SqlColumnEncryptionCspProvider 类
定义
用于将基于 Microsoft CAPI 的加密服务提供程序 (CSP) 与 Always Encrypted 结合使用的 CMK 存储提供程序实现。The CMK Store provider implementation for using Microsoft CAPI based Cryptographic Service Providers (CSP) with Always Encrypted.
public ref class SqlColumnEncryptionCspProvider : System::Data::SqlClient::SqlColumnEncryptionKeyStoreProvider
public class SqlColumnEncryptionCspProvider : System.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider
type SqlColumnEncryptionCspProvider = class
inherit SqlColumnEncryptionKeyStoreProvider
Public Class SqlColumnEncryptionCspProvider
Inherits SqlColumnEncryptionKeyStoreProvider
- 继承
注解
允许将 Always Encrypted 列主密钥密钥存储在存储区中,如硬件安全模块 (HSM) ,它支持基于 Microsoft CAPI 的加密服务提供程序 (CSP) 。Enables storing Always Encrypted column master key keys in a store, such as a hardware security module (HSM), that supports the Microsoft CAPI based Cryptographic Service Providers (CSP).
构造函数
| SqlColumnEncryptionCspProvider() |
初始化 SqlColumnEncryptionCspProvider 类的新实例。Initializes a new instance of the SqlColumnEncryptionCspProvider class. |
字段
| ProviderName |
提供程序名称“MSSQL_CSP_PROVIDER”的常量字符串。A constant string for the provider name 'MSSQL_CSP_PROVIDER'. |
方法
| DecryptColumnEncryptionKey(String, String, Byte[]) |
使用由密钥路径和算法指定的非对称密钥对给定的加密值进行解密。Decrypts the given encrypted value using an asymmetric key specified by the key path and algorithm. 密钥路径将采用格式 [ProviderName]/ KeyIdentifier,并且应为存储在指定 CSP 提供程序中的非对称密钥。The key path will be in the format of [ProviderName]/KeyIdentifier and should be an asymmetric key stored in the specified CSP provider. 用于加密/解密 CEK 的有效算法是“RSA_OAEP”。The valid algorithm used to encrypt/decrypt the CEK is 'RSA_OAEP'. |
| EncryptColumnEncryptionKey(String, String, Byte[]) |
通过使用由密钥路径和指定算法所指定的非对称密钥,对给定的纯文本列加密密钥进行加密。Encrypts the given plain text column encryption key using an asymmetric key specified by the key path and the specified algorithm. 密钥路径将采用格式 [ProviderName]/ KeyIdentifier,并且应为存储在指定 CSP 提供程序中的非对称密钥。The key path will be in the format of [ProviderName]/KeyIdentifier and should be an asymmetric key stored in the specified CSP provider. 用于加密/解密 CEK 的有效算法是“RSA_OAEP”。The valid algorithm used to encrypt/decrypt the CEK is 'RSA_OAEP'. |
| Equals(Object) |
确定指定对象是否等于当前对象。Determines whether the specified object is equal to the current object. (继承自 Object) |
| GetHashCode() |
作为默认哈希函数。Serves as the default hash function. (继承自 Object) |
| GetType() |
获取当前实例的 Type。Gets the Type of the current instance. (继承自 Object) |
| MemberwiseClone() |
创建当前 Object 的浅表副本。Creates a shallow copy of the current Object. (继承自 Object) |
| SignColumnMasterKeyMetadata(String, Boolean) |
在所有情况下都会引发 NotSupportedException 异常。Throws a NotSupportedException exception in all cases. |
| SignColumnMasterKeyMetadata(String, Boolean) |
在派生类中实现时,使用 |
| ToString() |
返回表示当前对象的字符串。Returns a string that represents the current object. (继承自 Object) |
| VerifyColumnMasterKeyMetadata(String, Boolean, Byte[]) |
此函数必须由相应的密钥存储提供程序实现。This function must be implemented by the corresponding Key Store providers. 此函数应使用由密钥路径标识的非对称密钥,并对由 (masterKeyPath, allowEnclaveComputations, providerName) 组成的主密钥元数据进行签名。This function should use an asymmetric key identified by a key path and sign the masterkey metadata consisting of (masterKeyPath, allowEnclaveComputations, providerName). |
| VerifyColumnMasterKeyMetadata(String, Boolean, Byte[]) |
在派生类中实现时,此方法应验证指定签名对于具有指定密钥路径和指定 enclave 行为的列主密钥是否有效。When implemented in a derived class, this method is expected to verify the specified signature is valid for the column master key with the specified key path and the specified enclave behavior. 默认实现会引发 NotImplementedException。The default implementation throws NotImplementedException. (继承自 SqlColumnEncryptionKeyStoreProvider) |