SQLServerColumnEncryptionAzureKeyVaultProvider (Microsoft JDBC Driver for SQL Server 6.5.3 API)

java.lang.Object
- com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionKeyStoreProvider
- - com.microsoft.sqlserver.jdbc.SQLServerColumnEncryptionAzureKeyVaultProvider

```
public class SQLServerColumnEncryptionAzureKeyVaultProvider
extends SQLServerColumnEncryptionKeyStoreProvider
```
Provides implementation similar to certificate store provider. A CEK encrypted with certificate store provider should be decryptable by this provider and vice versa. Envelope Format for the encrypted column encryption key version + keyPathLength + ciphertextLength + keyPath + ciphertext + signature version: A single byte indicating the format version. keyPathLength: Length of the keyPath. ciphertextLength: ciphertext length keyPath: keyPath used to encrypt the column encryption key. This is only used for troubleshooting purposes and is not verified during decryption. ciphertext: Encrypted column encryption key signature: Signature of the entire byte array. Signature is validated before decrypting the column encryption key.

Constructor Summary

Constructors
Constructor	Description
`SQLServerColumnEncryptionAzureKeyVaultProvider(SQLServerKeyVaultAuthenticationCallback authenticationCallback)`	Constructor that takes a callback function to authenticate to AAD.
`SQLServerColumnEncryptionAzureKeyVaultProvider(SQLServerKeyVaultAuthenticationCallback authenticationCallback, java.util.concurrent.ExecutorService executorService)`	Deprecated.
`SQLServerColumnEncryptionAzureKeyVaultProvider(java.lang.String clientId, java.lang.String clientKey)`	Constructor that authenticates to AAD.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`byte[]`	`decryptColumnEncryptionKey(java.lang.String masterKeyPath, java.lang.String encryptionAlgorithm, byte[] encryptedColumnEncryptionKey)`	This function uses the asymmetric key specified by the key path and decrypts an encrypted CEK with RSA encryption algorithm.
`byte[]`	`encryptColumnEncryptionKey(java.lang.String masterKeyPath, java.lang.String encryptionAlgorithm, byte[] columnEncryptionKey)`	This function uses the asymmetric key specified by the key path and encrypts CEK with RSA encryption algorithm.
`java.lang.String`	`getName()`	Retrieves the name of this key store provider.
`void`	`setName(java.lang.String name)`	Sets the name of this key store provider.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SQLServerColumnEncryptionAzureKeyVaultProvider
```
@Deprecated
public SQLServerColumnEncryptionAzureKeyVaultProvider(SQLServerKeyVaultAuthenticationCallback authenticationCallback,
                                                      java.util.concurrent.ExecutorService executorService)
                                               throws SQLServerException
```
    Deprecated.
    
    Constructor that takes a callback function to authenticate to AAD. This is used by KeyVaultClient at runtime to authenticate to Azure Key Vault. This constructor is present to maintain backwards compatibility with 6.0 version of the driver. Deprecated for removal in next stable release.
    
    Parameters:
    
    authenticationCallback - - Callback function used for authenticating to AAD.
    
    executorService - - The ExecutorService, previously used to create the keyVaultClient, but not in use anymore. - This parameter can be passed as 'null'
    
    Throws:
    
    SQLServerException - when an error occurs
  - SQLServerColumnEncryptionAzureKeyVaultProvider
```
public SQLServerColumnEncryptionAzureKeyVaultProvider(SQLServerKeyVaultAuthenticationCallback authenticationCallback)
                                               throws SQLServerException
```
    Constructor that takes a callback function to authenticate to AAD. This is used by KeyVaultClient at runtime to authenticate to Azure Key Vault.
    
    Parameters:
    
    authenticationCallback - - Callback function used for authenticating to AAD.
    
    Throws:
    
    SQLServerException - when an error occurs
  - SQLServerColumnEncryptionAzureKeyVaultProvider
```
public SQLServerColumnEncryptionAzureKeyVaultProvider(java.lang.String clientId,
                                                      java.lang.String clientKey)
                                               throws SQLServerException
```
    Constructor that authenticates to AAD. This is used by KeyVaultClient at runtime to authenticate to Azure Key Vault.
    
    Parameters:
    
    clientId - Identifier of the client requesting the token.
    
    clientKey - Key of the client requesting the token.
    
    Throws:
    
    SQLServerException - when an error occurs
- Method Detail
  - setName
```
public void setName(java.lang.String name)
```
    Description copied from class: SQLServerColumnEncryptionKeyStoreProvider
    
    Sets the name of this key store provider.
    
    Specified by:
    
    setName in class SQLServerColumnEncryptionKeyStoreProvider
    
    Parameters:
    
    name - value to be set for the key store provider.
  - getName
```
public java.lang.String getName()
```
    Description copied from class: SQLServerColumnEncryptionKeyStoreProvider
    
    Retrieves the name of this key store provider.
    
    Specified by:
    
    getName in class SQLServerColumnEncryptionKeyStoreProvider
    
    Returns:
    
    the name of this key store provider.
  - decryptColumnEncryptionKey
```
public byte[] decryptColumnEncryptionKey(java.lang.String masterKeyPath,
                                         java.lang.String encryptionAlgorithm,
                                         byte[] encryptedColumnEncryptionKey)
                                  throws SQLServerException
```
    This function uses the asymmetric key specified by the key path and decrypts an encrypted CEK with RSA encryption algorithm.
    
    Specified by:
    
    decryptColumnEncryptionKey in class SQLServerColumnEncryptionKeyStoreProvider
    
    Parameters:
    
    masterKeyPath - - Complete path of an asymmetric key in AKV
    
    encryptionAlgorithm - - Asymmetric Key Encryption Algorithm
    
    encryptedColumnEncryptionKey - - Encrypted Column Encryption Key
    
    Returns:
    
    Plain text column encryption key
    
    Throws:
    
    SQLServerException - when an error occurs while decrypting the CEK
  - encryptColumnEncryptionKey
```
public byte[] encryptColumnEncryptionKey(java.lang.String masterKeyPath,
                                         java.lang.String encryptionAlgorithm,
                                         byte[] columnEncryptionKey)
                                  throws SQLServerException
```
    This function uses the asymmetric key specified by the key path and encrypts CEK with RSA encryption algorithm.
    
    Specified by:
    
    encryptColumnEncryptionKey in class SQLServerColumnEncryptionKeyStoreProvider
    
    Parameters:
    
    masterKeyPath - - Complete path of an asymmetric key in AKV
    
    encryptionAlgorithm - - Asymmetric Key Encryption Algorithm
    
    columnEncryptionKey - - Plain text column encryption key
    
    Returns:
    
    Encrypted column encryption key
    
    Throws:
    
    SQLServerException - when an error occurs while encrypting the CEK

Class SQLServerColumnEncryptionAzureKeyVaultProvider

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

SQLServerColumnEncryptionAzureKeyVaultProvider

SQLServerColumnEncryptionAzureKeyVaultProvider

SQLServerColumnEncryptionAzureKeyVaultProvider

Method Detail

setName

getName

decryptColumnEncryptionKey

encryptColumnEncryptionKey