【转】存储过程加密及解密
1、加密,在创建存储过程中加上WITH ENCRYPTION 就可以轻松将存储过程加密
例如:
if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[abc]') and OBJECTPROPERTY(id, N'IsProcedure') = 1) drop procedure [dbo].[abc] GO CREATE PROCEDURE abc WITH ENCRYPTION AS begin select * from abc end go
2、解密加密的存储过程
首先创建解密的存储过程
if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[DecryptObject]') and OBJECTPROPERTY(id, N'IsProcedure') = 1) drop procedure [dbo].[DecryptObject] GO create PROCEDURE DecryptObject (@objectName varchar(50)) WITH ENCRYPTION AS begin declare @objectname1 varchar(100) declare @sql1 nvarchar(4000),@sql2 nvarchar(4000),@sql3 nvarchar(4000),@sql4 nvarchar(4000),@sql5 nvarchar(4000),@sql6 nvarchar(4000),@sql7 nvarchar(4000),@sql8 nvarchar(4000),@sql9 nvarchar(4000),@sql10 nvarchar(4000) DECLARE @OrigSpText1 nvarchar(4000), @OrigSpText2 nvarchar(4000) , @OrigSpText3 nvarchar(4000), @resultsp nvarchar(4000) declare @i int , @t bigint declare @m int,@n int,@q int DECLARE @tablename varchar(255) --触发器所对应的表名 DECLARE @trigtype varchar(6) --触发器类型 DECLARE @type char(1) --对象类型:P-procedure ;V-View; T-trigger DECLARE @bb bit select @i=count(1) from sysobjects where name = @objectName if @i=0 begin print 'Object ' + @objectName + ' isnt exist!'--对象不存在 return end select @type= case xtype when 'TR' then 'T' else xtype end from sysobjects where name = @objectName if (@type<>'T' and @type<>'V' and @type<>'P') begin print 'Object ' + @objectName + ' isnt procedure or trigger or view!'--没有所需要的对象类型 return end select @bb=encrypted FROM syscomments WHERE id = object_id(@objectName) select @m=max(colid) FROM syscomments WHERE id = object_id(@objectName) if @bb=0 begin print 'Object ' + @objectName + ' is not encrypted!'--对象没有加密 return end create table #temp(colid int,ctext varbinary(8000)) create table #tempresult(cctext nvarchar(4000)) insert #temp SELECT colid,ctext FROM syscomments WHERE id = object_id(@objectName)--get encrypted data 将加密信息存储于临时表中 IF @type='T'--如果是触发子,则取得它的表名和类型 BEGIN SET @tablename=(SELECT sysobjects_1.name FROM dbo.sysobjects INNER JOIN dbo.sysobjects sysobjects_1 ON dbo.sysobjects.parent_obj = sysobjects_1.id WHERE (dbo.sysobjects.type = 'TR') AND (dbo.sysobjects.name = @ObjectName)) SET @trigtype=(SELECT CASE WHEN dbo.sysobjects.deltrig > 0 THEN 'DELETE' WHEN dbo.sysobjects.instrig > 0 THEN 'INSERT' WHEN dbo.sysobjects.updtrig > 0 THEN 'UPDATE' END FROM dbo.sysobjects INNER JOIN dbo.sysobjects sysobjects_1 ON dbo.sysobjects.parent_obj = sysobjects_1.id WHERE (dbo.sysobjects.type = 'TR') AND (dbo.sysobjects.name = @ObjectName)) END SET @sql1=case @type--为修改原有的对象内容准备ALTER语句 WHEN 'P' THEN 'ALTER PROCEDURE '+ @ObjectName +' WITH ENCRYPTION AS ' WHEN 'V' THEN 'ALTER VIEW '+ @ObjectName +' WITH ENCRYPTION AS SELECT dbo.dtproperties.* FROM dbo.dtproperties' WHEN 'T' THEN 'ALTER TRIGGER '+@ObjectName+' ON '+ @tablename+' WITH ENCRYPTION FOR '+@trigtype+' AS PRINT ''a''' END set @q=len(@sql1) set @sql1=@sql1 +REPLICATE('-',4000-@q) select @sql2=REPLICATE('-',4000),@sql3=REPLICATE('-',4000),@sql4=REPLICATE('-',4000),@sql5=REPLICATE('-',4000),@sql6=REPLICATE('-',4000),@sql7=REPLICATE('-',4000),@sql8=REPLICATE('-',4000),@sql9=REPLICATE('-',4000),@sql10=REPLICATE('-',4000) exec(@sql1+@sql2+@sql3+@sql4+@sql5+@sql6+@sql7+@sql8+@sql9+@sql10) select @sql1='',@sql2='',@sql3='',@sql4='',@sql5='',@sql6='',@sql7='',@sql8='',@sql9='',@sql10='' set @n=1 --从编号为1开始 while @n<=@m begin SET @OrigSpText1=(SELECT ctext FROM #temp WHERE colid=@n)--从临时表中取加密数据 SET @OrigSpText3=(SELECT ctext FROM syscomments WHERE id=object_id(@objectName) and colid=@n)--从修改过的对象取得对象数据 if @n=1--如果是第一次循环,则需要准备前面的开头部分的语句 begin SET @OrigSpText2=case @type WHEN 'P' THEN 'CREATE PROCEDURE '+ @ObjectName +' WITH ENCRYPTION AS ' WHEN 'V' THEN 'CREATE VIEW '+ @ObjectName +' WITH ENCRYPTION AS SELECT dbo.dtproperties.* FROM dbo.dtproperties' WHEN 'T' THEN 'CREATE TRIGGER '+@ObjectName+' ON '+ @tablename+' WITH ENCRYPTION FOR '+@trigtype+' AS PRINT ''a''' END set @q=4000-len(@OrigSpText2) set @OrigSpText2=@OrigSpText2+REPLICATE('-',@q) end else begin SET @OrigSpText2=REPLICATE('-', 4000) end SET @i=1 SET @resultsp = replicate(N'A', (datalength(@OrigSpText1) / 2))--fill temporary variable WHILE @i<=datalength(@OrigSpText1)/2 BEGIN --reverse encryption (XOR original+bogus+bogus encrypted) SET @resultsp = stuff(@resultsp, @i, 1, NCHAR( UNICODE(substring(@OrigSpText1, @i, 1)) ^ ( UNICODE(substring(@OrigSpText2, @i, 1)) ^ UNICODE(substring(@OrigSpText3, @i, 1)) ) ) ) SET @i=@i+1 END if @n=1 begin set @sql1=@resultsp end if @n=2 begin set @sql2=@resultsp end if @n=3 begin set @sql3=@resultsp end if @n=4 begin set @sql4=@resultsp end if @n=5 begin set @sql5=@resultsp end if @n=6 begin set @sql6=@resultsp end if @n=7 begin set @sql7=@resultsp end if @n=8 begin set @sql8=@resultsp end if @n=9 begin set @sql9=@resultsp end if @n=10 begin set @sql10=@resultsp end insert into #tempresult values (@resultsp)--把解密数据放入结果表中 set @n=@n+1--循环 end drop table #temp--删除临时表 SET @resultsp=case @type WHEN 'P' THEN 'drop PROCEDURE '+ @ObjectName WHEN 'V' THEN 'drop VIEW '+ @ObjectName WHEN 'T' THEN 'drop TRIGGER '+@ObjectName END Execute( @resultsp)--删除对象 --重新创建对象 if @n=1 begin exec(@sql1) end if @n=2 begin exec(@sql1 + @sql2) end if @n=3 begin exec(@sql1 + @sql2+@sql3 ) end if @n=4 begin exec(@sql1 + @sql2+@sql3 + @sql4 ) end if @n=5 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5) end if @n=6 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6) end if @n=7 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6+ @sql7 ) end if @n=8 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6+ @sql7 + @sql8) end if @n=9 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6+ @sql7 + @sql8 + @sql9) end if @n=10 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6+ @sql7 + @sql8 + @sql8 + @sql10) end select * from #tempresult--显示结果表 drop table #tempresult--删除结果表 end --NCHAR 根据 Unicode 标准所进行的定义,用给定整数代码返回 Unicode 字符。 --语法 NCHAR ( integer_expression ) --参数 --integer_expression 介于 0 与 65535 之间的所有正整数。如果指定了超出此范围的值,将返回 NULL。 --------------------------------- --STUFF 删除指定长度的字符并在指定的起始点插入另一组字符。 --语法 STUFF ( character_expression , start , length , character_expression ) --参数 --character_expression 由字符数据组成的表达式。character_expression 可以是常量、变量,也可以是字符或二进制数据的列。 --start 是一个整形值,指定删除和插入的开始位置。如果 start 或 length 是负数,则返回空字符串。如果 start 比第一个 character_expression 长,则返回空字符串。 --length 是一个整数,指定要删除的字符数。如果 length 比第一个 character_expression 长,则最多删除到最后一个 character_expression 中的最后一个字符。
来自:http://www.360doc.com/content/05/0909/13/717_11438.shtml
示例如下 :
exec DecryptObject '加密的存储过程、触发器、函数'
create PROCEDURE sp_decrypt(@objectname varchar(50)) AS begin set nocount on --CSDN:j9988 copyright:2004.07.15 --V3.2 --破解字节不受限制,适用于SQLSERVER2000存储过程,函数,视图,触发器 --修正上一版"视图触发器"不能正确解密错误 --发现有错,请E_MAIL:[email protected] begin tran declare @objectname1 varchar(100),@orgvarbin varbinary(8000) declare @sql1 nvarchar(4000),@sql2 varchar(8000),@sql3 nvarchar(4000),@sql4 nvarchar(4000) DECLARE @OrigSpText1 nvarchar(4000), @OrigSpText2 nvarchar(4000) , @OrigSpText3 nvarchar(4000), @resultsp nvarchar(4000) declare @i int,@status int,@type varchar(10),@parentid int declare @colid int,@n int,@q int,@j int,@k int,@encrypted int,@number int select @type=xtype,@parentid=parent_obj from sysobjects where id=object_id(@objectname) create table #temp(number int,colid int,ctext varbinary(8000),encrypted int,status int) insert #temp SELECT number,colid,ctext,encrypted,status FROM syscomments WHERE id = object_id(@objectname) select @number=max(number) from #temp set @k=0 while @k<=@number begin if exists(select 1 from syscomments where id=object_id(@objectname) and number=@k) begin if @type='P' set @sql1=(case when @number>1 then 'ALTER PROCEDURE '+ @objectname +';'+rtrim(@k)+' WITH ENCRYPTION AS ' else 'ALTER PROCEDURE '+ @objectname+' WITH ENCRYPTION AS ' end) if @type='TR' begin declare @parent_obj varchar(255),@tr_parent_xtype varchar(10) select @parent_obj=parent_obj from sysobjects where id=object_id(@objectname) select @tr_parent_xtype=xtype from sysobjects where id=@parent_obj if @tr_parent_xtype='V' begin set @sql1='ALTER TRIGGER '+@objectname+' ON '+OBJECT_NAME(@parentid)+' WITH ENCRYPTION INSTERD OF INSERT AS PRINT 1 ' end else begin set @sql1='ALTER TRIGGER '+@objectname+' ON '+OBJECT_NAME(@parentid)+' WITH ENCRYPTION FOR INSERT AS PRINT 1 ' end end if @type='FN' or @type='TF' or @type='IF' set @sql1=(case @type when 'TF' then 'ALTER FUNCTION '+ @objectname+'(@a char(1)) returns @b table(a varchar(10)) with encryption as begin insert @b select @a return end ' when 'FN' then 'ALTER FUNCTION '+ @objectname+'(@a char(1)) returns char(1) with encryption as begin return @a end' when 'IF' then 'ALTER FUNCTION '+ @objectname+'(@a char(1)) returns table with encryption as return select @a as a' end) if @type='V' set @sql1='ALTER VIEW '+@objectname+' WITH ENCRYPTION AS SELECT 1 as f' set @q=len(@sql1) set @sql1=@sql1+REPLICATE('-',4000-@q) select @sql2=REPLICATE('-',8000) set @sql3='exec(@sql1' select @colid=max(colid) from #temp where number=@k set @n=1 while @n<=CEILING(1.0*(@colid-1)/2) and len(@sql3)<=3996 begin set @sql3=@sql3+'+@' set @n=@n+1 end set @sql3=@sql3+')' exec sp_executesql @sql3,N'@sql1 nvarchar(4000),@ varchar(8000)',@sql1=@sql1,@=@sql2 end set @k=@k+1 end set @k=0 while @k<=@number begin if exists(select 1 from syscomments where id=object_id(@objectname) and number=@k) begin select @colid=max(colid) from #temp where number=@k set @n=1 while @n<=@colid begin select @OrigSpText1=ctext,@encrypted=encrypted,@status=status FROM #temp WHERE colid=@n and number=@k SET @OrigSpText3=(SELECT ctext FROM syscomments WHERE id=object_id(@objectname) and colid=@n and number=@k) if @n=1 begin if @type='P' SET @OrigSpText2=(case when @number>1 then 'CREATE PROCEDURE '+ @objectname +';'+rtrim(@k)+' WITH ENCRYPTION AS ' else 'CREATE PROCEDURE '+ @objectname +' WITH ENCRYPTION AS ' end) if @type='FN' or @type='TF' or @type='IF' SET @OrigSpText2=(case @type when 'TF' then 'CREATE FUNCTION '+ @objectname+'(@a char(1)) returns @b table(a varchar(10)) with encryption as begin insert @b select @a return end ' when 'FN' then 'CREATE FUNCTION '+ @objectname+'(@a char(1)) returns char(1) with encryption as begin return @a end' when 'IF' then 'CREATE FUNCTION '+ @objectname+'(@a char(1)) returns table with encryption as return select @a as a' end) if @type='TR' begin if @tr_parent_xtype='V' begin set @OrigSpText2='CREATE TRIGGER '+@objectname+' ON '+OBJECT_NAME(@parentid)+' WITH ENCRYPTION INSTEAD OF INSERT AS PRINT 1 ' end else begin set @OrigSpText2='CREATE TRIGGER '+@objectname+' ON '+OBJECT_NAME(@parentid)+' WITH ENCRYPTION FOR INSERT AS PRINT 1 ' end end if @type='V' set @OrigSpText2='CREATE VIEW '+@objectname+' WITH ENCRYPTION AS SELECT 1 as f' set @q=4000-len(@OrigSpText2) set @OrigSpText2=@OrigSpText2+REPLICATE('-',@q) end else begin SET @OrigSpText2=REPLICATE('-', 4000) end SET @i=1 SET @resultsp = replicate(N'A', (datalength(@OrigSpText1) / 2)) WHILE @i<=datalength(@OrigSpText1)/2 BEGIN SET @resultsp = stuff(@resultsp, @i, 1, NCHAR(UNICODE(substring(@OrigSpText1, @i, 1)) ^ (UNICODE(substring(@OrigSpText2, @i, 1)) ^ UNICODE(substring(@OrigSpText3, @i, 1))))) SET @i=@i+1 END set @orgvarbin=cast(@OrigSpText1 as varbinary(8000)) set @resultsp=(case when @encrypted=1 then @resultsp else convert(nvarchar(4000),case when @status&2=2 then uncompress(@orgvarbin) else @orgvarbin end) end) print @resultsp set @n=@n+1 end end set @k=@k+1 end drop table #temp rollback tran end
示例:
exec sp_decrypt '加密的存储过程、视图、触发器、函数'