SQLCipher icon

SQLCipher For Linux

  n/a
BSD License    

Description

changelog

Free Download

SQLCipher provides you with a fully-encrypted SQLite database. It’s fast, especially with transactions and indexes; you generally will only see a 5% performance hit. No unencrypted data is written to disk, SQLite’s page caching allows for decrypted pages to be stored in memory.

The SQLCipher program relies on the peer-reviewed OpenSSL library for several encryption requirements including the AES-256 algorithm, pseudo random number generation, and PBKDF2 key derivation.

Building SQLCipher is almost the same as compiling a regular version of SQLite with two small exceptions:

1. You must define SQLITE_HAS_CODEC  2. You need to link against OpenSSL’s libcrypto with sha256 support compiled in

Compiling with static linking: (replace /opt/local/lib with the path to libcrypto.a)  ./configure CFLAGS="-DSQLITE_HAS_CODEC" LDFLAGS="/opt/local/lib/libcrypto.a"  make

Compiling with dynamic linking:

 ./configure CFLAGS="-DSQLITE_HAS_CODEC -lcrypto"  make

To specify an encryption passphrase for the database you can use a pragma. The passphrase you enter is hashed using sha256 and the result is used as the encryption key for the database.

PRAGMA key = 'passphrase';

Alternately, you can specify an exact byte sequence using a blob literal. If you use this method it is your responsibility to ensure that the data you provide a 64 character hex string, which will be converted directly to 32 bytes (256 bits) of key data.

PRAGMA key = "x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'"; To re-key a database, the PRAGMA rekey is implemented:

PRAGMA rekey = 'newpassphrase';

To encrypt a database programatically you can use the sqlite3_key function. The data provided in pKey is converted to an encryption key according to the same rules as PRAGMA key.

int sqlite3_key(sqlite3 *db, const void *pKey, int nKey);

PRAGMA key or sqlite3_key should be called as the first operation when a database is open.

What's new in SQLCipher 1.1.8:

  • This release fixes a bug that could cause SQLCipher to report an error opening a valid database when a specific section of the encrypted header contained certain values.
  • It is strongly recommended that all users upgrade to the latest version.
  • The new SQLCipher version should be a drop-in replacement for previous releases.
Read the full changelog
User Comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy

SQLCipher 1.1.8

add to watchlist add to download basket send us an update REPORT
  runs on:
Linux
  main category:
Security
  developer:
  visit homepage