Sample code for 30+ languages & platforms
SQL Server

RSA Encryption -- Same Key Different Results

See more RSA Examples

The RSA encryption algorithm produces different results for each call, even when encrypting the same data with the same key. Decryption however, will produce the correct results. This example demonstrates.

*** The reason this occurs is that RSA encryption uses PKCS1 v1.5 padding, and this padding scheme uses random bytes. It is random bytes in the padding that causes the result to be different each time.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example assumes the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @rsa int
    EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @pubKeyXml nvarchar(4000)
    SELECT @pubKeyXml = '<RSAPublicKey><Modulus>xxyv1RDPU0MvfFIIa98HppXdcuI7zSu8uIqyGAy/VoxPvxZFX0acajznvjVRHipHbpcO6ryo2LwXUPf89qOqLb3Qd1lfD2ZnH+TQ6MZXNxfFRxTpTUd+tTR4EBYpd2t6kzq8ZRJYLdlviaMQQqUEwR54k7Op5HJYVKUcHIkP1xE=</Modulus><Exponent>AQAB</Exponent></RSAPublicKey>'

    DECLARE @privKeyXml nvarchar(4000)
    SELECT @privKeyXml = '<RSAKeyValue><Modulus>xxyv1RDPU0MvfFIIa98HppXdcuI7zSu8uIqyGAy/VoxPvxZFX0acajznvjVRHipHbpcO6ryo2LwXUPf89qOqLb3Qd1lfD2ZnH+TQ6MZXNxfFRxTpTUd+tTR4EBYpd2t6kzq8ZRJYLdlviaMQQqUEwR54k7Op5HJYVKUcHIkP1xE=</Modulus><Exponent>AQAB</Exponent><P>4cpW9fvG99Jsz8/AO7PDHTl+pPRAglksrR2kClLV2g9DEeFe/bvmCxLUgMCJ+0eGQ1zA6aA7McKr13zTQ7jKpQ==</P><Q>4cCS/kFlq/P1ExF37Fkh4pCodOEGutepLEG7Q/KljT3ZGlAY+2l8fGu4f+hrkUuGoFl7NOMaJflULoPIgQaq/Q==</Q><DP>lkjcSsvzqh3YKRXJiLNkyf3rypV8noYGU4+oEOsDxilkZfFRDafUPUiiQrRk4ui/d/SzvozU+ZDuWfaOk8PatQ==</DP><DQ>SYCD25i7W8Mwdibn3uIecEAdOQDTSh5RjIFSUYs9b8FFYJXXrHPp/jCsf6jS7RmkGa1Iui1/JAIL8KEjtS7QmQ==</DQ><InverseQ>EDAJa3TpNdPQ3GIdBpnTgFTQY5A60DcszsUW/iCYoXQdPVJ9BLBxVTe9jiLzGuNuzLkVBwQlCy0Bf84hACRV9A==</InverseQ><D>cMFdDYKkddlRNczaugOmOH8b1egpx2liSPs6GYZ2gFObAXJiPK8m+r6c2ckls7hrlUP0DZhi4cG6Tn7xANb0Ek17P7QquVhQYOmFy/YHzm+IJbcwwq7pJHhZBhtcjyXqfUZ+BADGE//GQbrSVwVltpOj5KcxG88NAprLn2MMxfE=</D></RSAKeyValue>'

    DECLARE @pubKey int
    EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubKey OUT

    EXEC sp_OAMethod @pubKey, 'LoadFromString', @success OUT, @pubKeyXml
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @pubKey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @rsa
        EXEC @hr = sp_OADestroy @pubKey
        RETURN
      END

    DECLARE @privKey int
    EXEC @hr = sp_OACreate 'Chilkat.PrivateKey', @privKey OUT

    EXEC sp_OAMethod @privKey, 'LoadXml', @success OUT, @privKeyXml
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @privKey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @rsa
        EXEC @hr = sp_OADestroy @pubKey
        EXEC @hr = sp_OADestroy @privKey
        RETURN
      END

    EXEC sp_OAMethod @rsa, 'UsePublicKey', @success OUT, @pubKey
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @rsa
        EXEC @hr = sp_OADestroy @pubKey
        EXEC @hr = sp_OADestroy @privKey
        RETURN
      END

    -- Encrypt a string and return the encrypted data base64-encoded:
    EXEC sp_OASetProperty @rsa, 'EncodingMode', 'base64'

    DECLARE @plainText nvarchar(4000)
    SELECT @plainText = 'RSA gives different results with each call, weird but OK'

    DECLARE @usePrivateKey int
    SELECT @usePrivateKey = 0
    DECLARE @encryptedStr1 nvarchar(4000)
    EXEC sp_OAMethod @rsa, 'EncryptStringENC', @encryptedStr1 OUT, @plainText, @usePrivateKey

    PRINT @encryptedStr1

    -- Do it again. The results are different...
    DECLARE @encryptedStr2 nvarchar(4000)
    EXEC sp_OAMethod @rsa, 'EncryptStringENC', @encryptedStr2 OUT, @plainText, @usePrivateKey

    PRINT @encryptedStr2

    -- Now decrypt both strings, and the results are correct
    -- in both cases:
    DECLARE @rsa2 int
    EXEC @hr = sp_OACreate 'Chilkat.Rsa', @rsa2 OUT

    EXEC sp_OAMethod @rsa2, 'UsePrivateKey', @success OUT, @privKey
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @rsa, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @rsa
        EXEC @hr = sp_OADestroy @pubKey
        EXEC @hr = sp_OADestroy @privKey
        EXEC @hr = sp_OADestroy @rsa2
        RETURN
      END

    EXEC sp_OASetProperty @rsa2, 'EncodingMode', 'base64'
    SELECT @usePrivateKey = 1

    DECLARE @decryptedStr1 nvarchar(4000)
    EXEC sp_OAMethod @rsa2, 'DecryptStringENC', @decryptedStr1 OUT, @encryptedStr1, @usePrivateKey

    PRINT @decryptedStr1

    DECLARE @decryptedStr2 nvarchar(4000)
    EXEC sp_OAMethod @rsa2, 'DecryptStringENC', @decryptedStr2 OUT, @encryptedStr2, @usePrivateKey

    PRINT @decryptedStr2

    EXEC @hr = sp_OADestroy @rsa
    EXEC @hr = sp_OADestroy @pubKey
    EXEC @hr = sp_OADestroy @privKey
    EXEC @hr = sp_OADestroy @rsa2


END
GO