Post reply

decrypting data returns invalid data or wrong character set

  • July 31, 2018 at 11:52 am

    #374019

    Hi I'm playing around with encrypting and decrypting a column of data. 
    I've followed the MS examples and have encrypted a column.

    When retrieving the column using:
    OPEN SYMMETRIC KEY MyKey 
     DECRYPTION BY CERTIFICATE MyCert;
    GO
    SELECT
    PlainTextData
    ,TextData_encrypted AS EncryptedTextData
    ,CONVERT(NVARCHAR, DECRYPTBYKEY(TextData_encrypted)) AS DecryptedTextData
    FROM
    dbo.MyTable

    The DecryptedTextData is a mix of numbers and what appears to be Chinese characters or some other character set or a mix of character sets. 

    This is the example i used:
    USE AdventureWorks2012;
    GO

    CREATE CERTIFICATE HumanResources037
     WITH SUBJECT = 'Employee Social Security Numbers';
    GO

    CREATE SYMMETRIC KEY SSN_Key_01
      WITH ALGORITHM = AES_256
      ENCRYPTION BY CERTIFICATE HumanResources037;
    GO

    USE [AdventureWorks2012];
    GO

    -- Create a column in which to store the encrypted data.
    ALTER TABLE HumanResources.Employee
      ADD EncryptedNationalIDNumber varbinary(128); 
    GO

    -- Open the symmetric key with which to encrypt the data.
    OPEN SYMMETRIC KEY SSN_Key_01
     DECRYPTION BY CERTIFICATE HumanResources037;

    -- Encrypt the value in column NationalIDNumber with symmetric 
    -- key SSN_Key_01. Save the result in column EncryptedNationalIDNumber.
    UPDATE HumanResources.Employee
    SET EncryptedNationalIDNumber = EncryptByKey(Key_GUID('SSN_Key_01'), NationalIDNumber);
    GO

    -- Verify the encryption.
    -- First, open the symmetric key with which to decrypt the data.
    OPEN SYMMETRIC KEY SSN_Key_01
     DECRYPTION BY CERTIFICATE HumanResources037;
    GO

    -- Now list the original ID, the encrypted ID, and the 
    -- decrypted ciphertext. If the decryption worked, the original
    -- and the decrypted ID will match.
    SELECT NationalIDNumber, EncryptedNationalIDNumber 
      AS 'Encrypted ID Number',
      CONVERT(nvarchar, DecryptByKey(EncryptedNationalIDNumber)) 
      AS 'Decrypted ID Number'
      FROM HumanResources.Employee;
    GO

    Was hoping someone could shed some light on this and maybe point me in the proper direction. Thx.

  • July 31, 2018 at 12:32 pm

    #1999745

    What was the data type of the data you encrypted?

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass

  • July 31, 2018 at 12:38 pm

    #1999749

    Hi Gail,
    It's  VARCHAR(15)

  • July 31, 2018 at 1:18 pm

    #1999759

    Then


    OPEN SYMMETRIC KEY MyKey
    DECRYPTION BY CERTIFICATE MyCert;
    GO
    SELECT
    PlainTextData
    ,TextData_encrypted AS EncryptedTextData
    ,CONVERT(VARCHAR(15), DECRYPTBYKEY(TextData_encrypted)) AS DecryptedTextData
    FROM
    dbo.MyTable

    The decrypted data is binary, if you cast it to a data type other than the one it was originally, you're going to get garbage.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass

  • July 31, 2018 at 1:29 pm

    #1999765

    yep that did it, I should have seen that, was focusing too much on the encryption part. 

    Really appreciate the help, have a great day!!

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply

Cookies on SQLServerCentral

This website stores cookies on your computer.

These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.

To find out more about the cookies we use, see our Privacy Policy