#1 2011-01-14 15:43:38

array81
Member
From: Italy
Registered: 2010-07-23
Posts: 411

TSQLRecordSigned question

The development of my application is progressing, but I have a problem. I need cryph some data inside my database. I have try to understand your MainDemo and read the documentation but I have doubts.

For cryph data you use a TSQLRecordSigned object, so first question:
1) I like use only a Table and cryph only some fields of this table, is it possble?
I think NO because I need use TSQLRecordSigned instead the calssic TSQLRecord.

Offline

#2 2011-01-14 17:27:20

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,655
Website

Re: TSQLRecordSigned question

You have two diverse features:

1) encryption, to hide the record content
2) hashing or signature, to make sure the content has not been modified

Both can be mixed, of course.
The purpose of TSQLRecordSigned is to create a hash, i.e. store a signature inside the record, so that we could be sure that the "Content" field was not modified.

If you want encryption, you can enable it at the database level. See the SQLite3 unit.
The file will be safe, only available from your application.
But you won't be able to open the database file any more with "normal" SQLite3 external tools.
You can always revert to uncrypted file content, by changing the password into a ''.

Offline

#3 2011-01-14 18:04:20

array81
Member
From: Italy
Registered: 2010-07-23
Posts: 411

Re: TSQLRecordSigned question

OK, now I have understand. But can I encryption only some records and see all other record (not encryption) with other tools?

Offline

#4 2011-01-14 19:58:22

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,655
Website

Re: TSQLRecordSigned question

It's possible, but not handled natively by the framework.
You'll have to use some BLOB content, as in the SynFile demo.
Some records are encrypted, other are not...

Offline

#5 2011-01-22 13:06:08

array81
Member
From: Italy
Registered: 2010-07-23
Posts: 411

Re: TSQLRecordSigned question

I have check SynFile but I think I don't understand how encrypt (withy password) only some record of my table.
Can you give me a small code about it?

Offline

#6 2011-01-22 17:37:57

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,655
Website

Re: TSQLRecordSigned question

Extracted from FileEdit unit:

function Cypher(const Title: string; var Content: TSQLRawBlob; Encrypt: boolean): boolean;
resourcestring
  sEnterPassword = 'Enter password for this record:';
var AES: TAESFull;
    SHA: TSHA256Digest;
    PassWord: string;
    Len: integer;
begin
  result := Content='';
  if result then
    exit;
  if not TLoginForm.PassWord(Title,sEnterPassword,PassWord) then
    exit;
  SHA256Weak(S2U(PassWord), SHA);
  try
    Len := AES.EncodeDecode(SHA,256,length(Content),Encrypt,nil,nil,Pointer(Content),nil);
    if Len<0 then
      exit;
    SetString(Content,PAnsiChar(AES.outStreamCreated.Memory),Len);
    result := true;
  finally
    AES.OutStreamCreated.Free;
  end;
end;

This function will encode the "Content" field using our SynCrypto unit.

Offline

#7 2011-03-25 21:10:09

array81
Member
From: Italy
Registered: 2010-07-23
Posts: 411

Re: TSQLRecordSigned question

Is there way to encryph data as RawUTF8 not as TSQLRawBlob? If I use TSQLRawBlob cannot use Batch function.

Offline

#8 2011-03-26 08:47:37

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,655
Website

Re: TSQLRecordSigned question

I'm not sure there is a big reason to use TSQLRawBLob in batch mode, since it should be a lot of data.

Regrouping blob access is not worth it.

Offline

Board footer

Powered by FluxBB