比较查询中的加密列

时间:2014-10-12 11:41:59

标签: sql-server database sql-server-2008 security cryptography

我正在尝试使用SQL查询从数据库中获取具有指定电子邮件的用户名:

SELECT [USERNAME] FROM REGTAB WHERE DECRYPTBYASYMKEY(ASYMKEY_ID('ENKEY'),[EMAIL])=@email

但它显示NULL输出。在比较之前,我是否需要加密输入@email?它是否总是为特定输入产生相同的加密值?

我正在使用RSA 2048算法。

1 个答案:

答案 0 :(得分:1)

由于您未提供创建密钥ENKEY的方式,因此它是一个黑暗的镜头。
根据我预期的行为是用密码创建的,并且您没有提供DECRYPTBYASYMKEY的密码,可以在没有第三个参数的情况下调用该密码。密钥使用数据库的主密钥。

/*
CREATE ASYMMETRIC KEY ENKEY 
    WITH ALGORITHM = RSA_2048 
    ENCRYPTION BY PASSWORD = 'Mydummypassword'; 
*/

/*
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password'
CREATE ASYMMETRIC KEY ENKEY2 
     WITH ALGORITHM = RSA_2048  

*/

Declare @aValue Varchar(50)
Select @aValue='Test' 

Select DECRYPTBYASYMKEY(ASYMKEY_ID('ENKEY'),
EncryptByAsymKey(AsymKey_ID('ENKEY'), @aValue)
) as [WithOutPassword]
,
DECRYPTBYASYMKEY(ASYMKEY_ID('ENKEY'),
EncryptByAsymKey(AsymKey_ID('ENKEY'), @aValue)
,N'Mydummypassword') as [WithPassword]

,Case when @aValue=DECRYPTBYASYMKEY(ASYMKEY_ID('ENKEY'),
EncryptByAsymKey(AsymKey_ID('ENKEY'), @aValue)
)  then 1 else 0 end as [IdenticWithOutPassword]

,Case when @aValue=DECRYPTBYASYMKEY(ASYMKEY_ID('ENKEY'),
EncryptByAsymKey(AsymKey_ID('ENKEY'), @aValue)
,N'Mydummypassword')  then 1 else 0 end as [IdenticWithPassword]

将传达结果:
NULL 0x54657374 0 1

Select DECRYPTBYASYMKEY(ASYMKEY_ID('ENKEY2'),
EncryptByAsymKey(AsymKey_ID('ENKEY2'), @aValue)
) as [With MASTER KEY ENCRYPTION]

,Case when @aValue=DECRYPTBYASYMKEY(ASYMKEY_ID('ENKEY2'),
EncryptByAsymKey(AsymKey_ID('ENKEY2'), @aValue)
)  then 1 else 0 end as [Identic] 

将传达结果:
0x54657374 1