Skip to content

Tests | Refactor and move CoreCryptoTests to UnitTests #3709

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Tests | Refactor and move CoreCryptoTests to UnitTests #3709

wants to merge 5 commits into from

Conversation

@edwardneal
Copy link
Contributor

Description

This picks up from a comment yesterday in #3660 from @mdaigle, moving CoreCryptoTests into the unit tests project.

The CEK-based tests (TestRsaCryptoWithNativeBaseline) had already removed the use of reflection, so I've ported those across. There were also AEAD-based tests which still used reflection, so I removed those too.

The old version of the tests contained the TCECryptoNativeBaseline.txt and TCECryptoNativeBaselineRsa.txt files, with various parsing logic to convert the hexadecimal strings into byte arrays. I've turned these byte arrays into embedded resources because several of them are about 4KB in size and I wanted to load them in a consistent way. I'm not completely happy with the approach though, it leads to a lot of small files. I did consider putting them in one or more JSON files (so we'd eliminate the use of the custom parsing logic without adding so many files - perhaps one file for each of the 32 AEAD-based test cases and the 3 CEK-based test cases) but it seemed like an unnecessary layer of indirection. I'm happy to go with whichever option you'd prefer.

It's also worth noting that this lifts a hardcoded certificate out of TCECryptoNativeBaselineRsa.txt. This was always there, but it's technically a hardcoded credential and might be noticed as such. We use this to decrypt a CEK and verify its contents against the SQL Server native code, so it needs to remain in situ.

Issues

Follows up #3660 comment.

Testing

New tests run successfully.

@edwardneal edwardneal requested a review from a team as a code owner October 21, 2025 20:55
@paulmedynski
Copy link
Contributor

/azp run

@paulmedynski paulmedynski self-assigned this Oct 22, 2025
@azure-pipelines
Copy link

Azure Pipelines successfully started running 2 pipeline(s).

@paulmedynski
Copy link
Contributor

@edwardneal - Build failures - see: https://sqlclientdrivers.visualstudio.com/public/_build/results?buildId=127984&view=logs&j=4a2ec0b0-f4e2-5686-f3b1-9a2c684c31cc&t=047acb07-0880-5772-afc3-fa5d1648663c

@edwardneal
Copy link
Contributor Author

Thanks @paulmedynski - I'd missed the extracted CEK certificate. I've just added it and pushed.

@paulmedynski
Copy link
Contributor

/azp run

@azure-pipelines
Copy link

Azure Pipelines successfully started running 2 pipeline(s).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@paulmedynski paulmedynski

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@edwardneal @paulmedynski