(4.16)存储过程的加密与解密
(4.16)存储过程的加密与解密
存储过程加密概念:无法查看到过程的内容,也无法邮件生成create等脚本
注意,要以DAC的方式新建查询才能够使用~(详情参考:SQL Server DAC——专用管理员连接)
在主菜单的“文件”中,依次选“新建”、“数据库引擎查询”,在弹出的“连接到服务器”对话窗口的“服务器名称”框中,
输入“admin:<你的实例的名称>”。
加密
use test go alter procedure sp_test @num int with encryption as begin select 1 union all select 2 select * from test..test1 update test..test1 set num=10,num1=10 where id = @num end
解密
create procedure sp_DecryptObject ( @Object sysname, --要解密的对象名:函数,存储过程,视图或触发器 @MaxLength int=4000 --评估内容的长度 ) as set nocount on /* 1. 解密 */ if not exists(select 1 from sys.objects a where a.object_id=object_id(@Object) And a.type in('P','V','TR','FN','IF','TF')) begin --SQL Server 2008 raiserror ( N'无效的对象!要解密的对象必须是函数,存储过程,视图或触发器。' ,16,1) --SQL Server 2012 --throw 50001, N'无效的对象!要解密的对象必须是函数,存储过程,视图或触发器。',1 return end if exists(select 1 from sys.sql_modules a where a.object_id=object_id(@Object) and a.definition is not null) begin --SQL Server 2008 raiserror (N'对象没有加密!' ,16,1) --SQL Server 2012 --throw 50001, N'无效的对象!要解密的对象必须是函数,存储过程,视图或触发器。',1 return end declare @sql nvarchar(max) --解密出来的SQL语句 ,@imageval nvarchar(max) --加密字符串 ,@tmpStr nvarchar(max) --临时SQL语句 ,@tmpStr_imageval nvarchar(max) --临时SQL语句(加密后) ,@type char(2) --对象类型('P','V','TR','FN','IF','TF') ,@objectID int --对象ID ,@i int --While循环使用 ,@Oject1 nvarchar(1000) set @objectID=object_id(@Object) set @type=(select a.type from sys.objects a where a.object_id=@objectID) declare @Space4000 nchar(4000) set @Space4000=replicate('-',4000) /* @tmpStr 会构造下面的SQL语句 ------------------------------------------------------------------------------- alter trigger Tr_Name on Table_Name with encryption for update as return /**/ alter proc Proc_Name with encryption as select 1 as col /**/ alter view View_Name with encryption as select 1 as col /**/ alter function Fn_Name() returns int with encryption as begin return(0) end/**/ */ set @Oject1=quotename(object_schema_name(@objectID))+'.'+quotename(@Object) set @tmpStr= case when @type ='P ' then N'Alter Procedure '+@Oject1+' with encryption as select 1 as column1 ' when @type ='V ' then N'Alter View '+@Oject1+' with encryption as select 1 as column1 ' when @type ='FN' then N'Alter Function '+@Oject1+'() returns int with encryption as begin return(0) end ' when @type ='IF' then N'Alter Function '+@Oject1+'() returns table with encryption as return(Select a.name from sys.types a) ' when @type ='TF' then N'Alter Function '+@Oject1+'() returns @t table(name nvarchar(50)) with encryption as begin return end ' else 'Alter Trigger '+@Oject1+'on '+quotename(object_schema_name(@objectID))+'.'+(select Top(1) quotename(object_name(parent_id)) from sys.triggers a where a.object_id=@objectID)+' with encryption for update as return ' end set @tmpStr=@tmpStr+'/*'+@Space4000 set @i=0 while @i < (ceiling(@MaxLength*1.0/4000)-1) begin set @tmpStr=@tmpStr+ @Space4000 Set @i=@i+1 end set @tmpStr=@tmpStr+'*/' ------------ set @imageval =(select top(1) a.imageval from sys.sysobjvalues a where a.objid=@objectID and a.valclass=1) begin tran exec(@tmpStr) set @tmpStr_imageval =(select top(1) a.imageval from sys.sysobjvalues a where a.objid=@objectID and a.valclass=1) rollback tran ------------- set @tmpStr=stuff(@tmpStr,1,5,'create') set @sql='' set @i=1 while @i<= (datalength(@imageval)/2) begin set @sql=@sql+isnull(nchar(unicode(substring(@tmpStr,@i,1)) ^ unicode(substring(@tmpStr_imageval,@i,1))^unicode(substring(@imageval,@i,1)) ),'') Set @i+=1 end /* 2. 列印 */ declare @patindex int while @sql>'' begin set @patindex=patindex('%'+char(13)+char(10)+'%',@sql) if @patindex >0 begin print substring(@sql,1,@patindex-1) set @sql=stuff(@sql,1,@patindex+1,'') end else begin set @patindex=patindex('%'+char(13)+'%',@sql) if @patindex >0 begin print substring(@sql,1,@patindex-1) set @sql=stuff(@sql,1,@patindex,'') end else begin set @patindex=patindex('%'+char(10)+'%',@sql) if @patindex >0 begin print substring(@sql,1,@patindex-1) set @sql=stuff(@sql,1,@patindex,'') end else begin print @sql set @sql='' end end end end
成功**