Move fixtures to the Common tests project, update references

Author: edwardneal

src/Microsoft.Data.SqlClient/tests/Common/Common.csproj

@@ -51,4 +51,10 @@
     </ContentWithTargetPath>
   </ItemGroup>
 
+  <!-- Fixture-specific References -->
+  <ItemGroup>
+    <PackageReference Include="Azure.Identity" Version="$(AzureIdentityVersion)" />
+    <PackageReference Include="Azure.Security.KeyVault.Keys" Version="$(AzureSecurityKeyVaultKeysVersion)" />
+  </ItemGroup>
+
 </Project>

src/Microsoft.Data.SqlClient/tests/Common/Fixtures/AzureKeyVaultKeyFixtureBase.cs

@@ -0,0 +1,62 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.using System;
+
+using System;
+using System.Collections.Generic;
+using Azure.Core;
+using Azure.Security.KeyVault.Keys;
+
+namespace Microsoft.Data.SqlClient.Tests.Common.Fixtures;
+
+public abstract class AzureKeyVaultKeyFixtureBase : IDisposable
+{
+    private readonly KeyClient _keyClient;
+    private readonly Random _randomGenerator;
+
+    private readonly List<KeyVaultKey> _createdKeys = new List<KeyVaultKey>();
+
+    protected AzureKeyVaultKeyFixtureBase(Uri keyVaultUri, TokenCredential keyVaultToken)
+    {
+        _keyClient = new KeyClient(keyVaultUri, keyVaultToken);
+        _randomGenerator = new Random();
+    }
+
+    protected Uri CreateKey(string name, int keySize)
+    {
+        CreateRsaKeyOptions createOptions = new CreateRsaKeyOptions(GenerateUniqueName(name)) { KeySize = keySize };
+        KeyVaultKey created = _keyClient.CreateRsaKey(createOptions);
+
+        _createdKeys.Add(created);
+        return created.Id;
+    }
+
+    private string GenerateUniqueName(string name)
+    {
+        byte[] rndBytes = new byte[16];
+
+        _randomGenerator.NextBytes(rndBytes);
+        return name + "-" + BitConverter.ToString(rndBytes);
+    }
+
+    public void Dispose()
+    {
+        Dispose(true);
+        GC.SuppressFinalize(this);
+    }
+
+    protected virtual void Dispose(bool disposing)
+    {
+        foreach (KeyVaultKey key in _createdKeys)
+        {
+            try
+            {
+                _keyClient.StartDeleteKey(key.Name).WaitForCompletion();
+            }
+            catch (Exception)
+            {
+                continue;
+            }
+        }
+    }
+}

src/Microsoft.Data.SqlClient/tests/tools/Microsoft.Data.SqlClient.TestUtilities/Fixtures/CertificateFixtureBase.cs renamed to src/Microsoft.Data.SqlClient/tests/Common/Fixtures/CertificateFixtureBase.cs

@@ -10,89 +10,89 @@
 using System.Text;
 using System.Threading;
 
-namespace Microsoft.Data.SqlClient.TestUtilities.Fixtures
+namespace Microsoft.Data.SqlClient.Tests.Common.Fixtures;
+
+public abstract class CertificateFixtureBase : IDisposable
 {
-    public abstract class CertificateFixtureBase : IDisposable
+    /// <summary>
+    /// Certificates must be created using this provider. Certificates created by PowerShell
+    /// using another provider aren't accessible from RSACryptoServiceProvider, which means
+    /// that we could not roundtrip between SqlColumnEncryptionCertificateStoreProvider and
+    /// SqlColumnEncryptionCspProvider.
+    /// </summary>
+    private const string CspProviderName = "Microsoft Enhanced RSA and AES Cryptographic Provider";
+
+    private sealed class CertificateStoreContext
     {
-        /// <summary>
-        /// Certificates must be created using this provider. Certificates created by PowerShell
-        /// using another provider aren't accessible from RSACryptoServiceProvider, which means
-        /// that we could not roundtrip between SqlColumnEncryptionCertificateStoreProvider and
-        /// SqlColumnEncryptionCspProvider.
-        /// </summary>
-        private const string CspProviderName = "Microsoft Enhanced RSA and AES Cryptographic Provider";
-
-        private sealed class CertificateStoreContext
-        {
-            public List<X509Certificate2> Certificates { get; }
+        public List<X509Certificate2> Certificates { get; }
 
-            public StoreLocation Location { get; }
+        public StoreLocation Location { get; }
 
-            public StoreName Name { get; }
+        public StoreName Name { get; }
 
-            public CertificateStoreContext(StoreLocation location, StoreName name)
-            {
-                Certificates = new List<X509Certificate2>();
-                Location = location;
-                Name = name;
-            }
+        public CertificateStoreContext(StoreLocation location, StoreName name)
+        {
+            Certificates = new List<X509Certificate2>();
+            Location = location;
+            Name = name;
         }
+    }
 
-        private readonly List<CertificateStoreContext> _certificateStoreModifications = new List<CertificateStoreContext>();
+    private readonly List<CertificateStoreContext> _certificateStoreModifications = new List<CertificateStoreContext>();
 
-        protected X509Certificate2 CreateCertificate(string subjectName, IEnumerable<string> dnsNames, IEnumerable<string> ipAddresses, bool forceCsp = false)
-        {
-            // This will always generate a certificate with:
-            // * Start date: 24hrs ago
-            // * End date: 24hrs in the future
-            // * Subject: {subjectName}
-            // * Subject alternative names: {dnsNames}, {ipAddresses}
-            // * Public key: 2048-bit RSA
-            // * Hash algorithm: SHA256
-            // * Key usage: digital signature, key encipherment
-            // * Enhanced key usage: server authentication, client authentication
-            DateTimeOffset notBefore = DateTimeOffset.UtcNow.AddDays(-1);
-            DateTimeOffset notAfter = DateTimeOffset.UtcNow.AddDays(1);
-            byte[] passwordBytes = new byte[32];
-            string password = null;
-            Random rnd = new Random();
-
-            rnd.NextBytes(passwordBytes);
-            password = Convert.ToBase64String(passwordBytes);
+    protected X509Certificate2 CreateCertificate(string subjectName, IEnumerable<string> dnsNames, IEnumerable<string> ipAddresses, bool forceCsp = false)
+    {
+        // This will always generate a certificate with:
+        // * Start date: 24hrs ago
+        // * End date: 24hrs in the future
+        // * Subject: {subjectName}
+        // * Subject alternative names: {dnsNames}, {ipAddresses}
+        // * Public key: 2048-bit RSA
+        // * Hash algorithm: SHA256
+        // * Key usage: digital signature, key encipherment
+        // * Enhanced key usage: server authentication, client authentication
+        DateTimeOffset notBefore = DateTimeOffset.UtcNow.AddDays(-1);
+        DateTimeOffset notAfter = DateTimeOffset.UtcNow.AddDays(1);
+        byte[] passwordBytes = new byte[32];
+        string password = null;
+        Random rnd = new Random();
+
+        rnd.NextBytes(passwordBytes);
+        password = Convert.ToBase64String(passwordBytes);
 #if NET
-            X500DistinguishedNameBuilder subjectBuilder = new X500DistinguishedNameBuilder();
-            SubjectAlternativeNameBuilder sanBuilder = new SubjectAlternativeNameBuilder();
-            RSA rsaKey = CreateRSA(forceCsp);
-            bool hasSans = false;
+        X500DistinguishedNameBuilder subjectBuilder = new X500DistinguishedNameBuilder();
+        SubjectAlternativeNameBuilder sanBuilder = new SubjectAlternativeNameBuilder();
+        RSA rsaKey = CreateRSA(forceCsp);
+        bool hasSans = false;
 
-            subjectBuilder.AddCommonName(subjectName);
-            foreach (string dnsName in dnsNames)
-            {
-                sanBuilder.AddDnsName(dnsName);
-                hasSans = true;
-            }
-            foreach (string ipAddress in ipAddresses)
-            {
-                sanBuilder.AddIpAddress(System.Net.IPAddress.Parse(ipAddress));
-                hasSans = true;
-            }
+        subjectBuilder.AddCommonName(subjectName);
+        foreach (string dnsName in dnsNames)
+        {
+            sanBuilder.AddDnsName(dnsName);
+            hasSans = true;
+        }
+        foreach (string ipAddress in ipAddresses)
+        {
+            sanBuilder.AddIpAddress(System.Net.IPAddress.Parse(ipAddress));
+            hasSans = true;
+        }
 
-            CertificateRequest request = new CertificateRequest(subjectBuilder.Build(), rsaKey, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
+        CertificateRequest request = new CertificateRequest(subjectBuilder.Build(), rsaKey, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
 
-            request.CertificateExtensions.Add(new X509SubjectKeyIdentifierExtension(request.PublicKey, false));
-            request.CertificateExtensions.Add(new X509KeyUsageExtension(X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.KeyEncipherment, false));
-            request.CertificateExtensions.Add(new X509EnhancedKeyUsageExtension(new OidCollection() { new Oid("1.3.6.1.5.5.7.3.1"), new Oid("1.3.6.1.5.5.7.3.2") }, true));
+        request.CertificateExtensions.Add(new X509SubjectKeyIdentifierExtension(request.PublicKey, false));
+        request.CertificateExtensions.Add(new X509KeyUsageExtension(X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.KeyEncipherment, false));
+        request.CertificateExtensions.Add(new X509EnhancedKeyUsageExtension(new OidCollection() { new Oid("1.3.6.1.5.5.7.3.1"), new Oid("1.3.6.1.5.5.7.3.2") }, true));
 
-            if (hasSans)
-            {
-                request.CertificateExtensions.Add(sanBuilder.Build());
-            }
+        if (hasSans)
+        {
+            request.CertificateExtensions.Add(sanBuilder.Build());
+        }
 
-            // Generate an ephemeral certificate, then export it and return it as a new certificate with the correct key storage flags set.
-            // This is to ensure that it's imported into the certificate stores with its private key.
-            using (X509Certificate2 ephemeral = request.CreateSelfSigned(notBefore, notAfter))
-            {
-                #if NET9_0_OR_GREATER
+        // Generate an ephemeral certificate, then export it and return it as a new certificate with the correct key storage flags set.
+        // This is to ensure that it's imported into the certificate stores with its private key.
+        using (X509Certificate2 ephemeral = request.CreateSelfSigned(notBefore, notAfter))
+        {
+#if NET9_0_OR_GREATER
                 return X509CertificateLoader.LoadPkcs12(
                     ephemeral.Export(X509ContentType.Pkcs12, password),
                     password,
@@ -102,13 +102,13 @@ protected X509Certificate2 CreateCertificate(string subjectName, IEnumerable<str
                         PreserveStorageProvider = true,
                         PreserveKeyName = true
                     });
-                #else
-                return new X509Certificate2(
-                    ephemeral.Export(X509ContentType.Pkcs12, password),
-                    password,
-                    X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);
-                #endif
-            }
+#else
+            return new X509Certificate2(
+                ephemeral.Export(X509ContentType.Pkcs12, password),
+                password,
+                X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);
+#endif
+        }
 #else
             // The CertificateRequest API is available in .NET Core, but was only added to .NET Framework 4.7.2; it thus can't be used in the test projects.
             // Instead, fall back to running a PowerShell script which calls New-SelfSignedCertificate. This cmdlet also adds the certificate to a specific,
@@ -227,82 +227,81 @@ exit 1
                 "PowerShell command raised exception: " +
                 $"{commandOutput}; command was: {formattedCommand}");
 #endif
-        }
+    }
 
 #if NET
-        private static RSA CreateRSA(bool forceCsp)
-        {
-            const int KeySize = 2048;
-            const int CspProviderType = 24;
+    private static RSA CreateRSA(bool forceCsp)
+    {
+        const int KeySize = 2048;
+        const int CspProviderType = 24;
 
-            return forceCsp && OperatingSystem.IsWindows()
-                ? new RSACryptoServiceProvider(KeySize, new CspParameters(CspProviderType, CspProviderName, Guid.NewGuid().ToString()))
-                : RSA.Create(KeySize);
-        }
+        return forceCsp && OperatingSystem.IsWindows()
+            ? new RSACryptoServiceProvider(KeySize, new CspParameters(CspProviderType, CspProviderName, Guid.NewGuid().ToString()))
+            : RSA.Create(KeySize);
+    }
 #endif
 
-        protected void AddToStore(X509Certificate2 cert, StoreLocation storeLocation, StoreName storeName)
-        {
-            CertificateStoreContext storeContext = _certificateStoreModifications.Find(csc => csc.Location == storeLocation && csc.Name == storeName);
-            
-            if (storeContext == null)
-            {
-                storeContext = new(storeLocation, storeName);
-                _certificateStoreModifications.Add(storeContext);
-            }
-
-            using X509Store store = new X509Store(storeContext.Name, storeContext.Location);
-
-            store.Open(OpenFlags.ReadWrite);
-            if (store.Certificates.Contains(cert))
-            {
-                store.Remove(cert);
-            }
-            store.Add(cert);
+    protected void AddToStore(X509Certificate2 cert, StoreLocation storeLocation, StoreName storeName)
+    {
+        CertificateStoreContext storeContext = _certificateStoreModifications.Find(csc => csc.Location == storeLocation && csc.Name == storeName);
 
-            storeContext.Certificates.Add(cert);
+        if (storeContext == null)
+        {
+            storeContext = new(storeLocation, storeName);
+            _certificateStoreModifications.Add(storeContext);
         }
 
-        public void Dispose()
+        using X509Store store = new X509Store(storeContext.Name, storeContext.Location);
+
+        store.Open(OpenFlags.ReadWrite);
+        if (store.Certificates.Contains(cert))
         {
-            Dispose(true);
-            GC.SuppressFinalize(this);
+            store.Remove(cert);
         }
+        store.Add(cert);
+
+        storeContext.Certificates.Add(cert);
+    }
+
+    public void Dispose()
+    {
+        Dispose(true);
+        GC.SuppressFinalize(this);
+    }
 
-        protected virtual void Dispose(bool disposing)
+    protected virtual void Dispose(bool disposing)
+    {
+        foreach (CertificateStoreContext storeContext in _certificateStoreModifications)
         {
-            foreach (CertificateStoreContext storeContext in _certificateStoreModifications)
+            using X509Store store = new X509Store(storeContext.Name, storeContext.Location);
+
+            try
+            {
+                store.Open(OpenFlags.ReadWrite);
+            }
+            catch (Exception)
             {
-                using X509Store store = new X509Store(storeContext.Name, storeContext.Location);
+                continue;
+            }
 
+            foreach (X509Certificate2 cert in storeContext.Certificates)
+            {
                 try
                 {
-                    store.Open(OpenFlags.ReadWrite);
+                    if (store.Certificates.Contains(cert))
+                    {
+                        store.Remove(cert);
+                    }
                 }
-                catch(Exception)
+                catch (Exception)
                 {
                     continue;
                 }
 
-                foreach (X509Certificate2 cert in storeContext.Certificates)
-                {
-                    try
-                    {
-                        if (store.Certificates.Contains(cert))
-                        {
-                            store.Remove(cert);
-                        }
-                    }
-                    catch (Exception)
-                    {
-                        continue;
-                    }
-
-                    cert.Dispose();
-                }
-
-                storeContext.Certificates.Clear();
+                cert.Dispose();
             }
+
+            storeContext.Certificates.Clear();
         }
     }
 }