SQL Server 2016 - Is it possible to concatenate tw

2020-04-11 18:20发布

站内问答 / 移动开发
1693 1 3

I have created a table using: 

create table dbo.employee(firstname nvarchar(100) null,lastname nvarchar(100) null)

Inserted some sample data using:

insert into dbo.employee values('Sachin','Tendulkar')
insert into dbo.employee values('Rohit','Sharma')
insert into dbo.employee values('Virendra','Sehwag')
insert into dbo.employee values('Irfan','Pathan')

Then I used always encrypted wizard to encrypt both columns of this table using SSMS v17. And now I am trying to concatenate firstname with lastname like this:

select concat(firstname, lastname) from dbo.employee

And it is giving me below error:

Operand type clash: nvarchar(100) encrypted with (encryption_type = 'DETERMINISTIC', encryption_algorithm_name = 'AEAD_AES_256_CBC_HMAC_SHA_256', column_encryption_key_name = 'SampleDB_CEK', column_encryption_key_database_name = 'SampleDB') is incompatible with varchar

When I try this:

select firstname + lastname from dbo.employee

It gives following error:

Encryption scheme mismatch for columns/variables 'firstname', 'lastname'. The encryption scheme for the columns/variables is (encryption_type = 'DETERMINISTIC', encryption_algorithm_name = 'AEAD_AES_256_CBC_HMAC_SHA_256', column_encryption_key_name = 'SampleDB_CEK', column_encryption_key_database_name = 'SampleDB') and the expression near line '1' expects it to be (encryption_type = 'PLAINTEXT') (or weaker).

Any help appreciated.

1条回答
唯我独甜
2楼-- · 2020-04-11 19:04

Concatenation in not allowed on encrypted columns. Currently the only operation possible on encrypted columns is equality. This is due to the fact that SQL Server does not have the key.

You might have to implement this logic in the client application.

From official documentation

Deterministic encryption always generates the same encrypted value for any given plain text value. Using deterministic encryption allows point lookups, equality joins, grouping and indexing on encrypted columns. However, but may also allow unauthorized users to guess information about encrypted values by examining patterns in the encrypted column, especially if there is a small set of possible encrypted values, such as True/False, or North/South/East/West region. Deterministic encryption must use a column collation with a binary2 sort order for character columns.

Randomized encryption uses a method that encrypts data in a less predictable manner. Randomized encryption is more secure, but prevents searching, grouping, indexing, and joining on encrypted columns.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(3)