|
You can encrypt or obfuscate your UltraLite database using UltraLite Embedded SQL.
When an UltraLite database is created (using SQL Central for example), an optional encryption key may be specified. The encryption key is used to encrypt the database. Once the database is encrypted, all subsequent connection attempts must supply the encryption key. The supplied key is checked against the original encryption key and the connection fails unless the key matches.
Choose an encryption key value that cannot easily be guessed. The key can be of arbitrary length, but generally a longer key is better, because a shorter key is easier to guess. Including a combination of numbers, letters, and special characters decreases the chances of someone guessing the key.
Do not include semicolons in your key. Do not put the key itself in quotes, otherwise the quotes are considered part of the key.
The following procedure is generally used to connect to an encrypted UltraLite database:
Specify the encryption key in the connection string used in the EXEC SQL CONNECT statement.
The encryption key is specified with the key= connection string parameter.
You must supply this key each time you want to connect to the database. Lost or forgotten keys result in completely inaccessible databases.
Handle attempts to open an encrypted database with the wrong key.
If an attempt is made to open an encrypted database and the wrong key is supplied, db_init returns ul_false and SQLCODE -840 is set.
You can change the encryption key for a database. The application must already be connected to the database using the existing key before the change can be made.
Supply the new key as an argument of the ULChangeEncryptionKey method.
Obfuscation is an option for encoding the database that is an alternative to database encryption. Obfuscation is a simple masking of the data in the database that is intended to prevent browsing the data in the database with a low level file examination utility. However, obfuscation is not secure against skilled and determined attempts to gain access to the data. Obfuscation is a database creation option and must be specified when the database is created.