Skip to content

clean up CREATE ASYMMETRIC KEY#2200

Merged
Jak-MS merged 1 commit intoMicrosoftDocs:livefrom
srutzky:patch-7
May 28, 2019
Merged

clean up CREATE ASYMMETRIC KEY#2200
Jak-MS merged 1 commit intoMicrosoftDocs:livefrom
srutzky:patch-7

Conversation

@srutzky
Copy link
Contributor

@srutzky srutzky commented May 23, 2019

These changes pertain to Issue #2198 .

  1. Syntax section:

    1. Lowercased user-supplied values to be consistent with other documentation pages

  2. Arguments section:

    1. Added missing entry for asym_key_name
    2. Moved AUTHORIZATION to the top to match order in Syntax section
    3. Improved definition of FILE option
    4. Improved definition of EXECUTABLE FILE option
    5. Improved definition of ASSEMBLY option
    6. Added missing entry for PROVIDER
    7. Removed ENCRYPTION BY *\<key_name_in_provider>* as it is not a valid as stated (is part of ENCRYPTION BY PASSWORD -- see below)
    8. Moved ALGORITHM up to match order of options shown in Syntax section
    9. Changed PASSWORD to be ENCRYPTION BY PASSWORD
    10. Lowercased user-supplied values to be consistent with other documentation pages

  3. Remarks section:

    1. Added "or DLL file" to end of 1st paragraph, regarding the FROM clause (yes, DLL from either file system or as a loaded assembly -- same thing just different location -- only stores the public key)

    2. Removed 3rd sentence of 2nd paragraph -- "If a database master key does exist, the password is optional." -- as it contradicted the 2nd sentence, and was just incorrect. With no DMK, the following statement:

      CREATE ASYMMETRIC KEY [AKeyNoPassword]
WITH ALGORITHM = RSA_2048;

      gets the following error:

      /*
      Msg 15581, Level 16, State 6, Line XXXXX
      Please create a master key in the database or open the master key in the session before performing this operation.
      */

  4. Examples section:

    1. In example "B", for correctness changed

      and then authorizes user Christina to use the asymmetric key

      to be:

      and assigns ownership of the asymmetric key to user Christina

    2. In example "B", for variety removed ENCRYPTION BY PASSWORD clause as that is shown in example "A". Without this clause, the Database Master Key will be used, hence it must already exist. I added a sentence mentioning this to the end of the example description.

    3. In example "C", for correctness changed

      stored in a file. It then encrypts it using an Extensible

      to be:

      stored in an Extensible

    4. In example "C", fixed name "EKMProvider1" to be "EKM_Provider1" (to match T-SQL statement) in example description

    5. In example "C", not sure if lack of ENCRYPTION BY PASSWORD implies Database Master Key is used, or if that is a non-issue when using an EKM provider. I have never used an EKM provider so for now I am leaving that part as is (i.e. not mentioned in the example description).

  5. See Also section:

    1. Moved "Choose an Encryption Algorithm" to below statements and functions for better organization
    2. Added links to functions: ASYMKEYPROPERTY and ASYMKEY_ID

@srutzky
clean up CREATE ASYMMETRIC KEY
8fe29f7 
1. **Syntax** section:
    1. Lowercased user-supplied values to be consistent with other documentation pages

2. **Arguments** section:
    1. Added missing entry for _asym_key_name_
    2. Moved `AUTHORIZATION` to the top to match order in **Syntax** section
    3. Improved definition of `FILE` option
    4. Improved definition of `EXECUTABLE FILE` option
    5. Improved definition of `ASSEMBLY` option
    6. Added missing entry for `PROVIDER`
    7. Removed `ENCRYPTION BY *\<key_name_in_provider>*` as it is not a valid as stated (is part of `ENCRYPTION BY PASSWORD` -- see below)
    8. Moved `ALGORITHM` up to match order of options shown in **Syntax** section
    9. Changed `PASSWORD` to be `ENCRYPTION BY PASSWORD`
    10. Lowercased user-supplied values to be consistent with other documentation pages

3. **Remarks** section:
    1. Added "or DLL file" to end of 1st paragraph, regarding the `FROM` clause (yes, DLL from either file system or as a loaded assembly -- same thing just different location -- only stores the public key)
    2. Removed 3rd sentence of 2nd paragraph -- "If a database master key does exist, the password is optional." -- as it contradicted the 2nd sentence, and was just incorrect. With no DMK, the following statement:
      ```sql
      CREATE ASYMMETRIC KEY [AKeyNoPassword]
      WITH ALGORITHM = RSA_2048;
      ```
      gets the following error:

      > /*
      > Msg 15581, Level 16, State 6, Line XXXXX
      > Please create a master key in the database or open the master key in the session before performing this operation.
      > */

4. **Examples** section:
   1. In example "B", for correctness changed

      > and then authorizes user `Christina` to use the asymmetric key

      to be:

      > and assigns ownership of the asymmetric key to user `Christina`
    2. In example "B", for variety removed `ENCRYPTION BY PASSWORD` clause as that is shown in example "A". Without this clause, the Database Master Key will be used, hence it must already exist. I added a sentence mentioning this to the end of the example description.
    3. In example "C", for correctness changed 

      > stored in a file. It then encrypts it using an Extensible

      to be:

      > stored in an Extensible
    4. In example "C", fixed name "EKMProvider1" to be "EKM_Provider1" (to match T-SQL statement) in example description
    5. In example "C", not sure if lack of `ENCRYPTION BY PASSWORD` implies Database Master Key is used, or if that is a non-issue when using an EKM provider. I have never used an EKM provider so for now I am leaving that part as is (i.e. not mentioned in the example description).

5. **See Also** section:
    1. Moved "Choose an Encryption Algorithm" to below statements and functions for better organization
    2. Added links to functions: `ASYMKEYPROPERTY` and `ASYMKEY_ID`
@PRMerger10
Copy link
Contributor

PRMerger10 commented May 23, 2019

@srutzky : Thanks for your contribution! The author, @VanMSFT, has been notified to review your proposed change.

@VanMSFT
Copy link
Member

VanMSFT commented May 24, 2019

@srutzky - The changes look great! Thank you so much for your efforts. We really appreciate it.

Reviewed. #sign-off

@Jak-MS
Copy link
Contributor

Jak-MS commented May 28, 2019
edited
Loading

manually added the 'ready-to-merge' label...

@VanMSFT - can you check that the relative links are working after this is live? I've reviewed them and they appear to be good, but I can't be sure without staging tools, so they should be double-checked after the changes have been published. Thanks.

@Jak-MS Jak-MS merged commit 21f3756 into MicrosoftDocs:live May 28, 2019
@VanMSFT
Copy link
Member

VanMSFT commented May 31, 2019

Verified links worked. Thanks all!

@srutzky srutzky deleted the patch-7 branch July 9, 2019 16:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@VanMSFT VanMSFT

Labels

Change sent to author ready-to-merge sql/prod t-sql/tech

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@srutzky @PRMerger10 @VanMSFT @Jak-MS