MikeRen - Friday, May 25, 2018 1:11 AM
Just about any C# code can be run in a script task, search the web for C# AES encryption. If I identify anything specific then how you were encrypting/decrypting would be public knowledge. This can also be done with the EncryptByPassPhrase and DecriptByPassPharase -
DECLARE @VARB1 varbinary(max);
DECLARE @VARC1 varchar(max);
select @VARB1 = EncryptByPassPhrase ( 'MyFavoritePassPhrase', '12345mypassword' )
select @VARB1 ENC1
,CONVERT(varchar(max), @VARB1 ,2) ENC1_C
,len(CONVERT(varchar(max), @VARB1 ,2)) ENC1_C_LEN
SELECT @VARC1 = CONVERT(varchar(max), @VARB1 ,2) + '15'
SELECT cast(DECRYPTBYPASSPHRASE ('MyFavoritePassPhrase', convert(varbinary(max)
, '0X'+substring(@VARC1,1,len(@VARC1)-2), 1)) as varchar(800)) myPW
This alters the binary value from the Encrypt process by adding a x'15' so when stored it cannot be decrypted directly. More complex alteration may be used on the encryption value. The decrypt code removes the added x'15'. The password has an added prefix of 12345 so even if decrypted it is not valid until the 12345 is removed. The PassPhrase may be dynamic, perhaps including the userid or department. The encryption is triple DES so is not the current standard of AES. IBM believes all current encryption methods will breakable in seconds with quantum processors and the NSA is considering lattice based encryption which may survive quantum attacks for a few years. Is a C# encryption more secure than a SQL statement? Both can be placed in a SSIS package so it really depends on how secure the SSIS package and how secure the source control repository is. For one application I deleted the source code since, like this application, it was for access security and not data security and was one way encryption. Note that SSIS can be used to run a Windows program and return a value which would be the most secure method since examining the SSIS code would not expose the method used to provide the clear password.