I'm using System.Data.SQLite to create an encrypted SQLite database in a WPF project. The encryption is done by providing a password in the connection string just like this one:
new SQLiteConnection("Data Source=database.sqlite;Password=123456;Version=3;New=false;Compress=True;);
This works well but since the database is encrypted now I'm not able to open it anymore with tools like DB Browser for SQLite or SQLiteStudio. SQLite Studio offers the possibility to open a database of type SQLCipher but I'm struggling to provide the correct settings for my database to open.
Does anybody know how to open an encrypted SQLite database, so I can inspect the data in it?
I was the same problem with SQLiteStudio, in my case, I resolved using the following configuration for SQLChiper:
PRAGMA kdf_iter = '64000';
PRAGMA cipher_page_size = 1024;
PRAGMA cipher_hmac_algorithm = HMAC_SHA1;
PRAGMA cipher_default_kdf_algorithm = PBKDF2_HMAC_SHA1;
On the SQLiteStudio would be like:
For extra configuration or other possible parameters, you could visit the following link https://www.zetetic.net/sqlcipher/sqlcipher-api/
Related
I am writing a Windows VCL desktop using c++ builder. The app uses Firedac and a SQLite database.
I want to protect this SQLite database:
Only my vcl app can connect to it and use it
Other programs and people cannot use the SQLite file
So far I found that the easiest thing that I can do is Encryption, you make it so that anybody without a correct password gets a message like "This file is not a database" if he tries to open it.
Yes we can do this with Embarcadero VCL, doc. using a TFDSQLiteSecurity component and these lines :
FDSQLiteSecurity1->Password = "";/* we are protecting (encrypting) our uncyphered database*/
FDSQLiteSecurity1->ToPassword = 'newpassword';
FDSQLiteSecurity1->ChangePassword();
Unfortunately the VCL Firedac app cannot connect to an encrypted sqlite database so it must decrypt it first.
In order to make things work my program starts and decrypts the database ( removes password) then it connects to the database and use it. When finished I recrypt the database again (when closing app).
THE PROBLEM:
During this time (My program is up and running and the database in uncrypted) can I stop other programs from opening the SQLITE database? Is there a better approach, I am opened for any suggestion
Once it is encrypted by FireDac just set the appropriate properties on the FDConnection. Those would be password to the password and encrypt to the encryption method.
Firedac can open a SQLite database it has encrypted itself so the problem resolves itself by doing that as a better approach. Other programs only see the encrypted version on disk and can't open it without the password.
I'm create SQLite databse with DB Browser for SQLite (non encrypted) and open with FireDAC in delphi.(Can retrive data Eg. Select * from abc).
How encrypt this SQLite database with FireDAC? When enter username, password and encrypt get message "Cipher DB is not encrypdet"
Note:
When create SQLite database from Delphi FireDac I can use encryption!
To encrypt a database, use a TFDSQLiteSecurity Component. You'll also need a TFDSQLitePhysSQLiteDriverLink component to go along with it.
If a database is unencrypted, then its password is ''. So use '' as the OldPassword and create the new password in that case. Passwords are formatted as algorithm:PassPhrase. See documentation on the choices, I use aes-256. Also, the database needs to be closed when you do this.
...
//Change password
FDSQLiteSecurity1.Password := OldPassword;
FDSQLiteSecurity1.ToPassword := NewPassword; // example: 'aes-256:mypassword123'
FDSQLiteSecurity1.ChangePassword;
...
//Remove Password
FDSQLiteSecurity1.Password := OldPassword;
FDSQLiteSecurity1.ToPassword := '';
FDSQLiteSecurity1.RemovePassword;
...
From the Documentation
SQLite Encrypted Database
Approach
One of the distinctive SQLite
features is the high-speed strong database encryption. It allows you
to make database file content confidential and enforce integrity
control on the database file. The encrypted database format is not
compatible with other similar SQLite encryption extensions. This means
that you cannot use an encrypted database, encrypted with non-FireDAC
libraries. If you need to do this, then you have to decrypt a database
with an original tool and encrypt it with FireDAC.
Recent Delphi versions come with an example project for working with encryption on Sqlite databases, see this documentation. I have not used this myself, btw.
It includes this section
Encrypt DB
Encrypt: Encrypts the database according to the Encryption mode and the password provided.
The sampe uses TFDSQLiteSecurity.SetPassword to encrypt the database with the password provided.
The database password is the combination of <encryption algorythm>:<password>.
I have faced several challenges when first time tried to encrypt SQLite database for use with Embarcadero FireDAC. Also all information is published by Embarcadero question pops up again and again on different forums. My case was solved based on community support, but when time has permitted simple Delphi application was assembled and available on Sourceforge. Hope it will make encryption/decryption slightly easier particularly for the newbie
https://sourceforge.net/projects/sqlite-sequrity-for-delphi/
I have a sqlite database in my UWP app. On the very first launch of my app, I create the database and set it up with all the tables and stuff. I play around with the app and generate some data just fine. But when I close and relaunch the app, it starts giving me 'file is encrypted or is not a database' error while trying to execute any query.
I am using sqlite3.dll v3.12.0 and here is my pragma key statement (with an example encryption key):
"PRAGMA key='aes256:66zk4rsKBIfSJ4vhF1XkzFxzrznOhjjnotuHRdKADIg='"
I verified, on second launch, the encryption key is being used to run the pragma key statement.
Edit: It looks like the encryption went just fine. Because, when I use a tool like SQLite Manager and provide the same key, it opens the db just fine.
I think what might be happening to you Is that you use to have a previous library of SQLite working with encryption working properly like I did.
<SDKReference Include="SQLite.UAP.2015, Version=3.10.2">
<Name>SQLite for Universal App Platform</Name>
</SDKReference>
And since you updated the library to v3.12.0 the PRAGMA key in this version did not work hence not being able to enter to the previous encrypted DB.
I'm trying to rebuild the link to that version but is hard: "SQLite.UAP.2015, Version=3.10.2"
I have an Adobe Air SQLite db in my application. I was wondering if there was anyway for me to test for corruption provided the db opens ? PRAGMA statements aren't allowed, so that is out of the question.
PRAGMA integrity_check is the only reasonable method.
You could try to read all data from the DB, but this will not find all errors.
I have a sqlite database that I want to open using sqlite3.exe. Now I get an error when I try to make queries, saying "file is encrypted or is not a database". This may seem stupid but I've been looking around on internet and I just don't find how to supply a password (or key) to sqlite3.exe to decrypt the database. The -help option or .help command of sqlite3.exe don't show anything to do that... Is it possible to do that, and if so how can I do it?
It is unlikely that the database would be encrypted, unless you have a reason to believe it is. Are you able to open the database at all, or are you getting this error once you issue some SQL query? If it's the former, your file is probably either not an sqlite db to begin with, or it is corrupted; if it's the latter, please check the integrity of your db with:
pragma integrity_check;
See http://www.sqlite.org/pragma.html#pragma_integrity_check for more info about this pragma.
In any case, unless your db is really encrypted (which sqlite does not support natively), your db is probably unusable.
SQLite reports that error when you pass it a file which is either not actually a SQLite database, or alternatively has been corrupted. There are several SQLite addons to support encryption, but other than that SQLite doesn't have encryption.
It can also happen when you try and open a SQLite v3 database with SQLite v2 (and possibly for other version mismatches).
Assuming you have experienced corruption (and not just passing the wrong file, or using the wrong version of SQLite), you may want to check the PRAGMA synchronous settings you're using, and also review the list of fixed data-corrupting bugs.
Checkout this this forum here. The guy had the same question as you. The thing is that there is not any form of protection offered as a standard package in sqlite3 API, but you can try System.Data.SQLite. These are the codes posted on the forum:
#include <SQLite.au3> don't include sqlite.dll.au3 !!!
_SQLite_Startup ("System.Data.SQLite.dll")
ConsoleWrite(_SQLite_LibVersion() & #LF)
_SQLite_Open("testcrypt.db")
_SQLite_Exec(-1, "pragma key = 'Radu is happy!';create table if not exists test (id integer, val text);" & _
"insert into test values (1, 'abc');")
Local $row
_SQLite_QuerySingleRow(-1, "select * from test;", $row)
ConsoleWrite($row[1] & #LF)
_SQLite_Close()
_SQLite_Shutdown()
hope that helps.