SqlColumnEncryptionCspProvider Class

Definition

用于将基于 Microsoft CAPI 的加密服务提供程序 (CSP) 与 Always Encrypted 结合使用的 CMK 存储提供程序实现。The CMK Store provider implementation for using Microsoft CAPI based Cryptographic Service Providers (CSP) with Always Encrypted.

public ref class SqlColumnEncryptionCspProvider : System::Data::SqlClient::SqlColumnEncryptionKeyStoreProvider
public class SqlColumnEncryptionCspProvider : System.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider
type SqlColumnEncryptionCspProvider = class
    inherit SqlColumnEncryptionKeyStoreProvider
Public Class SqlColumnEncryptionCspProvider
Inherits SqlColumnEncryptionKeyStoreProvider
Inheritance
SqlColumnEncryptionCspProvider

Remarks

允许将 Always Encrypted 列主密钥密钥存储在支持 Microsoft 基于 CAPI 的加密服务提供程序(CSP)的存储中,如硬件安全模块(HSM)。Enables storing Always Encrypted column master key keys in a store, such as a hardware security module (HSM), that supports the Microsoft CAPI based Cryptographic Service Providers (CSP).

Constructors

SqlColumnEncryptionCspProvider()

初始化 SqlColumnEncryptionCspProvider 类的新实例。Initializes a new instance of the SqlColumnEncryptionCspProvider class.

Fields

ProviderName

提供程序名称“MSSQL_CSP_PROVIDER”的常量字符串。A constant string for the provider name 'MSSQL_CSP_PROVIDER'.

Methods

DecryptColumnEncryptionKey(String, String, Byte[])

使用由密钥路径和算法指定的非对称密钥对给定的加密值进行解密。Decrypts the given encrypted value using an asymmetric key specified by the key path and algorithm. 密钥路径将采用格式 [ProviderName]/ KeyIdentifier,并且应为存储在指定 CSP 提供程序中的非对称密钥。The key path will be in the format of [ProviderName]/KeyIdentifier and should be an asymmetric key stored in the specified CSP provider. 用于加密/解密 CEK 的有效算法是“RSA_OAEP”。The valid algorithm used to encrypt/decrypt the CEK is 'RSA_OAEP'.

EncryptColumnEncryptionKey(String, String, Byte[])

通过使用由密钥路径和指定算法所指定的非对称密钥,对给定的纯文本列加密密钥进行加密。Encrypts the given plain text column encryption key using an asymmetric key specified by the key path and the specified algorithm. 密钥路径将采用格式 [ProviderName]/ KeyIdentifier,并且应为存储在指定 CSP 提供程序中的非对称密钥。The key path will be in the format of [ProviderName]/KeyIdentifier and should be an asymmetric key stored in the specified CSP provider. 用于加密/解密 CEK 的有效算法是“RSA_OAEP”。The valid algorithm used to encrypt/decrypt the CEK is 'RSA_OAEP'.

Equals(Object)

确定指定的对象是否等于当前对象。Determines whether the specified object is equal to the current object.

(Inherited from Object)
GetHashCode()

作为默认哈希函数。Serves as the default hash function.

(Inherited from Object)
GetType()

获取当前实例的 TypeGets the Type of the current instance.

(Inherited from Object)
MemberwiseClone()

创建当前 Object 的浅表副本。Creates a shallow copy of the current Object.

(Inherited from Object)
SignColumnMasterKeyMetadata(String, Boolean)

在所有情况下都会引发 NotSupportedException 异常。Throws a NotSupportedException exception in all cases.

SignColumnMasterKeyMetadata(String, Boolean)

在派生类中实现时,使用 masterKeyPath 参数引用的列主密钥对列主密钥元数据进行数字签名。When implemented in a derived class, digitally signs the column master key metadata with the column master key referenced by the masterKeyPath parameter. 用于生成签名的输入值应为 masterKeyPathallowEnclaveComputations 参数的指定值。The input values used to generate the signature should be the specified values of the masterKeyPath and allowEnclaveComputations parameters.

(Inherited from SqlColumnEncryptionKeyStoreProvider)
ToString()

返回表示当前对象的字符串。Returns a string that represents the current object.

(Inherited from Object)
VerifyColumnMasterKeyMetadata(String, Boolean, Byte[])

此函数必须由相应的密钥存储提供程序实现。This function must be implemented by the corresponding Key Store providers. 此函数应使用由密钥路径标识的非对称密钥,并对由 (masterKeyPath, allowEnclaveComputations, providerName) 组成的主密钥元数据进行签名。This function should use an asymmetric key identified by a key path and sign the masterkey metadata consisting of (masterKeyPath, allowEnclaveComputations, providerName).

VerifyColumnMasterKeyMetadata(String, Boolean, Byte[])

在派生类中实现时,此方法应验证指定签名对于具有指定密钥路径和指定 enclave 行为的列主密钥是否有效。When implemented in a derived class, this method is expected to verify the specified signature is valid for the column master key with the specified key path and the specified enclave behavior. 默认实现会引发 NotImplementedException。The default implementation throws NotImplementedException.

(Inherited from SqlColumnEncryptionKeyStoreProvider)

Applies to

See also