加密和解密示例 « IQ 管理：用户管理和安全 « Sybase数据库技术,数据库恢复

随着Sybase被完全整合到SAP下，Sybase原来的支持网站被SAP Support Portal取代。
只有购买了SAP服务的用户才能使用账号登录SAP Support Portal进行介质下载、补丁升级、报Incident等。
目前，原Sybase所有产品（包括：Adaptive Server Enterprise、Sybase IQ、Replication Server、PowerDesigner等）的官方手册仍然可以从https://infocenter.sybase.com/help/index.jsp进行浏览或下载。暂不清楚该网站https://infocenter.sybase.com/help/index.jsp何时会被完全迁移到SAP Support上！
Sybase官方手册英文版有html和pdf两种格式，而中文版手册只有pdf一种格式。为了国内Sybase用户更方便、快捷地搜索Sybase常见产品的官方手册内容，特将中文版Sybase官方手册转为html格式！
Sybase产品官方手册中文版的html格式所有内容的版权归SAP公司所有！本博客站长是Sybase数据库的铁杆粉丝！

如有Sybase数据库技术问题需要咨询，请联系我！

QQ :289965371

Email:

以下官方手册为SAP IQ 16.0 SP03中文版：

< 上一个 | 内容 | 下一步 >

加密和解密示例 ‌

使用 AES_ENCRYPT 和 AES_DECRYPT 函数的示例，该示例是用带注释的 SQL 编写的。

-- This example of aes_encrypt and aes_decrypt function use is presented in three parts:

-- Part I: Preliminary description of target tables and users as DDL

-- Part II: Example schema changes motivated by introduction of encryption

-- Part III: Use of views and stored procedures to protect encryption keys

-- Part I: Define target tables and users

-- Assume two classes of user, represented here by the instances

-- PrivUser and NonPrivUser, assigned to groups reflecting differing

-- privileges.

-- The initial state reflects the schema prior to the introduction

-- of encryption.

-- Set up the starting context: There are two tables with a common key.

-- Some columns contain sensitive data, the remaining columns do not.

-- The usual join column for these tables is sensitiveA.

-- There is a key and a unique index.

grant connect to PrivUser identified by 'verytrusted' ; grant connect to NonPrivUser identified by 'lesstrusted' ;

grant connect to high_privileges_group ; create role high_privileges_group ;

grant role high_privileges_group to PrivUser ;

grant connect to low_privileges_group ; create role low_privileges_group ;

grant role low_privileges_group to NonPrivUser ;

create table DBA.first_table

(sensitiveA char(16) primary key

,sensitiveB numeric(10,0)

,publicC varchar(255)

,publicD date

) ;

-- There is an implicit unique HG (HighGroup) index enforcing the

primary key.

create table second_table

(sensitiveA char(16)

,publicP integer

,publicQ tinyint

,publicR varchar(64)

) ;

create hg index second_A_HG on second_table ( sensitiveA ) ;

-- TRUSTED users can see the sensitive columns.

grant select ( sensitiveA, sensitiveB, publicC, publicD ) on DBA.first_table to PrivUser ;

grant select ( sensitiveA, publicP, publicQ, publicR ) on DBA.second_table to PrivUser ;

-- Non-TRUSTED users in existing schema need to see sensitiveA to be

-- able to do joins, even though they should not see sensitiveB.

grant select ( sensitiveA, publicC, publicD ) on DBA.first_table to NonPrivUser ;

grant select ( sensitiveA, publicP, publicQ, publicR ) on DBA.second_table to NonPrivUser ;

-- Non-TRUSTED users can execute queries such as select I.publicC, 3*II.publicQ+1

from DBA.first_table I, DBA.second_table II

where I.sensitiveA = II.sensitiveA and I.publicD IN ( '2006-01-11' ) ;

-- and

select count(*)

from DBA.first_table I, DBA.second_table II

where I.sensitiveA = II.sensitiveA and SUBSTR(I.sensitiveA,4,3) BETWEEN '345' AND '456' ;

-- But only TRUSTED users can execute the query select I.sensitiveB, 3*II.publicQ+1

from DBA.first_table I, DBA.second_table II

where I.sensitiveA = II.sensitiveA and I.publicD IN ( '2006-01-11' ) ;

-- Part II: Change the schema in preparation for encryption

-- The DBA introduces encryption as follows:

-- For applicable tables, the DBA changes the schema, adjusts access

-- permissions, and updates existing data. The encryption

-- keys used are hidden in a subsequent step.

-- -- -- --	(units are PlainText		Bytes): CipherText	Corresponding
--		0	16
--	1	- 16	32	numeric(1,0)	- numeric(20,0)
--	17	- 32	48	numeric(21,0)	- numeric(52,0)
--	33	- 48	64	numeric(53,0)	- numeric(84,0)
--	49	- 64	80	numeric(85,0)	- numeric(116,0)
--	65	- 80	96	numeric(117,0)	- numeric(128,0)
--	81	- 96	112
--	97	- 112	128
--	113	- 128	144
--	129	- 144	160
--	145	- 160	176
--	161	- 176	192
--	177	- 192	208
--	193	- 208	224
--	209	- 224	240

-- -- -- --	(units are PlainText		Bytes): CipherText	Corresponding
--		0	16
--	1	- 16	32	numeric(1,0)	- numeric(20,0)
--	17	- 32	48	numeric(21,0)	- numeric(52,0)
--	33	- 48	64	numeric(53,0)	- numeric(84,0)
--	49	- 64	80	numeric(85,0)	- numeric(116,0)
--	65	- 80	96	numeric(117,0)	- numeric(128,0)
--	81	- 96	112
--	97	- 112	128
--	113	- 128	144
--	129	- 144	160
--	145	- 160	176
--	161	- 176	192
--	177	- 192	208
--	193	- 208	224
--	209	- 224	240

-- DataLength comparison for length of varbinary encryption result

Numeric Precisions

-- The integer data types tinyint, small int, integer, and bigint

-- are varbinary(32) ciphertext.

-- The exact relationship is

-- DATALENGTH(ciphertext) =

-- (((DATALENGTH(plaintext)+ 15) / 16) + 1) * 16

-- For the first table, the DBA chooses to preserve both the plaintext and

-- ciphertext forms. This is not typical and should only be done if the

-- database files are also encrypted.

-- Take away NonPrivUser's access to column sensitiveA and transfer

-- access to the ciphertext version.

-- Put a unique index on the ciphertext column. The ciphertext

-- itself is indexed.

-- NonPrivUser can select the ciphertext and use it.

-- PrivUser can still select either form (without paying decrypt costs).

revoke select ( sensitiveA ) on DBA.first_table from NonPrivUser ;

alter table DBA.first_table add encryptedA varbinary(32) ; grant select ( encryptedA ) on DBA.first_table to PrivUser ;

grant select ( encryptedA ) on DBA.first_table to NonPrivUser ; create unique hg index first_A_unique on first_table

( encryptedA ) ;

update DBA.first_table

set encryptedA = aes_encrypt(sensitiveA, 'seCr3t') where encryptedA is null ;

commit

-- Now change column sensitiveB.

alter table DBA.first_table add encryptedB varbinary(32) ; grant select ( encryptedB ) on DBA.first_table to PrivUser ; create unique hg index first_B_unique on first_table

( encryptedB ) ;

update DBA.first_table

set encryptedB = aes_encrypt(sensitiveB, 'givethiskeytonoone') where encryptedB is null ;

commit

-- For the second table, the DBA chooses to keep only the ciphertext.

-- This is more typical and encrypting the database files is not required.

revoke select ( sensitiveA ) on DBA.second_table from NonPrivUser ;

revoke select ( sensitiveA ) on DBA.second_table from PrivUser ; alter table DBA.second_table add encryptedA varbinary(32) ; grant select ( encryptedA ) on DBA.second_table to PrivUser ; grant select ( encryptedA ) on DBA.second_table to NonPrivUser ; create unique hg index second_A_unique on second_table

( encryptedA ) ;

update DBA.second_table

set encryptedA = aes_encrypt(sensitiveA, 'seCr3t') where encryptedA is null ;

commit

alter table DBA.second_table drop sensitiveA ;

-- The following types of queries are permitted at this point, before

-- changes are made for key protection:

-- Non-TRUSTED users can equi-join on ciphertext; they can also select

-- the binary, but have no way to interpret it.

select I.publicC, 3*II.publicQ+1

from DBA.first_table I, DBA.second_table II

where I.encryptedA = II.encryptedA and I.publicD IN ( '2006-01-11' ) ;

-- Ciphertext-only access rules out general predicates and expressions.

-- The following query does not return meaningful results.

-- NOTE: These four predicates can be used on the varbinary containing

-- ciphertext:

-- = (equality)

-- <> (inequality)

-- IS NULL

-- IS NOT NULL

select count(*)

from DBA.first_table I, DBA.second_table II

where I.encryptedA = II.encryptedA and SUBSTR(I.encryptedA,4,3) BETWEEN '345' AND '456' ;

-- The TRUSTED user still has access to the plaintext columns that

-- were retained. Therefore, this user does not need to call

-- aes_decrypt and does not need the key.

select count(*)

from DBA.first_table I, DBA.second_table II

where I.encryptedA = II.encryptedA and SUBSTR(I.sensitiveA,4,3) BETWEEN '345' AND '456' ;

-- Part III: Protect the encryption keys

-- This section illustrates how to grant access to the plaintext, but

-- still protect the keys.

-- For the first table, the DBA elected to retain the plaintext columns.

-- Therefore, the following view has the same capabilities as the trusted

-- user above.

-- Assume group_member is being used for additional access control.

-- NOTE: In this example, NonPrivUser still has access to the ciphertext

-- encrypted in the base table.

create view DBA.a_first_view (sensitiveA, publicC, publicD) as

select

IF group_member('high_privileges_group',user_name()) = 1 THEN sensitiveA

ELSE NULL ENDIF,

publicC, publicD

from first_table ;

grant select on DBA.a_first_view to PrivUser ; grant select on DBA.a_first_view to NonPrivUser ;

-- For the second table, the DBA did not keep the plaintext.

-- Therefore, aes_decrypt calls must be used in the view.

-- IMPORTANT: Hide the view definition with ALTER VIEW, so that no one

-- can discover the key.

create view DBA.a_second_view

(sensitiveA,publicP,publicQ,publicR) as

select

IF group_member('high_privileges_group',user_name()) = 1 THEN aes_decrypt(encryptedA,'seCr3t', char(16)) ELSE NULL

ENDIF,

publicP, publicQ, publicR

from second_table ;

alter view DBA.a_second_view set hidden ;

grant select on DBA.a_second_view to PrivUser ; grant select on DBA.a_second_view to NonPrivUser ;

-- Likewise, the key used for loading can be protected in a stored procedure.

-- By hiding the procedure (just as the view is hidden), no-one can see

-- the keys.

create procedure load_first_proc(@inputFileName varchar(255),

@colDelim varchar(4) default '$',

@rowDelim varchar(4) default '\n')

' ||

begin

execute immediate with quotes 'load table DBA.second_table

(encryptedA encrypted(char(16),' ||

'''' || 'seCr3t' || '''' || '),publicP,publicQ,publicR)

' from ' || '''' || @inputFileName || '''' ||

' delimited by ' || '''' || @colDelim || '''' ||

' row delimited by ' || '''' || @rowDelim || '''' || ' quotes off escapes off' ;

end

;

alter procedure DBA.load_first_proc set hidden ;

-- Call the load procedure using the following syntax: call load_first_proc('/dev/null', '$', '\n') ;

-- Below is a comparison of several techniques for protecting the

-- encryption keys by using user-defined functions (UDFs), other views,

-- or both. The first and the last alternatives offer maximum performance.

-- The second_table is secured as defined earlier.

-- Alternative 1:

-- This baseline approach relies on restricting access to the entire view.

create view

DBA.second_baseline_view(sensitiveA,publicP,publicQ,publicR) as

select

IF group_member('high_privileges_group',user_name()) = 1 THEN aes_decrypt(encryptedA,'seCr3t', char(16)) ELSE NULL

ENDIF,

publicP, publicQ, publicR

from DBA.second_table ;

alter view DBA.second_baseline_view set hidden ;

grant select on DBA.second_baseline_view to NonPrivUser ; grant select on DBA.second_baseline_view to PrivUser ;

-- Alternative 2:

-- Place the encryption function invocation within a user-defined

-- function (UDF).

-- Hide the definition of the UDF. Restrict the UDF permissions.

-- Use the UDF in a view that handles the remainder of the security

-- and business logic.

-- Note: The view itself does not need to be hidden.

create function DBA.second_decrypt_function(IN datum varbinary(32))

RETURNS char(16) DETERMINISTIC BEGIN

RETURN aes_decrypt(datum,'seCr3t', char(16)); END ;

grant execute on DBA.second_decrypt_function to PrivUser ; alter function DBA.second_decrypt_function set hidden ;

create view DBA.second_decrypt_view(sensitiveA,publicP,publicQ,publicR)

select

IF group_member('high_privileges_group',user_name())

= 1

THEN second_decrypt_function(encryptedA) ELSE NULL

ENDIF,

publicP, publicQ, publicR

from DBA.second_table ;

grant select on DBA.second_decrypt_view to NonPrivUser ; grant select on DBA.second_decrypt_view to PrivUser ;

-- Alternative 3:

-- Sequester only the key selection in a user-defined function.

-- This function could be extended to support selection of any

-- number of keys.

-- This UDF is also hidden and has restricted execute privileges.

-- Note: Any view that uses this UDF therefore does not compromise

-- the key values.

create function DBA.second_key_function() RETURNS varchar(32) DETERMINISTIC BEGIN

return 'seCr3t' ; END

grant execute on DBA.second_key_function to PrivUser ; alter function DBA.second_key_function set hidden ;

create view DBA.second_key_view(sensitiveA,publicP,publicQ,publicR)

select IF

group_member('high_privileges_group',user_name()) = 1 THEN

aes_decrypt(encryptedA,second_key_function(),

char(16)) ELSE NULL

ENDIF,

publicP, publicQ, publicR

from DBA.second_table ;

grant select on DBA.second_key_view to NonPrivUser ; grant select on DBA.second_key_view to PrivUser ;

-- Alternative 4:

-- The recommended alternative is to separate the security logic

-- from the business logic by dividing the concerns into two views.

-- Only the security logic view needs to be hidden.

-- Note: The performance of this approach is similar to that of the first

-- alternative.

create view DBA.second_SecurityLogic_view(sensitiveA,publicP,publicQ,publicR)

select

IF group_member('high_privileges_group',user_name())

= 1

THEN aes_decrypt(encryptedA,'seCr3t', char(16)) ELSE NULL

ENDIF,

publicP,

publicQ, publicR

from DBA.second_table ;

alter view DBA.second_SecurityLogic_view set hidden ; create view

DBA.second_BusinessLogic_view(sensitiveA,publicP,publicQ,publicR) as

select

sensitiveA, publicP, publicQ, publicR

from DBA.second_SecurityLogic_view ;

grant select on DBA.second_BusinessLogic_view to NonPrivUser ; grant select on DBA.second_BusinessLogic_view to PrivUser ;

-- End of encryption example

另请参见

• AES_ENCRYPT 函数 [String] （第 173 页）

• AES_DECRYPT 函数 [String] （第 175 页）

• LOAD TABLE ENCRYPTED 子句（第 176 页）

< 上一个 | 内容 | 下一步 >

--------------------------------------华丽的分割线-------------------------------------------------------------------------

Sybase SQL Anywhere数据库恢复工具ReadASADB：

之前就已经研发成功了能够从Sybase SQL Anywhere的DB文件中恢复数据的工具: ReadASADB。
此工具支持ASA v5.0, v6.0, v7.0, v8.0, v9.0, v10.0, v11.0, v12.0, v16.0, v17.0等版本。
能够从损坏的SQL Anywhere数据文件(.db)和UltraLite数据文件(.udb)上提取数据的非常规恢复工具。
恢复Sybase SQL Anywhere的工具在国内处于领先水平。

Sybase SQL Anywhere数据库恢复工具ReadASADB功能
能够从损坏的SQL Anywhere数据文件(.db)和UltraLite数据文件(.udb)上提取数据的非常规恢复工具

适用于所有的SQL Anywhere版本包括：5.x,6.x,7.x,8.x,9.x,10.x,11.x,12.x,16.x,17.x
适用于所有的UltraLite版本
能够恢复出来表结构和数据
能够恢复自定义数据类型
能够恢复存储过程等对象的语法
能够导出到目标数据库
能够导出到SQL文件并生成导入脚本
支持多种字符集，包括：cp850、cp936、gb18030、utf8等
能够恢复未加密或者简单加密类型的数据
简单易用
限制：不支持AES加密的数据文件

请参考：研发成功了从Sybase SQL Anywhere的DB文件上恢复数据的工具
SQL Anywhere数据库非常规恢复工具ReadASADB使用介绍

Sybase SQL Anywhere数据库恢复工具ReadASADB适用场景

各种误操作：

误截断表(truncate table)
误删除表(drop table)
错误的where条件误删数据
误删除db或log文件
误删除表中的字段

Sybase SQL Anywhere数据库恢复工具ReadASADB的应用场景：

1.因为物理磁盘故障、操作系统、系统软件方面或者掉电等等原因导致的Sybase SQL Anywhere数据库无法打开的情况；
2.误操作，包括truncate table,drop table,不正确的where条件导致的误删除等；
Sybase SQL Anywhere无法打开时，比较常见的错误是：Assertion failed。
如：
1、Internal database error *** ERROR *** Assertion failed:201819 (8.0.1.2600) Checkpoint log: invalid bitmap page -- transaction rolled back
2、Internal database error *** ERROR *** Assertion failed:201819 (8.0.1.2600) Page number on page does not match page requested -- transaction rolled back
3、Internal database error *** ERROR *** Assertion failed:200502 (9.0.2.2451) Checksum failure on page 23 -- transaction rolled back
4、File is shorter than expected
5、Internal database error *** ERROR *** Assertion failed: 201116 Invalid free list index page found while processing checkpoint log -- transaction rolled back
6、*** ERROR *** Assertion failed: 51901 Page for requested record not a table page or record not present on page
7、*** ERROR *** Assertion failed: 201417 (7.0.4.3541) Invalid count or free space offset detected on a table page
8、Internal database error *** ERROR *** Assertion failed: 201425 (8.0.3.5594) Invalid count or free space offset detected on a free list page -- transaction rolled back.
9、Internal database error *** ERROR *** Assertion failed: 100702 (8.0.1.2600) Unable to modify indexes for a row referenced in rollback log -- transaction rolled back

-------------------------------------------------------------------------------------------

Sybase ASE数据库恢复工具READSYBDEVICE：

一个不依赖数据库管理系统、直接从Sybase数据库设备文件上提取数据的业内领先的恢复工具！
能够从损坏的Sybase ASE设备文件(.dat)上提取数据的非常规恢复工具。

Sybase ASE数据库恢复工具READSYBDEVICE的主要功能：

被勒索病毒加密数据文件及备份文件情况下的恢复；
系统崩溃只剩下数据文件的情况下的恢复，甚至数据库文件不存在而只有损坏的备份文件情况下的恢复；
因断电、硬盘坏道等造成数据库文件损坏情况下的恢复；
delete数据恢复、误update数据恢复、误删除表(drop）恢复、误truncate表恢复等；
各种Sybase内部系统表损坏、索引错误的修复；
master数据库损坏而无法正常运行情况下的恢复；
Sybase数据库被标记为可疑，不可用等情况的恢复；
Sybase数据库中数据文件内部出现坏块情况下的恢复；
Sybase数据库无数据文件但有日志文件的情况下的恢复；
Sybase数据库只有数据文件无任何日志文件的情况下的恢复；
Sybase数据文件被误删除情况下的碎片提取恢复；
磁盘阵列上的Sybase数据库被误格式化情况下的数据库恢复；
数据库sysobjects等系统表损坏无法正常应用情况下的恢复；
Sybase数据库还原数据库出现失败情况下的恢复；
Sybase数据库只剩下损坏的备份文件情况下的恢复。

Sybase ASE数据库恢复工具READSYBDEVICE支持的版本：

Sybase ASE 11.0.x，11.5.x，11.9.x，12.0.x，12.5.x，15.0.x，15.5.x，15.7.x，16.0.x

-------------------------------------------------------------------------------------------

SQL Server数据库恢复工具SQLRescue：

一个不依赖数据库管理系统、直接从SQL Server数据库文件上提取数据的业内领先的恢复工具！
能够从损坏的SQL Server数据库文件(.mdf)上提取数据的非常规恢复工具。

SQL Server数据库恢复工具SQLRescue的主要功能：

系统崩溃只剩下数据文件的情况下的恢复，即无日志文件或者日志文件损坏情况下的恢复；
断电导致数据库文件损坏情况下的恢复；
硬盘坏道造成数据库损坏情况下的恢复；
数据文件内部存在坏页情况下的恢复；
企业管理器误删除数据表记录，管理软件误删除数据表记录的恢复；
并闩锁错误、格式化、误删除后导致软件不能使用的情况；
无法读取并闩锁页sysindexes失败情况下的修复；
数据文件被误删除情况下的碎片提取恢复；
系统表损坏、索引错误、误删除数据库表、删除记录的数据找回；
master数据库损坏而无法正常运行情况下的恢复；
数据文件无法附加情况下的数据恢复；
数据库被标记为可疑，质疑，不可用等情况的恢复；
数据库sysobjects等系统表损坏情况下的恢复；
数据被误(drop、delete、truncate）删除表数据的恢复,误update后的数据恢复等；
还原时报一致性错误，错误823等情况下的数据恢复，各种错误提示的数据库文件修复；
数据库被误格式化等情况下的数据库恢复；
日志收缩造成数据库损坏情况下的恢复；
仅剩损坏的备份文件情况下的恢复。

SQL Server数据库恢复工具SQLRescue技术特点：

只要SQL Server数据库的数据文件存在，我们就有办法帮您从数据文件中找回重要数据。

从数据文件中直接恢复数据
不能附加时直接恢复数据并生成新的数据库
系统表损坏的数据库修复
快速修复SQL 823错误、连接中断错误

SQL Server数据库恢复工具SQLRescue支持的版本：

Microsoft SQL Server 7.0, 2000, 2005, 2008, 2008R2, 2012, 2014, 2016, 2017,2019。
+-------------------------------------华丽的分割线-------------------------------------------------------------------------