Share how to encrypt and decrypt SQLCipher database

Introduction:

##When using the

SQLite database, sometimes the requirements for the database are relatively high, especially in iOS8 Before .3, non-jailbroken systems could also use tools to obtain files in the application sandbox. At this time, we can consider encrypting the SQLite database so that we don’t have to worry about the sqlite file being leaked.

Usual database There are generally two ways to encrypt.

1 Encrypt all data

2 Encrypt database files

Although the first method encrypts the data, it is not complete. Information such as the table structure can be viewed through the database, and the data in the database is scattered. Encrypting and decrypting all data will seriously affect performance. The usual approach is to encrypt files

---

The iOS free version of the sqlite library does not provide encryption functions. SQLite only provides an encrypted

interface, but it is not implemented. The encryption libraries supported on iOS include the following

The SQLite Encryption Extension (SEE)

Paid, there are the following encryption methods RC4

AES-128 in OFB mode
AES-128 in CCM mode
AES-256 in OFB mode
SQLiteEncrypt

Paid, using AES encryption

SQLiteCrypt

Charged, using 256-bit AES encryption

SQLCipher

Open source, hosted on github, implements the official SQLite encryption interface, and also adds some new interfaces, see here for details

The first three are paid, SQLCipher is open source, here we use SQLCipher.

SQLCipher is available in free and paid versions. The following are the differences given by the official website:

easier to setup, saving many steps in project configuration
pre-built with a modern version of OpenSSL, avoiding another externaldependency
much faster for each build cycle becausethe library doesn't need to be built from scratch on each compile (build timecan be up to 95% faster with the static libraries)

Analysis:

It’s just easier to integrate, and there is no need to add OpenSSL dependency libraries. And the compilation speed is faster, and there is no difference in functionality. Spending hundreds of dollars just for the above-mentioned convenience is not worth it for hard-working RDs like me. Fortunately, there is a free version.

SQLite is an open source lightweight database. Both Android and iOS are now using it to store structured data, but the encrypted version is not open source. As a compromise, we can only find open source solutions. SQLcipher is a good choice. It can encrypt SQLite and has corresponding libraries for decryption and reading in android and ios. However, the introduced library will increase the number of app users. size. SQLCipher is an open source library that provides transparent, secure 256-bit AES encryption of SQLite database files.

Integration

If you use cocoapod, you don’t need to configure it yourself For convenience, we directly use FMDB to operate the database. FMDB also supports SQLCipher

pod

'FMDB/SQLCipher', '~> 2.6.2' //View what you need by yourself Version

If it is manual, do the following:

1, you need to download sqlcipher-master from www.zetetic.net/sqlcipher/ios-tutorial/

, and The .xcodeproj is imported into the project as

staticlibrary

##.xcodeproj file

This is the SQLCipher encryption static module ;

Second, configure Xcode

Use the macro (SQLITE_HAS_CODEC) to configure whether SQLite enables the encryption module. We need to configure the macro to enable the encryption module component in Xcode. This article introduces the CocoaPods method. configuration.

(1) target -> Build Setting -> Other C Flags Add -DSQLITE_HAS_CODEC, -DSQLITE_TEMP_STORE=2, -DSQLITE_THREADSAFE, -DSQLCIPHER_CRYPTO_CC several configurations.

If SQLITE_HAS_CODEC setKey is not configured, the method will not be encrypted

(2) target -> Build Setting -> Other Linker Flags Add-framework Security configuration.

(3) Import the libsqlcipher.a file in TARGETS into the

.a file

3, add the encryption code

Open the database

Generally, this setKey method is used after the database is opened.

Note:

1. If there is FMDB in the project, it is not recommended to directly introduce FMDB/SQLCipher. The modification will not be beneficial to the

class library

Unified management and updates. We can directly import the static library file into the project and then configure Xcode. To put it simply, the steps are as follows: (1) In the project where you have FMDB, add the .xcodeproj file

(2) Modify two configurations in the build setting of the project

One is other c flags, such as the other c flags in the picture above

The other is other link flags, enter the other lilnk flags in the picture above

Then the setkey method of FMDatabase can be used , after opening the database, call this method, and the database file will be encrypted.

说到怎么在不改变原来的FMDB源码，这里有一份拓展，供参考：

FMDB源码加密拓展

这个是我的demo可以到这里下载：pan.baidu.com/s/1o8fNHay

说明：

In most cases SQLCipher uses PBKDF2, a salted and iteratedkey derivation function, to obtain the encryption key. Alternately, anapplication can tell SQLCipher to use a specific binary key in blob notation(note that SQLCipher requires exactly 256 bits of key material), i.e.
PRAGMA key = "x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
Once the key is set SQLCipher will automatically encryptall data in the database! Note that if you don't set a key then SQLCipher willoperate identically to a standard SQLite database.

一旦key被设置，SQLCipher将会自动加密数据库所有数据。

需要注意的是，在使用sqlite3_open打开或创建一个数据库，在对数据库做任何其它操作之前，都必须先使用sqlite3_key输入密码，否则会导致数据库操作失败，报出sqlite错误码SQLITE_NOTADB。

在sqlite3_open打开数据库成功，而且用sqlite3_key输入密码以后，就可以正常的对数据库进行增、删、改、查等操作了。

【相关推荐】

1. 免费mysql在线视频教程

2. MySQL最新手册教程

3. 数据库设计那些事

The above is the detailed content of Share how to encrypt and decrypt SQLCipher database. For more information, please follow other related articles on the PHP Chinese website!