[5.0.2] Fix | Addressing failure on providing correct error message when symmetric key decryption fails using Always Encrypted. (#1977)

lcheunglci · web-flow · commit 9bd90e685ac9 · 2023-03-30T12:56:50.000-07:00
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs
@@ -6024,6 +6024,13 @@ internal bool TryReadSqlValue(SqlBuffer value, SqlMetaDataPriv md, int length, T
                         }
                         catch (Exception e)
                         {
+                            if (stateObj is not null)
+                            {
+                                // call to decrypt column keys has failed. The data wont be decrypted.
+                                // Not setting the value to false, forces the driver to look for column value.
+                                // Packet received from Key Vault will throws invalid token header.
+                                stateObj.HasPendingData = false;
+                            }
                             throw SQL.ColumnDecryptionFailed(columnName, null, e);
                         }
                     }
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs
@@ -6828,6 +6828,13 @@ internal bool TryReadSqlValue(SqlBuffer value,
                         }
                         catch (Exception e)
                         {
+                            if (stateObj is not null)
+                            {
+                                // call to decrypt column keys has failed. The data wont be decrypted.
+                                // Not setting the value to false, forces the driver to look for column value.
+                                // Packet received from Key Vault will throws invalid token header.
+                                stateObj._pendingData = false;
+                            }
                             throw SQL.ColumnDecryptionFailed(columnName, null, e);
                         }
                     }

Original file line number	Diff line number	Diff line change
`@@ -6024,6 +6024,13 @@ internal bool TryReadSqlValue(SqlBuffer value, SqlMetaDataPriv md, int length, T`
`6024`	`6024`	`}`
`6025`	`6025`	`catch (Exception e)`
`6026`	`6026`	`{`
	`6027`	`+ if (stateObj is not null)`
	`6028`	`+ {`
	`6029`	`+ // call to decrypt column keys has failed. The data wont be decrypted.`
	`6030`	`+ // Not setting the value to false, forces the driver to look for column value.`
	`6031`	`+ // Packet received from Key Vault will throws invalid token header.`
	`6032`	`+ stateObj.HasPendingData = false;`
	`6033`	`+ }`
`6027`	`6034`	`throw SQL.ColumnDecryptionFailed(columnName, null, e);`
`6028`	`6035`	`}`
`6029`	`6036`	`}`
Original file line number	Diff line number	Diff line change
`@@ -6828,6 +6828,13 @@ internal bool TryReadSqlValue(SqlBuffer value,`
`6828`	`6828`	`}`
`6829`	`6829`	`catch (Exception e)`
`6830`	`6830`	`{`
	`6831`	`+ if (stateObj is not null)`
	`6832`	`+ {`
	`6833`	`+ // call to decrypt column keys has failed. The data wont be decrypted.`
	`6834`	`+ // Not setting the value to false, forces the driver to look for column value.`
	`6835`	`+ // Packet received from Key Vault will throws invalid token header.`
	`6836`	`+ stateObj._pendingData = false;`
	`6837`	`+ }`
`6831`	`6838`	`throw SQL.ColumnDecryptionFailed(columnName, null, e);`
`6832`	`6839`	`}`
`6833`	`6840`	`}`