Components | All | New | MacOS | Windows | Linux | iOS | ||||
Examples | Mac & Win | Server | Client | Guides | Statistic | FMM | Blog | Deprecated | Old |
SQL.SQLite3.ReKey
You can change the key on a database using the Rekey Function.
Component | Version | macOS | Windows | Linux | Server | iOS SDK |
SQL | 5.3 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes |
MBS( "SQL.SQLite3.ReKey"; Connection; Key { ; Encoding } ) More
Parameters
Parameter | Description | Example | Flags |
---|---|---|---|
Connection | The connection reference number gained with SQL.NewConnection. | $Connection | |
Key | The new encryption key. | "Hello World" | |
Encoding | The text encoding for the key. Default is UTF-8. Possible encoding names: ANSI, ISO-8859-1, Latin1, Mac, Native, UTF-8, DOS, Hex, Base64 or Windows. More listed in the FAQ. |
"UTF-8" | Optional |
Result
Returns OK or error.
Description
You can change the key on a database using the Rekey Function.An empty key decrypts the database.
Rekeying requires that every page of the database file be read, decrypted, reencrypted with the new key, then written out again. Consequently, rekeying can take a long time on a larger database.
Most SEE variants allow you to encrypt an existing database that was created using the public domain version of SQLite. This is not possible when using the authenticating version of the encryption extension in see-aes128-ccm. If you do encrypt a database that was created with the public domain version of SQLite, no nonce will be used and the file will be vulnerable to a chosen-plaintext attach. If you call SetKey() immediately after Open when you are first creating the database, space will be reserved in the database for a nonce and the encryption will be much stronger. If you do not want to encrypt right away, call SetKey() anyway, with an empty key, and the space for the nonce will be reserved in the database even though no encryption is done initially.
A public domain version of the SQLite library can read and write an encrypted database with an empty key. You only need the encryption extension if the key is non-empty.
Examples
Change key to AES-256:
MBS( "SQL.SQLite3.ReKey"; $Connection; "aes256:" & $Key; "UTF-8" )
See also
This function is free to use.
Created 23th September 2015, last changed 12nd November 2015