stackoom
  简体   繁体   中英

Operand type clash: varchar is incompatible with varchar(255) Using Always Encrypted with Secure Enclaves and CASE statement

 原文  2022-01-14 20:49:02       sql-server/ encryption/ always-encrypted

Question

I'm trying to return an Encrypted value from the database from within a Case Statement.

DECLARE @emptyValue VARCHAR(255) = '';
Select Top 1 CASE WHEN o.shippingFirstName = @emptyValue AND o.shippingLastName = @emptyValue  

THEN '' ELSE o.shippingFirstName  END AS nameDisplay  from [Order] o

When I run it, I get the following Error

Msg 206, Level 16, State 2, Line 20 Operand type clash: varchar is incompatible with varchar(255) encrypted with (encryption_type = 'RANDOMIZED', encryption_algorithm_name = 'AEAD_AES_256_CBC_HMAC_SHA_256', column_encryption_key_name = 'CEK1', column_encryption_key_database_name = 'cfg_phoenix_prod') collation_name = 'Latin1_General_BIN2' Msg 206, Level 16, State 2, Line 20 Operand type clash: varchar is incompatible with varchar(255) encrypted with (encryption_type = 'RANDOMIZED', encryption_algorithm_name = 'AEAD_AES_256_CBC_HMAC_SHA_256', column_encryption_key_name = 'CEK1', column_encryption_key_database_name = 'cfg_phoenix_prod') collation_name = 'Latin1_General_BIN2' Msg 206, Level 16, State 2, Line 20 Operand type clash: varchar is incompatible with varchar(255) encrypted with (encryption_type = 'RANDOMIZED', encryption_algorithm_name = 'AEAD_AES_256_CBC_HMAC_SHA_256', column_encryption_key_na me = 'CEK1', column_encryption_key_database_name = 'cfg_phoenix_prod') collation_name = 'Latin1_General_BIN2' Msg 206, Level 16, State 2, Line 20 Operand type clash: varchar is incompatible with varchar(255) encrypted with (encryption_type = 'RANDOMIZED', encryption_algorithm_name = 'AEAD_AES_256_CBC_HMAC_SHA_256', column_encryption_key_name = 'CEK1', column_encryption_key_database_name = 'cfg_phoenix_prod') collation_name = 'Latin1_General_BIN2' Msg 206, Level 16, State 2, Line 20 Operand type clash: varchar is incompatible with varchar(255) encrypted with (encryption_type = 'RANDOMIZED', encryption_algorithm_name = 'AEAD_AES_256_CBC_HMAC_SHA_256', column_encryption_key_name = 'CEK1', column_encryption_key_database_name = 'cfg_phoenix_prod') collation_name = 'Latin1_General_BIN2' Msg 8180, Level 16, State 1, Procedure sp_describe_parameter_encryption, Line 1 [Batch Start Line 17] Statement(s) could not be prepared. Msg 8180, Level 16, State 1, Procedure sp_describe_parameter_encryption, Line 1 [Batch Start Line 17] Statement(s) could not be prepared. Msg 8180, Level 16, State 1, Procedure sp_describe_parameter_encryption, Line 1 [Batch Start Line 17] Statement(s) could not be prepared. Msg 8180, Level 16, State 1, Procedure sp_describe_parameter_encryption, Line 1 [Batch Start Line 17] Statement(s) could not be prepared. Msg 8180, Level 16, State 1, Procedure sp_describe_parameter_encryption, Line 1 [Batch Start Line 17] Statement(s) could not be prepared. An error occurred while executing batch. Error message is: Internal error. Metadata for parameter '@pc2d5b410384a4500b3493a0306f71d28' in statement or procedure 'DECLARE @emptyValue AS VARCHAR (255) = @pc2d5b410384a4500b3493a0306f71d28;

SELECT TOP 1 CASE WHEN o.shippingFirstName = @emptyValue AND o.shippingLastName = @emptyValue THEN ' ' ELSE o.shippingFirstName END AS nameDisplay FROM [Order] AS o;

' is missing in resultset returned by sp_describe_parameter_encryption.

The Comparison seems to work fine. It's only when the ELSE tries to return the o.shippingFirstName that generates the issue.

A Similar query such as this works fine:

DECLARE @emptyValue VARCHAR(255) = ''; 
Select Top 1 o.shippingFirstName   from [Order] o  where o.shippingFirstName is not Null and o.shippingFirstName <> @emptyValue

Is there something I'm missing or can it not be done?

Dazed and Confused

1 answers

solution1
 0  2022-01-15 21:18:37

Because the columns are encrypted using Always Encrypted, the server cannot read them at all . Only the client can decrypt them. It cannot compare the column value to an unencrypted variable, they are simply incompatible. The only operations you could do are to compare the column with another encrypted value.

There is no way for it to compare them to anything. Instead, you would need to remove the declaration of the @emptyValue variable and pass it in as a parameter direct from the client.

And if you are using randomized encryption you can't even do this either, you would have to just return it to the client.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SQL Server Always Encrypted Operand type clash: varchar is incompatible with varchar(60) when running EXEC sproc SQL Server Always Encrypted: Operand type clash: varchar is incompatible with varchar(max) Operand type clash: varchar is incompatible with varchar(50) trying to insert in encrypted database SQL Server error "Operand type clash: varchar is incompatible with int " Error while using user-defined table type in sql --> Operand type clash: varchar is incompatible with "user defined table type" Always Encrypted SQL 2016 and Entity Framework 6: “Operand type clash: datetime2 is incompatible with date” Operand data type varchar is invalid for sum operator using a sum function with an imbedded datediff in a case statement varchar is incompatible with varchar(50) encrypted with (encryption_type = 'DETERMINISTIC' Operand type clash: int is incompatible with date when using CASE WHEN and return Column Value Operand type clash: date is incompatible with int with CASE WHEN
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM