Portable database for storing secrets

Question

I'm developing a application that needs storing secrets in a database.

I need a portable database (like Firebird, Sqlite, etc) where the data will be stored encrypted or password protected or both...

Let's take as example that I want create a password manager. I will need store that passwords in a database. I'm accustomed to use Embed Firebird, but not for secret data.

Another solution is to use the database naturally and encrypt the database file when I'm not connected to file, but I'm not sure of the security or performance implications.

What the best method that you recommend?

Answer 1

You could also have a look at SQL Server Compact edition, which only requires a DLL and will store the data in a single file, just like SQLite or Access, Firebird, etc.

It also has encryption capabilities built-in.

Some references:

• Security and Encryption for SQL Server Compact
• Tutorials on using SQL Server Compact Edition (second and third sections down the page).

Password encryption

See my answer to your other question os SO.

Answer 2

There is a project called sqlite-crypt. Which should be your best bet. sqlite db with all data on disk encrypted.