MS Access SQL Server始終加密參數化

Question

我正在評估SQL Server 2016 Always Encrypted是否可以與我支持的現有MS Access 2010應用程序一起使用。

這是我目前的障礙：

我的應用程序調用需要的參數很多SQL Server存儲過程。我用下面的功能，使這些電話：

Public Function ExecuteSPWithParamsQuery(poQDFStub As DAO.QueryDef, psParameterString As String) As DAO.Recordset 

'------------------------------------------------------------------------------------------------- 
' Purpose : Execute an SQL pass-through query that calls a stored procedures requiring parameters. 
' 
' Params : poQDFStub: pass through query with name of SPROC 
'    : psParameterString : one or more parameters to be appended to poQDFStub 
' 
' Returns : Dao.Recordset(dbOpenSnapshot) 
'------------------------------------------------------------------------------------------------- 
' 

    If G_HANDLE_ERRORS Then On Error GoTo ErrorHandler 

    Dim rstResult As DAO.Recordset 

    'db interface 
    Dim dbs As DAO.Database: Set dbs = CurrentDb 
    Dim qdfResult As DAO.QueryDef: Set qdfResult = dbs.CreateQueryDef(vbNullString) 

    'setup pass through 
    With qdfResult 
     .Connect = poQDFStub.Connect 
     .SQL = poQDFStub.SQL & " " & psParameterString 
     .ODBCTimeout = 0 
     .ReturnsRecords = True 
    End With 

    'setup result 
    Set rstResult = qdfResult.OpenRecordset(dbOpenSnapshot, dbSQLPassThrough + dbReadOnly + dbFailOnError) 

ExitHere: 

    'housekeeping 
    On Error Resume Next 
    'add cleanup here 
    Set qdfResult = Nothing 
    Set dbs = Nothing 

    'exit protocol 
    On Error GoTo 0 
    Set ExecuteSPWithParamsQuery = rstResult 
    Set rstResult = Nothing 
    Exit Function 

ErrorHandler: 

    Err.Source = "SQLStoredProcedureHelper.ExecuteSPWithParamsQuery" 
    HandleError 
    Resume ExitHere 

End Function 

調用該函數現在將包括在數據庫加密值的明文版本的參數。

發生這種情況時，出現以下錯誤。

206 [微軟] [ODBC SQL Server程序] [SQL服務器]操作數類型衝突：VARCHAR是不相容>使用爲nvarchar（255）與（將encryption_type = 'DETERMINISTIC'，encryption_algorithm_name = 'AEAD_AES_256_CBC_HMAC_SHA_256' 加密，column_encryption_key_name = 'CEK_Auto1'， column_encryption_key_database_name = '沙箱'）

我已經做了始終加密參數一番調查。它需要兩個技術之一

• .NET
• ODBC 13.1對於SQL Server

因爲這是一個MS Access應用程序，.NET是不適用的。

我安裝了ODBC 13.1，但我猜測我的查詢傳遞繞過了參數化。

這裏是我的ODBC設置：

[ODBC] 
DRIVER=ODBC Driver 13 for SQL Server 
ColumnEncryption=Enabled 
TrustServerCertificate=No 
DATABASE=sandbox 
WSID=******** 
APP=Microsoft Office 2010 
Trusted_Connection=Yes 
SERVER=********* 

我如何能解決這個問題，或者是始終處於加密狀態不爲我的應用合適的任何想法？

Answer 1

解決我的問題是將我的功能從DAO轉換爲ADO。希望以下代碼可以幫助其他人：

Public Function ExecuteSPWithParamsQueryADO(pSPROCName As String, ParamArray pParams() As Variant) As ADODB.RecordSet 

'--------------------------------------------------------------------------------------------------------------------- 
' Purpose : Executes an SQL pass-through query that requires parameters and returns a recordset. 
'   : Utilizes ADO rather than DAO. 
' 
' Author : M. Minneman 
' 
' Params : pSPROCName - (required) name of SPROC to be executed 
'   : pParams - (required) one or more parameters required by SPROC 
' 
' Returns : ADODB.Recordset - ResultSet 
' 
' Contract : Dependencies 
'   : G_HANDLE_ERRORS - Global Boolean Constant 
'   : ImprovedErrorHandler.HandleError - Global error handler 
'   : ADODB - Microsoft AcitveX Data Objects Library 
'   : ADO_CONNECT_STRING - valid connect string 
'   : GeneralFunctions.doCloseAndRelease - CCL Function for cleaning up DAO objects 
'   : 
'   : Assumptions (routine may still work, but produce unexpected results) 
'   : pParams has one index that is 0-based 
'   : 
'   : Pre Conditions (must be true before execution) 
'   : pSPROCName - SPROC exists in ADODB.Connection 
'   : 
'   : Post Conditions (should be true after execution) 
'   : ADODB.Recordset has 0 to many records 
'   : 
'--------------------------------------------------------------------------------------------------------------------- 
' 
' Change Log: 
' 
' Date  By    Comment 
' 03/17/17 M. Minneman  created 
' 

    If G_HANDLE_ERRORS Then On Error GoTo ErrorHandler 

    Dim oReturn As ADODB.RecordSet 

    'db interface 
    Dim cnn As New ADODB.Connection 
    Dim cmd As New ADODB.Command 
    Dim prm As New ADODB.Parameter 

    ' Set CommandText equal to the stored procedure name. 
    cmd.CommandText = pSPROCName 
    cmd.CommandType = adCmdStoredProc 

    ' Connect to the data source. 
    cnn.Open ADO_CONNECT_STRING 

    'validate connection 
    If cnn.State <> adStateOpen Then 
     Err.Raise vbObjectError, , "ADO Connection failed to open" 
    End If 

    'assign connection to command 
    cmd.ActiveConnection = cnn 

    'automatically fill in parameter info from stored procedure. 
    cmd.Parameters.Refresh 

    'make sure expected parameters and given arguments are equal 
    If cmd.Parameters.Count <> UBound(pParams) + 2 Then 
     Err.Raise vbObjectError, , "SPROC '" & pSPROCName & "' expects " & cmd.Parameters.Count & " arguments. " & UBound(pParams) & " provided." 
    End If 

    'set the param values. 
    Dim i As Integer 
    For i = 1 To cmd.Parameters.Count - 1 
     cmd(i) = pParams(i - 1) 
    Next i 

    'execute SPROC 
    Set oReturn = cmd.Execute 

ExitHere: 

    'housekeeping - failure okay 
    On Error Resume Next 
    'add cleanup here 
    GeneralFunctions.doCloseAndRelease _ 
     prm, _ 
     cmd, _ 
     cnn 

    'everything else - failure not okay 
    On Error GoTo 0 
    Set ExecuteSPWithParamsQueryADO = oReturn 
    Exit Function 

ErrorHandler: 

    'local action 
    'add local actions here 

    'default action 
    Select Case Err.Source 
    Case "CONSUMED" 
     Call MsgBox("Operation failed!", vbExclamation, "Message") 
    Case Else 
     Err.Source = "SQLStoredProcedureHelper.ExecuteSPWithParamsQueryADO" 
     Select Case Err.Number 
     Case Else 
      HandleError , , , True   'rethrow 
     End Select 
    End Select 
    Resume ExitHere 
    Resume 

End Function 

Answer 2

我還沒有直接使用訪問，但是，好像你的連接字符串可能沒有正確配置。請設置ColumnEncryption通過附加到啓用以下到您的連接字符串

;ColumnEncryption=Enabled 

This article介紹瞭如何使用總是與ODBC驅動程序進行加密。