Encrypt/Decrypt a MS Access 2000 (*.mdb) Database File (Extra Security)
For Extra Security, i would like to Encrypt/Decrypt a MS Access 2000 (*.mdb) Database File.
I am using Delphi 7 and I am looking for a free or opensource solution (possible just two functions that allow you to pass a file name and a key).
I would like to perform the decrypt before my app starts, and the encrypt when the app shuts down. Where are the best places to do this. OnCreate, OnDestroy events?
I assume i would first have to create a small utility which uses the encrypt portion of the solution to encrypt the database file first?
I understand the reasons which you have to encrypt your old access database , because the security of access 2000 and 2003 is very weak. but my primary recommendation is which try to upgrade to Access 2007 or higher which uses the Microsoft Cryptographic API, and incorporates significant improvements in security.
If you can't upgrade, here i leave an option to encrypt your mdb file.
1) to encrypt you data you can use the JwaWinCrypt unit which is part of the Jedi JWSCL library, you can download this library from here.
check this sample function which uses 3DES algorithm to encrypt a file.
uses Classes, JwaWinType, JwaWinCrypt, SysUtils; procedure CryptFile(Const InFileName, OutFileName, Password: AnsiString; Encrypt: Boolean); const BufferSize=1024*64; var StreamSource : TFileStream; StreamDest : TFileStream; CRYPTPROV : HCRYPTPROV; CRYPTHASH : HCRYPTHASH; CRYPTKEY : HCRYPTKEY; Buffer : LPBYTE; BytesIn : DWORD; Final : Boolean; begin CryptAcquireContext(CRYPTPROV, nil, nil, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); try CryptCreateHash(CRYPTPROV, CALG_3DES_112, 0, 0, CRYPTHASH); try CryptHashData(CRYPTHASH, @Password, Length(Password), 0); CryptDeriveKey(CRYPTPROV, CALG_3DES, CRYPTHASH, 0, CRYPTKEY); finally CryptDestroyHash(CRYPTHASH); end; StreamSource := TFileStream.Create(InFileName, fmOpenRead or fmShareDenyWrite); StreamDest := TFileStream.Create(OutFileName, fmCreate); try GetMem(Buffer, BufferSize); try repeat BytesIn := StreamSource.Read(Buffer^, BufferSize); Final := (StreamSource.Position >= StreamSource.Size); if Encrypt then CryptEncrypt(CRYPTKEY, 0, Final, 0, Buffer, BytesIn, BytesIn) else CryptDecrypt(CRYPTKEY, 0, Final, 0, Buffer, BytesIn); StreamDest.Write(Buffer^, BytesIn); until Final; finally FreeMem(Buffer, BufferSize); end; finally StreamSource.Free; StreamDest.Free; end; finally CryptReleaseContext(CRYPTPROV, 0); end; end;
and use in this way
to encrypt a file
CryptFile('C:\temp\in.zip', 'C:\temp\out.zip','fdkjldf3832kka83' ,True);
to decrypt a file
CryptFile('C:\temp\out.zip', 'C:\temp\in.zip','fdkjldf3832kka83' ,True);
2) about the location of the code to encryot and decrypt the data, will depends of the design of you application.
3) keep in mind that if your application crashes your data will be unprotected.
4) maybe the best option is build a small application which decrypt your data and launch your main application and stay monitoring the status until the main application ends. and then encypt your data again.