27,579
社区成员
发帖
与我相关
我的任务
分享
use Test
Create master Key Encryption by password ='1qazXSW@';
Go
Create certificate certtest
with subject ='test certificate'
go
CREATE SYMMETRIC KEY SymmetricByCert
WITH ALGORITHM = AES_256
ENCRYPTION BY CERTIFICATE CertTest;
GO
--备份master key和证书
BACKUP MASTER KEY TO FILE = 'd:\zhengshu\masterkey' ENCRYPTION BY PASSWORD = '1qazXSW@'
go
BACKUP CERTIFICATE certtest TO FILE = 'd:\zhengshu\MyServerCert';
--备份完成后删除原有的密钥 证书 master Key
Drop SYMMETRIC KEY SymmetricByCert
Drop CERTIFICATE certtest
Drop master Key;
--还原
RESTORE MASTER KEY
FROM FILE = 'd:\zhengshu\masterkey1'
DECRYPTION BY PASSWORD = '1qazXSW@'
ENCRYPTION BY PASSWORD = '1qazXSW@'
Force
go
CREATE CERTIFICATE certtest
FROM FILE = 'd:\zhengshu\MyServerCert1'
GO
--重建密钥
CREATE SYMMETRIC KEY SymmetricByCert
WITH ALGORITHM = AES_256
ENCRYPTION BY CERTIFICATE CertTest;
GO
--备份master key、证书
BACKUP MASTER KEY TO FILE = 'd:\zhengshu\masterkey.cer' ENCRYPTION BY PASSWORD = '1qazXSW@'
go
BACKUP CERTIFICATE CertTest TO FILE = 'd:\zhengshu\MyServerCert.cer' --cert的保存地址
WITH PRIVATE KEY (
DECRYPTION BY PASSWORD = 'pGFD4bb925DGvbd2439587y',
FILE = 'd:\zhengshu\MyServerKey.pvk' ,
ENCRYPTION BY PASSWORD = '1qazXSW@' );
--还原master key 、证书
open master key DECRYPTION BY PASSWORD = 'zxasqw!2'
CREATE CERTIFICATE CertTest
FROM FILE = 'd:\zhengshu\MyServerCert.cer'
WITH PRIVATE KEY (FILE = 'd:\zhengshu\MyServerKey.pvk'
, DECRYPTION BY PASSWORD = '1qazXSW@'
);
GO
--close master key
--由证书加密对称密钥
CREATE SYMMETRIC KEY SymmetricByCert
WITH ALGORITHM = AES_256
ENCRYPTION BY CERTIFICATE CertTest;
GO
--open master key DECRYPTION BY PASSWORD = 'zxasqw!2'
OPEN SYMMETRIC KEY SymmetricByCert DECRYPTION BY CERTIFICATE CertTest
select convert(nvarchar(max), DecryptByKey(CardNumber_encrypt)) from CreditCard_Encrypt;
Close SYMMETRIC KEY SymmetricByCert