Skip to content

Add multi-user key store provider registration support #1056

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 49 commits into from
May 17, 2021
Merged

Add multi-user key store provider registration support #1056

merged 49 commits into from
May 17, 2021

Conversation

@johnnypham
Copy link
Contributor

These changes add a public method to register providers into an instance cache at the command-level, allowing users to maintain their own set of providers in the same application.

The current column encryption key (CEK) cache is global so a new CEK cache and signature verification cache is added at the SqlColumnEncryptionAzureKeyVaultProvider level. Each SqlColumnEncryptionAzureKeyVaultProvider is linked to a single TokenCredential, which serves as the user identity.

public class SqlCommand
{    
       // Added API: registers into command-level key store provider cache
       public void RegisterColumnEncryptionKeyStoreProvidersOnCommand(IDictionary<string, SqlColumnEncryptionKeyStoreProvider> customProviders);
}

@johnnypham johnnypham added the Public API 🆕 Issues/PRs that introduce new APIs to the driver. label Apr 28, 2021
JRahnama
JRahnama reviewed May 3, 2021
View reviewed changes
@cheenamalhotra cheenamalhotra added this to the 3.0.0-preview3 milestone May 7, 2021
@cheenamalhotra cheenamalhotra requested a review from David-Engel May 7, 2021 21:18
David-Engel
David-Engel reviewed May 8, 2021
View reviewed changes
JRahnama
JRahnama reviewed May 12, 2021
View reviewed changes
JRahnama
JRahnama reviewed May 13, 2021
View reviewed changes
DavoudEshtehari
DavoudEshtehari reviewed May 14, 2021
View reviewed changes
Copy link
Contributor

@DavoudEshtehari DavoudEshtehari left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you assess TTL by adding more tests?

Johnny Pham and others added 10 commits May 14, 2021 11:12
add tests
d73a9d2
@DavoudEshtehari
Update src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted…
6ad4eb9 
…/AKVUnitTests.cs

Co-authored-by: DavoudEshtehari <[email protected]>
@DavoudEshtehari
Update src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted…
c5dd485 
…/AKVUnitTests.cs

Co-authored-by: DavoudEshtehari <[email protected]>
@DavoudEshtehari
Update src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted…
9dea525 
…/AKVUnitTests.cs

Co-authored-by: DavoudEshtehari <[email protected]>
@DavoudEshtehari
Update src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted…
4707ff2 
…/AKVUnitTests.cs

Co-authored-by: DavoudEshtehari <[email protected]>
@DavoudEshtehari
Update doc/snippets/Microsoft.Data.SqlClient/SqlColumnEncryptionKeySt…
6eccf60 
…oreProvider.xml

Co-authored-by: DavoudEshtehari <[email protected]>
@DavoudEshtehari
Update src/Microsoft.Data.SqlClient/tests/ManualTests/AlwaysEncrypted…
38923d1 
…/AKVUnitTests.cs

Co-authored-by: DavoudEshtehari <[email protected]>
add threading namespace
5b111d9
refactor tests
4494979
only run test when akv provider is registered globally
82e8c7b
cheenamalhotra
cheenamalhotra approved these changes May 15, 2021
View reviewed changes
Copy link
Member

@cheenamalhotra cheenamalhotra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall LGTM 👍

@cheenamalhotra cheenamalhotra merged commit 5e067c4 into dotnet:main May 17, 2021
@johnnypham johnnypham deleted the multitenant-provider-command branch May 19, 2021 20:04
@edwardneal edwardneal mentioned this pull request Mar 18, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@David-Engel David-Engel David-Engel left review comments

@cheenamalhotra cheenamalhotra cheenamalhotra approved these changes

+2 more reviewers

@DavoudEshtehari DavoudEshtehari DavoudEshtehari left review comments

@JRahnama JRahnama JRahnama approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Public API 🆕 Issues/PRs that introduce new APIs to the driver.

Projects

None yet

Milestone

3.0.0-preview3

Development

Successfully merging this pull request may close these issues.

5 participants

@johnnypham @cheenamalhotra @David-Engel @JRahnama @DavoudEshtehari