SqlColumnEncryptionCertificateStoreProvider Class

Definition

Windows 证书存储的密钥存储提供程序的实现。The implementation of the key store provider for Windows Certificate Store. 借助此类,可将 Windows 证书存储中存储的证书用作列的主密钥。This class enables using certificates stored in the Windows Certificate Store as column master keys. 有关详细信息,请参阅 Always EncryptedFor details, see Always Encrypted.

public ref class SqlColumnEncryptionCertificateStoreProvider sealed : System::Data::SqlClient::SqlColumnEncryptionKeyStoreProvider
public ref class SqlColumnEncryptionCertificateStoreProvider : System::Data::SqlClient::SqlColumnEncryptionKeyStoreProvider
public sealed class SqlColumnEncryptionCertificateStoreProvider : System.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider
public class SqlColumnEncryptionCertificateStoreProvider : System.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider
type SqlColumnEncryptionCertificateStoreProvider = class
    inherit SqlColumnEncryptionKeyStoreProvider
Public NotInheritable Class SqlColumnEncryptionCertificateStoreProvider
Inherits SqlColumnEncryptionKeyStoreProvider
Public Class SqlColumnEncryptionCertificateStoreProvider
Inherits SqlColumnEncryptionKeyStoreProvider
Inheritance
SqlColumnEncryptionCertificateStoreProvider

Constructors

SqlColumnEncryptionCertificateStoreProvider()

Windows 证书存储的密钥存储提供程序。Key store provider for Windows Certificate Store.

Fields

ProviderName

提供程序名称。The provider name.

Methods

DecryptColumnEncryptionKey(String, String, Byte[])

对列加密密钥的指定加密值进行解密。Decrypts the specified encrypted value of a column encryption key. 加密值预期应使用具有指定密钥路径的证书和指定的算法进行加密。The encrypted value is expected to be encrypted using the certificate with the specified key path and using the specified algorithm. 密钥路径的格式应为“Local Machine/My/<certificate_thumbprint>”或“Current User/My/<certificate_thumbprint>”。The format of the key path should be "Local Machine/My/<certificate_thumbprint>" or "Current User/My/<certificate_thumbprint>".

EncryptColumnEncryptionKey(String, String, Byte[])

使用具有指定密钥路径的证书和使用指定的算法对列加密密钥进行加密。Encrypts a column encryption key using the certificate with the specified key path and using the specified algorithm. 密钥路径的格式应为“Local Machine/My/<certificate_thumbprint>”或“Current User/My/<certificate_thumbprint>”。The format of the key path should be "Local Machine/My/<certificate_thumbprint>" or "Current User/My/<certificate_thumbprint>".

Equals(Object)

确定指定的对象是否等于当前对象。Determines whether the specified object is equal to the current object.

(Inherited from Object)
GetHashCode()

作为默认哈希函数。Serves as the default hash function.

(Inherited from Object)
GetType()

获取当前实例的 TypeGets the Type of the current instance.

(Inherited from Object)
MemberwiseClone()

创建当前 Object 的浅表副本。Creates a shallow copy of the current Object.

(Inherited from Object)
SignColumnMasterKeyMetadata(String, Boolean)

使用 masterKeyPath 参数引用的列主密钥对列主密钥元数据进行数字签名。Digitally signs the column master key metadata with the column master key referenced by the masterKeyPath parameter.

SignColumnMasterKeyMetadata(String, Boolean)

在派生类中实现时,使用 masterKeyPath 参数引用的列主密钥对列主密钥元数据进行数字签名。When implemented in a derived class, digitally signs the column master key metadata with the column master key referenced by the masterKeyPath parameter. 用于生成签名的输入值应为 masterKeyPathallowEnclaveComputations 参数的指定值。The input values used to generate the signature should be the specified values of the masterKeyPath and allowEnclaveComputations parameters.

(Inherited from SqlColumnEncryptionKeyStoreProvider)
ToString()

返回表示当前对象的字符串。Returns a string that represents the current object.

(Inherited from Object)
VerifyColumnMasterKeyMetadata(String, Boolean, Byte[])

此函数必须由相应的密钥存储提供程序实现。This function must be implemented by the corresponding Key Store providers. 此函数应使用由密钥路径标识的非对称密钥,并对由 (masterKeyPath, allowEnclaveComputations, providerName) 组成的主密钥元数据进行验证。This function should use an asymmetric key identified by a key path and verify the masterkey metadata consisting of (masterKeyPath, allowEnclaveComputations, providerName).

VerifyColumnMasterKeyMetadata(String, Boolean, Byte[])

在派生类中实现时,此方法应验证指定签名对于具有指定密钥路径和指定 enclave 行为的列主密钥是否有效。When implemented in a derived class, this method is expected to verify the specified signature is valid for the column master key with the specified key path and the specified enclave behavior. 默认实现会引发 NotImplementedException。The default implementation throws NotImplementedException.

(Inherited from SqlColumnEncryptionKeyStoreProvider)

Applies to

See also