在存储过程中使用密码打开对称密钥

时间:2012-01-09 04:08:27

标签: sql-server sql-server-2008 stored-procedures encryption

我正在尝试编写一个存储过程来解密由对称密钥加密的一些数据,该对称密钥使用带密码的非对称密钥加密。

OPEN SYMMETRIC KEY需要密码的字符串文字,因此我必须解决EXEC sp_executesql问题。有更好的方法吗?

DECLARE @open nvarchar(200), @close nvarchar(200)
SET @open = 'OPEN SYMMETRIC KEY skey DECRYPTION BY ASYMMETRIC KEY akey WITH PASSWORD = ' + quotename(@password,'''') + ';';
SET @close = 'CLOSE SYMMETRIC KEY skey;';

EXEC sp_executesql @open

SELECT [TransactionID],Convert(varchar(max),DECRYPTBYKEY([EncryptedText])) as DecryptedText FROM [dbo].[TestTable];

EXEC sp_executesql @close

如果使用错误的密码执行它,则会引发以下错误:

Msg 15466, Level 16, State 1, Line 1
An error occurred during decryption.
Msg 15315, Level 16, State 1, Line 1
The key 'skey' is not open. Please open the key before using it.

我应该将EXEC sp_executesql @open包裹在TRY ... CATCH中并返回NULL还是有更优雅的方式处理此问题?

编辑:处理使用错误密码调用此程序的人的最佳方法是什么?

2 个答案:

答案 0 :(得分:1)

示例使用密钥,检查您的数据和代码:

CREATE ASYMMETRIC KEY akey WITH ALGORITHM = RSA_2048 
ENCRYPTION BY PASSWORD = 'aaa123'
GO
CREATE SYMMETRIC KEY skey WITH ALGORITHM = AES_256 ENCRYPTION BY ASYMMETRIC KEY akey
GO

DECLARE @t TABLE(plain VARCHAR(100), ciphered VARBINARY(MAX), unciphered VARCHAR(100))

INSERT @t(plain)
VALUES('11111'), ('22222'), ('33333')

OPEN SYMMETRIC KEY skey DECRYPTION BY ASYMMETRIC KEY akey WITH PASSWORD = 'aaa123'

UPDATE @t SET Ciphered = ENCRYPTBYKEY(KEY_GUID('skey'), plain)


UPDATE @t SET unciphered = CAST(DECRYPTBYKEY(ciphered) AS VARCHAR)

SELECT * FROM @t

CLOSE SYMMETRIC KEY skey
DROP SYMMETRIC KEY skey
DROP ASYMMETRIC KEY akey

要正确记录错误的密码解密尝试,请尝试以下示例,使用变量@password

CREATE ASYMMETRIC KEY akey WITH ALGORITHM = RSA_2048 
ENCRYPTION BY PASSWORD = 'aaa123'
GO
CREATE SYMMETRIC KEY skey WITH ALGORITHM = AES_256 ENCRYPTION BY ASYMMETRIC KEY akey
GO

DECLARE @t TABLE(plain VARCHAR(100), ciphered VARBINARY(MAX), unciphered VARCHAR(100))

INSERT @t(plain)
VALUES('11111'), ('22222'), ('33333')

OPEN SYMMETRIC KEY skey DECRYPTION BY ASYMMETRIC KEY akey WITH PASSWORD = 'aaa123'

UPDATE @t SET Ciphered = ENCRYPTBYKEY(KEY_GUID('skey'), plain)
CLOSE SYMMETRIC KEY skey

DECLARE @open nvarchar(200), @close nvarchar(200), @password VARCHAR(20) = 'aaa123x'
SET @open = 'OPEN SYMMETRIC KEY skey DECRYPTION BY ASYMMETRIC KEY akey WITH PASSWORD = ' + quotename(@password,'''') + ';';
SET @close = 'CLOSE SYMMETRIC KEY skey;';
BEGIN TRY 
  EXEC sp_executesql @open
  UPDATE @t SET unciphered = CAST(DECRYPTBYKEY(ciphered) AS VARCHAR)
  SELECT * FROM @t
  EXEC sp_executesql @close
END TRY BEGIN CATCH 
  SELECT 'Do whatever you want to do here with this caller. Suspicious caller: '+SUSER_SNAME()+', at: '+CAST(GETDATE() AS VARCHAR)
END CATCH

DROP SYMMETRIC KEY skey
DROP ASYMMETRIC KEY akey

答案 1 :(得分:1)

Alter PROCEDURE [dbo].[EncryptAndSaveValues]
@Value as varchar(100),
@EnKey as varchar(100)
AS
BEGIN

set nocount on

Declare @sql nvarchar(1000)

set @sql='
Create Symmetric Key SymmetricKeyforPortal

With algorithm=desx

Encryption by password=N'''+@EnKey+''''

--print @sql

exec sp_executesql @sql

set nocount off
end

https://forums.asp.net/t/1348389.aspx?Declaring+Symmetric+Key+in+Stored+procedure

相关问题
最新问题