I have a Monotouch app which uses a sqlite database. I want to encrypt the database so I am doing this:
_mainConnection = new SqliteConnection("Uri="+finalDB); _mainConnection.Open(); _mainConnection.ChangePassword("mypassword");
However, its not working (on simulator and iphone). It gets this error:
at (wrapper managed-to-native) Mono.Data.Sqlite.UnsafeNativeMethods.sqlite3_rekey (intptr,byte[],int) <0x0005c> at (wrapper managed-to-native) Mono.Data.Sqlite.UnsafeNativeMethods.sqlite3_rekey (intptr,byte[],int) <0x0005c> at Mono.Data.Sqlite.SQLite3.ChangePassword (byte[]) <0x00053> at Mono.Data.Sqlite.SqliteConnection.ChangePassword (byte[]) <0x0004b> at Mono.Data.Sqlite.SqliteConnection.ChangePassword (string) <0x0005b>
Has anyone successfully used password protection on an sqlite database in Monotouch?
The base SQLite engine doesn't have any password/encryption options. You have to either use the paid SEE option for encryption, or some third party solution.
You will need to take the username and password (the password from a masked text box, preferably with a second box for confirmation) salt it, and create a hash from the password, and then insert the plaintext username and salted hash of the password in to the database.
SQLite doesn't support encrypting database files by default. Instead, you need to use a modified version of SQLite like SEE, SQLCipher, SQLiteCrypt, or wxSQLite3.
The SQLite Store is a set of database files, which is deployed on the untrusted area. However, data on the SQLite Store are protected with the authenticated encryption scheme, making data tampering and eavesdropping impossible.
As per my research there are a few options for database encryption using MonoTouch. I have a forthcoming blog post on the subject, but for now these are your top two options:
I've automated the SQLCipher build process substantially. All it takes is a simple make
command and you've got a library that you can link into your project. It makes use of the awesome SQLite-NET library. After that, all that's required is to provide the key in the SQLite.cs file.
This is a managed port of the SQLite library in C#. Performance is only about ~2x slower, which is pretty awesome considering it's not native code!
Try adding ";Password=mypassword" to your connection string, and remove the call to ChangePassword.
Please note that, by default, the iPhone implementation of sqlite does not support encryption, so the sqlite commands for that will be no-ops.
You can get a (paid) copy of the encrypt-able version of sqlite from http://www.hwaci.com/sw/sqlite/see.html, and compile it into your application, making sure to remove the libsqlite3*.dylib from your project if you've linked that in.
You may have to do a bit of digging in the Monotouch documentation and/or experimentation to make sure that the Monotouch library itself is not including the default sqlite implementation, but in fact links to the implementation you specify. Try it first, if things still don't work that's where I'd start looking.
You can do this experiment without paying for the encrypted version, simply using the sqlite3 source code available on the net, with appropriate break points.
Good luck!
PS: Note that there is no comparable solution for Android at this point, this works on iPhone because iPhone runs native C code.
PPS: There is also SQLCipher that claims to encrypt sqlite on iPhone. However I found the configuration requirements to be below my standards for simplicity. I'm also not sure if it will properly insert itself between Monotouch's framework code and the default iPhone sqlite implementation.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With