Using SQL Server 2005 Public Keys in VB.Net

---

• From: jerrill@xxxxxxxxx
• Date: 1 May 2006 06:09:36 -0700

---

I'm creating an asymmetric key in SQL Server:

CREATE ASYMMETRIC KEY MY_KEY
WITH ALGORITHM = RSA_512
ENCRYPTION BY PASSWORD = 'password1@'

I'm then taking the public key...

SELECT public_key
FROM sys.asymmetric_keys
WHERE [name] = 'MY_KEY'

I'm trying to import this into VB.Net using RSACryptoServiceProvider.

Dim RSA As New
Security.Cryptography.RSACryptoServiceProvider(512)
RSA.ImportCspBlob(KeyBlobByteArray)

I have to add the following line to get it to not give me errors.
(Why?) But the data looks right when I look at the exponet and modulus
of the parameters that are exported and then immediately imported.
Something is obviously being thrown away when I do this, but I don't
know what. It's probably the key to the whole problem.

RSA.ImportParameters(RSA.ExportParameters(False))

I encrypt the message...

EncryptedMessageByteArray = RSA.Encrypt(MessageByteArray,
False)

And in SQL server I try to decrypt the message and I get NULL.

SET @DecryptedMessage =
DecryptByAsymKey (
AsymKey_ID('MY_KEY') ,
@EncryptedMessage ,
N'password1@')

I've noticed that the encrypted array is completely different in VB
than when I encrypt it in SQL (obviously), but I can't figure out how
to configure to the RSACryptoServiceProvider to match what SQL Server
is doing under the hood.

Any ideas?

Thanks,
Jerrill

.

---

• Prev by Date: 2 problems (INDIGO + ASP.NET 2.0)
• Next by Date: Re: SN Key container ???
• Previous by thread: 2 problems (INDIGO + ASP.NET 2.0)
• Next by thread: Re: SN Key container ???
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: SQL Server 2000 / 2005 Encryption ... to encrypt your SSL connections will be different. ... SQL Server can generate its own self-signed certificates though, and that should make the SSL encryption/connectivity easier for you. ... Excel does not know how to decrypt data stored in SQL Server 2005 in encrypted form. ... (microsoft.public.sqlserver.security) Re: Storing Connection String ... you can encrypt the traffic to the SQL Server. ... Hitchhiker's Guide to Visual Studio and SQL Server ... My idea is to have just one database user whose username and password ... Which means that if an user get hold of connection string ... (microsoft.public.dotnet.framework.adonet) Re: Securing an MDF file ... Windows 2000 support encrypted file system property. ... Below are the steps encrypt the data files: ... Logon with the SQL Server startup account ... database files are encrypted under the identity of the account ... (microsoft.public.sqlserver.server) Re: securing mdf files ... You can use the Encrypted File System Support on Windows 2000. ... Below are the steps encrypt the data files: ... Logon with the SQL Server startup account ... database files are encrypted under the identity of the account ... (microsoft.public.sqlserver.security) Re: Encription for MDF files ... EFS by itself is not a complete solution. ... If the box is stolen - including the EFS recovery keys, ... then encrypt it before it is stored and decrypt it when retrieving. ... > 1) Logon with the SQL Server startup account ... (microsoft.public.sqlserver.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2006-05