-1

I have a general question to sqlcipher.. where is the advantage of sqlcipher against directly encrypting the database with GnuPG or openssl? Everytime when I want to encrypt/decrypt with sqlcipher I must open the database, attach a new database, encrypt/decrypt it, export it in the new database and deattach it. For example like this:

echo "PRAGMA key='$1';select count(*) from sqlite_master;ATTACH DATABASE '$2/mydb-decrypt.db' AS plaintext KEY '';SELECT sqlcipher_export('plaintext');DETACH DATABASE plaintext;" | sqlcipher $2/mydb.db

This is pretty bloated isn't it? With openssl or gnupg I can just decrypt/encrypt it directly with one command..

so why using sqlcipher?

Jens Erat
  • 37,523
  • 16
  • 80
  • 96
Shibumi
  • 635
  • 6
  • 17
  • 1
    Why are you decrypting at all? Within the sqlcipher shell, and from apps linking sqlcipher, you can just open the DB with the correct key and work with it like any normal SQLite database. What's the purpose of keeping a decrypted version of the database around? – Paul Roub Aug 20 '15 at 13:53
  • This doesn't work.. how do I open the sqlcipher database with correct key? when I do: sqlcipher database.db and then: `pragma key='my password';` it's not decrypted I can't do `SELECT * FROM table;` – Shibumi Aug 20 '15 at 19:22
  • 1
    Then something else is wrong. This is *exactly* what sqlcipher is for. You should either re-write this question (including the exact commands you're using to open and read the database, and the exact errors you see when you try), or create a *new* question asking that. – Paul Roub Aug 20 '15 at 20:27
  • you mean like this: http://stackoverflow.com/questions/32135354/howto-decrypt-a-sqlcipher-database-on-the-fly-without-decrypting-and-deattaching ? – Shibumi Aug 21 '15 at 08:07
  • 1
    Nope. That has the exact same example as you've shown here. Where's the version where you try to open and read an encrypted database without creating a plaintext version? How was the database created and encrypted? Are you sure you have the right key? – Paul Roub Aug 21 '15 at 12:24
  • 1
    Are you sure the database is **yours**? – Phantômaxx Aug 21 '15 at 12:57

1 Answers1

3

The conflict you are seeing is likely in how you are using it versus how it is more commonly used. SQLCipher decrypts and encrypts data on the fly for user access. That is to say that once you have provided SQLCipher with the key material, only the pages of data that contain your data are decrypted. This does not require you to decrypt the entire database to plain text and write to disk in order to access your data as you model above. I would recommend you review the additional details on the SQLCipher design here.

Nick Parker
  • 1,378
  • 1
  • 7
  • 10