dprevot/php-sqlsrv
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
php-sqlsrv/test/functional/sqlsrv/sqlsrv_aev2_keywords.phpt
David Puglielli 051328782d
Always Encrypted v2 support (#1045) 
* Change to support ae-v2

* Add support for AE V2

* Added some descriptions and comments

* Fixed PDO pattern matching

* Updated key generation scripts

* Fixed key script

* Fixed char/nchar results, fixed formatting issues

* Addressed review comments

* Updated key scripts

* Debugging aev2 keyword failure

* Debugging aev2 keyword failure

* Debugging aev2 keyword failure

* Debugging aev2 keyword failure

* Added skipif to ae v2 keyword test

* Addressed review comments

* Fixed braces and camel caps

* Updated test descriptions

* Added detail to test descriptions

* Tiny change
2019-10-31 16:55:36 -07:00

72 lines
2.3 KiB
PHP
Raw Blame History

--TEST--
Test various settings for the ColumnEncryption keyword.
--DESCRIPTION--
For AE v2, the Column Encryption keyword must be set to [protocol]/[attestation URL].
If [protocol] is wrong, connection should fail; if the URL is wrong, connection
should succeed. This test sets ColumnEncryption to three values:
1. Random nonsense, which is interpreted as an incorrect protocol
so connection should fail.
2. Incorrect protocol with a correct attestation URL, connection should fail.
3. Correct protocol and incorrect URL, connection should succeed.
--SKIPIF--
<?php require("skipif_not_hgs.inc"); ?>
--FILE--
<?php
require_once("MsSetup.inc");
require_once("AE_v2_values.inc");
require_once("sqlsrv_AE_functions.inc");
// Test with random nonsense. Connection should fail.
$options = array('database'=>$database,
'uid'=>$userName,
'pwd'=>$userPassword,
'ColumnEncryption'=>"xyz",
);
$conn = sqlsrv_connect($server, $options);
if (!$conn) {
$e = sqlsrv_errors();
checkErrors($e, array('CE400', '0'));
} else {
die("Connecting with nonsense should have failed!\n");
}
// Test with incorrect protocol and good attestation URL. Connection should fail.
// Insert a rogue 'x' into the protocol part of the attestation.
$comma = strpos($attestation, ',');
$badProtocol = substr_replace($attestation, 'x', $comma, 0);
$options = array('database'=>$database,
'uid'=>$userName,
'pwd'=>$userPassword,
'ColumnEncryption'=>$badProtocol,
);
$conn = sqlsrv_connect($server, $options);
if (!$conn) {
$e = sqlsrv_errors();
checkErrors($e, array('CE400', '0'));
} else {
die("Connecting with a bad attestation protocol should have failed!\n");
}
// Test with good protocol and incorrect attestation URL. Connection should succeed
// because the URL is only checked when an enclave computation is attempted.
$badURL = substr_replace($attestation, 'x', $comma+1, 0);
$options = array('database'=>$database,
'uid'=>$userName,
'pwd'=>$userPassword,
'ColumnEncryption'=>$badURL,
);
$conn = sqlsrv_connect($server, $options);
if (!$conn) {
print_r(sqlsrv_errors());
die("Connecting with a bad attestation URL should have succeeded!\n");
}
echo "Done.\n";
?>
--EXPECT--
Done.
Reference in a new issue View git blame Copy permalink