Home    XP_CRYPT Online Help Prev Next
How To use XP_CRYPT GUI
Introduction
What is XP_CRYPT
System requirements
Free version limitations
End user license agreement
Installing XP_CRYPT
Installation procedure
Activation
XP_CRYPT API
What's new
Encryption methods overview
Session
xp_crypt_set_var
xp_crypt_get_var
xp_crypt_close_session
xp_crypt_init_session
xp_crypt_set_option
Asymmetric keys
DSA
xp_dsa_free_key
xp_dsa_load_key
xp_dsa_save_key
xp_dsa_generate_couple
RSA
xp_rsa_generate_couple
xp_rsa_generate_pub_key
xp_rsa_load_key
xp_rsa_priv_dec
xp_rsa_pub_enc
xp_rsa_save_key
xp_rsa_free_key
Digital signatures
DSA
xp_dsa_verify
xp_dsa_sign
RSA
xp_rsa_sign
xp_rsa_verify
Hashing
xp_crypt
xp_md5
xp_sha1
Symmetric encryption
AES128
xp_aes128_decrypt
xp_aes128_encrypt
AES
xp_aes_decrypt
xp_aes_encrypt
DESX
xp_desx_decrypt
xp_desx_encrypt
RC4
xp_rc4_decrypt
xp_rc4_encrypt
Triple DES
xp_des3_encrypt
xp_des3_decrypt
Error codes
Tutorial
How to use GUI
Advanced technique (Old)
Table encryption (Old)
Troubleshooting
Troubleshooting overview

xp_rsa_save_key

The function takes the private or public key handle, the filename or the key body and saves the key content to a file. All keys are stored in PEM format. PEM is specified in IETF RFCs 1421-1424. Those documents can be found at www.ietf.org Private keys are always stored on disk encrypted with TripleDES algorithm. If you save the private key you must specify also the password which should be more than 4 chars. If the pswd_cache option is set to yes the password for this source will be stored in the session.  

Syntax

xp_rsa_save_key { key_src,  filename [OUTPUT],  [write_password] [, src_password] }

Arguments

key_src

VARCHAR. The key which is to be saved. It can be private or public. It can be a key handle, a file name or a key in string. If you want to specify the file name, precede the file name with '<' char. For example, if key is stored in the file c:\publickey.pem set this parameter to '<c:\publickey.pem'. If your key source is a private key in a file or in a key body, you must also specify src_password as 4th parameter. This parameter is not needed if key_src is a key handle or a public key.

filename

VARCHAR. Name of file destination. If you specify this parameter with OUTPUT  the key body will be written to this variable, not to the file.  

write_password

VARCHAR. A password which is used for saving the key. Do not provide passwords for the public keys or certificates. If password is given the key is considered as private, otherwise the function will try to save the key as a public key.

src_password

VARCHAR. This parameter is optional. It is used to read the source of the private key if you specified the filename or the key body in key_src. Do not provide passwords for the public keys, certificates or if you specified the key handle in key_src. If a password is given  key_src is considered as a private key, otherwise the function  will attempt to read key_src as a public key or certificate. If the pswd_cache option is set to yes and the given password is '?'  XP_CRYPT will try to load the key with the password stored in the session. See xp_crypt_set_option for more information about pswd_cache option.

Permissions

Execute permissions for xp_rsa_save_key default to members of the db_owner fixed database role in the master database, but can be granted to other users.

Return Code Values

0 - success, or Error code if failed.

Examples

Generate couple of keys and save them in files.

-- Declare length enough for out test
-- Now, size of 10 varchars is enough for key with any length
declare @PrivateKey varchar (20)
declare @PublicKey varchar (20)
declare @CryptedText varchar (50)
declare @DecryptedText varchar (50)
declare @KeyBody varchar (8000)
declare @return_code int

-- Creates Private key of 256 bit length and with password "SecurePassword"
exec xp_rsa_generate_couple '256' , @PrivateKey output, @PublicKey output
-- Outputs private key just for you :)
select @PrivateKey
-- Then we save and load the same key ...
exec xp_rsa_save_key @PrivateKey , 'privkey.pem', 'SecurePassword'

-- Saves the content of the key (key body) to the variable and selects it. You may want to save this body at the client side for future usage.

exec @return_code = xp_rsa_save_key @PrivateKey , @KeyBody output, 'SecurePassword'

Changes the password of the private key from 'OldPassword' to 'NewPassword'

exec @return_code = xp_rsa_save_key '<c:\privatekey.pem','c:\privatekey.pem','NewPassword','OldPassword'

 
2004-2011 (c) Active Crypt Software. All rights reserved.

Browser Based Help. Published by chm2web software.