Creating Keys
This section describes the following topics:
Creating Asymmetric Key
To create an asymmetric key, execute the following commands:
CREATE ASYMMETRIC KEY <key_name_in_sql_server>
FROM PROVIDER <provider_name>
WITH ALGORITHM = <algorithm_name>,
PROVIDER_KEY_NAME = '<key_name_in_cipherTrust_manager>',
CREATION_DISPOSITION=CREATE_NEW;
For example:
CREATE ASYMMETRIC KEY SQL_EKM_RSA_2048_Key
FROM PROVIDER <provider_name>
WITH ALGORITHM = RSA_2048,
PROVIDER_KEY_NAME = 'EKM_RSA_2048_Key',
CREATION_DISPOSITION=CREATE_NEW;
Creating Symmetric Key
To create a symmetric key, execute the following commands:
CREATE SYMMETRIC KEY <key_name_in_sql_server>
FROM PROVIDER <provider_name>
WITH ALGORITHM = <algorithm_name>,
PROVIDER_KEY_NAME = '<key_name_in_cipherTrust_manager>',
CREATION_DISPOSITION=CREATE_NEW;
For example:
CREATE SYMMETRIC KEY SQL_EKM_AES_128_Key
FROM PROVIDER <provider_name>
WITH ALGORITHM = AES_128,
PROVIDER_KEY_NAME = 'EKM_AES_128_Key',
CREATION_DISPOSITION=CREATE_NEW;
Note
If you need minimum key usage priveleges for a particular key (symmetric or assymetric), you can provide below key usage priveleges through the CM:
Encrypt
Decrypt
In case of enabling the caching functionality, you need to enable the exportable
feature for the generated key on CM.