Encrypting Data With the SQL Server Encrypt Function
2005-06-29 20:09
525 查看
EncryptingDataWiththeSQLServerEncryptFunction
SinceSQLServer6.x,youcanusetheENCRYPTfunctiontoencryptdatawiththesamemethodusedbytheWITHENCRYPTIONkeyword.There'saratherlargeproblemthatIwilldiscussaftertheexample.TousetheENCRYPTfunction,useitbeforethestringvalueasshownbelow:
SELECTENCRYPT('TestPW1')
Willoutputthefollowingresult:
------------------------------
0x5400650073007400500057003100
(1row(s)affected)
Let'sgoaheadandcreateasampletableandtryoutthisfunction.Createthefollowingusertableandloadthesampledatabelow:
CREATETABLEUsers(
UserIDVarchar(10),
UserPWVarchar(20))
INSERTINTOUSERSvalues('TestUser1',ENCRYPT('TestPW1'))
INSERTINTOUSERSvalues('TestUser2',ENCRYPT('TestPW2'))
INSERTINTOUSERSvalues('TestUser3',ENCRYPT('TestPW3'))
INSERTINTOUSERSvalues('TestUser4',ENCRYPT('TestPW4'))
Ifyounowselectthedataitwillappearencrypted.NoticeifyourunaSELECTENCRYPT('TestPW1')thatthedatathatyouseedifferentthatwhatappearswhenyouselectoutoftheUserstableafteryouinsertthevalue.ThealgorithmthatSQLServerusestoencryptthedataisrelativilyeasyandiscasesensitiveuntilit'sstoredintoatable.Atthatpointitbecomesverydifficulttoread.
Datastoredinanencryptedcolumncanbeusedtostorepasswords.Onceencrypted,youcan'tdirectlyunencryptthedata.Youcouldonlyperformchecksagainstitasshownbelow:
SELECT*fromUserswhereUserID='TestUser2'
andUserPW=ENCRYPT('TestPW2')
Keepinmindthattheabovecommandiscasesensitive.Ifyouwantthistobecase-insensitive,itisbesttostoreallthedatainuppercasebyusingtheUPPERfunction.TheUPPERfunctionwillhavetobeusedintheinsertstatementaswellastheselectstatementthatwe'vementioned.Forexample,theinsertstatementwouldlooklikethis:
INSERTINTOUSERSvalues('TestUser1',ENCRYPT(UPPER('TestPW1')))
SELECT*fromUserswhereUserID='TestUser2'
andUserPW=ENCRYPT(UPPER('TestPW2'))
Anothernotetomentionisthatlikeanynicelyencrypteddata,thedatamayappearonelengthwhenviewingit,butisactuallystoredatadifferentlength.
UserIDUserPW
------------------------------
TestUser1T
TestUser2T
TestUser3T
TestUser4T
(4row(s)affected)
ButinactualityifweselectthelengthofthefieldbyusingtheLENfunction,wecanseethetruelength.
useridLength
---------------------
TestUser114
TestUser214
TestUser314
TestUser414
(4row(s)affected)
Withthatpointmade,makesurethatthelengthofyourcolumnrepresentstheencryptedlength,nottheunencryptedlenth.Now,forthelargecaveatthatImentionedearlier.ThisstoredprocedureisunsupportedbyMicrososftandtheycouldeasilychangeitorripitout.AgoodexampleofthisfunctionchangingwasbetweenSQLServer6.5and7.0.Anothercommonquestionisdecryption.Obiously,MicrosoftdoesnotmakethiseasyandstringscanonlybeeasilydecryptedusingthecomparisontechniqueIshowedearlier.Ifyoudon'tusethismethodtoencryptyourpasswords,thereareothermethodsthataremuchbetter.Thesemethodsaremuchmorerobustandsecurethanwhatwediscussed.Forexample,LesSmithhas2articlesthatshowyouhowtouseJavaorCOMtoencryptpasswordsat:
相关文章推荐
- Using SOAP Interface with the SQL Server Data Services
- The Microsoft Data Warehouse Toolkit: With SQL Server 2005 and the Microsoft Business Intelligence T
- The version of SQL Server in use does not support datatype 'datetime2'.
- Windows Mobile Data Synchronization with SQL Server 2005 and SQL Server Compact 3.1
- Lesson 04: Reading Data with the SqlDataReader(使用SqlDataReader读取数据)
- SQL Server Data Tools – Business Intelligence for Visual Studio 2012安装时提示“The CPU architecture....”的解决方法
- Building a Data Warehouse: With Examples in SQL Server (Hardcover), Dec.2007.eBook-BBL
- SQLServer The datediff function resulted in an overflow
- Building a Data Warehouse: With Examples in SQL Server
- Using ROW_NUMBER() to paginate your data with SQL Server 2005 and ASP.NET
- Windows Mobile Data Synchronization with SQL Server 2005 and SQL Server Compact 3.1
- Lesson 05: Working with Disconnected Data - The DataSet and SqlDataAdapter(使用断开数据--DataSet和SqlDataAdapter)
- Build Data-Driven Web Services with Updated XML Support for SQL Server 2000
- SQL Server Data Tools – Business Intelligence for VS 2012安装时提示“The CPU architecture....”的解决方法
- Renaming the Physical Filename for Datafiles in SQL Server 2008
- [转]Using the Microsoft Connector for Oracle by Attunity with SQL Server 2008 Integration Services
- Introduction to the SQL Server Analysis Services Logistic Regression Data Mining Algorithm
- This article provides a fix for the error: Login failed for user “. The user is not associated with a trusted SQL Server
- SSMA Oracle to SQL Server data migration step fails with no explanation
- MS SQL错误:SQL Server failed with error code 0xc0000000 to spawn a thread to process a new login or connection. Check the SQL Server error log and the Windows event logs for information about possible related problems