Pakket | mx.data.crypto |
Klasse | public class EncryptionKeyGenerator |
Overerving | EncryptionKeyGenerator Object |
Taalversie: | ActionScript 3.0 |
Productversie: | Adobe Digital Enterprise Platform Data Services for Java EE 3.1 |
Runtimeversies: | Flash Player 9, AIR 1.1 |
This class uses techniques and algorithms that are designed for maximum data privacy and security. Use this class to generate an encryption key if your application requires data to be encrypted on a per-user level (in other words, if only one user of the application should be able to access his or her data). In some situations you may also want to use per-user encryption for data even if the application design specifies that other users can access the data. For more information, see "Considerations for using encryption with a database" in the guide "Developing Adobe AIR Applications with Flex."
The generated encryption key is based on a password that you provide. For any given password, in the same AIR application running in the same user account on the same machine, the encryption key result is the same.
To generate an encryption key from a password, use the getEncryptionKey()
method. To confirm that a password is a "strong" password before calling the
getEncryptionKey()
method, use the validateStrongPassword()
method.
In addition, the EncryptionKeyGenerator includes a utility constant,
ENCRYPTED_DB_PASSWORD_ERROR_ID
. This constant matches the error ID of
the SQLError error that occurs when code that is attempting to open an encrypted database
provides the wrong encryption key.
This class is designed to create an encryption key suitable for providing the highest level of data privacy and security. In order to achieve that level of security, a few security principles must be followed:
- Your application should never store the user-entered password
- Your application should never store the encryption key returned by the
getEncryptionKey()
method. - Instead, each time the user runs the application and attempts to access the database,
your application code should call the
getEncryptionKey()
method to regenerate the encryption key.
For more information about data security, and an explanation of the security techniques used in the EncryptionKeyGenerator class, see "Example: Generating and using an encryption key" in the guide "Developing Adobe AIR Applications with Flex."
Methode | Gedefinieerd door | ||
---|---|---|---|
Creates a new EncryptionKeyGenerator instance. | EncryptionKeyGenerator | ||
Uses a password to generate a 16-byte encryption key. | EncryptionKeyGenerator | ||
Geeft aan of voor een object een opgegeven eigenschap is gedefinieerd. | Object | ||
Geeft aan of een instantie van de klasse Object zich in de prototypeketen van het object bevindt dat als parameter is opgegeven. | Object | ||
Geeft aan of de opgegeven eigenschap bestaat en kan worden opgesomd. | Object | ||
Stelt de beschikbaarheid van een dynamische eigenschap voor lusbewerkingen in. | Object | ||
Geeft de tekenreeksweergave van dit object weer, geformatteerd volgens de locatiespecifieke conventies. | Object | ||
Retourneert een tekenreeksrepresentatie van het opgegeven object. | Object | ||
Checks a password and returns a value indicating whether the password is a "strong"
password. | EncryptionKeyGenerator | ||
Retourneert de primitieve waarde van het opgegeven object. | Object |
Constante | Gedefinieerd door | ||
---|---|---|---|
ENCRYPTED_DB_PASSWORD_ERROR_ID : uint = 3138 [statisch]
This constant matches the error ID (3138) of the SQLError error that occurs when
code that is attempting to open an encrypted database provides the wrong
encryption key. | EncryptionKeyGenerator |
EncryptionKeyGenerator | () | Constructor |
public function EncryptionKeyGenerator()
Taalversie: | ActionScript 3.0 |
Productversie: | Adobe Digital Enterprise Platform Data Services for Java EE 3.1 |
Runtimeversies: | Flash Player 9, AIR 1.1 |
Creates a new EncryptionKeyGenerator instance.
getEncryptionKey | () | methode |
public function getEncryptionKey(password:String, overrideSaltELSKey:String = null):ByteArray
Taalversie: | ActionScript 3.0 |
Productversie: | Adobe Digital Enterprise Platform Data Services for Java EE 3.1 |
Runtimeversies: | Flash Player 9, AIR 1.1 |
Uses a password to generate a 16-byte encryption key. The return value is suitable to use as an encryption key for an encrypted AIR local SQL (SQLite) database.
For any given
password, calling the getEncryptionKey()
method from the same AIR application
running in the same user account on the same machine, the encryption key result is
the same.
This method is designed to create an encryption key suitable for providing the highest level of data privacy and security. In order to achieve that level of security, your application must follow several security principles:
- Your application can never store the user-entered password
- Your application can never store the encryption key returned by the
getEncryptionKey()
method. - Instead, each time the user runs the application and attempts to access the database,
call the
getEncryptionKey()
method to regenerate the encryption key.
For more information about data security, and an explanation of the security techniques used in the EncryptionKeyGenerator class, see "Example: Generating and using an encryption key" in the guide "Developing Adobe AIR Applications with Flex."
Parameters
password:String — The password to use to generate the encryption key.
| |
overrideSaltELSKey:String (default = null ) — The EncryptionKeyGenerator creates and stores a random value
(known as a salt) as part of the process of
generating the encryption key. The first time an application
calls the getEncryptionKey() method, the salt
value is created and stored in the AIR application's encrypted
local store (ELS). From then on, the salt value is loaded from the
ELS.
If you wish to provide a custom String ELS key for storing
the salt value, specify a value for the |
ByteArray — The generated encryption key, a 16-byte ByteArray object.
|
Gegenereerde uitzondering
ArgumentError — If the specified password is not a "strong" password according to the
criteria explained in the validateStrongPassword()
method description
| |
ArgumentError — If a non-null value is specified for the overrideSaltELSKey
parameter, and the value is an empty String ("" )
|
validateStrongPassword | () | methode |
public function validateStrongPassword(password:String):Boolean
Taalversie: | ActionScript 3.0 |
Productversie: | Adobe Digital Enterprise Platform Data Services for Java EE 3.1 |
Runtimeversies: | Flash Player 9, AIR 1.1 |
Checks a password and returns a value indicating whether the password is a "strong" password. The criteria for a strong password are:
- Minimum 8 characters
- Maxmium 32 characters
- Contains at least one lowercase letter
- Contains at least one uppercase letter
- Contains at least one number or symbol character
Parameters
password:String — The password to check
|
Boolean — A value indicating whether the password is a strong password (true )
or not (false ).
|
ENCRYPTED_DB_PASSWORD_ERROR_ID | Constante |
public static const ENCRYPTED_DB_PASSWORD_ERROR_ID:uint = 3138
Taalversie: | ActionScript 3.0 |
Productversie: | Adobe Digital Enterprise Platform Data Services for Java EE 3.1 |
Runtimeversies: | Flash Player 9, AIR 1.1 |
This constant matches the error ID (3138) of the SQLError error that occurs when code that is attempting to open an encrypted database provides the wrong encryption key.
Wed Jun 13 2018, 11:42 AM Z