SQLCipher

[DeadRinger]

Hey group,

so I've been working on adding sqlcipher functionality to Ti's
database module in hopes of making distribution of applications
somewhat more secure (I know that application security is a whole
different topic all together of couse...). One could then package
source files into an encrypted sqlite database and pull them upon app
launch.

Now I know that TiDesk uses the poco C++ libraries for sqlite
communication. Now, my plan is thus to

a) Build the sqlcipher amalgamation files.
b) Replace poco's sqlite with sqlcipher (they are interchangeable as
far as I can see... I might be wrong of course)
c) Add all additional includes as described in cipher's documentation
d) Include cipher operation into TI's database module
e) Build this thing!

Now, I'm by no means an expert... Actually, I've got very little
experience with C++ (more of a C#, Javascript, Python kinda guy), so
this might be a rather misguided attempt haha.

At any rate, I would appreciate some critique of my, for now,
theoretical approach. Has anybody attempted this before?

I'll keep everybody updated for sure!

Cheers

[fairwinds]

The idea is interesting and I have also been working with using a similar approach to place application code inside a database where a key required to interact with it and keep the majority of the logic off the filesystem. I have not studied the sqlite implementation since working with a different data store. I think implementation would be to extend Titanium.Database api with additional parameters to existing sqlite implementation. The parameters would determine appropriate backend. In this case, the existing circumstance remains default while an encrypted store can be specified with additional args to api.

Regards,

David

[DeadRinger]

Hey David,

thats the thought, to expand the API and allow both uses. What type of
store are you using?

Meanwhile, I've been trying to compile this whole thing (POCO
libraries with the sqlcipher replacement) on my Mac Lion and
have been running into the following error (I'm not really sure if
this is an appropriate place to post this in, I do apologize in
advance if it isn't):

Undefined symbols for architecture x86_64:
"_EVP_get_cipherbyname", referenced from:
_sqlcipher_activate in sqlite3.o
_sqlcipher_codec_ctx_set_cipher in sqlite3.o
"_OPENSSL_add_all_algorithms_noconf", referenced from:
_sqlcipher_activate in sqlite3.o
"_RAND_bytes", referenced from:
_sqlcipher_random in sqlite3.o
"_EVP_CIPHER_key_length", referenced from:
_sqlcipher_codec_ctx_set_cipher in sqlite3.o
"_EVP_CIPHER_iv_length", referenced from:
_sqlcipher_codec_ctx_set_cipher in sqlite3.o
"_EVP_CIPHER_block_size", referenced from:
_sqlcipher_codec_ctx_set_cipher in sqlite3.o
"_EVP_sha1", referenced from:
_sqlcipher_codec_ctx_set_cipher in sqlite3.o
_sqlcipher_page_hmac in sqlite3.o
"_EVP_MD_size", referenced from:
_sqlcipher_codec_ctx_set_cipher in sqlite3.o
"_HMAC_CTX_init", referenced from:
_sqlcipher_page_hmac in sqlite3.o
"_HMAC_Init_ex", referenced from:
_sqlcipher_page_hmac in sqlite3.o
"_HMAC_Update", referenced from:
_sqlcipher_page_hmac in sqlite3.o
"_HMAC_Final", referenced from:
_sqlcipher_page_hmac in sqlite3.o
"_HMAC_CTX_cleanup", referenced from:
_sqlcipher_page_hmac in sqlite3.o
"_EVP_CipherInit", referenced from:
_sqlcipher_page_cipher in sqlite3.o
"_EVP_CIPHER_CTX_set_padding", referenced from:
_sqlcipher_page_cipher in sqlite3.o
"_EVP_CipherUpdate", referenced from:
_sqlcipher_page_cipher in sqlite3.o
"_EVP_CipherFinal", referenced from:
_sqlcipher_page_cipher in sqlite3.o
"_EVP_CIPHER_CTX_cleanup", referenced from:
_sqlcipher_page_cipher in sqlite3.o
"_PKCS5_PBKDF2_HMAC_SHA1", referenced from:
_sqlcipher_cipher_ctx_key_derive in sqlite3.o
ld: symbol(s) not found for architecture x86_64

Maybe you or someone else knows what to do here. I'm rather stuck with
this one. I can see its an architecture mismatch, however I don't
understand why, as I have compiled sqlcipher with x86_64 architecture
through xcode as described in their tutorial.

Any help is greatly appreciated!

Cheers,

Chris

[DeadRinger]

Just figured it out. I was incorrectly linking to the lcrypro library.
Will continue working on this and of course I'll keep everyone
updated.

Cheers

[DeadRinger]

Sorry for spamming everyone, but I've eventually succeeded in making
sqlcipher work with poco c++!
Just tested it out (as best as I could), all normal SQLite operations
are working and are non encrypted by default. I've created a test db
which I could write to and I could read from. I could also open the db
in a regular hex editor and was able to see all the information
within.

After that I've deleted the db added the following line:

tmp << "PRAGMA key = 'mysupersecretkey'", now;

and ran the project again. I can still write and read from the
database, however after opening it in the hex editor I can no longer
decipher what is written within. So yeah, great success!

I'm wondering if I should just extend the existing module or if I
should build a new one...
Does anybody know how to build new modules under TiDesk? I've been
googling around but couldn't really find any information apart from
the iOS module guide.

Thanks for the help everyone,

Cheers

[Санжар Жалилов]

Hello!

I sincerely apologize for reviving this dead thread, did anyone succeed in integrating Poco c++ with SQLCipher?

I have tried but still all my test cases fail.

wbr

Kozeol

[Alain Ekambi]

Project is dead. We moved to nw.js.

--
You received this message because you are subscribed to the Google Groups "Titanium Desktop Transition" group.
To unsubscribe from this group and stop receiving emails from it, send an email to titanium-desktop-tr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Sebastián Ramírez]

Check nw.js: https://github.com/nwjs/nw.js
And Github Electron (seems promising): http://electron.atom.io/

To unsubscribe from this group and stop receiving emails from it, send an email to titanium-desktop-transition+unsub...@googlegroups.com.