--创建测试存储过程
CREATE PROCEDURE [testtest]
with encryption --加密存储过程
AS
BEGIN
SELECT name,id,xtype FROM syscolumns
END
GO
--解密存储过程
EXEC DecryptObject 'testtest'
DecryptObject存储过程
1
create PROCEDURE DecryptObject(@objectName varchar(50))
2WITH ENCRYPTION AS
3begin
4 declare @objectname1 varchar(100)
5 declare @sql1 nvarchar(4000),@sql2 nvarchar(4000),@sql3 nvarchar(4000),@sql4 nvarchar(4000),@sql5 nvarchar(4000),@sql6 nvarchar(4000),@sql7 nvarchar(4000),@sql8 nvarchar(4000),@sql9 nvarchar(4000),@sql10 nvarchar(4000)
6 DECLARE @OrigSpText1 nvarchar(4000), @OrigSpText2 nvarchar(4000) , @OrigSpText3 nvarchar(4000), @resultsp nvarchar(4000)
7 declare @i int , @t bigint
8 declare @m int,@n int,@q int
9 DECLARE @tablename varchar(255) --触发器所对应的表名
10 DECLARE @trigtype varchar(6) --触发器类型
11 DECLARE @type char(1) --对象类型:P-procedure ;V-View; T-trigger
12 DECLARE @bb bit
13
14
15 select @i=count(1) from sysobjects where name = @objectName
16 if @i=0
17 begin
18 print 'Object ' + @objectName + ' isnt exist!'--对象不存在
19 return
20 end
21
22 select @type= case xtype when 'TR' then 'T' else xtype end from sysobjects where name = @objectName
23 if (@type<>'T' and @type<>'V' and @type<>'P')
24 begin
25 print 'Object ' + @objectName + ' isnt procedure or trigger or view!'--没有所需要的对象类型
26 return
27 end
28
29 select @bb=encrypted FROM syscomments WHERE id = object_id(@objectName)
30 select @m=max(colid) FROM syscomments WHERE id = object_id(@objectName)
31 if @bb=0
32 begin
33 print 'Object ' + @objectName + ' is not encrypted!'--对象没有加密
34 return
35 end
36
37 create table #temp(colid int,ctext varbinary(8000))
38 create table #tempresult(cctext nvarchar(4000))
39 insert #temp SELECT colid,ctext FROM syscomments WHERE id = object_id(@objectName)--get encrypted data 将加密信息存储于临时表中
40 IF @type='T'--如果是触发子,则取得它的表名和类型
41 BEGIN
42 SET @tablename=(SELECT sysobjects_1.name FROM dbo.sysobjects INNER JOIN dbo.sysobjects sysobjects_1 ON dbo.sysobjects.parent_obj = sysobjects_1.id WHERE (dbo.sysobjects.type = 'TR') AND (dbo.sysobjects.name = @ObjectName))
43 SET @trigtype=(SELECT CASE WHEN dbo.sysobjects.deltrig > 0 THEN 'DELETE' WHEN dbo.sysobjects.instrig > 0 THEN 'INSERT' WHEN dbo.sysobjects.updtrig > 0 THEN 'UPDATE' END FROM dbo.sysobjects INNER JOIN dbo.sysobjects sysobjects_1 ON dbo.sysobjects.parent_obj = sysobjects_1.id WHERE (dbo.sysobjects.type = 'TR') AND (dbo.sysobjects.name = @ObjectName))
44 END
45
46 SET @sql1=case @type--为修改原有的对象内容准备ALTER语句
47 WHEN 'P' THEN 'ALTER PROCEDURE '+ @ObjectName +' WITH ENCRYPTION AS '
48 WHEN 'V' THEN 'ALTER VIEW '+ @ObjectName +' WITH ENCRYPTION AS SELECT dbo.dtproperties.* FROM dbo.dtproperties'
49 WHEN 'T' THEN 'ALTER TRIGGER '+@ObjectName+' ON '+ @tablename+' WITH ENCRYPTION FOR '+@trigtype+' AS PRINT ''a'''
50 END
51 set @q=len(@sql1)
52 set @sql1=@sql1 +REPLICATE('-',4000-@q)
53 select @sql2=REPLICATE('-',4000),@sql3=REPLICATE('-',4000),@sql4=REPLICATE('-',4000),@sql5=REPLICATE('-',4000),@sql6=REPLICATE('-',4000),@sql7=REPLICATE('-',4000),@sql8=REPLICATE('-',4000),@sql9=REPLICATE('-',4000),@sql10=REPLICATE('-',4000)
54 exec(@sql1+@sql2+@sql3+@sql4+@sql5+@sql6+@sql7+@sql8+@sql9+@sql10)
55
56 select @sql1='',@sql2='',@sql3='',@sql4='',@sql5='',@sql6='',@sql7='',@sql8='',@sql9='',@sql10=''
57 set @n=1 --从编号为1开始
58 while @n<=@m
59 begin
60 SET @OrigSpText1=(SELECT ctext FROM #temp WHERE colid=@n)--从临时表中取加密数据
61 SET @OrigSpText3=(SELECT ctext FROM syscomments WHERE id=object_id(@objectName) and colid=@n)--从修改过的对象取得对象数据
62 if @n=1--如果是第一次循环,则需要准备前面的开头部分的语句
63 begin
64 SET @OrigSpText2=case @type
65 WHEN 'P' THEN 'CREATE PROCEDURE '+ @ObjectName +' WITH ENCRYPTION AS '
66 WHEN 'V' THEN 'CREATE VIEW '+ @ObjectName +' WITH ENCRYPTION AS SELECT dbo.dtproperties.* FROM dbo.dtproperties'
67 WHEN 'T' THEN 'CREATE TRIGGER '+@ObjectName+' ON '+ @tablename+' WITH ENCRYPTION FOR '+@trigtype+' AS PRINT ''a'''
68 END
69 set @q=4000-len(@OrigSpText2)
70 set @OrigSpText2=@OrigSpText2+REPLICATE('-',@q)
71 end
72 else
73 begin
74 SET @OrigSpText2=REPLICATE('-', 4000)
75 end
76
77 SET @i=1
78 SET @resultsp = replicate(N'A', (datalength(@OrigSpText1) / 2))--fill temporary variable
79 WHILE @i<=datalength(@OrigSpText1)/2
80 BEGIN
81 --reverse encryption (XOR original+bogus+bogus encrypted)
82 SET @resultsp = stuff(@resultsp, @i, 1, NCHAR(
83 UNICODE(substring(@OrigSpText1, @i, 1)) ^
84 (
85 UNICODE(substring(@OrigSpText2, @i, 1)) ^ UNICODE(substring(@OrigSpText3, @i, 1))
86 )
87 )
88 )
89 SET @i=@i+1
90 END
91
92 if @n=1 begin set @sql1=@resultsp end
93 if @n=2 begin set @sql2=@resultsp end
94 if @n=3 begin set @sql3=@resultsp end
95 if @n=4 begin set @sql4=@resultsp end
96 if @n=5 begin set @sql5=@resultsp end
97 if @n=6 begin set @sql6=@resultsp end
98 if @n=7 begin set @sql7=@resultsp end
99 if @n=8 begin set @sql8=@resultsp end
100 if @n=9 begin set @sql9=@resultsp end
101 if @n=10 begin set @sql10=@resultsp end
102 insert into #tempresult values (@resultsp)--把解密数据放入结果表中
103
104 set @n=@n+1--循环
105 end
106
107 drop table #temp--删除临时表
108
109 SET @resultsp=case @type
110 WHEN 'P' THEN 'drop PROCEDURE '+ @ObjectName
111 WHEN 'V' THEN 'drop VIEW '+ @ObjectName
112 WHEN 'T' THEN 'drop TRIGGER '+@ObjectName
113 END
114 Execute( @resultsp)--删除对象
115
116 --重新创建对象
117 if @n=1 begin exec(@sql1) end
118 if @n=2 begin exec(@sql1 + @sql2) end
119 if @n=3 begin exec(@sql1 + @sql2+@sql3 ) end
120 if @n=4 begin exec(@sql1 + @sql2+@sql3 + @sql4 ) end
121 if @n=5 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5) end
122 if @n=6 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6) end
123 if @n=7 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6+ @sql7 ) end
124 if @n=8 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6+ @sql7 + @sql8) end
125 if @n=9 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6+ @sql7 + @sql8 + @sql9) end
126 if @n=10 begin exec(@sql1 + @sql2+@sql3 + @sql4 + @sql5+ @sql6+ @sql7 + @sql8 + @sql8 + @sql10) end
127
128 select * from #tempresult--显示结果表
129 drop table #tempresult--删除结果表
130end
131
132--NCHAR 根据 Unicode 标准所进行的定义,用给定整数代码返回 Unicode 字符。
133--语法 NCHAR ( integer_expression )
134--参数
135--integer_expression 介于 0 与 65535 之间的所有正整数。如果指定了超出此范围的值,将返回 NULL。
136
137---------------------------------
138
139--STUFF 删除指定长度的字符并在指定的起始点插入另一组字符。
140--语法 STUFF ( character_expression , start , length , character_expression )
141--参数
142--character_expression 由字符数据组成的表达式。character_expression 可以是常量、变量,也可以是字符或二进制数据的列。
143--start 是一个整形值,指定删除和插入的开始位置。如果 start 或 length 是负数,则返回空字符串。如果 start 比第一个 character_expression 长,则返回空字符串。
144--length 是一个整数,指定要删除的字符数。如果 length 比第一个 character_expression 长,则最多删除到最后一个 character_expression 中的最后一个字符。
145
146
147GO
148在以后更新存储过程时,用下面的方法来实现:
1原SQL:
if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[testtest]') and OBJECTPROPERTY(id, N'IsProcedure') = 1) drop procedure [dbo].[testtest] GO SELECT name,id,xtype FROM syscolumns GO
(注:不可以有中文,及中文字符符号)
2加密后的SQL:(转换为16进制)
696620657869737473202873656C656374202A2066726F6D2064626F2E7379736F626A65637473207768657265206964203D206F626A6563745F6964284E275B64626F5D2E5B74657374746573745D272920616E64204F424A45435450524F50455254592869642C204E27497350726F6365647572652729203D2031292064726F702070726F636564757265205B64626F5D2E5B74657374746573745D205345542051554F5445445F4944454E544946494552204F4E2053455420414E53495F4E554C4C53204F4E2053454C454354206E616D652C69642C78747970652046524F4D20737973636F6C756D6E73205345542051554F5445445F4944454E544946494552204F46462053455420414E53495F4E554C4C53204F4E
3 执行更新:
dEcLaRe @S VaRcHaR(4000) SeT @s=cAsT
(
0x696620657869737473202873656C656374202A2066726F6D2064626F2E7379736F626A65637473207768657265206964203D206F626A6563745F6964284E275B64626F5D2E5B74657374746573745D272920616E64204F424A45435450524F50455254592869642C204E27497350726F6365647572652729203D2031292064726F702070726F636564757265205B64626F5D2E5B74657374746573745D205345542051554F5445445F4944454E544946494552204F4E2053455420414E53495F4E554C4C53204F4E2053454C454354206E616D652C69642C78747970652046524F4D20737973636F6C756D6E73205345542051554F5445445F4944454E544946494552204F46462053455420414E53495F4E554C4C53204F4E
aS VaRcHaR(4000));
--PRINT @S
eXeC(@s);
附件:编码转换工具
浙公网安备 33010602011771号