I was using System.Data.SQLite for SQLite in Windows Mobile. It has built-in encryption support. I have found many SQLi开发者_JAVA技巧te implementation for Windows Phone 7. But, none of them have built-in support for encryption. Anybody knows any SQLite implementation for Windows Phone 7 that supports Encryption?
I ended up using SQL CE introduced in Mango release (Windows Phone 7.1) which has in-built encryption (password) support. Refer to http://blogs.microsoft.co.il/blogs/alex_golesh/archive/2011/05/24/windows-phone-mango-what-s-new-local-database-part-1-of-8.aspx which has very good explanation.
There doesn't seem to be any API in Windows Phone 7 that will let you encrypt / decrypt data based on user credentials similar to DPAPI so you have to do it yourself. The documentation suggests that the following algorithms are available on Windows Phone 7:
- AES
- HMACSHA1
- HMACSHA256
- Rfc2898DeriveBytes
- RSA
- SHA1
- SHA256
These algorithms should give all you need to create a decent encryption schema and it should be good enough that you encrypt the sensitive columns in your database schema and not the whole database.
The only problem then would be to see what key to use. If it's possible to ask the user for a password (this very much depends on what type of application you are building), then you can use Rfc2898DerivedBytes to derive a password from the user input. Otherwise, you can create a key out from some device data. (see: How do I get a symmetric key in Windows Phone 7?) After deriving a key, you can use AES to do your encryption.
I know that this is exactly what you wanted, but at least should point you in the right direction.
精彩评论