|
|
Creating an encrypted databaseTo use an encrypted database, the database file must be encrypted when it is created. Once a database is created as unencrypted, it can’t be encrypted later. Likewise, an encrypted database can’t be unencrypted later. If needed you can change the encryption key of an encrypted database. For details, see Changing the encryption key of a database. If you have an existing database that’s not encrypted and you want to use database encryption, you can create a new encrypted database and copy the existing table structure and data to the new database. Creating an encrypted database is nearly identical to creating an unencrypted database, as described in Creating a database. You first create a SQLConnection instance that represents the connection to the database. You create the database by calling the SQLConnection object’s open() method or openAsync() method, specifying for the database location a file that doesn’t exist yet. The only difference when creating an encrypted database is that you provide a value for the encryptionKey parameter (the open() method’s fifth parameter and the openAsync() method’s sixth parameter). A valid encryptionKey parameter value is a ByteArray object containing exactly 16 bytes. The examples below demonstrate creating an encrypted database. For simplicity, in these examples the encryption key is hard-coded in the application code. However, this technique is strongly discouraged because it is not secure. var conn:SQLConnection = new SQLConnection();
var encryptionKey:ByteArray = new ByteArray();
encryptionKey.writeUTFBytes("Some16ByteString"); // This technique is not secure!
// Create an encrypted database in asynchronous mode
conn.openAsync(dbFile, SQLMode.CREATE, null, false, 1024, encryptionKey);
// Create an encrypted database in synchronous mode
conn.open(dbFile, SQLMode.CREATE, false, 1024, encryptionKey);
For an example demonstrating a recommended way to generate an encryption key, see Example: Generating and using an encryption key.
|
