Encrypting data in an UltraLite Java edition database

Encryption provides secure representation of the data whereas obfuscation provides a simplistic level of security that is intended to prevent casual observation of the database contents. Data stored in UltraLite Java edition databases is not encrypted by default.

You must supply your own encryption control to encrypt data in an UltraLite Java edition database. The encryption control is set using the ConfigPersistent.setEncryption method, which accepts an EncryptionControl object to encrypt and decrypt pages.

Note

Encryption is not available for non-persistent database stores.

Create and customize UltraLite Java edition database encryption or obfuscation API techniques in a BlackBerry application with the EncryptionControl interface.

Prerequisites

An existing Java application for a BlackBerry smartphone that implements the UltraLiteJ API.

Context and remarks

Many.

 Encrypt or obfuscate data in an UltraLite Java edition database
  1. Create a class that implements the EncryptionControl interface.

    The following example creates a new class named Encryptor that implements the encryption interface:

    static class Encryptor
        implements EncryptionControl
    {
  2. Implement the initialize, encrypt, and decrypt methods in the new class.

    Your class should now look similar to the following:



    static class Encryptor
        implements EncryptionControl
    {
        /** Decrypt a page stored in the database.
         * @param page_no the number of the page being decrypted
         * @param src the encrypted source page which was read from the database
         * @param tgt the decrypted page (filled in by method)
         */
        public void decrypt( int page_no, byte[] src, byte[] tgt )
            throws ULjException
        {
            // Your decryption method goes here.
        }
        
        /** Encrypt a page stored in the database.
         * @param page_no the number of the page being encrypted
         * @param src the unencrypted source
         * @param tgt the encrypted target page which will be written to the database (filled in by method)
         */
        public void encrypt( int page_no, byte[] src, byte[] tgt )
            throws ULjException
        {
            // Your encryption method goes here.
        }
        
        /** Initialize the encryption control with a password.
         * @param password the password
         */
        public void initialize(String password)
            throws ULjException
        {
            // Your initialization method goes here.
        }
    }
  3. Update your API code so that the new encryption control class is specified prior to connecting to the database.

    You specify the encryption control with the Configuration.setEncryption method. The following example illustrates how to set the encryption control, assuming that you have a Configuration object named config that references your database:

    config.setEncryption(new Encryptor());

Results

Any data that is added or modified in the database is now encrypted or obfuscated, depending on how you implement your initialize, encrypt, and decrypt methods.

Next

None.

The UltraLiteJ Security on BlackBerry Devices white paper contains information about the security options and concerns for UltraLiteJ applications on BlackBerry devices, including how the built-in security of the device can work for and against applications. For more information, see [external link] UltraLiteJ Security on BlackBerry Devices.

 See also