encryption - Partial support in VS 2013 for certificates and symmetric keys in azure v12 -


in visual studio 2013 project targeting azure v12, sql70015 errors (statement x not supported in targeted platform) when creating key , certificate artifacts.

however, before creating independent key , certificate objects in project, i'd had postdeploy script add them if didn't exist. postdeploy script worked flawlessly...but of course, i'd sql71502 warnings (unresolved objects) when refer key in other artifacts such triggers , procedures...hence desire move plain ol' vs key , certificate objects.

i wonder if i'm doing wrong or if have misconfigured development environment. have visual studio 2013 on windows 8.1, azure sdk v 2.6, sql 2012 , sql 2014 installed locally , deploying azure. sure normalize project, i'm stuck using postdeploy , living warnings.

to clear, postdeploy has:

if not exists ( select * sys.symmetric_keys symmetric_key_id = 101 ) create master key encryption password = '$(masterkeyencryption)'  go if not exists ( select * sys.certificates subject = 'user account certificate' ) create certificate useraccountcertificate subject = 'user account certificate'  go if not exists ( select * sys.symmetric_keys name='useraccountkey' ) create symmetric key useraccountkey algorithm = aes_256 encryption certificate useraccountcertificate

...which worked fine. however, stand-alone artifacts, such as:

create certificate useraccountcertificate subject = 'user account certificate'

...produce sql70015 errors. and, here successful test of key run in azure:

declare     @plaintext nvarchar(max),     @ciphertext nvarchar(max); open symmetric key useraccountkey decryption certificate useraccountcertificate;  select @plaintext = 'here lies original message'; select @ciphertext = encryptbykey( key_guid( 'useraccountkey' ), @plaintext ); select convert(nvarchar( max ),decryptbykey( @ciphertext ) ), @ciphertext; close symmetric key useraccountkey;

has else encountered problem? transient error in vs support azure v12? should reinstall bunch of stuff? thoughts appreciated.

support cell-level encryption in azure sql database introduced preview feature in sql database v12. main reason feature still in preview unfortunately still working on proper tooling support handle these objects properly.

one thing need consider when using feature in azure sql database while certificates can extracted , recreated on different database, same not true key objects, such symmetric keys. if careful create symmetric keys using key_source & identity_value fields in ddl, can recreated in database.

however, many scripts (such used tools) create keys using syntax like:

create symmetric key useraccountkey    algorithm = aes_256    encryption certificate useraccountcertificate

this create symmetric key different (random) key material on every instantiation; in other words, every time run ddl statement, generated key different. data encrypted symmetric key created way cannot copied database there no way move symmetric key new database.

this means data encrypted randomly generated symmetric key in 1 database cannot copied database. while in many cases may acceptable particular application (i.e. each database stand-alone entity, data not move between them), not true applications. if application expects move data 1 database (for example, when creating or merging shards), accidental misuse lead data loss.

i'd encourage check out article more detailed information on using cell-level encryption features in azure sql database: http://blogs.msdn.com/b/sqlsecurity/archive/2015/05/12/recommendations-for-using-cell-level-encryption-in-azure-sql-database.aspx


Comments

Post a Comment

Popular posts from this blog

Magento/PHP - Get phones on all members in a customer group -

i working on custom magento extension. working around adminhtml part , i've created custom form there. here form code: <?php class vivasindustries_smsnotification_block_adminhtml_sms_sendmass_edit_form extends mage_adminhtml_block_widget_form { public function _preparelayout() { $extensionpath = mage::getmoduledir('js', 'vivasindustries_smsnotification'); $head = $this->getlayout()->getblock('head'); $head->addjs('jquery.js'); $head->addjs('vivas.js'); return parent::_preparelayout(); } protected function _prepareform() { $form = new varien_data_form(array( 'id' => 'edit_form', 'action' => $this->geturl('*/*/save', array('id' => $this->getrequest()->get
Read more

php - .htaccess mod_rewrite for dynamic url which has domain names -

i want convert url ex:( example.com/link.php?url=facebook.com ) ( example.com/facebook.com.php ) how can using .htaccess. or there other process make job easier ? i tried adding script .htaccess file options +followsymlinks rewriteengine on rewriterule url-(.*)\.htm$ link.php?url=$1 but converting url adding "url-" ( example.com/url-facebook.com.php ) i want remove "url-" , want make ( example.com/facebook.com.php ) rewriteengine on rewritecond %{the_request} ^get.*link\.php\?url\= [nc] rewritecond %{request_uri} !/system/.* [nc] rewriterule (.*?)link\.php\?url\=/*(.*) /$1$2 [r=301,ne,l] not sure how above work edit of used use remove index.php url
Read more

Website Login Issue developed in magento -

i have website developed using magento . able login. right now, login failed. infact operations interacts user table failing. need know issue. how figure out? first clear try clear log file second make sure have not upgraded magento and 3rd make sure db accessible in magento -harry p
Read more