How should I apply SQLCipher in my app in Android?

[João Ramos]

I have researched a lot about SQLCipher, both in their page and in this group, but I am still confused about how to implement it in my app. Hopefully, some of you guys could take away some of my doubts.

Currently, I have a standard implementation of SQLite in my app. I am using a SQLiteDatabaseHelper class, where I create the database, upgrade method etc; and DataSource class, where I define basic CRUD (create, read, update and delete) operations related with my app.

My current goal is to set my app to create and operate only in an encrypted database. But I am not quite sure how to do it correctly. Should I place this code:

        SQLiteDatabase.loadLibs(this);
        File databaseFile = getDatabasePath("demo.db");
        databaseFile.mkdirs();
        databaseFile.delete();
        SQLiteDatabase database = SQLiteDatabase.openOrCreateDatabase(databaseFile, "test123", null);

in the SQLiteHelper class, after creating the database? Is this the only thing I've got do? Or am I supposed to mess around with the export() function and convert the plain text database that I am already creating.
Please keep in mind that I just want to make my app protect some sensible data, meaning that I am ok with creating an encrypted database from scratch.

Thanks in advance!

[Nick Parker]

Hi João,

Your Android application can certainly manage creating the encrypted database for you.  In this case, you can change your application to extend net.sqlcipher.database.SQLiteOpenHelper which will take care of creating the database for you, also helping with migrations.  You will still need to call SQLiteDatabase.loadLibs before you perform any database type operation at all though.  We have an article that covers some of the integration aspects of SQLCipher for Android within an application here [1].

1.  http://sqlcipher.net/sqlcipher-for-android/

Nick Parker

--
 
---
You received this message because you are subscribed to the Google Groups "SQLCipher Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sqlcipher+...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[João Ramos]

Thank you for your answer.

I applied the code in my Main Activity, but something is wrong. I think it manages to create the database fine but then, when I restart the application, it just deletes the previous one, with the delete() method. I suspect I need to apply that code in my MySQLiteHelper function, where I actually create the database. Problem is, there is no context there. I have no idea how to execute loadLibs there.

[Nick Parker]

Hi João,

I think you would need to post an example of what you are doing in order for us to help you debug that.  Did you leave the code in you shared before that deletes the database?

Nick Parker

[João Ramos]

Sweet Jesus, SQLCipher is so awesome and simple to use, I was simply overcomplicating things.

I just did 3 things: 1) export the stuff to my project; 2) change the imports to net.sqlcipher etc.; 3) loadLibs in every activity that used the database.

As simple as that, I kept the rest of my code the same! Now I pulled the database from the device and I can't open it: IT'S ENCRYPTED. Hell yeah.

Thank you SO much for your time, Nick.

[Nick Parker]

Hi João,

Glad to hear things are up and running for you!  As a side note, you only need to call SQLiteDatabase.loadLibs once within your application.  The main focus of that function is to load our native extensions into memory, which, during subsequent calls will not do anything once they have loaded.

Nick Parker

Nick Parker

[Rohitesh Dutta]

Hello Nick,

This thread has been quite helpful in understanding how I could use SQLCipher for my Android App. However, I would like to clarify a lingering doubt in my mind, before proceeding. If it sounds repetitive, please excuse me and accept my apologies.

• Currently my app doesn't use any protection for the dB
• The architecture of the app is such that, when it installs fresh, it downloads a bunch of data, and retains it for 3-4 weeks. And everytime the user starts the app, it downloads a small subset of the data, and updates it in the dB
• I will be introducing SQLCipher in the app code, from the new version (latest version)
• When the user upgrades the app, the latest version will use SQLCipher, but the data will still be from the previous version, which means, it will be unencrypted
• So, part of the database will be unencrypted, and part of the database (which is downloaded from server everytime the app is started) will be encrypted
  

So, my question is, will this duality of encryption of the data in the dB, cause a problem?

[Nick Parker]

Hi Rohitesh,

When using SQLCipher, if you key the database providing a passphrase the
entire content of the file is encrypted. Without keying, the content of
the file would behave like a standard SQLite database file, unprotected.

That said, during your upgrade when you implement SQLCipher, you can
attach your existing non-encrypted database and perform an export to
encrypt its content using the sqlcipher_export convenience function. An
specific example of this scenario is example #1 here [1].

1. http://sqlcipher.net/sqlcipher-api/#sqlcipher_export

On 9/11/13 10:56 PM, Rohitesh Dutta wrote:
> Hello Nick,
>
> This thread has been quite helpful in understanding how I could use
> SQLCipher for my Android App. However, I would like to clarify a
> lingering doubt in my mind, before proceeding. If it sounds repetitive,
> please excuse me and accept my apologies.
>

> * Currently my app *doesn't* use any protection for the dB
> * The architecture of the app is such that, when it installs fresh, it

> downloads a bunch of data, and retains it for 3-4 weeks. And
> everytime the user starts the app, it downloads a small subset of
> the data, and updates it in the dB

> * I will be introducing SQLCipher in the app code, from the new
> version (latest version)
> * When the user upgrades the app, the *latest* version will use

> SQLCipher, but the data will still be from the previous version,

> which means, it will be *unencrypted*
> * So, part of the database will be unencrypted, and part of the

> SQLiteDatabase database = SQLiteDatabase.__openOrCreateDatabase(__databaseFile, "test123", null);

>
> |in the SQLiteHelper class, after creating the database? Is this the only thing I've got do? Or am I supposed to mess around with the export() function and convert the plain text database that I am already creating.
>
>
> Please keep in mind that I just want to make my app protect some sensible data, meaning that I am ok with creating an encrypted database from scratch.
>
> Thanks in advance!
>
>
> --
>
> ---
> You received this message because you are subscribed to the
> Google Groups "SQLCipher Users" group.
> To unsubscribe from this group and stop receiving emails from

> it, send an email to sqlcipher+...@googlegroups.com <javascript:>.

> For more options, visit https://groups.google.com/groups/opt_out

> <https://groups.google.com/groups/opt_out>.

>
>
>
>
> --
>
> ---
> You received this message because you are subscribed to the Google
> Groups "SQLCipher Users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to sqlcipher+...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.

--
Nick Parker