使用證書和對稱密鑰加密SQL Server數據

Question

我試圖使用證書和對稱密鑰來加密數據庫列。

我成功創建證書，對稱密鑰使用如下：

CREATE CERTIFICATE MyCertificate 
    ENCRYPTION BY PASSWORD = 'password' 
    WITH SUBJECT = 'Public Access Data' 
GO 

CREATE SYMMETRIC KEY MySSNKey 
    WITH ALGORITHM = AES_256 
    ENCRYPTION BY CERTIFICATE MyCertificate 

我試圖加密和利用解密的一些數據如下：

DECLARE @Text VARCHAR(100) 
SET @Text = 'Some Text' 

DECLARE @EncryptedText VARBINARY(128) 

-- Open the symmetric key with which to encrypt the data. 
OPEN SYMMETRIC KEY MySSNKey 
    DECRYPTION BY CERTIFICATE MyCertificate; 

SELECT @EncryptedText = EncryptByKey(Key_GUID('MySSNKey'), @Text) 

SELECT CONVERT(VARCHAR(100), DecryptByKey(@EncryptedText)) AS DecryptedText 

當我這樣做，我得到以下錯誤消息：

該證書具有受用戶定義的保護的私鑰 密碼。需要提供該密碼才能啓用使用 私鑰。

歸根結底，我試圖做的是寫一個存儲過程，將需要一些未加密的數據作爲輸入，對其進行加密，然後將其保存爲加密VARBINARY。然後，我想編寫一個第二個存儲過程，它將做相反的事情 - 即解密加密的varbinary並將其轉換回人類可讀的數據類型。我寧願不必直接在存儲過程中指定密碼。有沒有辦法做到這一點？我在上面的代碼中做了什麼錯誤？

謝謝。

Answer 1

你只需要使用：

OPEN SYMMETRIC KEY MySSNKey 
    DECRYPTION BY CERTIFICATE MyCertificate WITH PASSWORD = 'password'; 

Answer 2

您NEAD使用MASTER KEY

例子：

CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'MasterPassword'; 
CREATE CERTIFICATE MyCertificate WITH SUBJECT = 'Public Access Data'; 
CREATE SYMMETRIC KEY MySSNKey WITH ALGORITHM = AES_256 ENCRYPTION BY CERTIFICATE MyCertificate; 


OPEN SYMMETRIC KEY MySSNKey DECRYPTION BY CERTIFICATE MyCertificate; 
SELECT Customer_id, Credit_card_number_encrypt AS 'Encrypted Credit Card Number', 
CONVERT(varchar, DecryptByKey(Credit_card_number_encrypt)) AS 'Decrypted Credit Card Number' 
FROM dbo.Customer_data; 
CLOSE SYMMETRIC KEY MySSNKey ;