June 8, 2012

sp_resign_database (Transact-SQL MetaData) Definition

Please note: that the following source code is provided and copyrighted by Microsoft and is for educational purpose only.
The meta data is from an SQL 2012 Server.

I have posted alot more, find the whole list here.

Goto Definition or MetaData

Definition:

sys.sp_resign_database(nvarchar @keytype
, nvarchar @fn
, nvarchar @pwd)

MetaData:

 create proc sys.sp_resign_database @keytype sysname, @fn nvarchar(512), @pwd sysname = Null  
as
begin
declare @thumbprint varbinary(32)
declare @keyname sysname
declare @stmt nvarchar(1024)
declare @randomname sysname
declare @iter int
declare @hasmasterkey int

if @pwd is NULL SELECT @pwd = 'Yukon90!!!!_!#@1234567890_'

-- ensure that there are no outer transaction
set implicit_transactions off
if (@@trancount > 0)
begin
raiserror(15002,-1,-1,'sys.sp_resign_database')
return (1)
end

-- Key type should be asymmetric key
if (LOWER(@keytype) <> 'ASYMMETRIC KEY')
begin
raiserror(2561,-1,-1, 0)
return (1)
end

-- Obtain key thumprint
select @thumbprint = get_publickey_token_from_file(@keytype, @fn)
if (@thumbprint is null)
begin
raiserror(15208,-1,-1)
return (1)
end

-- Begin transaction
BEGIN TRANSACTION

-- Check if there is a master key in the database
-- If there is none, create one
select @hasmasterkey = count(*) from sys.symmetric_keys where symmetric_key_id = 101
if (@hasmasterkey = 0)
begin
select @stmt = 'CREATE MASTER KEY ENCRYPTION BY PASSWORD = ' + quotename(@pwd,'''')
exec (@stmt)
if (@@error <> 0)
begin
ROLLBACK TRANSACTION
return (1)
end
end

-- See if the key exists in the database already
select @keyname = name from sys.asymmetric_keys where thumbprint = @thumbprint

-- if there is a key, drop all encryptions and the key from the database
if (@keyname is not null)
begin
-- first drop all signatures from the database by that key
select @stmt = 'DROP SIGNATURE FROM DATABASE :: '
select @stmt = @stmt + quotename(db_name(), '[')
select @stmt = @stmt + ' BY '
select @stmt = @stmt + @keytype
select @stmt = @stmt + quotename(@keyname, '[')
exec (@stmt)
if (@@error <> 0)
begin
ROLLBACK TRANSACTION
return (1)
end

-- then drop the key
select @stmt = 'DROP '
select @stmt = @stmt + @keytype
select @stmt = @stmt + ' '
select @stmt = @stmt + quotename(@keyname, '[')
exec (@stmt)
if @@error <> 0
begin
ROLLBACK TRANSACTION
return (1)
end
end

-- compute the name of a new key and create the key
-- try 10 times to avoid accidental race conditions
select @iter = 1
while (@iter < 10)
begin
select @randomname = N'INT_' + convert(nvarchar(128), newid())
select @stmt = 'CREATE '
select @stmt = @stmt + @keytype
select @stmt = @stmt + ' '
select @stmt = @stmt + quotename(@randomname, '[')
select @stmt = @stmt + ' FROM FILE = '
select @stmt = @stmt + quotename(@fn, '''')
exec (@stmt)
if (@@error = 0)
select @iter = 10
else if (@iter = 9)
begin
-- UNDONE: Give an error message
ROLLBACK TRANSACTION
return (1)
end
end

-- compute statement to generate signature and execute it
select @stmt = 'ADD SIGNATURE TO DATABASE :: '
select @stmt = @stmt + quotename(db_name(), '[')
select @stmt = @stmt + ' BY '
select @stmt = @stmt + @keytype
select @stmt = @stmt + quotename(@randomname, '[')
exec (@stmt)
if (@@error <> 0)
begin
ROLLBACK TRANSACTION
return (1)
end

-- compute statement to drop the private key
select @stmt = 'ALTER '
select @stmt = @stmt + @keytype
select @stmt = @stmt + ' '
select @stmt = @stmt + quotename(@randomname, '[')
select @stmt = @stmt + ' REMOVE PRIVATE KEY'
exec (@stmt)
if (@@error <> 0)
begin
ROLLBACK TRANSACTION
return (1)
end

-- finally, if the master key was created, drop it
if (@hasmasterkey = 0)
begin
select @stmt = 'DROP MASTER KEY'
exec (@stmt)
if (@@error <> 0)
begin
ROLLBACK TRANSACTION
return (1)
end
end

COMMIT TRANSACTION
return (0)
end

No comments:

Post a Comment

Total Pageviews