Encryption and data length limitations

  • I'm having an issue in encrypting large documents. I know that previous editions ENCRYPTBYKEY had a maximum size of 8,000 byte limitation. Does SQL Server 2014 have any new features that overcomes this limitation?

    Using

    SQL Server 2014 Std

    Symmetric key with AES_256

  • Please see this https://msdn.microsoft.com/en-us/library/ms174361.aspx .

    The return type still has a max size of 8000 bytes.

  • You could implement your own SQLCLR function from the .NET namespace to handle larger values.

  • I wonder if there was any change since, please? In SQL 2016? I need to encrypt a response I receive from one of our credit company's interfaces in an XML format. I appreciate I can write something of our own SQLCLR,
    but I would prefer to use EncryptByKey's Key_GUID our DBA's have in place.

  • No changes I've seen yet. you can file feedback here, but I doubt they'll do this since anyone could write CLR using the .NET Namespaces.
    https://feedback.azure.com/forums/34192--general-feedback

  • BOR15K - Wednesday, October 31, 2018 6:40 AM

    I wonder if there was any change since, please? In SQL 2016? I need to encrypt a response I receive from one of our credit company's interfaces in an XML format. I appreciate I can write something of our own SQLCLR,
    but I would prefer to use EncryptByKey's Key_GUID our DBA's have in place.

    They make the sensitive data available to you in an unencrypted format?

    --Jeff Moden


    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.


    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)

  • Jeff Moden - Tuesday, November 13, 2018 8:52 PM

    BOR15K - Wednesday, October 31, 2018 6:40 AM

    I wonder if there was any change since, please? In SQL 2016? I need to encrypt a response I receive from one of our credit company's interfaces in an XML format. I appreciate I can write something of our own SQLCLR,
    but I would prefer to use EncryptByKey's Key_GUID our DBA's have in place.

    They make the sensitive data available to you in an unencrypted format?

    Public key? Private key? Remember the basics? So once I receive an encrypted responce from a credit card company I obviously open it to ensure it has been processed. But it has nothing to do with the oiriginal question here, unless you wanted to show off your knowledge or mock me personally.

  • BOR15K - Wednesday, November 14, 2018 2:17 AM

    Jeff Moden - Tuesday, November 13, 2018 8:52 PM

    BOR15K - Wednesday, October 31, 2018 6:40 AM

    I wonder if there was any change since, please? In SQL 2016? I need to encrypt a response I receive from one of our credit company's interfaces in an XML format. I appreciate I can write something of our own SQLCLR,
    but I would prefer to use EncryptByKey's Key_GUID our DBA's have in place.

    They make the sensitive data available to you in an unencrypted format?

    Public key? Private key? Remember the basics? So once I receive an encrypted responce from a credit card company I obviously open it to ensure it has been processed. But it has nothing to do with the oiriginal question here, unless you wanted to show off your knowledge or mock me personally.

    Frequently, the original question leads to other questions that need to be answered... not for our benefit, but yours. 

    It's also incredibly obvious that you're trying to do the right thing by encrypting the data.

    I'm not quite sure why you figure my question was a setup to mock you.  You said that you need to encrypt the response you receive from one of your credit company's interfaces in an XML format.  That sounds to me like you're receiving the data in a human readable, clear-text format to begin with.  If I were going to mock you personally, I'd just come out and say you're an idiot that has no regard for PII but this isn't you if they are sending the data in an unencrypted format.  Because of that, I was going to advise you that, if they're doing such a thing, they need to fix it because it does put YOU in harms way if there's a leak of data and I was just watching out for you an whomever you work for.  Instead, I get a blast of arrogant rhetoric from you.

    --Jeff Moden


    RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
    First step towards the paradigm shift of writing Set Based code:
    ________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

    Change is inevitable... Change for the better is not.


    Helpful Links:
    How to post code problems
    How to Post Performance Problems
    Create a Tally Function (fnTally)

  • Jeff Moden - Wednesday, November 14, 2018 5:52 AM

    BOR15K - Wednesday, November 14, 2018 2:17 AM

    Jeff Moden - Tuesday, November 13, 2018 8:52 PM

    BOR15K - Wednesday, October 31, 2018 6:40 AM

    I wonder if there was any change since, please? In SQL 2016? I need to encrypt a response I receive from one of our credit company's interfaces in an XML format. I appreciate I can write something of our own SQLCLR,
    but I would prefer to use EncryptByKey's Key_GUID our DBA's have in place.

    They make the sensitive data available to you in an unencrypted format?

    Public key? Private key? Remember the basics? So once I receive an encrypted responce from a credit card company I obviously open it to ensure it has been processed. But it has nothing to do with the oiriginal question here, unless you wanted to show off your knowledge or mock me personally.

    Frequently, the original question leads to other questions that need to be answered... not for our benefit, but yours. 

    It's also incredibly obvious that you're trying to do the right thing by encrypting the data.

    I'm not quite sure why you figure my question was a setup to mock you.  You said that you need to encrypt the response you receive from one of your credit company's interfaces in an XML format.  That sounds to me like you're receiving the data in a human readable, clear-text format to begin with.  If I were going to mock you personally, I'd just come out and say you're an idiot that has no regard for PII but this isn't you if they are sending the data in an unencrypted format.  Because of that, I was going to advise you that, if they're doing such a thing, they need to fix it because it does put YOU in harms way if there's a leak of data and I was just watching out for you an whomever you work for.  Instead, I get a blast of arrogant rhetoric from you.

    I accept your point - my apologies.

Viewing 9 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic. Login to reply