我有一个数据库,我在其上启用了对称加密,以加密某些列。 我创建了一个SP,以便在我从脚本创建数据库后启用加密,如下所示
CREATE PROCEDURE [dbo].[sys_EnableSymmetricEncryption]
AS
BEGIN
--If there is no master key, create one now.
IF NOT EXISTS
(SELECT * FROM sys.symmetric_keys WHERE symmetric_key_id = 101)
CREATE MASTER KEY ENCRYPTION BY
PASSWORD = '9809u0ij989oih9o8yyo98yyo89uyp9p9'
CREATE CERTIFICATE My_Certificate
WITH SUBJECT = 'My Database';
CREATE SYMMETRIC KEY My_Key_01
WITH ALGORITHM = AES_256
ENCRYPTION BY CERTIFICATE My_Certificate;
END
所以在我从脚本创建数据库之后,我运行它然后我可以将数据存储在加密列中 与
INSERT INTO [dbo].[Cards]
([CardNumber]
,[CardSecurityCode]
,[CardExpirationDate]
,[NameOnCard])
VALUES
(EncryptByKey(Key_GUID('My_Key_01'), @CardNumber) ,
EncryptByKey(Key_GUID('My_Key_01'), @CardSecurityCode) ,
EncryptByKey(Key_GUID('My_Key_01'), @CardExpirationDate) ,
EncryptByKey(Key_GUID('My_Key_01'), @NameOnCard))
并使用
检索数据OPEN SYMMETRIC KEY My_Key_01
DECRYPTION BY CERTIFICATE My_Certificate;
SELECT [CardID]
,CONVERT(nvarchar, DecryptByKey([CardNumber])) as 'CardNumber'
,CONVERT(nvarchar, DecryptByKey([CardSecurityCode])) as 'CardSecurityCode'
,CONVERT(nvarchar, DecryptByKey([CardExpirationDate])) as 'CardExpirationDate'
,CONVERT(nvarchar, DecryptByKey([NameOnCard])) as 'NameOnCard'
FROM [Cards]
一切正常,直到我备份数据库并尝试在其他服务器上恢复备份 我恢复后,当我尝试运行Select(如上所述)时,我收到此错误
Please create a master key in the database or open the master key in the session before performing this operation.
所以我试图用
重新创建密钥IF NOT EXISTS
(SELECT * FROM sys.symmetric_keys WHERE symmetric_key_id = 101)
CREATE MASTER KEY ENCRYPTION BY
PASSWORD = '9809u0ij989oih9o8yyo98yyo89uyp9p9'
但是然后在选择In仍然得到相同的错误。 如果我尝试运行上面显示的第一个Sp,要创建主密钥,证书和对称密钥,我会收到错误
Msg 15581, Level 16, State 3, Procedure sys_EnableSymmetricEncryption, Line 11
Please create a master key in the database or open the master key in the session before performing this operation.
Msg 15282, Level 16, State 1, Procedure sys_EnableSymmetricEncryption, Line 14
A key with name 'OneTest_Key_01' or user defined unique identifier already exists or you do not have permissions to create
在尝试创建证书和对称密钥之前,我可能会尝试删除它,但我不知道它们位于何处。
知道怎么处理这个吗?
由于
PS如果我在同一台服务器上恢复,即使是不同的数据库,一切正常
答案 0 :(得分:1)
尝试运行:
ALTER MASTER KEY REGENERATE WITH ENCRYPTION BY PASSWORD = '9809u0ij989oih9o8yyo98yyo89uyp9p9';