Menu
I am trying to secure some sensible data by implementing encryption in my already existing and functioning database setup in an android application.
I tried to follow this tutorial (http://sqlcipher.net/sqlcipher-for-android/) and I browsed a lot of foruns, including the google group for Cipher. However, I still don't clearly understand how does SQLCipher work and how I should adapt my code to serve my needs.
I am following this implementation of databases in android: http://www.vogella.com/articles/AndroidSQLite/#databasetutorial_database, meaning I have an extension of the SQLiteOpenHelper class and another class to store CRUD methods.
In this situation how should I use SQLCipher? Where should I define the password? Where should I use loadLibs(context)? Only in the main activity? Or in every activity that accesses the database?
I feel I'm almost there, I just need the final push to figure this out :P Thanks in advance!
275
SQLCipher is an open source library that provides transparent, secure 256-bit AES encryption of SQLite database files.
SQLCipher maintains database format compatibility within the same major version number so an application on any platform can open databases created by any other application provided the major version of SQLCipher is the same between them.
SQLCipher is a specialized build of the excellent SQLite database that performs transparent and on-the-fly encryption. Using SQLCipher, an application uses the standard SQLite API to manipulate tables using SQL.
Android Room DB explicitly doesn't support encryption. A typical SQLite database in unencrypted. You can use SQLCipher for Android with Room or other consumers of the androidx. sqlite API to Secure Your Data stored in sqlite DB.
In this situation how should I use SQLCipher?
Exactly like an normal your normal sql implementation.
Where should I define the password?
If you are using SQLiteHelper it will create the database when you first get it like this:
helper.getWriteableDatabase("myPassword");
On the first call it will create the database with this Password. On the upcoing calls it will only work with this password.
( Figured that out when i went to the Source: https://github.com/sqlcipher/android-database-sqlcipher/blob/master/android-database-sqlcipher/src/main/java/net/sqlcipher/database/SQLiteOpenHelper.java, checkout the method getWriteableDatabase( String pw ) there! )
Where should I use loadLibs(context)?
Right before you call helper.getWriteableDatabase("myPassword"); the first time!
199
In this situation how should I use SQLCipher?
That is impossible to answer in the abstract. You would use it largely the same way that you use SQLite.
Where should I define the password?
You should get it from the user.
Where should I use loadLibs(context)? Only in the main activity? Or in every activity that accesses the database?
Once per process is sufficient (in fact, more could conceivably be a problem). If you are using a ContentProvider for your SQLCipher database, call loadLibs() in onCreate() of the ContentProvider. If you are using a custom Application, call loadLibs() in onCreate() of the Application.
27
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
