ENCRYPTBYASYMKEY (Transact-SQL)ENCRYPTBYASYMKEY (Transact-SQL)

適用於: 是SQL Server (從 2008 開始) 是Azure SQL Database 否Azure SQL 資料倉儲 否平行處理資料倉儲 APPLIES TO: yesSQL Server (starting with 2008) yesAzure SQL Database noAzure SQL Data Warehouse noParallel Data Warehouse

此函式使用非對稱金鑰為資料加密。This function encrypts data with an asymmetric key.

文章連結圖示 Transact-SQL 語法慣例Article link icon Transact-SQL Syntax Conventions

語法Syntax

EncryptByAsymKey ( Asym_Key_ID , { 'plaintext' | @plaintext } )  

引數Arguments

asym_key_IDasym_key_ID
資料庫中的非對稱金鑰識別碼。The ID of an asymmetric key in the database. asym_key_ID 具有 int 資料類型。asym_key_ID has an int data type.

cleartextcleartext
ENCRYPTBYASYMKEY 會使用以非對稱金鑰來加密的資料字串。A string of data that ENCRYPTBYASYMKEY will encrypt with the asymmetric key. cleartext 可以具有cleartext can have a

  • binarybinary
  • charchar
  • ncharnchar
  • nvarcharnvarchar
  • varbinaryvarbinary

中的多個or

  • varcharvarchar

資料類型。data type.

@plaintext**
ENCRYPTBYASYMKEY 會使用非對稱金鑰來加密其值的變數。A variable holding a value that ENCRYPTBYASYMKEY will encrypt with the asymmetric key.
@plaintext** 可以具有**@plaintext** can have a

  • binarybinary
  • charchar
  • ncharnchar
  • nvarcharnvarchar
  • varbinaryvarbinary

中的多個or

  • varcharvarchar

資料類型。data type.

傳回類型Return Types

varbinary,大小上限為 8,000 個位元組。varbinary, with a maximum size of 8,000 bytes.

RemarksRemarks

相較於對稱金鑰加密和解密,使用非對稱金鑰的加密和解密作業會耗用大量資源,因此變得非常昂貴。Encryption and decryption operations that use asymmetric keys consume significant resources, and so become expensive compared with symmetric key encryption and decryption. 建議開發人員避免在大型資料集上執行非對稱金鑰加密和解密作業;例如,儲存在資料庫資料表中的使用者資料集。We suggest that developers avoid asymmetric key encryption and decryption operations on large datasets - for example, user data datasets stored in database tables. 相反地,建議開發人員先使用強式對稱金鑰將該資料加密,再使用非對稱金鑰將該對稱金鑰加密。Instead, we suggest that developers first encrypt that data with a strong symmetric key, and then encrypt that symmetric key with an asymmetric key.

根據演算法,如果輸入超過特定位元組數目,ENCRYPTBYASYMKEY 會傳回 NULLDepending on the algorithm, ENCRYPTBYASYMKEY returns NULL if the input exceeds a certain number of bytes. 特定限制:The specific limits:

  • 512 位元 RSA 金鑰最多可以加密 53 個位元組a 512-bit RSA key can encrypt up to 53 bytes
  • 1024 位元金鑰最多可以加密 117 個位元組a 1024-bit key can encrypt up to 117 bytes
  • 2048 位元金鑰最多可以加密 245 個位元組a 2048-bit key can encrypt up to 245 bytes

SQL ServerSQL Server 中,憑證和非對稱金鑰都可作為 RSA 金鑰上的包裝函式。In SQL ServerSQL Server, both certificates and asymmetric keys serve as wrappers over RSA keys.

範例Examples

此範例會使用非對稱金鑰 JanainaAsymKey02 將儲存在 @cleartext 中的文字加密。This example encrypts the text stored in @cleartext with the asymmetric key JanainaAsymKey02. 陳述式會將加密資料插入 ProtectedData04 資料表中。The statement inserts the encrypted data into the ProtectedData04 table.

INSERT INTO AdventureWorks2012.Sales.ProtectedData04   
    VALUES( N'Data encrypted by asymmetric key ''JanainaAsymKey02''',  
    EncryptByAsymKey(AsymKey_ID('JanainaAsymKey02'), @cleartext) );  
GO  

另請參閱See Also

DECRYPTBYASYMKEY (Transact-SQL) DECRYPTBYASYMKEY (Transact-SQL)
CREATE ASYMMETRIC KEY (Transact-SQL) CREATE ASYMMETRIC KEY (Transact-SQL)
加密階層Encryption Hierarchy