USE master; GO -- 創建3個登陸賬號 CREATE LOGIN User1 WITH password = '1', DEFAULT_DATABASE=[master], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF; CREATE LOGIN User2 WITH password = '2', DEFAULT_DATABASE=[master], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF; CREATE LOGIN User3 WITH password = '3', DEFAULT_DATABASE=[master], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF; GO CREATE DATABASE EncryptionDB; GO USE EncryptionDB; GO --創建登陸賬號 CREATE USER User1 FOR LOGIN User1; CREATE USER User2 FOR LOGIN User2; CREATE USER User3 FOR LOGIN User3; GO -- 服務主密鑰 USE master; GO -- 備份服務主密鑰，將存儲在安全的位置,該文件被加密的使用提供的密碼作為密鑰 BACKUP SERVICE MASTER KEY TO FILE = 'D:Dataservicemasterkey.dat' ENCRYPTION BY PASSWORD = 'SQL@2014'; --還原服務主密鑰。（這是可以立即履行，由于SQL Server 會看到鑰匙是相同的其實不會重新對數據進行加密。） RESTORE SERVICE MASTER KEY FROM FILE = 'd:Dataservicemasterkey.dat' DECRYPTION BY PASSWORD = 'SQL@2014'; -- 另外可使用 FORCE 選項,重新生成服務主密鑰。要謹慎 !對用舊 SMK 加密的所有密鑰進行都解密，然后對它們進行加密用新的密鑰，這可需要大量的處理時間。不履行，除非你肯定你想要重新生成密鑰. ALTER SERVICE MASTER KEY REGENERATE; -- 如果主密鑰沒法再生進程將檢索失敗，或是沒法解密它加密的所有密鑰。FORCE 選項強迫再生，即便數據將會丟失。 ALTER SERVICE MASTER KEY FORCE REGENERATE; -- 創建數據庫主密鑰 USE EncryptionDB; GO -- 數據庫沒有1把萬能鑰匙，默許情況下，所以您必須創建它,你可使用它之前： CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'DB@SQL2012'; -- 如果數據庫掌握關鍵未使用服務主密鑰，加密你必須在使用它之前將其打開： OPEN MASTER KEY DECRYPTION BY PASSWORD = 'DB@SQL2012'; --但通常這不是必要的除非您刪除的加密服務主密鑰 （如果它是打開，這關閉鍵）： ALTER MASTER KEY DROP ENCRYPTION BY SERVICE MASTER KEY; -- 可以添加服務主密鑰加密： ALTER MASTER KEY ADD ENCRYPTION BY SERVICE MASTER KEY; /* -- 這很有用，當將數據庫移動到另外一個服務器。刪除加密,之前分離，并將其添加回新的服務器上。 -- 你也能夠順便您用來創建它的密碼的加密： ALTER MASTER KEY DROP ENCRYPTION BY PASSWORD = 'DB@SQL2012'; -- (如果將失敗的關鍵是開放的由于它是如果您履行了前面的代碼作為它會出現在此文件中的腳本。），然后你可以將其添加回與新的或舊的密碼 ALTER MASTER KEY ADD ENCRYPTION BY PASSWORD = 'DB@SQL2012'; -- 如果已存儲了密鑰，要末 drop 語句將會失敗。 */ -- 如果您顯式打開數據庫主密鑰，您必須先關閉它當你完成它： CLOSE MASTER KEY; -- 數據庫主密鑰像服務主密鑰，可以轉儲，并從文件中加載密鑰。履行此操作之前，必須打開密鑰。 BACKUP MASTER KEY TO FILE = 'd:DataEncryptionDBMasterKey.dat' ENCRYPTION BY PASSWORD = 'DB@SQL2012bak'; GO --還原數據庫主密鑰 RESTORE MASTER KEY FROM FILE = 'd:DataEncryptionDBMasterKey.dat' DECRYPTION BY PASSWORD = 'DB@SQL2012bak' ENCRYPTION BY PASSWORD = 'DB@SQL2012'; -- 如果您正在加載的關鍵是在先聲明不會做任何事與現有的主機密鑰相同。可使用 FORCE 選項，和如果不需要密鑰, 刪除它時. --DROP MASTER KEY; -- 如果主密鑰保護數據庫中的任何私有密鑰將失敗 CREATE TABLE Customer2 ( CustId int, Name nvarchar(30), City varchar(20), CreditCardType varbinary(1000) ) GO -- 授權 GRANT SELECT,INSERT on Customer2 to User1; GRANT SELECT,INSERT on Customer2 to User2; GRANT SELECT,INSERT on Customer2 to User3; GO -- 1、證書加密 -- 創建與 User1，加密與數據庫相干聯的證書主密鑰。數據庫主密鑰必須已存在。請注意，你沒必要顯式打開主密鑰，由于它加密的服務主密鑰。 CREATE CERTIFICATE User1Certificate AUTHORIZATION User1 WITH subject = 'Certificate For User1'; GO -- 授權條款是可選的。給 User1 的所有權。另外可使用給予控制可使用它。 -- 為User2創建證書 CREATE CERTIFICATE User2Certificate AUTHORIZATION User2 ENCRYPTION BY PASSWORD = 'User2Password' WITH subject = 'Certificate For User2', EXPIRY_DATE = '12/31/2020'; GO --刪除User2Certificate DROP CERTIFICATE User2Certificate -- 備份證書User1Certificate BACKUP CERTIFICATE User1Certificate TO FILE = 'd:DatamyCert.dat' WITH PRIVATE KEY (FILE = 'd:DatamyCertPrivateKey', ENCRYPTION BY PASSWORD = 'User1CertificatePassword'); /* -- 您也能夠從文件加載證書。通常，這將是1個證書,來自受信任的證書頒發機構。 CREATE CERTIFICATE MyCertificate FROM FILE = 'd:DatamyCert.dat' WITH PRIVATE KEY (FILE = 'd:DatamyCertPrivateKey', DECRYPTION BY PASSWORD = 'User1CertificatePassword'); -- 創建證書的聲明，1次只能存在于數據庫。 --CREATE CERTIFICATE MyEXEcertificate FROM EXECUTABLE FILE = 'Z:SomeFile.exe' --CREATE CERTIFICATE MyNETcertificate FROM ASSEMBLY myLoadedAssembly -- 刪除證書 DROP CERTIFICATE MyCertificate; */ -- 使用證書來加密數據 INSERT INTO Customer2 VALUES (1, 'Roy Wu', 'GZ', EncryptByCert(Cert_ID('User1Certificate'), 'Visa')); GO -- 查看數據。請注意 enctypted 數據的長度,其中包括簽名 SELECT * FROM Customer2; /* CustId Name City CreditCardType 1 Roy Wu GZ 0xB5B4C36DD479BE908577A93D82235EE2FC23F9A5B4AF1D8FF3E91BD848AC3DD04285CCC5E93DF6E2C49840FAB74DAD913685F4B54EA89CB888B314192C9EA2643A244BD6540C18F6103258CB3BC0014BAE121572248BE725B44FB5543CEF6D732DDE950DC9435D35C4D1AD9522F20EBFAA5070C51F7BC8521FB167F68FE8D451 */ -- 解密數據 SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByCert(Cert_ID('User1Certificate'),CreditCardType)) AS CreditCardType FROM Customer2; /* CustID Name City CreditCardType 1 Roy Wu GZ Visa */ -- 不需要使用1個表來對數據進行加密時中，用法。 DECLARE @CipherText VARBINARY(500); SET @CipherText = EncryptByCert(Cert_ID('User1Certificate'), 'Secret text'); PRINT CONVERT(VARCHAR, DecryptByCert(Cert_ID('User1Certificate'),@CipherText)) ; -- 2、非對稱密鑰 -- 用私鑰受用戶-創建非對稱密鑰對提供的密碼。 CREATE ASYMMETRIC KEY User1AsymmetricKey AUTHORIZATION User1 WITH ALGORITHM = RSA_2048 ENCRYPTION BY PASSWORD = 'User1Password1'; -- 創建另外一個數據庫主密鑰的保護 CREATE ASYMMETRIC KEY User2AsymmetricKey AUTHORIZATION User2 WITH ALGORITHM = RSA_2048; -- 創建由 dbo 具有的另外一種。 CREATE ASYMMETRIC KEY DBOAsymmetricKey WITH ALGORITHM = RSA_2048; INSERT INTO Customer2 VALUES (2, 'Roy_User1', 'ZG', EncryptByAsymKey(AsymKey_ID('User1AsymmetricKey'), 'MasterCard')); GO INSERT INTO Customer2 VALUES (3, 'Roy_User2', 'ZG', EncryptByAsymKey(AsymKey_ID('User2AsymmetricKey'), 'Discover')); GO -- 查看數據 SELECT * FROM Customer2 WHERE CustID > 1; /* CustId Name City CreditCardType 2 Roy_User1 ZG 0x84A8C3CDE2C46E45D770CAD909A68E9B566B6D8176D4BE7C582DCD6AF9CB15C2EF0DB3F3B13323BF69B63AE8FC864FC9DA91138DDB12AEFD4680AA5791C6F745421A4011ECA5B34B4A1AA5EB61A0BBEAA918E5EAD76A2A13E63D121DCE230F9722A036503A2D781FA9DBEA6502524437E9A62DD94C1557A97704F629687B3B1B6C061A6883D6CC87DBC84C47ADCBBB4D7B3E2BA3A20C86BC28479B93981515FCBF602A360BFDF24227A1C99CC30F3D9D88C7D42E4565DF0C098307F82469E9F17942E4EE73753E132E26F64362D4228C77FF4B1F72FA522A2318AA02AB7E1E0432BFC84F01914E244664E8FDB837056ED261E74063D85F1E4AA44C65AED99214 3 Roy_User2 ZG 0xED893EBAD6790543E6196E248853EEA0C600E7C49625857F20862F44FDCB8460E13A3A7575173A93250E72006EA6551C551FB92D0014F8FCD845BBABCCAE55CB344415169B96C80BAB7B127FDCD8E056DED2B26366AD4E6DA27F993C84C90EE37AC16CB95636DA776818ECE01EE531CD2A927EA8816167F52A40C0D7396CE46C0BBBD28226D543F0B55D3120B4BA693220D08065C9BBF3E8918016E0774DF32FC3044697E111EB1B3FDAF11B03F8CFFF23C53339E8D920781361B679759CA5C168E8D5DCAB94025F25162268259C18FC2FA4DC541A25757708C61928E0E535BDDF80A3068A483EC1C5F4F772E2F442672A7979481F9A60ED5DAF849CC9A07D9A */ -- CustID=2查看已解密的數據。必須通過在用于保護私鑰的密碼。 SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByAsymKey(AsymKey_ID('User1AsymmetricKey'), CreditCardType, N'User1Password1')) AS CreditCardType FROM Customer2 WHERE CustID = 2; /* CustID Name City CreditCardType 2 Roy_User1 ZG MasterCard */ -- CustID=3查看已解密的數據 SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByAsymKey(AsymKey_ID('User2AsymmetricKey'), CreditCardType)) AS CreditCardType FROM Customer2 WHERE CustID = 3; -- 試圖查看解密后的數據，但 custid=3 錯了鑰匙。返回用于加密數據的空值。 SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByAsymKey(AsymKey_ID('User1AsymmetricKey'), CreditCardType)) AS CreditCardType FROM Customer2 WHERE CustID = 3; /* CustID Name City CreditCardType 3 Roy_User2 ZG NULL */ -- 切換登陸用戶User3 EXECUTE AS LOGIN = 'User3'; GO SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByAsymKey(AsymKey_ID('User2AsymmetricKey'), CreditCardType)) AS CreditCardType FROM Customer2 WHERE CustID = 3; /* CustID Name City CreditCardType 3 Roy_User2 ZG NULL */ GO --將履行上下文切換回最后1個 EXECUTE AS 語句的調用方 REVERT; -- 函數: ASYMKEYPROPERTY，返回非對稱密鑰的屬性。 SELECT ASYMKEYPROPERTY(AsymKey_ID('User2AsymmetricKey'), 'algorithm_desc') AS [Algorithm], ASYMKEYPROPERTY(AsymKey_ID('User2AsymmetricKey'), 'string_sid') AS StringSID, ASYMKEYPROPERTY(AsymKey_ID('User2AsymmetricKey'), 'sid') AS SID ; GO -- 算法描寫只是可供擴大密鑰管理密鑰 -- 3、對稱密鑰 -- 創建1個密鑰使用TRIPLE_DES受證書并將它與 User1 關聯 CREATE SYMMETRIC KEY User1SymmetricKeyCert AUTHORIZATION User1 WITH ALGORITHM = TRIPLE_DES ENCRYPTION BY CERTIFICATE User1Certificate; -- 可選 IDENTITY_VALUE 生成1個 GUID 來標記數據加密密鑰，讓您匹配數據的關鍵 -- 創建使用了密碼保護的TRIPLE_DES密鑰并將其與User2關聯 CREATE SYMMETRIC KEY User2SymmetricKeyPwd AUTHORIZATION User2 WITH ALGORITHM = TRIPLE_DES ENCRYPTION BY PASSWORD = 'User2SymmetricKeyPwd'; -- 創建1個密鑰使用 TRIPLE_DES 密鑰的非對稱密鑰并由 dbo 具有 CREATE SYMMETRIC KEY GenericSymmetricKeyAsym WITH ALGORITHM = TRIPLE_DES ENCRYPTION BY ASYMMETRIC KEY User2AsymmetricKey; -- 創建1個密鑰使用 DESX 受另外一個對稱密鑰并由 dbo 具有 OPEN SYMMETRIC KEY User1SymmetricKeyCert DECRYPTION BY CERTIFICATE User1Certificate; CREATE SYMMETRIC KEY GenericSymmetricKeySym WITH ALGORITHM = DESX ENCRYPTION BY SYMMETRIC KEY User1SymmetricKeyCert; CLOSE SYMMETRIC KEY User1SymmetricKeyCert; -- 列出數據庫中的對稱密鑰 SELECT * FROM sys.symmetric_keys; -- 列表(此目錄視圖可返回當前對話中打開的加密密鑰的有關信息。) SELECT * FROM sys.openkeys; -- 插入數據，使用各種非對稱密鑰。如果不對稱密鑰,打開的沒有毛病和沒有插入的數據。 OPEN SYMMETRIC KEY User1SymmetricKeyCert DECRYPTION BY CERTIFICATE User1Certificate; INSERT INTO Customer2 VALUES (4, 'Roy_User4', 'GZ', EncryptByKey(Key_GUID('User1SymmetricKeyCert'), 'Amex')); CLOSE SYMMETRIC KEY User1SymmetricKeyCert; -- 可選的驗證參數作為鹽。必須使用相同的身份驗證器來加密和解密。保護全部值替換攻擊。 OPEN SYMMETRIC KEY User2SymmetricKeyPwd DECRYPTION BY PASSWORD = 'User2SymmetricKeyPwd'; INSERT INTO Customer2 VALUES (5, 'Roy_User5', 'GZ', EncryptByKey(Key_GUID('User2SymmetricKeyPwd'), 'Visa')); CLOSE SYMMETRIC KEY User2SymmetricKeyPwd; OPEN SYMMETRIC KEY GenericSymmetricKeyAsym DECRYPTION BY ASYMMETRIC KEY User2AsymmetricKey; INSERT INTO Customer2 VALUES (6, 'Roy_User6', 'GZ', EncryptByKey(Key_GUID('GenericSymmetricKeyAsym'), 'Optima')); CLOSE SYMMETRIC KEY GenericSymmetricKeyAsym; OPEN SYMMETRIC KEY User1SymmetricKeyCert DECRYPTION BY CERTIFICATE User1Certificate; OPEN SYMMETRIC KEY GenericSymmetricKeySym DECRYPTION BY SYMMETRIC KEY User1SymmetricKeyCert; INSERT INTO Customer2 VALUES (7, 'Roy_User7', 'GZ', EncryptByKey(Key_GUID('GenericSymmetricKeySym'), 'Wal-Mart')); CLOSE SYMMETRIC KEY GenericSymmetricKeySym; CLOSE SYMMETRIC KEY User1SymmetricKeyCert; -- 查看CustID>=4數擾 SELECT * FROM Customer2 WHERE CustID >= 4; /* 4 Roy_User4 GZ 0x003FDE0600B08541922D500213AE5E4501000000DE3B49C60040D6634118C754D7AC7291FC3C40C081DF90B1 5 Roy_User5 GZ 0x00ECC30427979944B6FAFAC9A00FB69D01000000893D664F157C21FF293F15C21C5696973AE687B993081CDE 6 Roy_User6 GZ 0x002B1FA92A111D4D9571BA68B05503B6010000005336FDD3DD1E33BDE404B32893A0850BEFD01A8ABE6527EA 7 Roy_User7 GZ 0x008772F0C5181F428D82A52CE7ED05BB010000008301BD1387E1D6D5BC80F0EE8F9868EC7C01EF8A743BCE96D0A5E8741C91866D */ -- 查看的數據。請注意，您沒必要指定用來解密數據，即便多個對稱密鑰可以打開的鍵。 OPEN SYMMETRIC KEY User1SymmetricKeyCert DECRYPTION BY CERTIFICATE User1Certificate; SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByKey(CreditCardType)) AS CreditCardType FROM Customer2 WHERE CustID = 4; CLOSE SYMMETRIC KEY User1SymmetricKeyCert; /* CustID Name City CreditCardType 4 Roy_User4 GZ Amex */ OPEN SYMMETRIC KEY User2SymmetricKeyPwd DECRYPTION BY PASSWORD = 'User2SymmetricKeyPwd'; SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByKey(CreditCardType)) AS CreditCardType FROM Customer2 WHERE CustID = 5; CLOSE SYMMETRIC KEY User2SymmetricKeyPwd; /* CustID Name City CreditCardType 5 Roy_User5 GZ Visa */ OPEN SYMMETRIC KEY GenericSymmetricKeyAsym DECRYPTION BY ASYMMETRIC KEY User2AsymmetricKey; SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByKey(CreditCardType)) AS CreditCardType FROM Customer2 WHERE CustID = 6; CLOSE SYMMETRIC KEY GenericSymmetricKeyAsym; /* CustID Name City CreditCardType 6 Roy_User6 GZ Optima */ OPEN SYMMETRIC KEY User1SymmetricKeyCert DECRYPTION BY CERTIFICATE User1Certificate; OPEN SYMMETRIC KEY GenericSymmetricKeySym DECRYPTION BY SYMMETRIC KEY User1SymmetricKeyCert; SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByKey(CreditCardType)) AS CreditCardType FROM Customer2 WHERE CustID = 7; CLOSE SYMMETRIC KEY GenericSymmetricKeySym; CLOSE SYMMETRIC KEY User1SymmetricKeyCert; /* CustID Name City CreditCardType 7 Roy_User7 GZ Wal-Mart */ -- 查看表數據 SELECT * FROM Customer2; /* 1 Roy Wu GZ 0xB5B4C36DD479BE908577A93D82235EE2FC23F9A5B4AF1D8FF3E91BD848AC3DD04285CCC5E93DF6E2C49840FAB74DAD913685F4B54EA89CB888B314192C9EA2643A244BD6540C18F6103258CB3BC0014BAE121572248BE725B44FB5543CEF6D732DDE950DC9435D35C4D1AD9522F20EBFAA5070C51F7BC8521FB167F68FE8D451 2 Roy_User1 ZG 0x84A8C3CDE2C46E45D770CAD909A68E9B566B6D8176D4BE7C582DCD6AF9CB15C2EF0DB3F3B13323BF69B63AE8FC864FC9DA91138DDB12AEFD4680AA5791C6F745421A4011ECA5B34B4A1AA5EB61A0BBEAA918E5EAD76A2A13E63D121DCE230F9722A036503A2D781FA9DBEA6502524437E9A62DD94C1557A97704F629687B3B1B6C061A6883D6CC87DBC84C47ADCBBB4D7B3E2BA3A20C86BC28479B93981515FCBF602A360BFDF24227A1C99CC30F3D9D88C7D42E4565DF0C098307F82469E9F17942E4EE73753E132E26F64362D4228C77FF4B1F72FA522A2318AA02AB7E1E0432BFC84F01914E244664E8FDB837056ED261E74063D85F1E4AA44C65AED99214 3 Roy_User2 ZG 0xED893EBAD6790543E6196E248853EEA0C600E7C49625857F20862F44FDCB8460E13A3A7575173A93250E72006EA6551C551FB92D0014F8FCD845BBABCCAE55CB344415169B96C80BAB7B127FDCD8E056DED2B26366AD4E6DA27F993C84C90EE37AC16CB95636DA776818ECE01EE531CD2A927EA8816167F52A40C0D7396CE46C0BBBD28226D543F0B55D3120B4BA693220D08065C9BBF3E8918016E0774DF32FC3044697E111EB1B3FDAF11B03F8CFFF23C53339E8D920781361B679759CA5C168E8D5DCAB94025F25162268259C18FC2FA4DC541A25757708C61928E0E535BDDF80A3068A483EC1C5F4F772E2F442672A7979481F9A60ED5DAF849CC9A07D9A 4 Roy_User4 GZ 0x003FDE0600B08541922D500213AE5E4501000000DE3B49C60040D6634118C754D7AC7291FC3C40C081DF90B1 5 Roy_User5 GZ 0x00ECC30427979944B6FAFAC9A00FB69D01000000893D664F157C21FF293F15C21C5696973AE687B993081CDE 6 Roy_User6 GZ 0x002B1FA92A111D4D9571BA68B05503B6010000005336FDD3DD1E33BDE404B32893A0850BEFD01A8ABE6527EA 7 Roy_User7 GZ 0x008772F0C5181F428D82A52CE7ED05BB010000008301BD1387E1D6D5BC80F0EE8F9868EC7C01EF8A743BCE96D0A5E8741C91866D */ /*聯機查看函數：EncryptByKey 用法( key_GUID , { 'cleartext' | @cleartext } [, { add_authenticator | @add_authenticator } , { authenticator | @authenticator } ] ) */ -- 打開對稱密鑰有本錢。所以你可以測試是不是為（運行與無打開關鍵語句） 的關鍵是開放： OPEN SYMMETRIC KEY User1SymmetricKeyCert DECRYPTION BY CERTIFICATE User1Certificate; IF NOT EXISTS( SELECT 1 FROM sys.openkeys WHERE key_name = 'User1SymmetricKeyCert' AND database_name = db_Name() ) PRINT 'Key is not open' ELSE PRINT 'Key is open'; GO CLOSE SYMMETRIC KEY User1SymmetricKeyCert; -- 如果密鑰是由證書或非對稱密鑰的 protectedy，可使用 DecryptByKeyAutoCert 或 DecryptByKeyAutoAsymKey 作為1個快捷方式。只是如有必要，請打開對稱密鑰。另外到 SQL Server 2005 后初始版本 -- 證書: SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByKeyAutoCert(cert_id('User1Certificate'), NULL, CreditCardType)) AS CreditCardType FROM Customer2 WHERE CustID = 4; -- 非對稱密鑰: SELECT CustID, Name, City, CONVERT(VARCHAR, DecryptByKeyAutoAsymKey(AsymKey_ID('User2AsymmetricKey'), NULL, CreditCardType)) AS CreditCardType FROM Customer2 WHERE CustID = 6; --函數: SYMKEYPROPERTY -- 檢查的關鍵屬性，但只為 EKM 鍵 SELECT SYMKEYPROPERTY(Key_ID('GenericSymmetricKeySym'), 'algorithm_desc') AS Algorithm, SYMKEYPROPERTY(Key_ID('GenericSymmetricKeySym'), 'string_sid') AS String_SID, SYMKEYPROPERTY(Key_ID('GenericSymmetricKeySym'), 'sid') AS SID; GO -- New T-SQL function: KEY_NAME -- Return name of key from GUID or cipher text SELECT KEY_NAME(Key_GUID('User1SymmetricKeyCert')); SELECT KEY_NAME(CreditCardType) FROM Customer2 WHERE CustId = 6; -- 刪除測試登陸賬號 DROP LOGIN User1; DROP LOGIN User2; DROP LOGIN User3; USE master; GO DROP DATABASE EncryptionDB;