-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Parameters defaulting to invalid sizes for Always on Encryption #265
Comments
hello, I looked briefly at this issue and ran into many various errors setting up a test, encrption is not an area I have much expertise. I was not for example able to generate keys that gave me a similar error that you are seeing but admittedly could also not produce a working test. i am sorry but as things stand this will pobably require more time to investigate than I have to give - i wonder if we have any experts out there whom can help us out .. |
I know it is stating obvious I assume you had SQLWCHAR *connString = L"Driver={ODBC Driver 18 for SQL Server};Server={myServer};Encrypt=yes;Trusted_Connection=yes;ColumnEncryption=Enabled;"; set? I will try to look at what is required from ODBC perspective to make this work. |
not sure anything here helps this does all look quite complex! for example what is purpose of below in connection string . "Driver=ODBC Driver 18 for SQL Server;Server=myServer.myDomain;Encrypt=yes;Database=myDataBase;Trusted_Connection=Yes;ColumnEncryption=VBS-HGS,http://myHGSServer.myDomain/Attestation" |
this is interesting from page above If the type of the parameter was set to SQL_WCHAR, which maps to nchar, the query would fail this may be what is going on - ie. we may not bind column correctly. But without setting up an example i cant look into it - what is easiest sql I need to generate keys for example. The SQL type of the parameter inserted into the SSN column is set to SQL_CHAR, which maps to the char SQL Server data type (rc = SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_CHAR, 11, 0, (SQLPOINTER)SSN, 0, &cbSSN);). If the type of the parameter was set to SQL_WCHAR, which maps to nchar, the query would fail, as Always Encrypted doesn't support server-side conversions from encrypted nchar values to encrypted char values. See ODBC Programmer's Reference -- Appendix D: Data Types for information about the data type mappings. |
Setting up a table with encrypted fields took me some time too. The obvious duh! moment for me was realizing that after you create a certificate on the SQL Server (if it's a different computer) you have to export it from the server and import it on the computer you used to query the database. For testing purposes, I used and windows ODBC DSN Connection with the ODBC 18 driver. I did this so that I could use the make sure that it wasn't a problem with the connection string. I was able to use same DSN Connection with .Net Core to insert records and call the stored procedure. I would assume that the fancy From what I've seen, the ODBC driver requires that the parameter type be the exact same length of that on the server, it cannot be different. For example, I was just able to insert a test record with encryption, but the column needed to be Table
|
i have started an encrypt branch - the cpp needs to be compiled as this is still in development you are right the mappings were not right for encryption the below tests now work i.e. these types are fixed encrypt |
Did you happen to test any of the date data types? I'm also unable to insert Date, Datetime and Datetime2. |
Is that on the encrypt branch. I believe I fixed datetime2 the other day on that branch the other date types will not yet work. Every single type has to be exactly specified else encryption fails.Sent from my iPhoneOn 17 Nov 2022, at 15:55, ctgbarcalow ***@***.***> wrote:
Did you happen to test any of the date data types? I'm also unable to insert Date, Datetime and Datetime2.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: ***@***.***>
|
so far these are working on encrypt - nothing on master works properly encrypt 15 passing (3s) |
This is merged back to master not released on npm. Many types now work. Money is not supported. |
this is now released under v3.0.1 |
The process reads from encrypted columns without issue, the ODBC 17 driver takes care of the decryption. But I can't insert into the table for the life of me. Below is a simple example that should work but it never does. It always converts my input parameters to an invalid type too long, too short, wrong type, and the encryption fails.
FWIW: Inserting from SSMS and EntityFrameworkCore works just fine.
Table
Stored Procedure
Node.js
Error
The text was updated successfully, but these errors were encountered: