[5.1.1] Fix | Addressing failure on providing correct error message when symmetric key decryption fails using Always Encrypted. (#1968)

lcheunglci · web-flow · commit 20e1535b28b1 · 2023-03-27T12:41:03.000-07:00
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs
@@ -6070,6 +6070,13 @@ internal bool TryReadSqlValue(SqlBuffer value, SqlMetaDataPriv md, int length, T
                         }
                         catch (Exception e)
                         {
+                            if (stateObj is not null)
+                            {
+                                // call to decrypt column keys has failed. The data wont be decrypted.
+                                // Not setting the value to false, forces the driver to look for column value.
+                                // Packet received from Key Vault will throws invalid token header.
+                                stateObj.HasPendingData = false;
+                            }
                             throw SQL.ColumnDecryptionFailed(columnName, null, e);
                         }
                     }
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsParser.cs
@@ -6884,6 +6884,13 @@ internal bool TryReadSqlValue(SqlBuffer value,
                         }
                         catch (Exception e)
                         {
+                            if (stateObj is not null)
+                            {
+                                // call to decrypt column keys has failed. The data wont be decrypted.
+                                // Not setting the value to false, forces the driver to look for column value.
+                                // Packet received from Key Vault will throws invalid token header.
+                                stateObj._pendingData = false;
+                            }
                             throw SQL.ColumnDecryptionFailed(columnName, null, e);
                         }
                     }

Original file line number	Diff line number	Diff line change
`@@ -6070,6 +6070,13 @@ internal bool TryReadSqlValue(SqlBuffer value, SqlMetaDataPriv md, int length, T`
`6070`	`6070`	`}`
`6071`	`6071`	`catch (Exception e)`
`6072`	`6072`	`{`
	`6073`	`+ if (stateObj is not null)`
	`6074`	`+ {`
	`6075`	`+ // call to decrypt column keys has failed. The data wont be decrypted.`
	`6076`	`+ // Not setting the value to false, forces the driver to look for column value.`
	`6077`	`+ // Packet received from Key Vault will throws invalid token header.`
	`6078`	`+ stateObj.HasPendingData = false;`
	`6079`	`+ }`
`6073`	`6080`	`throw SQL.ColumnDecryptionFailed(columnName, null, e);`
`6074`	`6081`	`}`
`6075`	`6082`	`}`
Original file line number	Diff line number	Diff line change
`@@ -6884,6 +6884,13 @@ internal bool TryReadSqlValue(SqlBuffer value,`
`6884`	`6884`	`}`
`6885`	`6885`	`catch (Exception e)`
`6886`	`6886`	`{`
	`6887`	`+ if (stateObj is not null)`
	`6888`	`+ {`
	`6889`	`+ // call to decrypt column keys has failed. The data wont be decrypted.`
	`6890`	`+ // Not setting the value to false, forces the driver to look for column value.`
	`6891`	`+ // Packet received from Key Vault will throws invalid token header.`
	`6892`	`+ stateObj._pendingData = false;`
	`6893`	`+ }`
`6887`	`6894`	`throw SQL.ColumnDecryptionFailed(columnName, null, e);`
`6888`	`6895`	`}`
`6889`	`6896`	`}`