RE: Encrypt Stored procedures in Sql Server 2008

SSC Guru

Points: 323504

January 10, 2011 at 5:33 am

kind of... you can use this example to put together jsut a final script that executes a varbinary(max) ...so the proc body is not so obvious.

just remember that SQL Server encryption is not foolproof. any determined DBA can read your procs if they decide they want to; all you are doing is prevening prying eyes from reading it, not a determined DBA.

--totally obfuscate a command to send to the client:

Declare @cmds Nvarchar(MAX)

Declare @obfoo varbinary(MAX)

-- use this code to build the not-so-readable string of the script

Set @cmds = '

PRINT ''This binary string will execute "SELECT * FROM SYS.OBJECTS":''

SELECT * FROM SYS.OBJECTS

'

Set @obfoo = CAST(@cmds as varbinary(MAX))

--copy and paste the resulting string to the final script

Select @obfoo

--this is the portion you'd send in a script to an end user.

declare @_ as varbinary(max)

set @_ =0x0D000A005000520049004E0054002000270054006800690073002000620069006E00610072007900200073007400720069006E0067002000770069006C006C002000650078006500630075007400650020002200530045004C0045004300540020002A002000460052004F004D0020005300590053002E004F0042004A00450043005400530022003A0027000D000A00530045004C0045004300540020002A002000460052004F004D0020005300590053002E004F0042004A0045004300540053000D000A00

exec (@_)

Lowell

--help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!