SQLCipher encrypt database and change key

25 views
Skip to first unread message

Brendan Duddridge

unread,
Jun 29, 2015, 8:42:18 PM6/29/15
to mobile-c...@googlegroups.com
Hi,

So on the Wiki for the encryption support in CBL on iOS and Mac, it says:

It's not yet possible to add encryption to an existing database, or to change or remove the key afterwards.

Do you think this will be possible anytime soon? SQLCipher has a migration system built-in to migrate an unencrypted database to an encrypted database. It's quite straight forward actually:

Using the following commands you can encrypt a database (given the path to the database and an encryption key):

sqlite3_exec([db sqliteHandle], [[[NSString alloc] initWithFormat:@"attach database '%@' as encrypted key '%@';", escapedPath, escapedKey] UTF8String], NULL, NULL, NULL);


rc = sqlite3_exec([db sqliteHandle], [@"SELECT sqlcipher_export('encrypted');" UTF8String], NULL, NULL, NULL);

 You can do the reverse easily enough by removing the key and exporting again:

rc = sqlite3_exec([db sqliteHandle], [[[NSString alloc] initWithFormat:@"attach database '%@' as plain key '';", escapedPath] UTF8String], NULL, NULL, NULL);

rc = sqlite3_exec([db sqliteHandle], [@"SELECT sqlcipher_export('plain');" UTF8String], NULL, NULL, NULL);


And for changing the key, it's just:

int rc = sqlite3_rekey(_db, [keyData bytes], (int)[keyData length]);



If it won't be implemented in CouchbaseLite, do you think it would be ok to just hit the sqlite file outside of CouchbaseLite and do it myself? Obviously closing the database from CBLManager first before doing that.

Thanks,

Brendan

Jens Alfke

unread,
Jun 30, 2015, 2:23:51 PM6/30/15
to mobile-c...@googlegroups.com

On Jun 29, 2015, at 5:42 PM, Brendan Duddridge <bren...@gmail.com> wrote:

Do you think this will be possible anytime soon? SQLCipher has a migration system built-in to migrate an unencrypted database to an encrypted database. It's quite straight forward actually:

It’s not a planned feature, but you can file an issue if it’s something you want.

If it won't be implemented in CouchbaseLite, do you think it would be ok to just hit the sqlite file outside of CouchbaseLite and do it myself? Obviously closing the database from CBLManager first before doing that.

If there are attachments, those files will have to be encrypted too. Each attachment file gets encrypted with an AES-256 key derived from the passphrase. You can see the details in the source file CBL_BlobStore.m.

—Jens

Brendan Duddridge

unread,
Jun 30, 2015, 2:44:37 PM6/30/15
to mobile-c...@googlegroups.com
If there are attachments, those files will have to be encrypted too. Each attachment file gets encrypted with an AES-256 key derived from the passphrase. You can see the details in the source file CBL_BlobStore.m.


Ah right. I was thinking about that too. I guess they'd also have to be decrypted as well when you decrypt the database. I'll take a look at that code.

Thanks,

Brendan
Reply all
Reply to author
Forward
0 new messages