sql存储过程加密和解密(MSSQL)
用于加密的存储过程 (sp_EncryptObject) :
存储过程(sp_EncryptObject)加密的方法是在存储过程,函数,视图的“As”位置前加上“with encryption”;如果是触发器,就在“for”位置前加“with encryption”。
如果触发器是{ AFTER | INSTEAD OF} 需要修改下面代码"For"位置:
if objectproperty(object_id(@Object),'ExecIsAfterTrigger')=0 set @Replace='As' ; else set @Replace='For ';
存储过程完成代码:
Use master
Go
if object_ID('[sp_EncryptObject]') is not null
Drop Procedure [sp_EncryptObject]
Go
create procedure sp_EncryptObject
(
@Object sysname='All'
)
as
/*
当@Object=All的时候,对所有的函数,存储过程,视图和触发器进行加密
调用方法:
1. Execute sp_EncryptObject 'All'
2. Execute sp_EncryptObject 'ObjectName'
*/
begin
set nocount on
if @Object <>'All'
begin
if not exists(select 1 from sys.objects a where a.object_id=object_id(@Object) And a.type in('P','V','TR','FN','IF','TF'))
begin
--SQL Server 2008
raiserror 50001 N'无效的加密对象!加密对象必须是函数,存储过程,视图或触发器。'
--SQL Server 2012
--throw 50001, N'无效的加密对象!加密对象必须是函数,存储过程,视图或触发器。',1
return
end
if exists(select 1 from sys.sql_modules a where a.object_id=object_id(@Object) and a.definition is null)
begin
--SQL Server 2008
raiserror 50001 N'对象已经加密!'
--SQL Server 2012
--throw 50001, N'对象已经加密!',1
return
end
end
declare @sql nvarchar(max),@C1 nchar(1),@C2 nchar(1),@type nvarchar(50),@Replace nvarchar(50)
set @C1=nchar(13)
set @C2=nchar(10)
declare cur_Object
cursor for
select object_name(a.object_id) As ObjectName,a.definition
from sys.sql_modules a
inner join sys.objects b on b.object_id=a.object_id
and b.is_ms_shipped=0
and not exists(select 1
from sys.extended_properties x
where x.major_id=b.object_id
and x.minor_id=0
and x.class=1
and x.name='microsoft_database_tools_support'
)
where b.type in('P','V','TR','FN','IF','TF')
and (b.name=@Object or @Object='All')
and b.name <>'sp_EncryptObject'
and a.definition is not null
order by Case
when b.type ='V' then 1
when b.type ='TR' then 2
when b.type in('FN','IF','TF') then 3
else 4 end,b.create_date,b.object_id
open cur_Object
fetch next from cur_Object into @Object,@sql
while @@fetch_status=0
begin
Begin Try
if objectproperty(object_id(@Object),'ExecIsAfterTrigger')=0 set @Replace='As' ; else set @Replace='For ';
if (patindex('%'+@C1+@C2+@Replace+@C1+@C2+'%',@sql)>0)
begin
set @sql=Replace(@sql,@C1+@C2+@Replace+@C1+@C2,@C1+@C2+'With Encryption'+@C1+@C2+@Replace+@C1+@C2)
end
else if(patindex('%'+@C1+@Replace+@C1+'%',@sql)>0)
begin
set @sql=Replace(@sql,@C1+@Replace+@C1,@C1+'With Encryption'+@C1+@Replace+@C1)
end
else if(patindex('%'+@C2+@Replace+@C2+'%',@sql)>0)
begin
set @sql=Replace(@sql,@C2+@Replace+@C2,@C2+'With Encryption'+@C2+@Replace+@C2)
end
else if(patindex('%'+@C2+@Replace+@C1+'%',@sql)>0)
begin
set @sql=Replace(@sql,@C2+@Replace+@C1,@C1+'With Encryption'+@C2+@Replace+@C1)
end
else if(patindex('%'+@C1+@C2+@Replace+'%',@sql)>0)
begin
set @sql=Replace(@sql,@C1+@C2+@Replace,@C1+@C2+'With Encryption'+@C1+@C2+@Replace)
end
else if(patindex('%'+@C1+@Replace+'%',@sql)>0)
begin
set @sql=Replace(@sql,@C1+@Replace,@C1+'With Encryption'+@C1+@Replace)
end
else if(patindex('%'+@C2+@Replace+'%',@sql)>0)
begin
set @sql=Replace(@sql,@C2+@Replace,@C2+'With Encryption'+@C2+@Replace)
end
set @type =
case
when object_id(@Object,'P')>0 then 'Proc'
when object_id(@Object,'V')>0 then 'View'
when object_id(@Object,'TR')>0 then 'Trigger'
when object_id(@Object,'FN')>0 or object_id(@Object,'IF')>0 or object_id(@Object,'TF')>0 then 'Function'
end
set @sql=Replace(@sql,'Create '+@type,'Alter '+@type)
Begin Transaction
exec(@sql)
print N'已完成加密对象('+@type+'):'+@Object
Commit Transaction
End Try
Begin Catch
Declare @Error nvarchar(2047)
Set @Error='Object: '+@Object+@C1+@C2+'Error: '+Error_message()
Rollback Transaction
print @Error
print @sql
End Catch
fetch next from cur_Object into @Object,@sql
end
close cur_Object
deallocate cur_Object
end
Go
exec sp_ms_marksystemobject 'sp_EncryptObject' --标识为系统对象
go
解密方法:
解密过程,最重要采用异或方法:
[字符1]经过函数 fn_x(x)加密变成[加密后字符1],如果我们已知[加密后字符1],反过来查[字符1],可以这样:
[字符1] = [字符2] ^ fn_x([字符2]) ^ [加密后字符1]
这里我列举一个简单的例子:
--创建加密函数(fn_x)
if object_id('fn_x') is not null drop function fn_x
go
create function fn_x
(
@x nchar(1)
)returns nchar(1)
as
begin
return(nchar((65535-unicode(@x))))
end
go
declare @nchar_1_encrypt nchar(1),@nchar_2 nchar(1)
--对字符'A'进行加密,存入变量@nchar_1_encrypt
set @nchar_1_encrypt=dbo.fn_x(N'A')
--參考的字符@nchar_2
set @nchar_2='x'
--算出@nchar_1_encrypt 加密前的字符
select nchar(unicode(@nchar_2)^unicode(dbo.fn_x(@nchar_2))^unicode(@nchar_1_encrypt)) as [@nchar_1]
/*
@nchar_1
--------------------
A
*/
[注]: 从SQL Server 2000至 SQL Server 2012 采用异或方法都可以解密
用于解密的存储过程(sp_DecryptObject):
Use master
Go
if object_ID('[sp_DecryptObject]') is not null
Drop Procedure [sp_DecryptObject]
Go
create procedure sp_DecryptObject
(
@Object sysname, --要解密的对象名:函数,存储过程,视图或触发器
@MaxLength int=4000 --评估内容的长度
)
as
set nocount on
/* 1. 解密 */
if not exists(select 1 from sys.objects a where a.object_id=object_id(@Object) And a.type in('P','V','TR','FN','IF','TF'))
begin
--SQL Server 2008
raiserror 50001 N'无效的对象!要解密的对象必须是函数,存储过程,视图或触发器。'
--SQL Server 2012
--throw 50001, N'无效的对象!要解密的对象必须是函数,存储过程,视图或触发器。',1
return
end
if exists(select 1 from sys.sql_modules a where a.object_id=object_id(@Object) and a.definition is not null)
begin
--SQL Server 2008
raiserror 50001 N'对象没有加密!'
--SQL Server 2012
--throw 50001, N'无效的对象!要解密的对象必须是函数,存储过程,视图或触发器。',1
return
end
declare @sql nvarchar(max) --解密出来的SQL语句
,@imageval nvarchar(max) --加密字符串
,@tmpStr nvarchar(max) --临时SQL语句
,@tmpStr_imageval nvarchar(max) --临时SQL语句(加密后)
,@type char(2) --对象类型('P','V','TR','FN','IF','TF')
,@objectID int --对象ID
,@i int --While循环使用
,@Oject1 nvarchar(1000)
set @objectID=object_id(@Object)
set @type=(select a.type from sys.objects a where a.object_id=@objectID)
declare @Space4000 nchar(4000)
set @Space4000=replicate('-',4000)
/*
@tmpStr 会构造下面的SQL语句
-------------------------------------------------------------------------------
alter trigger Tr_Name on Table_Name with encryption for update as return /**/
alter proc Proc_Name with encryption as select 1 as col /**/
alter view View_Name with encryption as select 1 as col /**/
alter function Fn_Name() returns int with encryption as begin return(0) end/**/
*/
set @Oject1=quotename(object_schema_name(@objectID))+'.'+quotename(@Object)
set @tmpStr=
case
when @type ='P ' then N'Alter Procedure '+@Oject1+' with encryption as select 1 as column1 '
when @type ='V ' then N'Alter View '+@Oject1+' with encryption as select 1 as column1 '
when @type ='FN' then N'Alter Function '+@Oject1+'() returns int with encryption as begin return(0) end '
when @type ='IF' then N'Alter Function '+@Oject1+'() returns table with encryption as return(Select a.name from sys.types a) '
when @type ='TF' then N'Alter Function '+@Oject1+'() returns @t table(name nvarchar(50)) with encryption as begin return end '
else 'Alter Trigger '+@Oject1+'on '+quotename(object_schema_name(@objectID))+'.'+(select Top(1) quotename(object_name(parent_id)) from sys.triggers a where a.object_id=@objectID)+' with encryption for update as return '
end
set @tmpStr=@tmpStr+'/*'+@Space4000
set @i=0
while @i < (ceiling(@MaxLength*1.0/4000)-1)
begin
set @tmpStr=@tmpStr+ @Space4000
Set @i=@i+1
end
set @tmpStr=@tmpStr+'*/'
------------
set @imageval =(select top(1) a.imageval from sys.sysobjvalues a where a.objid=@objectID and a.valclass=1)
begin tran
exec(@tmpStr)
set @tmpStr_imageval =(select top(1) a.imageval from sys.sysobjvalues a where a.objid=@objectID and a.valclass=1)
rollback tran
-------------
set @tmpStr=stuff(@tmpStr,1,5,'create')
set @sql=''
set @i=1
while @i<= (datalength(@imageval)/2)
begin
set @sql=@sql+isnull(nchar(unicode(substring(@tmpStr,@i,1)) ^ unicode(substring(@tmpStr_imageval,@i,1))^unicode(substring(@imageval,@i,1)) ),'')
Set @i+=1
end
/* 2. 列印 */
declare @patindex int
while @sql>''
begin
set @patindex=patindex('%'+char(13)+char(10)+'%',@sql)
if @patindex >0
begin
print substring(@sql,1,@patindex-1)
set @sql=stuff(@sql,1,@patindex+1,'')
end
else
begin
set @patindex=patindex('%'+char(13)+'%',@sql)
if @patindex >0
begin
print substring(@sql,1,@patindex-1)
set @sql=stuff(@sql,1,@patindex,'')
end
else
begin
set @patindex=patindex('%'+char(10)+'%',@sql)
if @patindex >0
begin
print substring(@sql,1,@patindex-1)
set @sql=stuff(@sql,1,@patindex,'')
end
else
begin
print @sql
set @sql=''
end
end
end
end
Go
exec sp_ms_marksystemobject 'sp_DecryptObject' --标识为系统对象
go
sql存储过程加密和解密(MSSQL)相关推荐
- Sql存储过程加密和解密
可用于加密SQL存储过程或者触发器(这是SQL Server本身提供的,也就是说这是微软的加密算法) http://www.mscto.com 使用 WITH ENCRYPTION 选项 WITH E ...
- SQLserver存储过程加密、解密
SQLserver存储过程加密.解密 作者:邱名涛 撰写时间:2019 年 6 月 22 日 关键技术: 数据库存储过程加密.解密 –加密存储过程 –判断表是否存在,如果存在就删除 if object ...
- 对存储过程进行加密和解密(SQL 2008/SQL 2012)
开始: 在网络上,看到有SQL Server 2000和SQL Server 2005 的存储过程加密和解密的方法,后来分析了其中的代码,发现它们的原理都是一样的.后来自己根据实际的应用环境,编写了两 ...
- SQL 敏感数据加密与解密
SQL版本: SQL 2012 最近工作,内网WebService映射到外网,敏感数据(收集号码.身份证号)被waf(防火墙)和谐为"*"号,想着接口里将此类敏感数据进行加密返回, ...
- SQL SERVER2005加密解密数据
--==================(I)服务主密钥===================== --1.)备份服务主密钥到文件 BACKUP SERVICE MASTER KEY TO FILE ...
- SQL存储过程解密研究
从网上搜索SQL存储过程解密,可以看到一大堆的资料,其内容都基本上都一致,这是先放上一篇: 解密存储过程 本文将以此为基础进行研究,虽能解密成功,但其中解密那一段究其原理是到底是什么,一直也弄不明白, ...
- mysql aes256_pl/sql:aes256加密解密
调用相应的API对BLOB数据 相应的加密和解密 PL/SQL 加密解密 --加密function encrypt_aes256 (p_blob in blob, p_key in varchar2) ...
- 在ORACLE中对存储过程加密
在ORACLE中对存储过程加密 2007年08月04日 星期六 下午 04:06 1 创建存储过程 create or replace procedure lb_test2 as begi ...
- sql server 加密_SQL Server机密–第II部分– SQL Server加密功能
sql server 加密 透明数据加密(TDE) ( Transparent Data Encryption (TDE) ) SQL Server has two ways of encryptin ...
最新文章
- 《OpenCV3编程入门》学习笔记6 图像处理(二)非线性滤波:中值滤波、双边滤波
- python 深拷贝_python 深拷贝
- 从多个角度来理解协方差(covariance)
- 书多嚼不烂,看书的方法
- CygWin / 安装软件包的方法
- C++类的Const数组的初始化
- 什么是saashrm
- (41)css 三大隐藏属性
- 10-10-030-简介-Kafka之数据存储
- VCS命令行选项总结简单脚本实例
- 微信支付之获取code
- 对话系统 | (8) 任务型对话系统概述
- 大数据之路:阿里巴巴大数据实践
- JavaScript实现富文本编辑器
- 暴力破解zip压缩密码
- Redis队列和专业MQ的对比和选型
- Spark Transformation算子->subtract
- 金融类openapi
- 关于解决Ubuntu下apt-get的Unmet dependencies依赖错误
- 骁龙8+参数 骁龙8+什么水平 骁龙8+处理器怎么样