Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

SNOW-1674771: Key-Pair Authenticator: Accept a RSA Object instead of a string #1027

Open
HRusby opened this issue Sep 20, 2024 · 1 comment
Assignees
Labels
feature status-triage_done Initial triage done, will be further handled by the driver team

Comments

@HRusby
Copy link

HRusby commented Sep 20, 2024

What is the current behavior?

Currently in order to connect to Snowflake via the Key-Pair Authenticator, you must pass the RSA Private Key as a string in to the Connection String.

What is the desired behavior?

Similarly to the PythonConnector it should be possible to pass an RSA Object into the Authenticator such that we don't need to store the private key as plaintext.

How would this improve snowflake-connector-net?

This would enable more secure workflows where the RSA Private Key is stored in a KeyVault (e.g. Azure Key Vault) that do not allow the private key to be retrieved.

From an initial look at the code, I suspect the RSA Object could be added to the SFSession object which would make it available in the KeyPairAuthenticator. I would expect the RSA object it takes to be a System.Security.Cryptography.RSA

@HRusby HRusby added the feature label Sep 20, 2024
@github-actions github-actions bot changed the title Key-Pair Authenticator: Accept a RSA Object instead of a string SNOW-1674771: Key-Pair Authenticator: Accept a RSA Object instead of a string Sep 20, 2024
@sfc-gh-dszmolka sfc-gh-dszmolka added the status-triage_done Initial triage done, will be further handled by the driver team label Sep 20, 2024
@sfc-gh-dszmolka
Copy link
Contributor

thank you for your suggestion - the team will consider for future plans. No timeline estimated for the implementation. If the change is important for you, do reach out to your Account Team please and let them know of this requirement. They can help prioritising requests which are required by many customers.

# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
feature status-triage_done Initial triage done, will be further handled by the driver team
Projects
None yet
Development

No branches or pull requests

3 participants