如何使用ASP Classic加密和解密SQL Server数据库中的高度敏感信息?

时间:2021-12-03 04:49:24

I have been checking various questions on * and of course google, but I can't really find any specific solution to this question:

我一直在检查*上的各种问题,当然还有谷歌,但我真的找不到这个问题的具体解决方案:

How do I create a function in ASP Classic to encrypt and decrypt highly sensitive information in a SQL Server database? Like fx. a social security number or anything similar?

如何在ASP Classic中创建一个函数来加密和解密SQL Server数据库中的高度敏感信息?像fx。社会安全号码或类似的东西?

(Or is it possible to do in my SQL string?)

(或者可以在我的SQL字符串中执行吗?)

And yeah, I do know how to create a function with ASP ;)

是的,我知道如何用ASP创建一个函数;)

And no, I just cant hash the information with SHA or MD5, because they only work one way. I need it to work both ways!

不,我只是不能使用SHA或MD5散列信息,因为它们只能以一种方式工作。我需要双向工作!

The more security, the merrier! :)

越安全,越快越好! :)

EDIT:
Afterwards I found this:

编辑:后来我发现了这个:

http://www.4guysfromrolla.com/webtech/010100-1.shtml

But I don't really know if this are secure enough and will do? Of which I can see, it's going both ways?

但我真的不知道这是否足够安全并且会这样做?其中我可以看到,它是双向的?

2 个解决方案

#1


4  

It may well be beneficial to allow SQL Server to handle the encryption/decryption using Keys/Certificates. This way, you don't have to roll your own with ASP and the management of this system is kept where the data itself resides. There is also the benefit of not having to update this process should you decide to move to another platform.

允许SQL Server使用密钥/证书来处理加密/解密可能是有益的。这样,您就不必使用ASP进行自己的操作,并且系统的管理将保留在数据本身所在的位置。如果您决定转移到另一个平台,也可以不必更新此过程。

It is a simple process to create the Keys on the server and use of them after this point is also simple, for example;

这是一个在服务器上创建密钥的简单过程,在这一点之后使用它们也很简单,例如;

Encrypt;

OPEN SYMMETRIC KEY mykey DECRYPTION BY CERTIFICATE [mycert]
UPDATE table SET number = EncryptByKey(Key_GUID('mykey'), @number)

Decrypt;

 OPEN SYMMETRIC KEY mykey DECRYPTION BY CERTIFICATE [mycert]
 SELECT CONVERT(varchar, DecryptByKey(number)) AS number FROM TABLE

A good overview of this can be found here Introduction to SQL Server Encryption

可以在此处找到SQL Server加密简介

#2


1  

You can use the Rinjdael cipher successfully in VBScript with this library. The key functions are EncryptData() and DecryptData().

您可以使用此库在VBScript中成功使用Rinjdael密码。关键功能是EncryptData()和DecryptData()。

It seems secure enough for me. Obviously you will want to keep your key pretty secret. An application variable in the global.asa might be a good place to store this (as that's usually where connection strings and such are found).

对我来说似乎足够安全。显然你会想要保密你的密钥。 global.asa中的应用程序变量可能是存储它的好地方(因为通常在找到连接字符串等的地方)。

#1


4  

It may well be beneficial to allow SQL Server to handle the encryption/decryption using Keys/Certificates. This way, you don't have to roll your own with ASP and the management of this system is kept where the data itself resides. There is also the benefit of not having to update this process should you decide to move to another platform.

允许SQL Server使用密钥/证书来处理加密/解密可能是有益的。这样,您就不必使用ASP进行自己的操作,并且系统的管理将保留在数据本身所在的位置。如果您决定转移到另一个平台,也可以不必更新此过程。

It is a simple process to create the Keys on the server and use of them after this point is also simple, for example;

这是一个在服务器上创建密钥的简单过程,在这一点之后使用它们也很简单,例如;

Encrypt;

OPEN SYMMETRIC KEY mykey DECRYPTION BY CERTIFICATE [mycert]
UPDATE table SET number = EncryptByKey(Key_GUID('mykey'), @number)

Decrypt;

 OPEN SYMMETRIC KEY mykey DECRYPTION BY CERTIFICATE [mycert]
 SELECT CONVERT(varchar, DecryptByKey(number)) AS number FROM TABLE

A good overview of this can be found here Introduction to SQL Server Encryption

可以在此处找到SQL Server加密简介

#2


1  

You can use the Rinjdael cipher successfully in VBScript with this library. The key functions are EncryptData() and DecryptData().

您可以使用此库在VBScript中成功使用Rinjdael密码。关键功能是EncryptData()和DecryptData()。

It seems secure enough for me. Obviously you will want to keep your key pretty secret. An application variable in the global.asa might be a good place to store this (as that's usually where connection strings and such are found).

对我来说似乎足够安全。显然你会想要保密你的密钥。 global.asa中的应用程序变量可能是存储它的好地方(因为通常在找到连接字符串等的地方)。