1 year ago

#253051

test-img

Viswa

Column level Encryption/Decryption is not working after copying data from one database to another database and restored keys and certificates

I have copied encrypted tables data (on column level) from database A to database B within the same server and followed below steps while creating and restoring keys and certificates, but column level decryption is not working in Database B. Eg: In Database A, table name is "employee" and encrypted column name is "emp_id_proof". Now I have created the same "employee" table copy in database B from database A within the same server and restored certificates and keys in new databases but I am not able to decrypt "emp_id_proof" column data in Database B.

1) Steps to create master key, certificate and symmetric key in database A

USE DatabaseA    
go    

CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'MyStrongPWD@2022'    
go
 
CREATE CERTIFICATE Certificate_test WITH SUBJECT = 'Protect my data'    
go

CREATE SYMMETRIC KEY SymKey01 WITH
   KEY_SOURCE = 'SymKey01KeySource',
   ALGORITHM = AES_256 ,
   IDENTITY_VALUE = 'SymKey01IdentityValue'
   ENCRYPTION BY CERTIFICATE Certificate_test    
go

2) Steps for backup of master key and certificate in database A

USE DatabaseA    
go    

BACKUP MASTER KEY TO FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportMasterkey'  
   ENCRYPTION BY PASSWORD =  'abc@2022'    
go    

BACKUP CERTIFICATE Certificate_test TO FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCert'
   WITH PRIVATE KEY ( FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCertPK' ,
   ENCRYPTION BY PASSWORD = 'xyz@2022' )    
go

3) Steps for restoration/creation of master key,certificate and symmetric key in Database B

USE DatabaseB    
go    

RESTORE MASTER KEY  
    FROM FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportMasterkey'  
    DECRYPTION BY PASSWORD = 'abc@2022'  
    ENCRYPTION BY PASSWORD = 'MyStrongPWD@2022'    
go    

CREATE CERTIFICATE [Certificate_test]      
   FROM FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCert'    
   WITH PRIVATE KEY (FILE = 'C:\Users\Administrator\Desktop\ENCRYPTION\ExportCertPK',
   DECRYPTION BY PASSWORD = 'xyz@2022')    
go    

CREATE SYMMETRIC KEY SymKey01 WITH
   KEY_SOURCE = 'SymKey01KeySource',
   ALGORITHM = AES_256 ,
   IDENTITY_VALUE = 'SymKey01IdentityValue'
   ENCRYPTION BY CERTIFICATE Certificate_test      
go

Could you please let me know what went wrong?? Also let me know the steps if I have to copy encrypted columns data from one server to another server database.

sql-server

database

encryption

encryption-symmetric

0 Answers

Your Answer

Accepted video resources

Posts

Questions

Blogs

Jobs