Introduce Async API counterparts for AE base class#3673
Introduce Async API counterparts for AE base class#3673cheenamalhotra wants to merge 13 commits into
Conversation
There was a problem hiding this comment.
Pull Request Overview
Adds asynchronous counterparts to key store provider APIs in SqlColumnEncryptionKeyStoreProvider to enable async implementations for Always Encrypted key operations.
Key changes:
- Introduced async virtual methods (Decrypt/Encrypt column encryption key, Sign/Verify CMK metadata) that currently throw NotImplementedException.
- Added corresponding XML documentation entries for the new async methods.
- Minor wording adjustments in existing XML return documentation.
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 7 comments.
| File | Description |
|---|---|
| src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SqlColumnEncryptionKeyStoreProvider.cs | Adds async virtual method stubs for encryption key and metadata operations. |
| doc/snippets/Microsoft.Data.SqlClient/SqlColumnEncryptionKeyStoreProvider.xml | Documents newly added async methods and adjusts some existing return descriptions. |
paulmedynski
left a comment
There was a problem hiding this comment.
Asking for clarification on return types and synchronous implementation.
benrr101
left a comment
There was a problem hiding this comment.
For new APIs we should have some discussion on the signatures. Definitely won't be able to get this in before preview2.
|
This pull request has been marked as stale due to inactivity for more than 30 days. If you would like to keep this pull request open, please provide an update or respond to any comments. Otherwise, it will be closed automatically in 7 days. |
|
Wait, wait 🙈 |
|
This pull request has been marked as stale due to inactivity for more than 30 days. If you would like to keep this pull request open, please provide an update or respond to any comments. Otherwise, it will be closed automatically in 7 days. |
|
Stay |
- Reorder XML doc elements to place <summary> before <param> tags - Improve masterKeyPath descriptions (provider-specific format examples) - Improve encryptionAlgorithm descriptions (include RSA_OAEP example) - Fix columnEncryptionKey param: 'The column encryption key to encrypt' - Remove 'digitally' and redundant sentence from Sign summary - Wrap long lines to ~100 chars throughout - Use <see cref> for NotImplementedException in Verify docs - Add #nullable enable/restore around new async APIs in ref assembly Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
- Split async methods into two overloads per .NET standard library pattern: virtual overload with explicit CancellationToken (overridable), and non-virtual convenience overload without it (passes CancellationToken.None) - Default implementation checks CancellationToken.IsCancellationRequested and returns Task.FromCanceled before invoking sync method - Move tests from FunctionalTests to UnitTests - Add 4 cancellation token tests validating cancelled task behavior - Update <returns> tags to use <see cref="T:System.Byte[]" /> - Update spec to reflect two-overload design decision Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
- Fix test namespace to Microsoft.Data.SqlClient.UnitTests.AlwaysEncrypted (matching existing convention in UnitTests project) - Improve allowEnclaveComputations param docs: explain that when true, the signature covers the enclave-enabled property for later verification - Improve signature param docs: clarify it's the byte array from SignColumnMasterKeyMetadata with provider-specific format - Add 'live token' tests validating non-cancelled token doesn't interfere with default implementation completion Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
The ref project inherits nullable context from Directory.Build.props, so adding #nullable enable/restore blocks caused 'throw null;' to emit CS8597 errors. Remove the directives to match the ref file convention. Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
- Replace SemaphoreSlim pattern with MemoryCache.GetOrCreateAsync for IMemoryCache-backed caches (AKV provider) - Keep check-release-fetch-relock only for custom-cache sites - Remove superseded Decision 8, consolidate to 7 concise decisions - Convert requirements and entities to compact tables - Reduce from 448 to 298 lines Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
…d tests - Add XML <summary> documentation to every [Fact] method and test helpers - Add using Microsoft.Data.SqlClient for explicit namespace import - Add SignColumnMasterKeyMetadataAsync_NoCancellationOverload_ReturnsFaultedTask - Add VerifyColumnMasterKeyMetadataAsync_NoCancellationOverload_ReturnsFaultedTask - Organize tests into regions: fallback, faulted, cancellation, convenience Total: 16 tests passing Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Remove non-virtual convenience overloads. Each async method is now a single virtual method with 'CancellationToken cancellationToken = default' so callers can omit the token and derived classes override one method. - Remove 4 non-virtual NoCancellation overloads from implementation - Remove 4 NoCancellation entries from ref assembly - Remove 4 NoCancellation XML doc blocks - Update spec Decision 2 and FR-002 for single-overload pattern - Rename test region from 'Convenience overloads' to 'Default parameter' Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Fatal exceptions (OOM, StackOverflow, ThreadAbort, etc.) must not be wrapped in Task.FromException — they should propagate synchronously. Use the existing ADP.IsCatchableExceptionType guard in exception filters, matching the pattern used in SqlDataReader and throughout the repo. Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Summary
Introduces async API counterparts for the
SqlColumnEncryptionKeyStoreProviderabstract base class (Always Encrypted). This enables custom key store providers to implement truly asynchronous key operations instead of being forced to block on synchronous calls during query execution.Fixes #3672
Public API
Four new
virtualmethods added toSqlColumnEncryptionKeyStoreProvider:Design Decisions
CancellationToken = default— no separate convenience overloadsTask.FromResult/Task.FromExceptionso existing providers work without changesADP.IsCatchableExceptionType(e)filter in catch blocks (consistent with runtime patterns forStackOverflowException,OutOfMemoryException, etc.)Changes
src/.../SqlColumnEncryptionKeyStoreProvider.cssrc/.../ref/Microsoft.Data.SqlClient.csdoc/snippets/.../SqlColumnEncryptionKeyStoreProvider.xmlspecs/002-async-always-encrypted/spec.mdtests/.../SqlColumnEncryptionKeyStoreProviderAsyncShould.csTesting
Checklist