Add function to extract Asymmetric Key similar to CERTENCODED for Certificates (SQLCLR / SSDT) - by Solomon Rutzky

Status : 

 


4
0
Sign in
to vote
ID 3139062 Comments
Status Active Workarounds
Type Suggestion Repros 0
Opened 8/8/2017 1:33:17 AM
Access Restriction Public

Description

Currently we are able to extract the public and private keys of a Certificate via CERTENCODED ( https://docs.microsoft.com/en-us/sql/t-sql/functions/certencoded-transact-sql ) and CERTPRIVATEKEY ( https://docs.microsoft.com/en-us/sql/t-sql/functions/certprivatekey-transact-sql ). However, we cannot extract even the public key of an Asymmetric Key.

This presents problems for SSDT when importing a database, and it makes it much, MUCH harder to work with the new "CLR strict security" server configuration option ( https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/clr-strict-security ) of SQL Server 2017 if the goal is to NOT rely on any external files (DLL or SNK) when publishing an Assembly. And this is definitely the goal of SSDT and any reasonable project / deployment.

And no, the even newer work around of white-listing Assemblies by making them "Trusted" is NOT an option as that "feature" should not even exist and should be removed ASAP!
Sign in to post a comment.