![]() The primary source for complete documentation (design, API, platforms, usage) is the SQLCipher website: Sqlite3_rekey(sqlite3 *db, const void *pKey, int nKey) To run SQLCipher specific tests, configure as described here and run the following to execute the tests and receive a report of the results: Thus, the additional SQLCipher-specific test provide the requisite verification that the library is operating as expected with SQLCipher's security features enabled. Because SQLCipher is based on stable upstream builds of SQLite, it is considered a basic assumption that the core SQLite library code is operating properly (the SQLite core is almost untouched in SQLCipher). This test suite is intended to provide an abbreviated verification of SQLCipher's internal logic it does not perform an exhaustive test of the SQLite database system as a whole or verify functionality on specific platforms. In addition, because SQLite tests are not always isolated, if one test fails it can trigger a domino effect with other failures in later steps.Īs a result, the SQLCipher package includes it's own independent tests that exercise and verify the core functionality of the SQLCipher extensions. ![]() Those tests that are intended to support encryption are intended for non-SQLCipher implementations. In some cases encryption interferes with low-level tests that require access to database file data or features which are unsupported by SQLCipher. The full SQLite test suite will not complete successfully when using SQLCipher. configure -enable-tempstore=yes CFLAGS="-DSQLITE_HAS_CODEC" \ Note in thisĮxample, -enable-tempstore=yes is setting SQLITE_TEMP_STORE=2 for the build. Static linking (replace /opt/local/lib with the path to libcrypto.a). The following examples demonstrate linking against OpenSSL, which is a readily available provider on most Unix-like systems.Įxample 1. You will need to link against a support cryptographic provider (OpenSSL, LibTomCrypt, CommonCrypto/amework, or NSS).You must define SQLITE_HAS_CODEC and either SQLITE_TEMP_STORE=2 or SQLITE_TEMP_STORE=3.Compilingīuilding SQLCipher is similar to compiling a regular version of SQLite from source, with a couple of small exceptions: We strongly encourage discussion of the proposed change prior to development and submission. All contributions including pull requests and patches should be based on the prerelease branch, and must be accompanied by a contributor agreement. The SQLCipher team welcomes contributions to the core library. It is also possible to convert from a plaintext database (standard SQLite) to an encrypted SQLCipher database using ATTACH and the sqlcipher_export() convenience function. When a key is not provided, SQLCipher will behave just like the standard SQLite library. ![]() SQLCipher is also compatible with standard SQLite databases. The available options are described in SQLCipher's upgrade documentation. Instead, an application would either need to migrate the older databases to use the new format or enable a special backwards-compatibility mode. The new default algorithms, increased KDF iterations, and larger page size mean that SQLCipher 4 will not open databases created by SQLCipher 1.x, 2.x, or 3.x by default. For example, SQLCipher 4 introduces many new performance and security enhancements. This means that newer major versions of SQLCipher will not open databases created by older versions without using special settings. ![]() from 3.x to 4.x) often include changes to default settings. SQLCipher maintains database format compatibility within the same major version number so an application on any platform can open databases created by any other application provided the major version of SQLCipher is the same between them. Algorithms provided by the peer reviewed OpenSSL crypto library.Zero-configuration and application level cryptography.Good security practices (CBC mode, HMAC, key derivation).100% of data in the database file is encrypted.Fast performance with as little as 5-15% overhead for encryption on many operations.SQLCipher is maintained by Zetetic, LLC, and additional information and documentation is available on the official SQLCipher site. While SQLCipher is maintained as a separate version of the source tree, the project minimizes alterations to core SQLite code whenever possible. SQLCipher is based on SQLite and stable upstream release features are periodically integrated. SQLCipher is a standalone fork of the SQLite database library that adds 256 bit AES encryption of database files and other security features like:
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |