Misc. internal comments cleanup

edwardneal · edwardneal · commit faa828b3d4e4 · 2025-09-11T21:57:31.000+01:00
Also simplified exception handling in SqlColumnEncryptionCspProvider
diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SqlColumnEncryptionCngProvider.Windows.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SqlColumnEncryptionCngProvider.Windows.cs
@@ -52,7 +52,7 @@ public override byte[] DecryptColumnEncryptionKey(string? masterKeyPath, string?
             // Validate encryptionAlgorithm
             ValidateEncryptionAlgorithm(encryptionAlgorithm, isSystemOp: true);
 
-            // Create RSA Provider with the given CNG name and key name
+            // Create RSA Provider with the given CNG provider name and key name
             RSA rsaProvider = CreateRSACngProvider(masterKeyPath, isSystemOp: true);
             using EncryptedColumnEncryptionKeyParameters cekDecryptionParameters = new(rsaProvider, masterKeyPath, MasterKeyType, KeyPathReference);
 
@@ -78,7 +78,7 @@ public override byte[] EncryptColumnEncryptionKey(string? masterKeyPath, string?
             // Validate encryptionAlgorithm
             ValidateEncryptionAlgorithm(encryptionAlgorithm, isSystemOp: false);
 
-            // Create RSACNGProviderWithKey
+            // Create RSA Provider with the given CNG provider name and key name
             RSA rsaProvider = CreateRSACngProvider(masterKeyPath, isSystemOp: false);
             using EncryptedColumnEncryptionKeyParameters cekEncryptionParameters = new(rsaProvider, masterKeyPath, MasterKeyType, KeyPathReference);
 
@@ -99,10 +99,10 @@ public override bool VerifyColumnMasterKeyMetadata(string? masterKeyPath, bool a
 
         /// <summary>
         /// This function validates that the encryption algorithm is RSA_OAEP and if it is not,
-        /// then throws an exception
+        /// then throws an exception.
         /// </summary>
-        /// <param name="encryptionAlgorithm">Asymmetric key encryption algorithm</param>
-        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API</param>
+        /// <param name="encryptionAlgorithm">Asymmetric key encryption algorithm.</param>
+        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API.</param>
         private static void ValidateEncryptionAlgorithm([NotNull] string? encryptionAlgorithm, bool isSystemOp)
         {
             // This validates that the encryption algorithm is RSA_OAEP
@@ -120,8 +120,8 @@ private static void ValidateEncryptionAlgorithm([NotNull] string? encryptionAlgo
         /// <summary>
         /// Checks if the CNG key path is Empty or Null (and raises exception if they are).
         /// </summary>
-        /// <param name="masterKeyPath">keypath containing the CNG provider name and key name</param>
-        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API</param>
+        /// <param name="masterKeyPath">Key path containing the CNG provider name and key name.</param>
+        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API.</param>
         private static void ValidateNonEmptyKeyPath([NotNull] string? masterKeyPath, bool isSystemOp)
         {
             if (masterKeyPath is null)
@@ -136,10 +136,10 @@ private static void ValidateNonEmptyKeyPath([NotNull] string? masterKeyPath, boo
         }
 
         /// <summary>
-        /// Creates a RSACng object from the given keyPath.
+        /// Creates a RSACng from the given key path.
         /// </summary>
-        /// <param name="keyPath"></param>
-        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API</param>
+        /// <param name="keyPath">Key path in the format of [CNG provider name]/[key name].</param>
+        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API.</param>
         /// <returns></returns>
         private static RSACng CreateRSACngProvider(string keyPath, bool isSystemOp)
         {
@@ -165,12 +165,12 @@ private static RSACng CreateRSACngProvider(string keyPath, bool isSystemOp)
         }
 
         /// <summary>
-        /// Extracts the CNG provider and key name from the key path
+        /// Extracts the CNG provider name and key name from the given key path.
         /// </summary>
-        /// <param name="keyPath">keypath in the format [CNG Provider]/[KeyName]</param>
-        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API</param>
-        /// <param name="cngProvider">CNG Provider</param>
-        /// <param name="keyIdentifier">Key identifier inside the CNG provider</param>
+        /// <param name="keyPath">Key path in the format [CNG provider name]/[key name].</param>
+        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API.</param>
+        /// <param name="cngProvider">CNG provider name.</param>
+        /// <param name="keyIdentifier">Key name inside the CNG provider.</param>
         private static void GetCngProviderAndKeyId(string keyPath, bool isSystemOp, out string cngProvider, out string keyIdentifier)
         {
             int indexOfSlash = keyPath.IndexOf('/');
diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SqlColumnEncryptionCspProvider.Windows.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SqlColumnEncryptionCspProvider.Windows.cs
@@ -26,7 +26,7 @@ public class SqlColumnEncryptionCspProvider : SqlColumnEncryptionKeyStoreProvide
         internal const string MasterKeyType = @"asymmetric key";
 
         /// <summary>
-        /// This encryption keystore uses the master key path to reference a CSP.
+        /// This encryption keystore uses the master key path to reference a CSP provider.
         /// </summary>
         internal const string KeyPathReference = @"Microsoft Cryptographic Service Provider (CSP)";
 
@@ -102,10 +102,10 @@ public override bool VerifyColumnMasterKeyMetadata(string? masterKeyPath, bool a
 
         /// <summary>
         /// This function validates that the encryption algorithm is RSA_OAEP and if it is not,
-        /// then throws an exception
+        /// then throws an exception.
         /// </summary>
-        /// <param name="encryptionAlgorithm">Asymmetric key encryption algorithm</param>
-        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API</param>
+        /// <param name="encryptionAlgorithm">Asymmetric key encryption algorithm.</param>
+        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API.</param>
         private static void ValidateEncryptionAlgorithm([NotNull] string? encryptionAlgorithm, bool isSystemOp)
         {
             // This validates that the encryption algorithm is RSA_OAEP
@@ -123,8 +123,8 @@ private static void ValidateEncryptionAlgorithm([NotNull] string? encryptionAlgo
         /// <summary>
         /// Checks if the CSP key path is Empty or Null (and raises exception if they are).
         /// </summary>
-        /// <param name="masterKeyPath">CSP key path.</param>
-        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API</param>
+        /// <param name="masterKeyPath">Key path containing the CSP provider name and key name.</param>
+        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API.</param>
         private static void ValidateNonEmptyCSPKeyPath([NotNull] string? masterKeyPath, bool isSystemOp)
         {
             if (masterKeyPath is null)
@@ -139,10 +139,10 @@ private static void ValidateNonEmptyCSPKeyPath([NotNull] string? masterKeyPath,
         }
 
         /// <summary>
-        /// Creates a RSACryptoServiceProvider from the given key path which contains both CSP name and key name
+        /// Creates a RSACryptoServiceProvider from the given key path.
         /// </summary>
-        /// <param name="keyPath">key path in the format of [CAPI provider name]/[key name]</param>
-        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API</param>
+        /// <param name="keyPath">Key path in the format of [CSP provider name]/[key name].</param>
+        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API.</param>
         /// <returns></returns>
         private static RSACryptoServiceProvider CreateRSACryptoProvider(string keyPath, bool isSystemOp)
         {
@@ -154,35 +154,27 @@ private static RSACryptoServiceProvider CreateRSACryptoProvider(string keyPath,
 
             // Create a new instance of CspParameters for an RSA container.
             CspParameters cspParams = new(providerType, cspProviderName, keyName) { Flags = CspProviderFlags.UseExistingKey };
+            const int KEYSETDOESNOTEXIST = -2146893802;
 
             try
             {
                 // Create a new instance of RSACryptoServiceProvider
                 return new RSACryptoServiceProvider(cspParams);
             }
-            catch (CryptographicException e)
+            catch (CryptographicException e) when (e.HResult == KEYSETDOESNOTEXIST)
             {
-                const int KEYSETDOESNOTEXIST = -2146893802;
-                if (e.HResult == KEYSETDOESNOTEXIST)
-                {
-                    // Key does not exist
-                    throw SQL.InvalidCspKeyIdentifier(keyName, keyPath, isSystemOp);
-                }
-                else
-                {
-                    // Bubble up the exception
-                    throw;
-                }
+                // Key does not exist
+                throw SQL.InvalidCspKeyIdentifier(keyName, keyPath, isSystemOp);
             }
         }
 
         /// <summary>
-        /// Extracts the CSP provider name and key name from the given key path
+        /// Extracts the CSP provider name and key name from the given key path.
         /// </summary>
-        /// <param name="keyPath">key path in the format of [CSP provider name]/[key name]</param>
-        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API</param>
-        /// <param name="cspProviderName">output containing the CSP provider name</param>
-        /// <param name="keyIdentifier">output containing the key name</param>
+        /// <param name="keyPath">Key path in the format [CSP provider name]/[key name].</param>
+        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API.</param>
+        /// <param name="cspProviderName">CSP provider name.</param>
+        /// <param name="keyIdentifier">Key name inside the CSP provider.</param>
         private static void GetCspProviderAndKeyName(string keyPath, bool isSystemOp, out string cspProviderName, out string keyIdentifier)
         {
             int indexOfSlash = keyPath.IndexOf('/');
@@ -205,11 +197,11 @@ private static void GetCspProviderAndKeyName(string keyPath, bool isSystemOp, ou
         }
 
         /// <summary>
-        /// Gets the provider type from a given CAPI provider name
+        /// Gets the type from a given CSP provider name.
         /// </summary>
-        /// <param name="providerName">CAPI provider name</param>
-        /// <param name="keyPath">key path in the format of [CSP provider name]/[key name]</param>
-        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API</param>
+        /// <param name="providerName">CSP provider name.</param>
+        /// <param name="keyPath">Key path in the format of [CSP provider name]/[key name].</param>
+        /// <param name="isSystemOp">Indicates if ADO.NET calls or the customer calls the API.</param>
         /// <returns></returns>
         private static int GetProviderType(string providerName, string keyPath, bool isSystemOp)
         {
