Merged PR 4056: [4.0.4] | Fix AE enclave retry logic not working for …

…async queries (#1988) Ports [#1988](#1988)
dotnet · Oct 13, 2023 · 9d76e6a · 9d76e6a
1 parent 893dc7a
commit 9d76e6a
Show file tree

Hide file tree

Showing 13 changed files with 292 additions and 109 deletions.
diff --git a/doc/snippets/Microsoft.Data.SqlClient/SqlColumnEncryptionEnclaveProvider.xml b/doc/snippets/Microsoft.Data.SqlClient/SqlColumnEncryptionEnclaveProvider.xml
@@ -20,28 +20,29 @@ the enclave attestation protocol as well as the logic for creating and caching e
             <param name="enclaveAttestationInfo">The information the provider uses to attest the enclave and generate a symmetric key for the session. The format of this information is specific to the enclave attestation protocol.</param>
             <param name="clientDiffieHellmanKey">A Diffie-Hellman algorithm object that encapsulates a client-side key pair.</param>
             <param name="enclaveSessionParameters">The set of parameters required for an enclave session.</param>
-            <param name="customData">The set of extra data needed for attestating the enclave.</param>
-            <param name="customDataLength">The length of the extra data needed for attestating the enclave.</param>
+            <param name="customData">The set of extra data needed for attesting the enclave.</param>
+            <param name="customDataLength">The length of the extra data needed for attesting the enclave.</param>
             <param name="sqlEnclaveSession">The requested enclave session or <see langword="null" /> if the provider doesn't implement session caching.</param>
             <param name="counter">A counter that the enclave provider is expected to increment each time SqlClient retrieves the session from the cache. The purpose of this field is to prevent replay attacks.</param>
             <summary>When overridden in a derived class, performs enclave attestation, generates a symmetric key for the session, creates a an enclave session and stores the session information in the cache.</summary>
             <remarks>To be added.</remarks>
         </CreateEnclaveSession>
         <GetAttestationParameters>
             <param name="attestationUrl">The endpoint of an attestation service for attesting the enclave.</param>
-            <param name="customData">A set of extra data needed for attestating the enclave.</param>
-            <param name="customDataLength">The length of the extra data needed for attestating the enclave.</param>
+            <param name="customData">A set of extra data needed for attesting the enclave.</param>
+            <param name="customDataLength">The length of the extra data needed for attesting the enclave.</param>
             <summary>Gets the information that SqlClient subsequently uses to initiate the process of attesting the enclave and to establish a secure session with the enclave.</summary>
             <returns>The information SqlClient subsequently uses to initiate the process of attesting the enclave and to establish a secure session with the enclave.</returns>
             <remarks>To be added.</remarks>
         </GetAttestationParameters>
         <GetEnclaveSession>
             <param name="enclaveSessionParameters">The set of parameters required for enclave session.</param>
             <param name="generateCustomData"><see langword="true" /> to indicate that a set of extra data needs to be generated for attestation; otherwise, <see langword="false" />.</param>
+            <param name="isRetry">Indicates if this is a retry from a failed call.</param>
             <param name="sqlEnclaveSession">When this method returns, the requested enclave session or <see langword="null" /> if the provider doesn't implement session caching. This parameter is treated as uninitialized.</param>
             <param name="counter">A counter that the enclave provider is expected to increment each time SqlClient retrieves the session from the cache. The purpose of this field is to prevent replay attacks.</param>
-            <param name="customData">A set of extra data needed for attestating the enclave.</param>
-            <param name="customDataLength">The length of the extra data needed for attestating the enclave.</param>
+            <param name="customData">A set of extra data needed for attesting the enclave.</param>
+            <param name="customDataLength">The length of the extra data needed for attesting the enclave.</param>
             <summary>When overridden in a derived class, looks up an existing enclave session information in the enclave session cache. If the enclave provider doesn't implement enclave session caching, this method is expected to return <see langword="null" /> in the <paramref name="sqlEnclaveSession" /> parameter.
             </summary>
             <remarks>To be added.</remarks>

diff --git a/...ent/netcore/src/Microsoft/Data/SqlClient/SqlColumnEncryptionEnclaveProvider.NetCoreApp.cs b/...ent/netcore/src/Microsoft/Data/SqlClient/SqlColumnEncryptionEnclaveProvider.NetCoreApp.cs
@@ -15,8 +15,8 @@ internal abstract partial class SqlColumnEncryptionEnclaveProvider
         /// <param name="enclaveAttestationInfo">The information the provider uses to attest the enclave and generate a symmetric key for the session. The format of this information is specific to the enclave attestation protocol.</param>
         /// <param name="clientDiffieHellmanKey">A Diffie-Hellman algorithm object encapsulating a client-side key pair.</param>
         /// <param name="enclaveSessionParameters">The set of parameters required for enclave session.</param>
-        /// <param name="customData">The set of extra data needed for attestating the enclave.</param>
-        /// <param name="customDataLength">The length of the extra data needed for attestating the enclave.</param>
+        /// <param name="customData">The set of extra data needed for attesting the enclave.</param>
+        /// <param name="customDataLength">The length of the extra data needed for attesting the enclave.</param>
         /// <param name="sqlEnclaveSession">The requested enclave session or null if the provider does not implement session caching.</param>
         /// <param name="counter">A counter that the enclave provider is expected to increment each time SqlClient retrieves the session from the cache. The purpose of this field is to prevent replay attacks.</param>
         internal abstract void CreateEnclaveSession(byte[] enclaveAttestationInfo, ECDiffieHellman clientDiffieHellmanKey, EnclaveSessionParameters enclaveSessionParameters, byte[] customData, int customDataLength,

diff --git a/...Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlColumnEncryptionEnclaveProvider.cs b/...Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlColumnEncryptionEnclaveProvider.cs
@@ -8,7 +8,7 @@ namespace Microsoft.Data.SqlClient
     internal abstract partial class SqlColumnEncryptionEnclaveProvider
     {
         /// <include file='../../../../../../../doc/snippets/Microsoft.Data.SqlClient/SqlColumnEncryptionEnclaveProvider.xml' path='docs/members[@name="SqlColumnEncryptionEnclaveProvider"]/GetEnclaveSession/*'/>
-        internal abstract void GetEnclaveSession(EnclaveSessionParameters enclaveSessionParameters, bool generateCustomData, out SqlEnclaveSession sqlEnclaveSession, out long counter, out byte[] customData, out int customDataLength);
+        internal abstract void GetEnclaveSession(EnclaveSessionParameters enclaveSessionParameters, bool generateCustomData, bool isRetry, out SqlEnclaveSession sqlEnclaveSession, out long counter, out byte[] customData, out int customDataLength);
 
         /// <include file='../../../../../../../doc/snippets/Microsoft.Data.SqlClient/SqlColumnEncryptionEnclaveProvider.xml' path='docs/members[@name="SqlColumnEncryptionEnclaveProvider"]/GetAttestationParameters/*'/>
         internal abstract SqlEnclaveAttestationParameters GetAttestationParameters(string attestationUrl, byte[] customData, int customDataLength);