主页 / dba / 问题 / 127027
Accepted
Solomon Rutzky
Asked: 2016-01-23 11:48:48 +0800 CST

查找签名的过程、函数、触发器、程序集以及哪些证书/非对称密钥

  • 772

我创建了一些证书(通过CREATE CERTIFICATE)和非对称密钥(通过CREATE ASYMMETRIC KEY),并使用它们对各种存储过程、用户定义函数(UDF)、触发器和程序集(通过ADD SIGNATURE)进行签名和副签名. 但现在我需要找出哪些证书和/或非对称密钥已用于签署哪些特定模块。

sql-server permissions

1 个回答

  1. Best Answer

    最简单的方法似乎是使用sys.crypt_properties目录视图,它包含证书/非对称密钥和签名模块之间的关系,以及使用(即签名或会签)。还有一些其他方法可以找到哪些模块已签名,但似乎没有一种方法表明签名与会签。

    SELECT SCHEMA_NAME(so.[schema_id]) AS [SchemaName],
       so.[name] AS [ObjectName],
       so.[type_desc] AS [ObjectType],
       ---
       scp.crypt_type_desc AS [SignatureType],
       ISNULL(sc.[name], sak.[name]) AS [CertOrAsymKeyName],
       ---
       scp.thumbprint
FROM sys.crypt_properties scp
INNER JOIN sys.objects so
        ON so.[object_id] = scp.[major_id]
LEFT JOIN sys.certificates sc
        ON sc.thumbprint = scp.thumbprint
LEFT JOIN sys.asymmetric_keys sak
        ON sak.thumbprint = scp.thumbprint
WHERE   so.[type] <> 'U'
ORDER BY [SchemaName], [ObjectType], [ObjectName], [CertOrAsymKeyName];

    在我的测试数据库中,此查询返回以下内容:

    Schema  ObjectName     ObjectType            SignatureType                        CertOrAsymKeyName  thumbprint
------  ----------     ----------            -------------                        -----------------  ----------
dbo     fnPaymentCalc  SQL_SCALAR_FUNCTION   COUNTER SIGNATURE BY ASYMMETRIC KEY  KeyTest1           0x2333B2FA6AA8004E
dbo     ModuleTest2    SQL_STORED_PROCEDURE  SIGNATURE BY CERTIFICATE             CrossDatabaseCert  0x49BA174584C78C878D923690C15898A809CBACDF
dbo     TestSig        SQL_STORED_PROCEDURE  SIGNATURE BY CERTIFICATE             bob                0x778B3DB4ED981FC27AB301ACE7A1AB8424F64792
dbo     TestSig        SQL_STORED_PROCEDURE  SIGNATURE BY ASYMMETRIC KEY          KeyTest1           0x2333B2FA6AA8004E
    • 6

相关问题