Saving a Form
The following sequence of events takes place when saving a
new InfoPath form and enabling password-protection:
1.
The user opens a new form, fills in the data, and enters a password.
2.
The user initiates the saving of the form by clicking on the Save button, using the File > Save
menu item, or closing the form in which case she will be prompted to save the modifications.
This will trigger the OnSaveRequest event handler.
3.
A symmetric key is generated from the password entered by the user and
her user name.
4.
The text "locked" is encrypted using the symmetric key and the
encrypted text is saved in the isLocked field. The
credit card number, which contains sensitive data, is also encrypted using the
symmetric key and saved in the ccNumber field it from
which it was originally retrieved.
5.
Both the password and passwordAgain
fields are emptied before the form is saved, since this data must not be
persisted in the form.
6.
The form is saved to disk.
7.
If the form's XML file is opened in e.g. Notepad, the <my:isLocked> and <my:ccNumber>
XML nodes will contain encrypted data, while the <my:password>
and <my:passwordAgain> XML nodes will be empty.
Opening a Form
The following sequence of events takes place when opening a
previously saved and password-protected form:
1.
The user opens a previously saved form. The credit card number field is
shown in an encrypted format, the password fields are empty, and the Unlock button is enabled.
2.
The user enters a password and clicks on the Unlock
button.
3.
A symmetric key is generated from the password entered by the user and
her user name.
4.
An attempt is made to decrypt the isLocked
field. If successful, the credit card field is decrypted and the unencrypted
data is shown. If the isLocked field cannot be
decrypted, this means that the password the user entered is incorrect, the data
in the isLocked field within the form's XML file has
been tampered with, or the user is not the original person who saved the form. If
decrypting the credit card number field fails while the isLocked
field is successfully decrypted, this means that the data in the ccNumber field within the form's XML file has been tampered
with.
5.
After the credit card number field has been decrypted, the isLocked field is set to an empty string, indicating that
the form fields are now in an unprotected state and the Unlock
button is disabled.
Note: It is advisable to back up forms once they have been
protected, because if the user forgets the password or the form's data is
tampered with, it will not be possible to decrypt the encrypted form fields any
more.
Downloads
[Download Code]