开始:
在网络上,看到有SQL Server 2000和SQL Server 2005 的存储过程加密和解密的方法,后来分析了其中的代码,发现它们的原理都是一样的。后来自己根据实际的应用环境,编写了两个存储过程,一个加密存储过程(sp_EncryptObject),和一个解密存储过程(sp_EncryptObject),它们可以应用于SQL Server中的储过程,函数,视图,以及触发器。
感觉这两个存储过程蛮有意思的,拿来与大家分享;如果你看过类似的,就当作重温一下也好。
用于加密的存储过程 (sp_EncryptObject) :
存储过程(sp_EncryptObject)加密的方法是在存储过程,函数,视图的“As”位置前加上“with encryption”;如果是触发器,就在“for”位置前加“with encryption”。
如果触发器是{ AFTER | INSTEAD OF} 需要修改下面代码"For"位置:
if objectproperty(object_id(@Object),'ExecIsAfterTrigger')=0 set @Replace='As' ; else set @Replace='For ';
存储过程完成代码:
View Code
Use master Go if object_ID('[sp_EncryptObject]') is not null Drop Procedure [sp_EncryptObject] Go create procedure sp_EncryptObject ( @Object sysname='All' ) as /* 当@Object=All的时候,对所有的函数,存储过程,视图和触发器进行加密 调用方法: 1. Execute sp_EncryptObject 'All' 2. Execute sp_EncryptObject 'ObjectName' */ begin set nocount on if @Object <>'All' begin if not exists(select 1 from sys.objects a where a.object_id=object_id(@Object) And a.type in('P','V','TR','FN','IF','TF')) begin --SQL Server 2008 raiserror 50001 N'无效的加密对象!加密对象必须是函数,存储过程,视图或触发器。' --SQL Server 2012 --throw 50001, N'无效的加密对象!加密对象必须是函数,存储过程,视图或触发器。',1 return end if exists(select 1 from sys.sql_modules a where a.object_id=object_id(@Object) and a.definition is null) begin --SQL Server 2008 raiserror 50001 N'对象已经加密!' --SQL Server 2012 --throw 50001, N'对象已经加密!',1 return end end declare @sql nvarchar(max),@C1 nchar(1),@C2 nchar(1),@type nvarchar(50),@Replace nvarchar(50) set @C1=nchar(13) set @C2=nchar(10) declare cur_Object cursor for select object_name(a.object_id) As ObjectName,a.definition from sys.sql_modules a inner join sys.objects b on b.object_id=a.object_id and b.is_ms_shipped=0 and not exists(select 1 from sys.extended_properties x where x.major_id=b.object_id and x.minor_id=0 and x.class=1 and x.name='microsoft_database_tools_support' ) where b.type in('P','V','TR','FN','IF','TF') and (b.name=@Object or @Object='All') and b.name <>'sp_EncryptObject' and a.definition is not null order by Case when b.type ='V' then 1 when b.type ='TR' then 2 when b.type in('FN','IF','TF') then 3 else 4 end,b.create_date,b.object_id open cur_Object fetch next from cur_Object into @Object,@sql while @@fetch_status=0 begin Begin Try if objectproperty(object_id(@Object),'ExecIsAfterTrigger')=0 set @Replace='As' ; else set @Replace='For '; if (patindex('%'+@C1+@C2+@Replace+@C1+@C2+'%',@sql)>0) begin set @sql=Replace(