MSSQL 调用 CLR 加密/解密
使用 Transact-SQL开启CLR
sp_configure 'show advanced options',1 RECONFIGURE sp_configure 'clr enabled',1 RECONFIGURE
修改 Transact-SQL 编码
DECLARE @hash AS BINARY(64) = (SELECT HASHBYTES('SHA2_512', (SELECT * FROM OPENROWSET (BULK 'C:\clrDES.dll', SINGLE_BLOB) AS [Data])))
EXEC sp_add_trusted_assembly @hash
编写Transact-SQL
use DataDB
go
-- 启用 SQL Server 的 CLR 功能
exec sp_configure 'show advanced options',1;
go
reconfigure
go
exec sp_configure 'clr enabled',1;
go
reconfigure
go
DECLARE @hash AS BINARY(64) = (SELECT HASHBYTES('SHA2_512', (SELECT * FROM OPENROWSET (BULK 'C:\clrDES.dll', SINGLE_BLOB) AS [Data])))
EXEC sp_add_trusted_assembly @hash
go
if object_id('dbo.des_encrypt','FS') is not null
drop function dbo.des_encrypt;
go
if object_id('dbo.des_decrypt','FS') is not null
drop function dbo.des_decrypt;
go
-- 创建程序集
if exists (select * from sys.assemblies where name='DES')
drop assembly DES;
go
create assembly DES authorization dbo
from 'C:\clrDES.dll' -- dll 文件路径
with permission_set=safe;
go
create function dbo.des_encrypt (@text nvarchar(max), @key nvarchar(128))
returns nvarchar(max)
as external name DES.DES.DESEncrypt;
go
create function dbo.des_decrypt (@text nvarchar(max), @key nvarchar(128))
returns nvarchar(max)
as external name DES.DES.DESDecrypt;
go
编写CLR集成托管DLL
using System;
using System.IO;
using System.Text;
using System.Data;
using System.Data.SqlTypes;
using System.Security.Cryptography;
using Microsoft.SqlServer.Server;
public class DES
{
[SqlFunction(IsDeterministic = true, IsPrecise = true)]
public static SqlString DESEncrypt(SqlString text, SqlString key)
{
if (text.IsNull || key.IsNull || key.Value.Length < 8)
return null;
return (SqlString)_DESEncrypt(Encoding.Default.GetBytes((string)text),
Encoding.Default.GetBytes((string)key),
new byte[] { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF });
}
private static string _DESEncrypt(byte[] text, byte[] key, byte[] iv)
{
string entext;
using (MemoryStream mstream = new MemoryStream())
{
DESCryptoServiceProvider des = new DESCryptoServiceProvider();
CryptoStream estream = new CryptoStream(mstream, des.CreateEncryptor(key, iv), CryptoStreamMode.Write);
try
{
estream.Write(text, 0, text.Length);
estream.FlushFinalBlock();
entext = Convert.ToBase64String(mstream.ToArray());
}
finally
{
estream.Close();
des.Clear();
}
}
return entext;
}
[SqlFunction(IsDeterministic = true, IsPrecise = true)]
public static SqlString DESDecrypt(SqlString text, SqlString key)
{
if (text.IsNull || key.IsNull || key.Value.Length < 8)
return null;
return (SqlString)_DESDecrypt(Convert.FromBase64String((string)text),
Encoding.Default.GetBytes((string)key),
new byte[] { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF });
}
private static string _DESDecrypt(byte[] text, byte[] key, byte[] iv)
{
string detext;
using (MemoryStream mstream = new MemoryStream())
{
DESCryptoServiceProvider des = new DESCryptoServiceProvider();
CryptoStream estream = new CryptoStream(mstream, des.CreateDecryptor(key, iv), CryptoStreamMode.Write);
try
{
estream.Write(text, 0, text.Length);
estream.FlushFinalBlock();
detext = Encoding.Default.GetString(mstream.ToArray());
}
finally
{
estream.Close();
des.Clear();
}
}
return detext;
}
}
调用示例
select dbo.des_encrypt(N'hello world', N'88888888'); select dbo.des_decrypt(N'+GeLDT6kAxZlm2pnFX8X4w==',N'88888888');
