOptions['KeyStoreAuthentication'] = "KeyVaultPassword";
+$connectionOptions['KeyStorePrincipalId'] = $AKVPrincipalName;
+$connectionOptions['KeyStoreSecret'] = $AKVPassword;
+
+$tableName = "akv_comparison_table";
+
+// Connect to the AE-enabled database, insert the data, and verify
+$conn = sqlsrv_connect($server, $connectionOptions);
+if (!$conn) {
+    $errors = sqlsrv_errors();
+    fatalError("Connection failed while testing good credentials.\n");
+} else {
+    insertDataAndVerify($conn, $tableName, $dataTypes, $small_values);
+
+    echo "Successful insertion and retrieval with username/password.\n";
+
+    sqlsrv_close($conn);
+}
+
+?>
+--EXPECT--
+Successful insertion and retrieval with username/password.
diff --git a/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_usernamepassword.phpt b/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_usernamepassword.phpt
deleted file mode 100644
index 37ed6d63..00000000
--- a/test/functional/sqlsrv/sqlsrv_ae_azure_key_vault_usernamepassword.phpt
+++ /dev/null
@@ -1,124 +0,0 @@
---TEST--
-Test username/password credentials for Azure Key Vault for Always Encrypted.
---SKIPIF--
-<?php require('skipif_versions_old.inc'); ?>
---FILE--
-<?php
-require_once('MsCommon.inc');
-require_once('values.php');
-
-// Set up the columns and build the insert query. Each data type has an
-// AE-encrypted and a non-encrypted column side by side in the table.
-function formulateSetupQuery($tableName, &$dataTypes, &$columns, &$insertQuery)
-{
-    $columns = array();
-    $queryTypes = "(";
-    $queryTypesAE = "(";
-    $valuesString = "VALUES (";
-    $numTypes = sizeof($dataTypes);
-
-    for ($i = 0; $i < $numTypes; ++$i) {
-        // Replace parentheses for column names
-        $colname = str_replace(array("(", ",", ")"), array("_", "_", ""), $dataTypes[$i]);
-        $columns[] = new AE\ColumnMeta($dataTypes[$i], "c_".$colname."_AE");
-        $columns[] = new AE\ColumnMeta($dataTypes[$i], "c_".$colname, null, true, true);
-        $queryTypes .= "c_"."$colname, ";
-        $queryTypes .= "c_"."$colname"."_AE, ";
-        $valuesString .= "?, ?, ";
-    }
-
-    $queryTypes = substr($queryTypes, 0, -2).")";
-    $valuesString = substr($valuesString, 0, -2).")";
-
-    $insertQuery = "INSERT INTO $tableName ".$queryTypes." ".$valuesString;
-}
-
-$strsize = 64;
-
-$dataTypes = array ("char($strsize)", "varchar($strsize)", "nvarchar($strsize)",
-                    "decimal", "float", "real", "bigint", "int", "bit"
-                    );
-
-// Test data insertion and retrieval with username/password
-// and client Id/client secret combinations.
-$connectionOptions = array("CharacterSet"=>"UTF-8",
-                           "database"=>$databaseName,
-                           "uid"=>$uid,
-                           "pwd"=>$pwd,
-                           "ConnectionPooling"=>0);
-
-$connectionOptions['ColumnEncryption'] = "enabled";
-$connectionOptions['KeyStoreAuthentication'] = "KeyVaultPassword";
-$connectionOptions['KeyStorePrincipalId'] = $AKVPrincipalName;
-$connectionOptions['KeyStoreSecret'] = $AKVPassword;
-
-$tableName = "akv_comparison_table";
-
-// Connect to the AE-enabled database
-$conn = sqlsrv_connect($server, $connectionOptions);
-if (!$conn) {
-    $errors = sqlsrv_errors();
-    fatalError("Connection failed while testing good credentials.\n");
-} else {
-    $columns = array();
-    $insertQuery = "";
-
-    // Generate the INSERT query
-    formulateSetupQuery($tableName, $dataTypes, $columns, $insertQuery);
-
-    $stmt = AE\createTable($conn, $tableName, $columns);
-    if (!$stmt) {
-        fatalError("Failed to create table $tableName\n");
-    }
-
-    // Duplicate all values for insertion - one is encrypted, one is not
-    $testValues = array();
-    for ($n = 0; $n < sizeof($small_values); ++$n) {
-        $testValues[] = $small_values[$n];
-        $testValues[] = $small_values[$n];
-    }
-
-    // Prepare the INSERT query
-    // This is never expected to fail
-    $stmt = sqlsrv_prepare($conn, $insertQuery, $testValues);
-    if ($stmt == false) {
-        print_r(sqlsrv_errors());
-        fatalError("sqlsrv_prepare failed\n");
-    }
-
-    // Execute the INSERT query
-    // This should not fail since our credentials are correct
-    if (sqlsrv_execute($stmt) == false) {
-        $errors = sqlsrv_errors();
-        fatalError("INSERT query failed with good credentials.\n");
-    } else {
-        // Get the data back and compare encrypted and non-encrypted versions
-        $selectQuery = "SELECT * FROM $tableName";
-
-        $stmt1 = sqlsrv_query($conn, $selectQuery);
-        $data = sqlsrv_fetch_array($stmt1, SQLSRV_FETCH_NUMERIC);
-
-        if (sizeof($data) != 2*sizeof($dataTypes)) {
-            fatalError("Incorrect number of fields returned.\n");
-        }
-
-        for ($n = 0; $n < sizeof($data); $n += 2) {
-            if ($data[$n] != $data[$n + 1]) {
-                echo "Failed on field $n: ".$data[$n]." ".$data[$n + 1]."\n";
-                fatalError("AE and non-AE values do not match.\n");
-            }
-        }
-
-        echo "Successful insertion and retrieval with username/password.\n";
-
-        sqlsrv_free_stmt($stmt);
-        sqlsrv_free_stmt($stmt1);
-    }
-
-    // Free the statement and close the connection
-    sqlsrv_close($conn);
-}
-
-?>
---EXPECT--
-Successful insertion and retrieval with username/password.
diff --git a/test/functional/sqlsrv/values.php b/test/functional/sqlsrv/values.php
index cf3d5181..becbdc17 100644
--- a/test/functional/sqlsrv/values.php
+++ b/test/functional/sqlsrv/values.php
@@ -3,10 +3,12 @@
 // This file holds different data of many different types for testing 
 // Always Encrypted. Currently, the tests that use this data are:
 // pdo__ae_azure_key_vault_keywords.phpt ($small_values)
-// pdo_ae_azure_key_vault_verification.phpt ($small_values)
+// pdo_ae_azure_key_vault_username_password.phpt ($small_values)
+// pdo_ae_azure_key_vault_client_secret.phpt ($small_values)
 // sqlsrv_ae_fetch_phptypes.phpt ($values)
 // sqlsrv_ae_azure_key_vault_keywords.phpt ($small_values)
-// sqlsrv_ae_azure_key_vault_verification.phpt ($small_values)
+// sqlsrv_ae_azure_key_vault_username_password.phpt ($small_values)
+// sqlsrv_ae_azure_key_vault_client_secret.phpt ($small_values)
 
 $values = array();
 $values[] = array(array(("BA3EA123EA8FFF46A01"), null, SQLSRV_PHPTYPE_STRING(SQLSRV_ENC_CHAR), SQLSRV_SQLTYPE_BINARY(256)),