将数据从一个数据库复制到另一个数据库并恢复密钥和证书后,列级加密/解密不起作用
我已将加密表数据(在列级别)从同一服务器内的数据库 A 复制到数据库 B,并在创建和恢复密钥和证书时按照以下步骤操作,但列级别解密在数据库 B 中不起作用。 例如:在数据库A中,表名为“employee”,加密列名为“emp_id_proof”。现在,我已在同一服务器内的数据库 A 中的数据库 B 中创建了相同的“employee”表副本,并在新数据库中恢复了证书和密钥,但我无法解密数据库 B 中的“emp_id_proof”列数据。
1)在数据库 A 中创建主密钥、证书和对称密钥的步骤
USE DatabaseA
go
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'MyStrongPWD@2022'
go
CREATE CERTIFICATE Certificate_test WITH SUBJECT = 'Protect my data'
go
CREATE SYMMETRIC KEY SymKey01 WITH
KEY_SOURCE = 'SymKey01KeySource',
ALGORITHM = AES_256 ,
IDENTITY_VALUE = 'SymKey01IdentityValue'
ENCRYPTION BY CERTIFICATE Certificate_test
go
2) 在数据库 A 中备份主密钥和证书的步骤
USE DatabaseA
go
BACKUP MASTER KEY TO FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportMasterkey'
ENCRYPTION BY PASSWORD = 'abc@2022'
go
BACKUP CERTIFICATE Certificate_test TO FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCert'
WITH PRIVATE KEY ( FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCertPK' ,
ENCRYPTION BY PASSWORD = 'xyz@2022' )
go
3) 恢复/创建主密钥的步骤、证书和数据库 B 中的对称密钥
USE DatabaseB
go
RESTORE MASTER KEY
FROM FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportMasterkey'
DECRYPTION BY PASSWORD = 'abc@2022'
ENCRYPTION BY PASSWORD = 'MyStrongPWD@2022'
go
CREATE CERTIFICATE [Certificate_test]
FROM FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCert'
WITH PRIVATE KEY (FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCertPK',
DECRYPTION BY PASSWORD = 'xyz@2022')
go
CREATE SYMMETRIC KEY SymKey01 WITH
KEY_SOURCE = 'SymKey01KeySource',
ALGORITHM = AES_256 ,
IDENTITY_VALUE = 'SymKey01IdentityValue'
ENCRYPTION BY CERTIFICATE Certificate_test
go
您能让我知道出了什么问题吗? 如果我必须将加密列数据从一台服务器复制到另一台服务器数据库,另请告诉我步骤。
I have copied encrypted tables data (on column level) from database A to database B within the same server and followed below steps while creating and restoring keys and certificates, but column level decryption is not working in Database B.
Eg: In Database A, table name is "employee" and encrypted column name is "emp_id_proof". Now I have created the same "employee" table copy in database B from database A within the same server and restored certificates and keys in new databases but I am not able to decrypt "emp_id_proof" column data in Database B.
1) Steps to create master key, certificate and symmetric key in database A
USE DatabaseA
go
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'MyStrongPWD@2022'
go
CREATE CERTIFICATE Certificate_test WITH SUBJECT = 'Protect my data'
go
CREATE SYMMETRIC KEY SymKey01 WITH
KEY_SOURCE = 'SymKey01KeySource',
ALGORITHM = AES_256 ,
IDENTITY_VALUE = 'SymKey01IdentityValue'
ENCRYPTION BY CERTIFICATE Certificate_test
go
2) Steps for backup of master key and certificate in database A
USE DatabaseA
go
BACKUP MASTER KEY TO FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportMasterkey'
ENCRYPTION BY PASSWORD = 'abc@2022'
go
BACKUP CERTIFICATE Certificate_test TO FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCert'
WITH PRIVATE KEY ( FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCertPK' ,
ENCRYPTION BY PASSWORD = 'xyz@2022' )
go
3) Steps for restoration/creation of master key,certificate and symmetric key in Database B
USE DatabaseB
go
RESTORE MASTER KEY
FROM FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportMasterkey'
DECRYPTION BY PASSWORD = 'abc@2022'
ENCRYPTION BY PASSWORD = 'MyStrongPWD@2022'
go
CREATE CERTIFICATE [Certificate_test]
FROM FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCert'
WITH PRIVATE KEY (FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCertPK',
DECRYPTION BY PASSWORD = 'xyz@2022')
go
CREATE SYMMETRIC KEY SymKey01 WITH
KEY_SOURCE = 'SymKey01KeySource',
ALGORITHM = AES_256 ,
IDENTITY_VALUE = 'SymKey01IdentityValue'
ENCRYPTION BY CERTIFICATE Certificate_test
go
Could you please let me know what went wrong??
Also let me know the steps if I have to copy encrypted columns data from one server to another server database.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论