/
SqlColumnEncryptionCertificateStoreProvider.xml
182 lines (182 loc) · 16.1 KB
/
SqlColumnEncryptionCertificateStoreProvider.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
<Type Name="SqlColumnEncryptionCertificateStoreProvider" FullName="System.Data.SqlClient.SqlColumnEncryptionCertificateStoreProvider">
<TypeSignature Language="C#" Value="public sealed class SqlColumnEncryptionCertificateStoreProvider : System.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider" FrameworkAlternate="netframework-4.6" />
<TypeSignature Language="ILAsm" Value=".class public auto ansi sealed beforefieldinit SqlColumnEncryptionCertificateStoreProvider extends System.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider" FrameworkAlternate="netframework-4.6" />
<TypeSignature Language="DocId" Value="T:System.Data.SqlClient.SqlColumnEncryptionCertificateStoreProvider" />
<TypeSignature Language="VB.NET" Value="Public NotInheritable Class SqlColumnEncryptionCertificateStoreProvider
Inherits SqlColumnEncryptionKeyStoreProvider" FrameworkAlternate="netframework-4.6" />
<TypeSignature Language="F#" Value="type SqlColumnEncryptionCertificateStoreProvider = class
 inherit SqlColumnEncryptionKeyStoreProvider" />
<TypeSignature Language="C++ CLI" Value="public ref class SqlColumnEncryptionCertificateStoreProvider sealed : System::Data::SqlClient::SqlColumnEncryptionKeyStoreProvider" FrameworkAlternate="netframework-4.6" />
<TypeSignature Language="C#" Value="public class SqlColumnEncryptionCertificateStoreProvider : System.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider" FrameworkAlternate="netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
<TypeSignature Language="ILAsm" Value=".class public auto ansi beforefieldinit SqlColumnEncryptionCertificateStoreProvider extends System.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider" FrameworkAlternate="netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
<TypeSignature Language="VB.NET" Value="Public Class SqlColumnEncryptionCertificateStoreProvider
Inherits SqlColumnEncryptionKeyStoreProvider" FrameworkAlternate="netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
<TypeSignature Language="C++ CLI" Value="public ref class SqlColumnEncryptionCertificateStoreProvider : System::Data::SqlClient::SqlColumnEncryptionKeyStoreProvider" FrameworkAlternate="netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
<AssemblyInfo>
<AssemblyName>System.Data</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<Base>
<BaseTypeName>System.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider</BaseTypeName>
</Base>
<Interfaces />
<Docs>
<summary>The implementation of the key store provider for Windows Certificate Store. This class enables using certificates stored in the Windows Certificate Store as column master keys. For details, see <see href="https://docs.microsoft.com/sql/relational-databases/security/encryption/always-encrypted-database-engine">Always Encrypted</see>.</summary>
<remarks>To be added.</remarks>
<related type="ExternalDocumentation" href="https://techcommunity.microsoft.com/t5/sql-server/getting-started-with-always-encrypted/ba-p/384397">Get started with Always Encrypted (blog post)</related>
<related type="ExternalDocumentation" href="/sql/relational-databases/security/encryption/always-encrypted-client-development">Develop apps using Always Encrypted</related>
</Docs>
<Members>
<Member MemberName=".ctor">
<MemberSignature Language="C#" Value="public SqlColumnEncryptionCertificateStoreProvider ();" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor() cil managed" />
<MemberSignature Language="DocId" Value="M:System.Data.SqlClient.SqlColumnEncryptionCertificateStoreProvider.#ctor" />
<MemberSignature Language="VB.NET" Value="Public Sub New ()" />
<MemberSignature Language="C++ CLI" Value="public:
 SqlColumnEncryptionCertificateStoreProvider();" />
<MemberType>Constructor</MemberType>
<AssemblyInfo>
<AssemblyName>System.Data</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<Parameters />
<Docs>
<summary>Key store provider for Windows Certificate Store.</summary>
<remarks>To be added.</remarks>
</Docs>
</Member>
<Member MemberName="DecryptColumnEncryptionKey">
<MemberSignature Language="C#" Value="public override byte[] DecryptColumnEncryptionKey (string masterKeyPath, string encryptionAlgorithm, byte[] encryptedColumnEncryptionKey);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance unsigned int8[] DecryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, unsigned int8[] encryptedColumnEncryptionKey) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Data.SqlClient.SqlColumnEncryptionCertificateStoreProvider.DecryptColumnEncryptionKey(System.String,System.String,System.Byte[])" />
<MemberSignature Language="VB.NET" Value="Public Overrides Function DecryptColumnEncryptionKey (masterKeyPath As String, encryptionAlgorithm As String, encryptedColumnEncryptionKey As Byte()) As Byte()" />
<MemberSignature Language="F#" Value="override this.DecryptColumnEncryptionKey : string * string * byte[] -> byte[]" Usage="sqlColumnEncryptionCertificateStoreProvider.DecryptColumnEncryptionKey (masterKeyPath, encryptionAlgorithm, encryptedColumnEncryptionKey)" />
<MemberSignature Language="C++ CLI" Value="public:
 override cli::array <System::Byte> ^ DecryptColumnEncryptionKey(System::String ^ masterKeyPath, System::String ^ encryptionAlgorithm, cli::array <System::Byte> ^ encryptedColumnEncryptionKey);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Data</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Byte[]</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="masterKeyPath" Type="System.String" />
<Parameter Name="encryptionAlgorithm" Type="System.String" />
<Parameter Name="encryptedColumnEncryptionKey" Type="System.Byte[]" />
</Parameters>
<Docs>
<param name="masterKeyPath">The master key path.</param>
<param name="encryptionAlgorithm">The encryption algorithm. Currently, the only valid value is: <c>RSA_OAEP</c>.</param>
<param name="encryptedColumnEncryptionKey">The encrypted column encryption key.</param>
<summary>Decrypts the specified encrypted value of a column encryption key. The encrypted value is expected to be encrypted using the certificate with the specified key path and using the specified algorithm. The format of the key path should be "Local Machine/My/<certificate_thumbprint>" or "Current User/My/<certificate_thumbprint>".</summary>
<returns>Returns <see cref="T:System.Byte" />.
The decrypted column encryption key.</returns>
<remarks>To be added.</remarks>
</Docs>
</Member>
<Member MemberName="EncryptColumnEncryptionKey">
<MemberSignature Language="C#" Value="public override byte[] EncryptColumnEncryptionKey (string masterKeyPath, string encryptionAlgorithm, byte[] columnEncryptionKey);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance unsigned int8[] EncryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, unsigned int8[] columnEncryptionKey) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Data.SqlClient.SqlColumnEncryptionCertificateStoreProvider.EncryptColumnEncryptionKey(System.String,System.String,System.Byte[])" />
<MemberSignature Language="VB.NET" Value="Public Overrides Function EncryptColumnEncryptionKey (masterKeyPath As String, encryptionAlgorithm As String, columnEncryptionKey As Byte()) As Byte()" />
<MemberSignature Language="F#" Value="override this.EncryptColumnEncryptionKey : string * string * byte[] -> byte[]" Usage="sqlColumnEncryptionCertificateStoreProvider.EncryptColumnEncryptionKey (masterKeyPath, encryptionAlgorithm, columnEncryptionKey)" />
<MemberSignature Language="C++ CLI" Value="public:
 override cli::array <System::Byte> ^ EncryptColumnEncryptionKey(System::String ^ masterKeyPath, System::String ^ encryptionAlgorithm, cli::array <System::Byte> ^ columnEncryptionKey);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Data</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Byte[]</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="masterKeyPath" Type="System.String" />
<Parameter Name="encryptionAlgorithm" Type="System.String" />
<Parameter Name="columnEncryptionKey" Type="System.Byte[]" />
</Parameters>
<Docs>
<param name="masterKeyPath">The master key path.</param>
<param name="encryptionAlgorithm">The encryption algorithm. Currently, the only valid value is: <c>RSA_OAEP</c>.</param>
<param name="columnEncryptionKey">The encrypted column encryption key.</param>
<summary>Encrypts a column encryption key using the certificate with the specified key path and using the specified algorithm. The format of the key path should be "Local Machine/My/<certificate_thumbprint>" or "Current User/My/<certificate_thumbprint>".</summary>
<returns>Returns <see cref="T:System.Byte" />.
The encrypted column encryption key.</returns>
<remarks>To be added.</remarks>
</Docs>
</Member>
<Member MemberName="ProviderName">
<MemberSignature Language="C#" Value="public const string ProviderName;" />
<MemberSignature Language="ILAsm" Value=".field public static literal string ProviderName" />
<MemberSignature Language="DocId" Value="F:System.Data.SqlClient.SqlColumnEncryptionCertificateStoreProvider.ProviderName" />
<MemberSignature Language="VB.NET" Value="Public Const ProviderName As String " />
<MemberSignature Language="F#" Value="val mutable ProviderName : string" Usage="System.Data.SqlClient.SqlColumnEncryptionCertificateStoreProvider.ProviderName" />
<MemberSignature Language="C++ CLI" Value="public: System::String ^ ProviderName;" />
<MemberType>Field</MemberType>
<AssemblyInfo>
<AssemblyName>System.Data</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.String</ReturnType>
</ReturnValue>
<Docs>
<summary>The provider name.</summary>
<remarks>To be added.</remarks>
</Docs>
</Member>
<Member MemberName="SignColumnMasterKeyMetadata">
<MemberSignature Language="C#" Value="public override byte[] SignColumnMasterKeyMetadata (string masterKeyPath, bool allowEnclaveComputations);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance unsigned int8[] SignColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Data.SqlClient.SqlColumnEncryptionCertificateStoreProvider.SignColumnMasterKeyMetadata(System.String,System.Boolean)" />
<MemberSignature Language="VB.NET" Value="Public Overrides Function SignColumnMasterKeyMetadata (masterKeyPath As String, allowEnclaveComputations As Boolean) As Byte()" />
<MemberSignature Language="F#" Value="override this.SignColumnMasterKeyMetadata : string * bool -> byte[]" Usage="sqlColumnEncryptionCertificateStoreProvider.SignColumnMasterKeyMetadata (masterKeyPath, allowEnclaveComputations)" />
<MemberSignature Language="C++ CLI" Value="public:
 override cli::array <System::Byte> ^ SignColumnMasterKeyMetadata(System::String ^ masterKeyPath, bool allowEnclaveComputations);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Data</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Byte[]</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="masterKeyPath" Type="System.String" Index="0" FrameworkAlternate="netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
<Parameter Name="allowEnclaveComputations" Type="System.Boolean" Index="1" FrameworkAlternate="netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
</Parameters>
<Docs>
<param name="masterKeyPath">The column master key path.</param>
<param name="allowEnclaveComputations">
<see langword="true" /> to indicate that the column master key supports enclave computations; otherwise, <see langword="false" />.</param>
<summary>Digitally signs the column master key metadata with the column master key referenced by the <paramref name="masterKeyPath" /> parameter.</summary>
<returns>The signature of the column master key metadata.</returns>
<remarks>To be added.</remarks>
</Docs>
</Member>
<Member MemberName="VerifyColumnMasterKeyMetadata">
<MemberSignature Language="C#" Value="public override bool VerifyColumnMasterKeyMetadata (string masterKeyPath, bool allowEnclaveComputations, byte[] signature);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance bool VerifyColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations, unsigned int8[] signature) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Data.SqlClient.SqlColumnEncryptionCertificateStoreProvider.VerifyColumnMasterKeyMetadata(System.String,System.Boolean,System.Byte[])" />
<MemberSignature Language="VB.NET" Value="Public Overrides Function VerifyColumnMasterKeyMetadata (masterKeyPath As String, allowEnclaveComputations As Boolean, signature As Byte()) As Boolean" />
<MemberSignature Language="F#" Value="override this.VerifyColumnMasterKeyMetadata : string * bool * byte[] -> bool" Usage="sqlColumnEncryptionCertificateStoreProvider.VerifyColumnMasterKeyMetadata (masterKeyPath, allowEnclaveComputations, signature)" />
<MemberSignature Language="C++ CLI" Value="public:
 override bool VerifyColumnMasterKeyMetadata(System::String ^ masterKeyPath, bool allowEnclaveComputations, cli::array <System::Byte> ^ signature);" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Data</AssemblyName>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Boolean</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="masterKeyPath" Type="System.String" Index="0" FrameworkAlternate="netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
<Parameter Name="allowEnclaveComputations" Type="System.Boolean" Index="1" FrameworkAlternate="netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
<Parameter Name="signature" Type="System.Byte[]" Index="2" FrameworkAlternate="netframework-4.7.2;netframework-4.8;netframework-4.8.1" />
</Parameters>
<Docs>
<param name="masterKeyPath">The complete path of an asymmetric key. The path format is specific to a key store provider.</param>
<param name="allowEnclaveComputations">A Boolean that indicates if this key can be sent to the trusted enclave.</param>
<param name="signature">The master key metadata siognature.</param>
<summary>This function must be implemented by the corresponding Key Store providers. This function should use an asymmetric key identified by a key path and verify the masterkey metadata consisting of (masterKeyPath, allowEnclaveComputations, providerName).</summary>
<returns>A Boolean value that indicates if the master key metadata can be verified based on the provided signature.</returns>
<remarks>To be added.</remarks>
</Docs>
</Member>
</Members>
</Type>