Home    XP_CRYPT Online Help Prev Next
How To use XP_CRYPT GUI
Introduction
What is XP_CRYPT
System requirements
Free version limitations
End user license agreement
Installing XP_CRYPT
Installation procedure
Activation
XP_CRYPT API
What's new
Encryption methods overview
Session
xp_crypt_set_var
xp_crypt_get_var
xp_crypt_close_session
xp_crypt_init_session
xp_crypt_set_option
Asymmetric keys
DSA
xp_dsa_free_key
xp_dsa_load_key
xp_dsa_save_key
xp_dsa_generate_couple
RSA
xp_rsa_generate_couple
xp_rsa_generate_pub_key
xp_rsa_load_key
xp_rsa_priv_dec
xp_rsa_pub_enc
xp_rsa_save_key
xp_rsa_free_key
Digital signatures
DSA
xp_dsa_verify
xp_dsa_sign
RSA
xp_rsa_sign
xp_rsa_verify
Hashing
xp_crypt
xp_md5
xp_sha1
Symmetric encryption
AES128
xp_aes128_decrypt
xp_aes128_encrypt
AES
xp_aes_decrypt
xp_aes_encrypt
DESX
xp_desx_decrypt
xp_desx_encrypt
RC4
xp_rc4_decrypt
xp_rc4_encrypt
Triple DES
xp_des3_encrypt
xp_des3_decrypt
Error codes
Tutorial
How to use GUI
Advanced technique (Old)
Table encryption (Old)
Troubleshooting
Troubleshooting overview

xp_dsa_save_key

The function takes a private or public key handle, a filename or key body and saves the content of the key to file. All keys are stored in PEM format. PEM is specified in IETF RFCs 1421-1424. These documents can be found at www.ietf.org Private keys are always stored on disk encrypted with TripleDES algorithm. If you save the private key, you must specify also the password which is more than 4 chars. If the pswd_cache option is set to yes the password for this source will be stored in the session.  

Syntax

xp_dsa_save_key { key_src,  filename [OUTPUT],  [write_password] [, src_password] }

Arguments

key_src

VARCHAR. The key which is to be saved. It can be private or public. It can be a key handle, a file name or a key in a string. If you want to specify the file name, precede the file name with '<' char. For example if the key is stored in the file c:\publickey.pem set this parameter to '<c:\publickey.pem'. If your key source is a private key in the file or in the key body  you must also specify src_password as 4th parameter. This src_password is not needed if key_src is a key handle or a public key file.

filename

VARCHAR. Name of  file destination. If you specify this parameter with OUTPUT, the key body will be written to this variable, not to the file.  

write_password

VARCHAR. A password for saving the key. Do not provide passwords for the public keys or certificates. If password is given the key is considered as private, otherwise the function will try to attempt to save your key as a public key.

src_password

VARCHAR. This parameter is optional. It is used to read the source of the private key if you specified the filename or the key body instead of the handle. Do not provide passwords for the public keys, certificates or for the handle in key_src. If a password is given, key_src is considered as a private key, otherwise the function  will try to attempt to read key_src as a public key or certificate. If the pswd_cache option is set to yes and the given password is '?'  XP_CRYPT will try to load the key with a password stored in the session. See xp_crypt_set_option for more information about pswd_cache option.

Permissions

Execute permissions for xp_dsa_save_key default to members of the db_owner fixed database role in the master database, but can be granted to other users.

Return Code Values

0 - success, or Error code if failed.

Examples

Generates a couple of keys and saves them in files.

-- Declare length enough for out test
-- Now, size of 10 varchars is enough for key with any length
declare @PrivateKey varchar (10)
declare @PublicKey varchar (10)
declare @CryptedText varchar (50)
declare @DecryptedText varchar (50)
declare @KeyBody varchar (8000)
declare @return_code int

-- Creates Private key of 256 bit length and with password "SecurePassword"
exec xp_dsa_generate_couple '256' , @PrivateKey output, @PublicKey output
-- Outputs private key just for you :)
select @PrivateKey
-- Then we save and load the same key ...
exec xp_dsa_save_key @PrivateKey , 'privkey.pem', 'SecurePassword'

-- Saves the content of the key (key body) to the variable and select it. You may want to save this body at the client side for future usage.

exec @return_code = xp_dsa_save_key @PrivateKey , @KeyBody output, 'SecurePassword'

Changes the password of the private key from 'OldPassword' to 'NewPassword'

exec @return_code = xp_dsa_save_key '<c:\privatekey.pem','c:\privatekey.pem','NewPassword','OldPassword'

Browser Based Help. Published by chm2web software.