Don't know how to encrypt database using SQLCipher

Question

I have included SQLCipher into my project exactly like explained in this link: http://sqlcipher.net/ios-tutorial/

But I am not sure how to encrypt the database I have read description from above link but not getting.
Actually what I am doing is if application is opening first time then it will copy the database(i.e. without encryption) to the document directory. One more thing my database is blank when copying from bundle to document directory.
I have tried to use sqlite3_key function after opening the database but nothing is encrypted. But I didn't found something like how to encrypt database when copying from bundle to document directory. I am planning to use FMDB so it would be better to reply according to that.
Please guide me how to do that or point to direction if is there any tutorial for it. Also suggest what should be the standard approach to do that.

Start up the DB, do `PRAGMA REKEY `. Shut down. Start up again and do `PRAGMA KEY `, and you're in business. — Hot Licks, Jul 04 '12 at 21:31

score 2 · Answer 1 · answered Feb 21 '14 at 01:34

For those looking for a simple tutorial on how to accomplish this, I was able to create one: http://www.guilmo.com/fmdb-with-sqlcipher-tutorial/

But the most important parts are, Opening your existing DB and attaching a new encrypted one. Then setting the key in your FMDB connections.

SQLCipher - Encrypting the database

// Import sqlite3.h in your AppDelegate
#import <sqlite3.h>

// Set the new encrypted database path to be in the Documents Folder
NSArray *documentPaths = NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES);
NSString *documentDir = [documentPaths objectAtIndex:0];
NSString *ecDB = [documentDir stringByAppendingPathComponent:@"encrypted.sqlite"];

// SQL Query. NOTE THAT DATABASE IS THE FULL PATH NOT ONLY THE NAME
const char* sqlQ = [[NSString stringWithFormat:@"ATTACH DATABASE '%@' AS encrypted KEY 'secretKey';",ecDB] UTF8String];

sqlite3 *unencrypted_DB;    
if (sqlite3_open([self.databasePath UTF8String], &unencrypted_DB) == SQLITE_OK) {

    // Attach empty encrypted database to unencrypted database
    sqlite3_exec(unencrypted_DB, sqlQ, NULL, NULL, NULL);

    // export database
    sqlite3_exec(unencrypted_DB, "SELECT sqlcipher_export('encrypted');", NULL, NULL, NULL);

    // Detach encrypted database
    sqlite3_exec(unencrypted_DB, "DETACH DATABASE encrypted;", NULL, NULL, NULL);

    sqlite3_close(unencrypted_DB);
}
else {
    sqlite3_close(unencrypted_DB);
    NSAssert1(NO, @"Failed to open database with message '%s'.", sqlite3_errmsg(unencrypted_DB));
}

self.databasePath = [documentDir stringByAppendingPathComponent:@"encrypted.sqlite"];

Note that we set 2 parameters in SQL Query, the DATABASE and the KEY. The DATABASE should be the full path to the encrypted database you want to create, in this case, string ecDB, and the KEY parameter is the key that’s going to be use to ENCRYPT your database, so choose a strong one

Now on your FMDB functions, call [db setKey:@"strongKey"] after every time you open the db.

// FMDatabase Example
FMDatabase *db = [FMDatabase databaseWithPath:[self getDatabasePath]];
[db open];
[db setKey:@"secretKey"];


// FMDatabaseQueue Exmple
FMDatabaseQueue *queue = [FMDatabaseQueue databaseQueueWithPath:[self getDatabasePath]];

[queue inDatabase:^(FMDatabase *db) {
    [db setKey:@"secretKey"];
    ...
}];

Let me know if you have any questions!

hello gmogames, how can i decrypt the encrypted sqlite file? thanks — RamGrg, Apr 10 '15 at 07:03
@RamGrg I was never able to decrypt using a program or something like it. I could only decrypt in code and that was it. Not really sure how this encryption works — gmogames, Apr 10 '15 at 12:53

score 0 · Accepted Answer · answered Jul 04 '12 at 21:13

0

Instructions for this are in the SQLCipher API Page [1] for using sqlcipher_export(), under "Example 1: Encrypt a Plaintext Database"

[1] http://sqlcipher.net/sqlcipher-api/#sqlcipher_export

answered Jul 04 '12 at 21:13

Stephen Lombardo

1,503
8
7

Thanks for your help. But when I am trying to fire statement :sqlite3_exec(_db, "ATTACH DATABASE 'xyz.sqlite' AS encrypted KEY 'test';", NULL, NULL, &t); it giving me error like unable to open database 'xyz.sqlite'. what could be the issue – Iducool Jul 05 '12 at 05:51
I got the issue and it is no more. without providing full path of writable directory this function is not working. Suppose I am passing only database name then it is unable to create new db. Not sure what is the default this function is taking. – Iducool Jul 05 '12 at 07:51

Don't know how to encrypt database using SQLCipher

2 Answers2