Decrypting SQL Server database objects

Problem
SQL Server offers a way to encrypt your Stored Procedures to make sure that prying eyes cannot see what is going on behind the scenes. The problem with this method is that it is not a very secure way of encrypting the contents of your stored procedures. In addition, since SQL Server basically stores your source code vs. a compiled version most people rely on the code that is in the database server instead of moving the code to a source control application. Because of the need to access this code this tip outlines various methods of decrypting your encrypted database objects.

Solution
There are basically two ways that you can go about doing this; 1) you can write your own process or 2) you can download and/or purchase a tool that was developed to do just this. Various tools exist that allow you to decrypt your database objects.

So how does encryption work?

Basically it is a simple option that you use when creating your objects. Here is a basic example using the "WITH ENCRYPTION" option.

CREATE PROCEDURE uspGetAuthors
WITH ENCRYPTION
AS
SELECT *
FROM authors
GO

After I create this stored procedure, when I try to view the contents of the stored procedure using the following command,

sp_helptext uspGetAuthors

I get this error: "The object comments have been encrypted."

Also, when trying to look at this stored procedure in Enterprise Manager I get the following error message.

Decrypt

To decrypt the stored procedure I used this script. This is very simple to install and use and allows you to decrypt stored procedures, view and triggers and best of all it is free. To use this script I first created it and then ran the following command.

exec DECRYPT2K 'uspGetAuthors', 'S'

When I issue the sp_helptext statement again this is the results I get, so we can see that it decrypted the stored procedure and it is now available for editing both with Query Analyzer or Enterprise Manager.

CREATE PROCEDURE uspGetAuthors

AS
SELECT *
FROM authors

So as you can see there is not a lot to decrypting your database objects. Also, encrypted objects are not really that secure, so this should not be your only method for securing code that you do not want others to see.

Along with the script mentioned above, here is a list of other tools that are available:

Next Steps

Add this tool to your SQL toolkit
Take a look at some these tools that are available
Make sure that if you are trying to keep prying eyes away from your code using the encryption option that there are ways to get to it so look for other methods

Encrypting and Decrypting SQL Server Stored Procedures, Views and User-Defined Functions

Managing SQL Server Master Keys for Encryption

SQL Server Encryption Certificates Overview

SQL Server 2008 Transparent Data Encryption getting started

SQL Server Encryption Symmetric vs. Asymmetric Keys

Identifying PII Data to Lock Down in SQL Server (Part 1 of 2)

SQL Server Column Level Encryption Example using Symmetric Keys

Encrypting and Decrypting SQL Server Stored Procedures, Views and User-Defined Functions

Masking Personal Identifiable SQL Server Data

Finding Encrypted Data in a SQL Server Database

Storing passwords in a secure way in a SQL Server database

Where Does SQL Server Store Its Certificates

Does SQL Server TDE still work with an expired certificate

Updating an expired SQL Server TDE certificate

SQL Server Transparent Data Encryption Alternative Solution - NetLib Security Encryptionizer

SQL Server Transparent Data Encryption vs. NetLib Encryptionizer

Configure SQL Server Transparent Data Encryption with PowerShell

Enable Always Encrypted with Secure Enclaves in SQL Server Management Studio

Easy and Cost Effective way to Encrypt Every SQL Server Database

SQL Server vs Oracle: Encrypt Communication using TLS 1.2

Comments For This Article

Monday, June 26, 2017 - 8:59:09 AM - Greg Robidoux

Hi Brenda,

looks like that link no longer works. You can check out this post on SQL Server Central: https://www.sqlservercentral.com/Forums/Topic171237-8-1.aspx

This has the code for the stored procedure. Not sure what versions of SQL Server this works with though.

-Greg

Saturday, June 24, 2017 - 7:51:29 AM - brenda	Back To Top (58074)
Is the script still available?

Monday, May 19, 2014 - 4:47:36 AM - muthupandi	Back To Top (30830)
Function does not work.....

Thursday, May 2, 2013 - 8:57:41 PM - Alan

I have tried this decryption procedure and the encryted procedure I tried to decrypt with this code has vanished.

why is that, where has it gone etc

Tuesday, January 11, 2011 - 10:32:49 AM - Greg Robidoux	Back To Top (12567)
What version of SQL Server are you using?

Tuesday, January 11, 2011 - 4:56:20 AM - Prasad	Back To Top (12563)
the procedure doesnt work

Tuesday, August 31, 2010 - 2:11:22 PM - grobido	Back To Top (10099)
It looks like the above link no longer exists. You can try to use this link instead: http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=505&lngWId=5

Monday, April 20, 2009 - 1:40:40 PM - grobido

Take a look at this other code in the link below. There was a comment made on the originating site.

http://www.garyweb.co.uk/decrypt_sp.sql

Not sure if this works with SQL 2005 or not. Have not tested it.

Monday, April 21, 2008 - 9:57:30 PM - vvkp

Hi,

When I use your script for decryption, the stored procs are disappearing. I am using your took for SQL2005. Any idea?

Decrypting SQL Server database objects

Related Articles

Popular Articles

About the author

Comments For This Article