--TEST-- Test various settings for the ColumnEncryption keyword. --DESCRIPTION-- For AE v2, the Column Encryption keyword must be set to [protocol]/[attestation URL]. If [protocol] is wrong, connection should fail; if the URL is wrong, connection should succeed. This test sets ColumnEncryption to three values: 1. Random nonsense, which is interpreted as an incorrect protocol so connection should fail. 2. Incorrect protocol with a correct attestation URL, connection should fail. 3. Correct protocol and incorrect URL, connection should succeed. --SKIPIF-- --FILE-- $database, 'uid'=>$userName, 'pwd'=>$userPassword, 'ColumnEncryption'=>"xyz", ); $conn = sqlsrv_connect($server, $options); if (!$conn) { $e = sqlsrv_errors(); checkErrors($e, array('CE400', '0')); } else { die("Connecting with nonsense should have failed!\n"); } // Test with incorrect protocol and good attestation URL. Connection should fail. // Insert a rogue 'x' into the protocol part of the attestation. $comma = strpos($attestation, ','); $badProtocol = substr_replace($attestation, 'x', $comma, 0); $options = array('database'=>$database, 'uid'=>$userName, 'pwd'=>$userPassword, 'ColumnEncryption'=>$badProtocol, ); $conn = sqlsrv_connect($server, $options); if (!$conn) { $e = sqlsrv_errors(); checkErrors($e, array('CE400', '0')); } else { die("Connecting with a bad attestation protocol should have failed!\n"); } // Test with good protocol and incorrect attestation URL. Connection should succeed // because the URL is only checked when an enclave computation is attempted. $badURL = substr_replace($attestation, 'x', $comma+1, 0); $options = array('database'=>$database, 'uid'=>$userName, 'pwd'=>$userPassword, 'ColumnEncryption'=>$badURL, ); $conn = sqlsrv_connect($server, $options); if (!$conn) { print_r(sqlsrv_errors()); die("Connecting with a bad attestation URL should have succeeded!\n"); } echo "Done.\n"; ?> --EXPECT-- Done.