Skip to main content

normalize_for_encryption

Function normalize_for_encryption 

Source
pub fn normalize_for_encryption(
    value: &SqlValue,
    param_type: Option<EncryptedParamType>,
) -> Result<Vec<u8>, EncryptionError>
Expand description

Normalize a parameter value to the plaintext byte form Always Encrypted encrypts — SQL Server’s “normalized” form for the value’s type. The result is the plaintext input to EncryptionContext::encrypt_value.

Normalization is type-specific and is not the regular TDS wire encoding: e.g. INT normalizes to 8 little-endian bytes (not 4), and strings/binaries carry no length prefix. These layouts are validated byte-for-byte against Microsoft.Data.SqlClient (see the ae_normalization tests). Only the types supported so far are handled; others return UnsupportedOperation.

Typed temporal parameters (time/datetime2/datetimeoffset/datetime) pass their mssql_types::EncryptedParamType in param_type: their byte length depends on the column scale, so the value alone is insufficient.