Share via


SqlColumnEncryptionKeyStoreProvider.SignColumnMasterKeyMetadata Method

Definition

When implemented in a derived class, digitally signs the column master key metadata with the column master key referenced by the masterKeyPath parameter. The input values used to generate the signature should be the specified values of the masterKeyPath and allowEnclaveComputations parameters.

public:
 virtual cli::array <System::Byte> ^ SignColumnMasterKeyMetadata(System::String ^ masterKeyPath, bool allowEnclaveComputations);
public virtual byte[] SignColumnMasterKeyMetadata (string masterKeyPath, bool allowEnclaveComputations);
abstract member SignColumnMasterKeyMetadata : string * bool -> byte[]
override this.SignColumnMasterKeyMetadata : string * bool -> byte[]
Public Overridable Function SignColumnMasterKeyMetadata (masterKeyPath As String, allowEnclaveComputations As Boolean) As Byte()

Parameters

masterKeyPath
String

The column master key path.

allowEnclaveComputations
Boolean

true to indicate that the column master key supports enclave computations; otherwise, false.

Returns

Byte[]

The signature of the column master key metadata.

Exceptions

In all cases.

Remarks

To ensure that the SignColumnMasterKeyMetadata method doesn't break applications that rely on an old API, it throws a NotImplementedException exception by default.

The SignColumnMasterKeyMetadata method will be used by client tools that generate Column Master Keys (CMK) for customers. SignColumnMasterKeyMetadata must be implemented by the corresponding key store providers that wish to use enclaves with Always Encrypted.

Applies to