Android Tutorial Android database encryption with SQLCipher library

Status
Not open for further replies.
SQLCipher is an open source project that extends SQLite and adds full database encryption.
License: https://www.zetetic.net/sqlcipher/open-source/

B4A SQLCipher is a special subtype of SQL object. There is almost no need to change any code in order to switch from regular SQL to SQLCipher.

The only difference between SQL API and SQLCipher API is the Initialize method.
SQLCipher.Initialize expects two additional values: Password and a second parameter that is not used (it was used in the past).

Password is the database password. You can pass an empty string if there is no password. Note that it is not possible to change the password (or set a new password) to an existing database.

Code changes required to convert from SQL to SQLCipher
- Declare the SQL object as SQLCipher.
- Change the initialize code to:
B4X:
SQL1.Initialize(File.DirRootExternal, "1.db", True, DB_PASSWORD, "")

V1.70
V1.60
V1.50
  • Based on SQLCipher v3.59
  • Supports targetSdkVersion 26.
  • The icu.zip file is no longer required. You can delete it from the Files folder.
  • It is no longer required to disable the debugger virtual assets feature.
    Remove this line: #DebuggerForceStandardAssets: True
  • Old version: www.b4x.com/android/files/SQLCipher150.zip

Depends on: https://repo1.maven.org/maven2/net/...er/4.5.4/android-database-sqlcipher-4.5.4.aar
You should download and copy it to the additional libraries folder.
 

Attachments

  • SQLCipher.zip
    37.2 KB · Views: 335
Last edited:

susu

Well-Known Member
Licensed User
Longtime User
Thank you Erel. I wished for this library.
 

Sanxion

Active Member
Licensed User
Longtime User
SQLite db created outside of the application?

This is great news, however I do have a question:

How would I encrypt/set a password for a SQLite database that has been created/populated outside of a B4A application which is then to be used in the application?
 

Erel

B4X founder
Staff member
Licensed User
Longtime User
How would I encrypt/set a password for a SQLite database that has been created/populated outside of a B4A application which is then to be used in the application?
You have two options:
- Use the desktop version of SQLCipher. It may require purchasing a license.
- Create a program that reads the data from the existing databases and writes it to a password protected database.
 

Sanxion

Active Member
Licensed User
Longtime User
Thanks Erel...

How is a password protected database created in the first instance?

I have been using SQLite Database Browser to create and subsequently populate my database.
 

Sanxion

Active Member
Licensed User
Longtime User
For those who are looking for an application that will enable the setting of a password on an SQLite database...

I have discovered Navicat supports this functionality.
 

alfcen

Well-Known Member
Licensed User
Longtime User
If I am not mistaken this library does not perform encryption but addresses databases that have been previously ciphered using SQLCipher or similar tools?
 

psdos

Active Member
Licensed User
Longtime User
I am waiting update of this library for full support encrypted, read and write in db with password, but thanks for this, is a started.

Thanks.
 

Taha

Member
Licensed User
Longtime User
Spent 2 days looking on how to encrypt the SQLite database - couldn't find any clear explanation or application. Can't understand why do we need this library then? Isn't there any other ways for encryption?
 

Erel

B4X founder
Staff member
Licensed User
Longtime User
Not sure that I understand your question.

Android internal SQLite engine doesn't support encryption. This library includes an engine that does support encryption.

You can create and access encrypted databases with this library. SQLCipher doesn't support encryption of existing non-encrypted databases.

You can however create a small program that will read the data from your existing database and then add it to the encrypted database. From then on you can work with the encrypted database.
 

susu

Well-Known Member
Licensed User
Longtime User
You can however create a small program that will read the data from your existing database and then add it to the encrypted database. From then on you can work with the encrypted database.

Could you please give us some codes of that "small program" ? :D
 

susu

Well-Known Member
Licensed User
Longtime User
Step by step:
- Open "normal" database1.
- Create new database2.
- Encrypt database1 and write into database2.
- Delete database1.
- Only encrypted database2 left.
Is it right?
 
Status
Not open for further replies.
Top