Introduction
Data safe ensured by some special kind of mechanisms in modern database providers. I like the way of MSSQL is designed and it is still improvising or shaping better in all aspects. In MSSQL, if we need to hide business logic of stored procedure, then stored procedure encryption is comes handy with MSSQL in order to ensure data security. By the way decryption is not straight forward in MSSQL. Let's see what are all the impacts of stored procedure encryption and see how to overcome those.
Encrypt Stored Procedure
Stored procedure encryption only restrict anyone from viewing or editing. It will still allow us to execute the stored procedure with all needed parameter values. We can "CREATE OR ALTER PROC" stored procedure with "WITH ENCRYPTION" to encrypt stored procedure.
USE [pubs] GO SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO CREATE OR ALTER PROCEDURE [dbo].[reptq1] WITH ENCRYPTION AS select case when grouping(pub_id) = 1 then 'ALL' else pub_id end as pub_id, avg(price) as avg_price from titles where price is NOT NULL group by pub_id with rollup order by pub_id
What happens after encryption of stored procedure?
After encryption applied to the stored procedure, we could not able to view or modify the stored procedure like
If you see modify menu is disabled and script stored procedure as menu will throws the following error
Property TextHeader is not available for StoredProcedure '[dbo].[reptq1]'. This property may not exist for this object, or may not be retrievable due to insufficient access rights. The text is encrypted. (Microsoft.SqlServer.Smo)
Executing sp_helptext of encrypted stored procedure will throws an error The text for object 'reptq1' is encrypted.
Executing sp_helptext of encrypted stored procedure will throws an error The text for object 'reptq1' is encrypted.
What will happen if we choose extract data tier application?
Extract data tier application in SSMS database menu will help us to generate .dacpac file. If any one of our database objects are encrypted then dacpac file will not be generated and this will throw the following error
Issue in export data tier application
Export data tier application in SSMS database menu will help us generate .bacpac extension files. If any one of stored procedures is encrypted and if it is selected for export then we will get the following issue
If we apply the encryption of any database objects for security reasons it will impact database from taking export the database to any other forms like dacpac or bacpac. Sometimes exporting database or cloning the database will be very difficult of these encryption reasons.
Our team works very hard to resolve this kind of backup issue in one of our client environment. Finally we got only two option to resolve this issue.
Note : We have done all our backup or exporting steps as super admin
Note : We have done all our backup or exporting steps as super admin
Option 1 - Drop the encrypted procedure(not recommended)
I will not recommend this option but I want to explore you there is an option to solve this backup problem. You can drop all your encrypted database objects if it is not internally referred in another database objects. For example,
drop proc reptq1
Option 2 - Using third party tools to reverse engineer the encrypted procedure
I would say reverse engineering the stored procedure to remove WITH Encryption option is only way to resolve this exporting issue. Lets see what are the few third party tools available for us to solve this problem. Thanks dbForge and ApexSQL for your fantabulous job to overcome such kind of issue
Lets see dbForge methodology to solve this issue.
How to decrypt an encrypted stored procedure through dbForge?
Here is the demo to reverse engineer the encrypted store procedure using dbForge.
Conclusion
I hope this article is very useful to you all. Please share your comments to improve this article to get in better shape. Thank you!!
Comments
Post a Comment