Solved

Is it possible to decrypt data in SQL if it was encrypted in .net?

Posted on 2008-10-16
4
228 Views
Last Modified: 2012-05-05
Is it possible, using either SQL2000 or SQL2005, to decrypt data that was encrypted by the front-end .net web code? (On the website, data was encrypted before being imported into database table).

I'm not familiar with web, but I do know that PasswordDerviceBytes and Rijndael was used to encrypt:
 
PasswordDeriveBytes Object = PasswordDeriveBytes(ThePassword, new byte[] {0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d,  0x65, 0x64, 0x76, ....});
...
...
Rijndael alg = Rijndael.Create();
alg.Key = Key;
alg.IV = IV;
...
...

I have access to the data and know ThePassword. Using the password, is there a SQL script that can decrypt the data? (The ultimate goal is to deliver this data in a file, with the data in un-encrypted format so the users can read it)

I'm not sure if this is possible? A similar question was asked here but never answered: http://www.experts-exchange.com/Community_Support/General/Q_22028650.html?sfQueryTermInfo=1+data+decrypt+passwordderivebyt

THANK YOU FOR YOUR HELP!!!

0
Comment
Question by:trpnbillie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 37

Assisted Solution

by:momi_sabag
momi_sabag earned 150 total points
ID: 22738081
if you can decrypt the data using .net code then you can create a clr stored procedure or clr function (clr functions/procedures are sql server procedures/functions that are written in .net code instead of tsql)
this feature is available in sql 2005 and it can solve your problem
0
 
LVL 1

Accepted Solution

by:
Abh4IT earned 350 total points
ID: 22738788
Hi,

From SQL 2005 it supports CLRHosting that is SQL can run programs written for CLR. Therefore the same application could be loaded into SQL Server andexecuted in SQL Server. This allows you to reuse the same code written for CLR.
Some posting on this aspect
http://aspalliance.com/1081_CLR_Integration_in_SQL_Server_2005
And this one shows how to create UDF-User Defined Functions using .NET
http://www.novicksoftware.com/coding-in-sql/Vol3/cis-v3-N13-dot-net-clr-in-sql-server.htm
0
 

Author Comment

by:trpnbillie
ID: 22742472
Thank you both. I am going to try to implement this and will report back my findings!
0
 

Author Comment

by:trpnbillie
ID: 22749621
You have provided the solution! Using a CLR stored procedure is allowing me to call the decryption method that is in the .NET code. I am running into a another problem in that the data is only 75% decrypted. I'll open a separate question for that as I believe it may be related to the data being from a SQL 2000 database.  (I imported the data from SQL2000 to a SQL2005 db in order to use CLR) THANKS AGAIN!
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will get to know that how can we recover deleted data if it happens accidently. We really can recover deleted rows if we know the time when data is deleted by using the transaction log.
Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question