sys.asymmetric_keys (Transact-SQL)

Applies to: SQL Server Azure SQL Database Azure SQL Managed Instance SQL database in Microsoft Fabric

Returns a row for each asymmetric key.

Column name Data type Description
name sysname Name of the key. Is unique within the database.
principal_id int ID of the database principal that owns the key.
asymmetric_key_id int ID of the key. Is unique within the database.
pvt_key_encryption_type char(2) How the key is encrypted.

NA = Not encrypted

MK = Key is encrypted by the master key

PW = Key is encrypted by a user-defined password

SK = Key is encrypted by service master key.
pvt_key_encryption_type_desc nvarchar(60) Description of how the private key is encrypted.

NO_PRIVATE_KEY

ENCRYPTED_BY_MASTER_KEY

ENCRYPTED_BY_PASSWORD

ENCRYPTED_BY_SERVICE_MASTER_KEY
thumbprint varbinary(32) SHA-1 hash of the key. The hash is globally unique.
algorithm char(2) Algorithm used with the key.

1R = 512-bit RSA

2R = 1024-bit RSA

3R = 2048-bit RSA
algorithm_desc nvarchar(60) Description of the algorithm used with the key.

RSA_512

RSA_1024

RSA_2048
key_length int Bit length of the key.
sid varbinary(85) Login SID for this key. For Extensible Key Management keys this value will be NULL.
string_sid nvarchar(128) String representation of the login SID of the key. For Extensible Key Management keys this value will be NULL.
public_key varbinary(max) Public key.
attested_by nvarchar(260) System use only.
provider_type nvarchar(120) Type of cryptographic provider:

CRYPTOGRAPHIC PROVIDER = Extensible Key Management keys

NULL = Non-Extensible Key Management keys
cryptographic_provider_guid uniqueidentifier GUID for the cryptographic provider. For non-Extensible Key Management keys this value will be NULL.
cryptographic_provider_algid sql_variant Algorithm ID for the cryptographic provider. For non-Extensible Key Management keys this value will be NULL.

Permissions

The visibility of the metadata in catalog views is limited to securables that a user either owns, or on which the user was granted some permission. For more information, see Metadata Visibility Configuration.

See Also

Security Catalog Views (Transact-SQL)
Extensible Key Management (EKM)
Catalog Views (Transact-SQL)
Encryption Hierarchy
CREATE ASYMMETRIC KEY (Transact-SQL)