Working with encrypted data in Lianja

From Lianjapedia
(Redirected from Encryption)
Jump to: navigation, search

Under Construction

See Also

DECRYPT, ENCRYPT, SET ENCRYPTION, SQL SELECT, USE

DES3 Encrypting Your Data

Lianja gives you the ability to encrypt the data held in Lianja tables. Once a table has been encrypted, the data cannot be accessed unless the correct three-part encryption key is specified, providing additional security for sensitive data.

Encrypt Command

encrypt <tablename as character> | <skeleton as character> key <key as character>

The encrypt command is used to encrypt the data in the specified table or tables matching a skeleton. If the skeleton syntax is used, then all matching tables will be given the same encryption key. The encryption key is a three part comma-separated key and may optionally be enclosed in angled brackets. Each part of the key can be a maximum of 8 characters. The key is DES3 encrypted and stored in a .dkf file with the same basename as the table. After encryption, the three parts of the key must be specified correctly before the table can be accessed.

// Encrypt individual tables
encrypt customers key "key_1,key_2,key_3"
encrypt employees key "<key_1,key_2,key_3>"
 
// Encrypt all .dbf files in the directory
encrypt *.dbf key "key_1,key_2,key_3"

Encrypt Menu Option

Encryption: Encrypt in the Data workspace



Tables can also be encrypted from the Data workspace menus.

Select a table, then click the cog 'Additional Commands' icon at the bottom of the panel or right-click to display the context menu.

Then click 'Encrypt...' and you will be prompted to confirm that you want to encrypt the currently selected table.

You will then be prompted to enter a password.


The password is a three part comma-separated key, e.g.

mykey_1,mykey_2,mykey_3

Each part of the key can be a maximum of 8 characters.

Using Encrypted Tables

Once a table has been encrypted, the three part comma-separated key must first be entered, e.g.

Opening an encrypted table in the Data Workspace



Opening an encrypted table in the Data Workspace.


Opening (use) an encrypted table in the Command Window


Opening an encrypted table in the Command Window.

See also Use below.


SQL Select query against an encrypted table


SQL Select query against an encrypted table.

See also Select below.


Opening an encrypted table when creating an App


Opening an encrypted table when creating an App.


Opening an App containing an encrypted table


Opening an App containing an encrypted table in the Lianja App Builder.


Opening an App containing an encrypted table


Opening an App containing an encrypted table in the Lianja App Center.


Restarting the Lianja App Builder


Restarting the Lianja App Builder when the last session had an App with an encrypted table.


Set Encryption

set encryption to [<key as character>]
set encryption on | off

If a database table is encrypted, the correct three-part encryption key must be specified before the table's data or structure can be accessed. The set encryption set command can be used to specify a default encryption key to be used whenever an encrypted table is accessed without the key being specified. As before, the encryption key is a three part comma-separated key.

If the command to access the table includes the key, either by appending it to the table filename specification or using an explicit clause, this will take precedence over the key defined by 'set encryption to'.

Issuing 'set encryption to' without a key causes any previous setting to be cleared. The key must then be specified for each individual encrypted table.

The default key defined by 'set encryption to' is only active when 'set encryption' is 'on'. 'Set encryption off' can be used to temporarily disable the default key. The 'set encryption on | off' setting does not change the default key itself. 'Set encryption' is 'on' by default.

// Encrypt individual tables
encrypt customers key "key_1,key_2,key_3"
encrypt shippers key "key_2,key_3,key_4"
// Specify a default encryption key
set encryption to "key_1,key_2,key_3"
// Open customers table using the default encryption key
use customers
// Specify shippers table's encryption key
use shippers<key_2,key_3,key_4>
// Disable the default encryption key
set encryption to
// Specify the individual encryption keys
use customers encryption "key_1,key_2,key_3"
use shippers<key_2,key_3,key_4>

Decrypt Command

decrypt <tablename as character> | <skeleton as character> key <key as character>

The decrypt command is used to decrypt the data in the specified table or tables matching a skeleton. The specified key must contain the three part comma-separated key used to previously encrypt the table and may optionally be enclosed in angled brackets. The skeleton syntax can only be used if all tables matching the skeleton have the same key.

The decrypt command decrypts the data and removes the table's '.dkf' file. After decryption, the key need no longer be specified to gain access to the table.

// Decrypt individual tables
decrypt customers key "key_1,key_2,key_3"
decrypt employees key "<key_1,key_2,key_3>"
 
// Decrypt all .dbf files in the directory
decrypt *.dbf key "key_1,key_2,key_3"

Decrypt Menu Option

Encryption: Decrypt in the Data workspace



Tables can also be decrypted from the Data workspace menus.

Select an encrypted table and enter the password when prompted.

Click the cog 'Additional Commands' icon at the bottom of the panel or right-click to display the context menu.

Then click 'Decrypt...' and you will be prompted to confirm that you want to encrypt the currently selected table.

Re-enter the password when prompted.

The table will be decrypted.


Affected Commands

All of the following commands are affected when a table is encrypted:

Append from

append from - append records to the active table from another table

// The key must be specified for an encrypted source table
use mycustomers
append from customers encryption "key_1,key_2,key_3";
for country = "UK"

Copy file

copy file - copy a file

// The key file must also be copied for an encrypted source table
// as the target table will be encrypted
encrypt customers key "key_1,key_2,key_3"
copy file customers.dbf to newcustomers.dbf
copy file customers.dkf to newcustomers.dkf
use newcustomers encryption "key_1,key_2,key_3"

Copy structure

copy structure - copy a table's structure to a new table

// The key file is automatically copied for an encrypted source table
// and the target table encrypted
encrypt customers key "key_1,key_2,key_3"
use customers encryption "key_1,key_2,key_3"
copy structure to blankcust
use blankcust encryption "key_1,key_2,key_3"

Copy

copy - copy a table

// By default, the key file is automatically copied for an encrypted
// source table and the target table encrypted with the same key
encrypt customers key "key_1,key_2,key_3"
use customers encryption "key_1,key_2,key_3"
copy to newcustomers
use newcustomers encryption "key_1,key_2,key_3"
// You can also create a copy with a different key
encrypt customers key "key_1,key_2,key_3"
use customers encryption "key_1,key_2,key_3"
copy to newcustomers encrypt "newkey_1,newkey_2,newkey_3"
use newcustomers encryption "newkey_1,newkey_2,newkey_3"
// Or create a decrypted copy
encrypt customers key "key_1,key_2,key_3";
use customers encryption "key_1,key_2,key_3"
copy to newcustomers decrypt
use newcustomers
// You can also create an encrypted copy of a non-encrypted source table
use orders
copy to encorders encrypt "newkey_1,newkey_2,newkey_3"
use encorders encryption "newkey_1,newkey_2,newkey_3"

Use

use - open a table

// The three part key must be specified to open an
// encrypted table.  All of the following are valid.
// 1. Specifying a default encryption key before opening the table
set encryption to "key_1,key_2,key_3"
use customers
// 2. Appending the key to the filename
use customers<key_1,key_2,key_3>
// 3. Using the ENCRYPTION clause, optionally specifying angled brackets
use customers encryption "key_1,key_2,key_3"
use customers encryption "<key_1,key_2,key_3>"

Insert

SQL insert - add a row to a table

// The three part key can be specified using a
// default encryption key before opening the table
open database southwind
set encryption to "key_1,key_2,key_3"
insert into customers;
  (customerid, companyname);
  values ("LIANJ","Lianja Inc")
// Or by appending the key to the filename
open database southwind
insert into customers<key_1,key_2,key_3>;
  (customerid, companyname);
  values ("LIANJ","Lianja Inc")

Select

SQL select - return data from a table or tables

// The three part key can be specified using a
// default encryption key before opening the table
open database southwind
set encryption to "key_1,key_2,key_3"
select * from customers
// Or by appending the key to the filename
open database southwind
select * from customers<key_1,key_2,key_3>

Update

SQL update - update data in a table

// The three part key can be specified using a
// default encryption key before opening the table
open database southwind
set encryption to "key_1,key_2,key_3"
update customers;
  set companyname="Lianja Inc.";
  where customerid="LIANJ"
// Or by appending the key to the filename
open database southwind
update customers<key_1,key_2,key_3>;
  set companyname="Lianja Inc.";
  where customerid="LIANJ"