Symbian
Symbian OS Library

FAQ-0518 How can I use DBMS Encryption or CSecurityEncryptBase?

[Index][spacer] [Previous] [Next]



 

Classification: C++ Category: DBMS
Created: 09/12/2000 Modified: 11/24/2001
Number: FAQ-0518
Platform: ER5

Question:
How can I use DBMS Encryption or CSecurityEncryptBase?

Answer:
Usage of :
RDbStoreDatabase::CreateL(CStreamStore* aStore,CSecurityEncryptBase* aKey)

It is possible to create a database which is either encrypted or not encrypted. If the database is to be encrypted a key must be provided when you create (encrypt) the database ::CreateL() and when you open (decrypt) the database ::OpenL().

To Create an encrypted database you must :
  • Create a CSecurityEncryptBase* key.

    CSecurityEncryptBase is an abstract class, however CSecurityBase provides the methods NewEncryptL() and NewDecryptL() to return the necessary pointers to CSecurityEncryptBase and CSecurityEncryptBase keys.

    Because CSecurityBase is also abstract we can use the Security class to provide us with a concrete derived class CBoundedSecurityBase via the Security::NewL() method.
  • Call the CSecurityBase::SetL() method to set the password to use for encryption.
  • Retrieve the CSecurityEncryptBase* from the CSecurityBase:: NewEncryptL() method.
  • Finally create the database with the CreateL() method passing in the CSecurityEncryptBase* key.

To Open an encrypted database you must:
  • Create a CSecurityDecryptBase* key in a similar manner to the creation of a CSecurityEncryptBase* key above.
  • Call the CSecurityBase::SetL() method to set the password to use for decryption.
  • Retrieve the CSecurityDecryptBase* from the CSecurityBase:: NewDecryptL() method.
  • Finally open the database with the CreateL() method passing in the CSecurityDecryptBase* key.

The following code provides a small example of creating and opening an encrypted database.

      //
      // Creating an encrypted database
      //
      CFileStore* store = CPermanentFileStore::ReplaceLC(fsSession,aDatabaseFileName,EFileRead|EFileWrite);

      // Complete file store creation
      store->SetTypeL(store->Layout());

      _LIT(KPassword, "MyPassword");

      CSecurityBase* securityBase = Security::NewL();
      securityBase->SetL(TPtrC(), KPassword); //Set the password for encryption

      // Get the key
      CSecurityEncryptBase* encryptBase = securityBase->NewEncryptL(TPtrC8());

      // Create an encrypted database in the store
      RDbStoreDatabase database;
      TStreamId id=database.CreateL(store, encryptBase);

      //
      // Opening an encrypted database:
      //


      // Open the file store
      CFileStore* store = CFileStore::OpenLC(fsSession,aDatabaseFileName,EFileRead|EFileWrite);

      // open the database from the root stream
      RDbStoreDatabase database;

      _LIT(KPassword, "MyPassword");

      CSecurityBase* securityBase = Security::NewL();
      securityBase->SetL(TPtrC(), KPassword); //Set the password for decryption

      //Get the key
      CSecurityDecryptBase* decryptBase = securityBase->NewDecryptL(TPtrC8());

      database.OpenL(store,store->Root(),decryptBase);
      The database will fail to open and leave if the password is incorrect in any way.