TSQLRecordSigned question

array81 · 2011-01-14 15:43:38

The development of my application is progressing, but I have a problem. I need cryph some data inside my database. I have try to understand your MainDemo and read the documentation but I have doubts.

For cryph data you use a TSQLRecordSigned object, so first question:
1) I like use only a Table and cryph only some fields of this table, is it possble?
I think NO because I need use TSQLRecordSigned instead the calssic TSQLRecord.

ab · 2011-01-14 17:27:20

You have two diverse features:

1) encryption, to hide the record content
2) hashing or signature, to make sure the content has not been modified

Both can be mixed, of course.
The purpose of TSQLRecordSigned is to create a hash, i.e. store a signature inside the record, so that we could be sure that the "Content" field was not modified.

If you want encryption, you can enable it at the database level. See the SQLite3 unit.
The file will be safe, only available from your application.
But you won't be able to open the database file any more with "normal" SQLite3 external tools.
You can always revert to uncrypted file content, by changing the password into a ''.

array81 · 2011-01-14 18:04:20

OK, now I have understand. But can I encryption only some records and see all other record (not encryption) with other tools?

ab · 2011-01-14 19:58:22

It's possible, but not handled natively by the framework.
You'll have to use some BLOB content, as in the SynFile demo.
Some records are encrypted, other are not...

array81 · 2011-01-22 13:06:08

I have check SynFile but I think I don't understand how encrypt (withy password) only some record of my table.
Can you give me a small code about it?

ab · 2011-01-22 17:37:57

Extracted from FileEdit unit:

function Cypher(const Title: string; var Content: TSQLRawBlob; Encrypt: boolean): boolean;
resourcestring
  sEnterPassword = 'Enter password for this record:';
var AES: TAESFull;
    SHA: TSHA256Digest;
    PassWord: string;
    Len: integer;
begin
  result := Content='';
  if result then
    exit;
  if not TLoginForm.PassWord(Title,sEnterPassword,PassWord) then
    exit;
  SHA256Weak(S2U(PassWord), SHA);
  try
    Len := AES.EncodeDecode(SHA,256,length(Content),Encrypt,nil,nil,Pointer(Content),nil);
    if Len<0 then
      exit;
    SetString(Content,PAnsiChar(AES.outStreamCreated.Memory),Len);
    result := true;
  finally
    AES.OutStreamCreated.Free;
  end;
end;

This function will encode the "Content" field using our SynCrypto unit.

array81 · 2011-03-25 21:10:09

Is there way to encryph data as RawUTF8 not as TSQLRawBlob? If I use TSQLRawBlob cannot use Batch function.

ab · 2011-03-26 08:47:37

I'm not sure there is a big reason to use TSQLRawBLob in batch mode, since it should be a lot of data.

Regrouping blob access is not worth it.

mORMot Open Source

#1 2011-01-14 15:43:38

TSQLRecordSigned question

#2 2011-01-14 17:27:20

Re: TSQLRecordSigned question

#3 2011-01-14 18:04:20

Re: TSQLRecordSigned question

#4 2011-01-14 19:58:22

Re: TSQLRecordSigned question

#5 2011-01-22 13:06:08

Re: TSQLRecordSigned question

#6 2011-01-22 17:37:57

Re: TSQLRecordSigned question

#7 2011-03-25 21:10:09

Re: TSQLRecordSigned question

#8 2011-03-26 08:47:37

Re: TSQLRecordSigned question

Board footer