Encryption allows you to encrypt important data in the database, such as credit card numbers or Social Security Numbers. You need to select the encryption method, enter the encryption key, and choose the fields to be encrypted.
Press the Encryption button on the Security screen to open the Encryption popup.
You can select a Database-based or Code-based encryption method.
The Database-based method is preferable since it has more features than the Code-based method. With the Database-based encryption, for example, the encrypted fields can be sorted and grouped, the search offers suggestions and includes all operators (CONTAINS, EQUALS, MORE THAN, etc.).
Database-based encryption requirements
•install the pgcrypto module.
•give users full rights to the SYS.DBMS_CRYPTO package;
•the Oracle version must be 10 or higher.
•enable SSL support.
We recommend using the encryption key that is at least 10 characters long. You can also use the Generate button to generate a random key.
ASPRunnerPro can encrypt only text fields. Since the encrypted value usually is at least 2-3 times longer than source value, you should choose the maximum length fields such as TEXT in MySQL or MEMO in MS Access.
Here is an example of encrypted data in the application:
Functions used for database-based encryption
MS SQL Server:
•Encryption: EncryptByPassPhrase(), EncryptByKey()
•Decryption: DecryptByPassPhrase(), DecryptByKey()
•Encryption: DES_ENCRYPT(), AES_ENCRYPT()
•Decryption: DES_DECRYPT(), AES_DECRYPT()
Encrypt existing values in the database
You may encrypt the existing values only once. We do not recommend double encryption as it causes problems with decryption.
To encrypt the existing values in the database, add the following code to the List page: Before process event of your table:
Then run the List page that contains the encrypted fields with the ciphcoding=1 parameter, e.g.:
Once the data has been encrypted, it is necessary to delete the file ciphcoding.asp in the output directory, remove the code from the List page: Before process event and re-upload the application.
We recommend performing this procedure on the development machine or a server without public access.
Decrypt custom query results
MySQL, AES encryption
The key variable should contain the encryption key specified in ASPRunnerPro on the Encryption screen.
Security screen articles: