Sample code for 30+ languages & platforms
SQL Server

RSA Encrypt Randomly Generated AES Key

See more RSA Examples

Demonstrates how to RSA encrypt a randomly generated AES key.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- First generate a 256-bit AES key (32 bytes).
    DECLARE @prng int
    EXEC @hr = sp_OACreate 'Chilkat.Prng', @prng OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @bdAesKey int
    EXEC @hr = sp_OACreate 'Chilkat.BinData', @bdAesKey OUT

    EXEC sp_OAMethod @prng, 'GenRandomBd', @success OUT, 32, @bdAesKey

    -- Use a public key from a certificate for RSA encryption.
    DECLARE @cert int
    EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT

    EXEC sp_OAMethod @cert, 'LoadFromFile', @success OUT, 'qa_data/pem/mf_public_rsa.pem'
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @prng
        EXEC @hr = sp_OADestroy @bdAesKey
        EXEC @hr = sp_OADestroy @cert
        RETURN
      END

    DECLARE @pubKey int
    EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubKey OUT

    EXEC sp_OAMethod @cert, 'GetPublicKey', @success OUT, @pubKey

    DECLARE @rsa int
    EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa OUT

    EXEC sp_OAMethod @rsa, 'UsePublicKey', @success OUT, @pubKey
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @prng
        EXEC @hr = sp_OADestroy @bdAesKey
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @pubKey
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END

    -- RSA encrypt our 32-byte AES key.
    -- The contents of bdAesKey are replaced with result of the RSA encryption.
    EXEC sp_OAMethod @rsa, 'EncryptBd', @success OUT, @bdAesKey, 0
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @prng
        EXEC @hr = sp_OADestroy @bdAesKey
        EXEC @hr = sp_OADestroy @cert
        EXEC @hr = sp_OADestroy @pubKey
        EXEC @hr = sp_OADestroy @rsa
        RETURN
      END

    -- Return the result as a base64 string
    DECLARE @encryptedAesKey nvarchar(4000)
    EXEC sp_OAMethod @bdAesKey, 'GetEncoded', @encryptedAesKey OUT, 'base64'


    PRINT 'encrypted AES key = ' + @encryptedAesKey

    EXEC @hr = sp_OADestroy @prng
    EXEC @hr = sp_OADestroy @bdAesKey
    EXEC @hr = sp_OADestroy @cert
    EXEC @hr = sp_OADestroy @pubKey
    EXEC @hr = sp_OADestroy @rsa


END
GO