mirror of
https://github.com/ckaczor/sqltoolsservice.git
synced 2026-01-14 01:25:40 -05:00
Improve secure enclaves error handling (#1880)
This commit is contained in:
Cheena Malhotra
@@ -49,6 +49,7 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Connection
|
||||
Assert.AreEqual(details.MinPoolSize, expectedForInt);
|
||||
Assert.AreEqual(details.PacketSize, expectedForInt);
|
||||
Assert.AreEqual(details.ColumnEncryptionSetting, expectedForStrings);
|
||||
Assert.AreEqual(details.SecureEnclaves, expectedForStrings);
|
||||
Assert.AreEqual(details.EnclaveAttestationUrl, expectedForStrings);
|
||||
Assert.AreEqual(details.EnclaveAttestationProtocol, expectedForStrings);
|
||||
Assert.AreEqual(details.Encrypt, expectedForStrings);
|
||||
@@ -91,6 +92,7 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Connection
|
||||
details.MinPoolSize = expectedForInt + index++;
|
||||
details.PacketSize = expectedForInt + index++;
|
||||
details.ColumnEncryptionSetting = expectedForStrings + index++;
|
||||
details.SecureEnclaves = expectedForStrings + index++;
|
||||
details.EnclaveAttestationProtocol = expectedForStrings + index++;
|
||||
details.EnclaveAttestationUrl = expectedForStrings + index++;
|
||||
details.Encrypt = expectedForStrings + index++;
|
||||
@@ -125,6 +127,7 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Connection
|
||||
Assert.AreEqual(details.MinPoolSize, expectedForInt + index++);
|
||||
Assert.AreEqual(details.PacketSize, expectedForInt + index++);
|
||||
Assert.AreEqual(details.ColumnEncryptionSetting, expectedForStrings + index++);
|
||||
Assert.AreEqual(details.SecureEnclaves, expectedForStrings + index++);
|
||||
Assert.AreEqual(details.EnclaveAttestationProtocol, expectedForStrings + index++);
|
||||
Assert.AreEqual(details.EnclaveAttestationUrl, expectedForStrings + index++);
|
||||
Assert.AreEqual(details.Encrypt, expectedForStrings + index++);
|
||||
|
||||
@@ -584,13 +584,14 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Connection
|
||||
|
||||
private static readonly object[] optionalEnclaveParameters =
|
||||
{
|
||||
new object[] {"EnclaveAttestationProtocol", "AAS", "Attestation Protocol=AAS"},
|
||||
new object[] {"EnclaveAttestationProtocol", "HGS", "Attestation Protocol=HGS"},
|
||||
new object[] {"EnclaveAttestationProtocol", "aas", "Attestation Protocol=AAS"},
|
||||
new object[] {"EnclaveAttestationProtocol", "hgs", "Attestation Protocol=HGS"},
|
||||
new object[] {"EnclaveAttestationProtocol", "AaS", "Attestation Protocol=AAS"},
|
||||
new object[] {"EnclaveAttestationProtocol", "hGs", "Attestation Protocol=HGS"},
|
||||
new object[] {"EnclaveAttestationUrl", "https://attestation.us.attest.azure.net/attest/SgxEnclave", "Enclave Attestation Url=https://attestation.us.attest.azure.net/attest/SgxEnclave" },
|
||||
new object[] {"AAS", "https://attestation.us.attest.azure.net/attest/SgxEnclave", "Enclave Attestation Url=https://attestation.us.attest.azure.net/attest/SgxEnclave;Attestation Protocol=AAS"},
|
||||
new object[] {"HGS", "https://attestation.us.attest.azure.net/attest/SgxEnclave", "Enclave Attestation Url=https://attestation.us.attest.azure.net/attest/SgxEnclave;Attestation Protocol=HGS"},
|
||||
new object[] {"aas", "https://attestation.us.attest.azure.net/attest/SgxEnclave", "Enclave Attestation Url=https://attestation.us.attest.azure.net/attest/SgxEnclave;Attestation Protocol=AAS"},
|
||||
new object[] {"hgs", "https://attestation.us.attest.azure.net/attest/SgxEnclave", "Enclave Attestation Url=https://attestation.us.attest.azure.net/attest/SgxEnclave;Attestation Protocol=HGS"},
|
||||
new object[] {"AaS", "https://attestation.us.attest.azure.net/attest/SgxEnclave", "Enclave Attestation Url=https://attestation.us.attest.azure.net/attest/SgxEnclave;Attestation Protocol=AAS"},
|
||||
new object[] {"hGs", "https://attestation.us.attest.azure.net/attest/SgxEnclave", "Enclave Attestation Url=https://attestation.us.attest.azure.net/attest/SgxEnclave;Attestation Protocol=HGS"},
|
||||
new object[] {"NONE", null, "Attestation Protocol=None"},
|
||||
new object[] {"None", null, "Attestation Protocol=None" },
|
||||
};
|
||||
|
||||
/// <summary>
|
||||
@@ -598,18 +599,28 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Connection
|
||||
/// can be built into a connection string for connecting.
|
||||
/// </summary>
|
||||
[Test, TestCaseSource(nameof(optionalEnclaveParameters))]
|
||||
public void ConnectingWithOptionalEnclaveParametersBuildsConnectionString(string propertyName, object propertyValue, string connectionStringMarker)
|
||||
public void ConnectingWithOptionalEnclaveParametersBuildsConnectionString(string attestationProtocol, string attestationUrl, string connectionStringMarker)
|
||||
{
|
||||
// Create a test connection details object and set the property to a specific value
|
||||
// Create a test connection details object
|
||||
ConnectionDetails details = TestObjects.GetTestConnectionDetails();
|
||||
details.ColumnEncryptionSetting = "Enabled";
|
||||
details.GetType()
|
||||
.GetProperty(propertyName)
|
||||
.SetValue(details, propertyValue);
|
||||
|
||||
// Test that a connection string can be created without exceptions
|
||||
//Enable Secure Enclaves
|
||||
details.ColumnEncryptionSetting = "Enabled";
|
||||
details.SecureEnclaves = "Enabled";
|
||||
|
||||
// Set Attestation Protocol
|
||||
details.GetType()
|
||||
.GetProperty("EnclaveAttestationProtocol")
|
||||
.SetValue(details, attestationProtocol);
|
||||
|
||||
// Set Attestation URL
|
||||
details.GetType()
|
||||
.GetProperty("EnclaveAttestationUrl")
|
||||
.SetValue(details, attestationUrl);
|
||||
|
||||
// Test that a connection string can be created without exceptions with provided combinations.
|
||||
string connectionString = ConnectionService.BuildConnectionString(details);
|
||||
Assert.That(connectionString, Contains.Substring(connectionStringMarker), "Verify that the parameter is in the connection string");
|
||||
Assert.That(connectionString, Contains.Substring(connectionStringMarker), "Verify that the parameters are in the connection string");
|
||||
}
|
||||
|
||||
private static readonly object[] invalidOptions =
|
||||
@@ -617,6 +628,9 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Connection
|
||||
new object[] {"AuthenticationType", "NotAValidAuthType" },
|
||||
new object[] {"ColumnEncryptionSetting", "NotAValidColumnEncryptionSetting" },
|
||||
new object[] {"EnclaveAttestationProtocol", "NotAValidEnclaveAttestationProtocol" },
|
||||
new object[] {"EnclaveAttestationProtocol", "AAS" }, // Without Attestation Url
|
||||
new object[] {"EnclaveAttestationProtocol", "hgs" }, // Without Attestation Url
|
||||
new object[] { "EnclaveAttestationUrl", "https://attestation.us.attest.azure.net/attest/SgxEnclave" }, // Without Attestation Protocol
|
||||
};
|
||||
|
||||
/// <summary>
|
||||
@@ -639,12 +653,26 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Connection
|
||||
Tuple.Create<string, object>("EnclaveAttestationProtocol", "AAS"),
|
||||
Tuple.Create<string, object>("EnclaveAttestationUrl", "https://attestation.us.attest.azure.net/attest/SgxEnclave")
|
||||
},
|
||||
new []
|
||||
{
|
||||
Tuple.Create<string, object>("ColumnEncryptionSetting", "Enabled"),
|
||||
Tuple.Create<string, object>("SecureEnclaves", null),
|
||||
Tuple.Create<string, object>("EnclaveAttestationProtocol", "AAS"),
|
||||
Tuple.Create<string, object>("EnclaveAttestationUrl", "https://attestation.us.attest.azure.net/attest/SgxEnclave")
|
||||
},
|
||||
new []
|
||||
{
|
||||
Tuple.Create<string, object>("ColumnEncryptionSetting", "Disabled"),
|
||||
Tuple.Create<string, object>("EnclaveAttestationProtocol", "AAS"),
|
||||
Tuple.Create<string, object>("EnclaveAttestationUrl", "https://attestation.us.attest.azure.net/attest/SgxEnclave")
|
||||
},
|
||||
new []
|
||||
{
|
||||
Tuple.Create<string, object>("ColumnEncryptionSetting", "Enabled"),
|
||||
Tuple.Create<string, object>("SecureEnclaves", "Disabled"),
|
||||
Tuple.Create<string, object>("EnclaveAttestationProtocol", "AAS"),
|
||||
Tuple.Create<string, object>("EnclaveAttestationUrl", "https://attestation.us.attest.azure.net/attest/SgxEnclave")
|
||||
},
|
||||
new []
|
||||
{
|
||||
Tuple.Create<string, object>("ColumnEncryptionSetting", ""),
|
||||
|
||||
@@ -35,6 +35,12 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Utility
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionParamsValidateNullSqlAuth(""));
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnectErrorNullParams);
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnectionCanceled);
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnStringMissingAttestationUrlWithAttestationProtocol);
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnStringInvalidAttestationProtocolNoneWithUrl);
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnStringInvalidEnclaveAttestationProtocol(""));
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnStringInvalidColumnEncryptionSetting(""));
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnStringInvalidSecureEnclaves(""));
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnStringInvalidEncryptOption(""));
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnStringInvalidAuthType(""));
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceConnStringInvalidIntent(""));
|
||||
Assert.NotNull(ServiceLayerSr.ConnectionServiceDbErrorDefaultNotConnected(""));
|
||||
|
||||
Reference in New Issue
Block a user