Login/Register
Portable database for storing secrets
Asked Answered
Solved securitysqlitefirebirdportable-database
D

7

4

I'm developing a application that needs storing secrets in a database.

I need a portable database (like Firebird, Sqlite, etc) where the data will be stored encrypted or password protected or both...

Let's take as example that I want create a password manager. I will need store that passwords in a database. I'm accustomed to use Embed Firebird, but not for secret data.

Another solution is to use the database naturally and encrypt the database file when I'm not connected to file, but I'm not sure of the security or performance implications.

What the best method that you recommend?

Differ answered 16/2, 2009 at 23:52 Comment(0)
B
5

There is a project called sqlite-crypt. Which should be your best bet. sqlite db with all data on disk encrypted.

Boling answered 17/2, 2009 at 0:0 Comment(0)
B
6

You could also have a look at SQL Server Compact edition, which only requires a DLL and will store the data in a single file, just like SQLite or Access, Firebird, etc.

It also has encryption capabilities built-in.

Some references:

Password encryption

See my answer to your other question os SO.

Blazonry answered 17/2, 2009 at 2:54 Comment(0)
B
5

There is a project called sqlite-crypt. Which should be your best bet. sqlite db with all data on disk encrypted.

Boling answered 17/2, 2009 at 0:0 Comment(0)
J
3

I agree with CJM, but if you're dead-set on writing your own, you should encrypt the stream at write-time and decrypt it at read-time. Any published algorithm that's somewhat strong should keep things secure.

Judejudea answered 17/2, 2009 at 0:1 Comment(0)
I
3

REALbasic's built-in support for working with encrypted SQLite databases has worked well for me on a couple of projects.

Itinerancy answered 17/2, 2009 at 0:36 Comment(0)
B
3

I highly recommend you check out SQLCipher (full-disclosure, I'm one of the developers!) It's a free and open-source implementation of transparent, page-level encryption for SQLite. The implementation is fairly robust, it's under active development, and it's very easy to use (relatively speaking).

Blackdamp answered 29/6, 2009 at 14:26 Comment(2)
It's nearly some kind of dark magic to get windows binaries of it... No documentation how to build on windows except two strings of text. When you follow them you'll see that it can't be cross-compilled.Observatory
I believe we got you all straightened out on the google group, yes? For anybody else looking for help compiling windows binaries, there's a lot of info and tips published in: groups.google.com/group/sqlcipherBlackdamp
I
2

Honestly? Use TrueCrypt or KeePass.

Indomitable answered 16/2, 2009 at 23:55 Comment(3)
Voted down? WTF? It is the perfect answer to the original question.Indomitable
It wasn't me. I voted you up again, I myself use Keepass for another tasks ;-)Differ
Lol - thanks. I actually use Keepass with in a TrueCrypt volume. My U3 device doesn't work on Server 2008 and U3 isn't really that secure anyway.Indomitable
M
0

I second the suggestion to use KeePass. It's a great store for sensitive data and exposes a pretty good API. Here's an example of how to read a standard Keypass 2 database:

var dbpath = @"C:\path\to\passwords.kdbx";
var masterpw = "Your$uper$tr0ngMst3rP@ssw0rd";

var ioConnInfo = new IOConnectionInfo { Path = dbpath };
var compKey = new CompositeKey();
compKey.AddUserKey(new KcpPassword(masterpw));

var db = new KeePassLib.PwDatabase();
db.Open(ioConnInfo, compKey, null);

var kpdata = from entry in db.RootGroup.GetEntries(true)
                select new
                {
                    Group = entry.ParentGroup.Name,
                    Title = entry.Strings.ReadSafe("Title"),
                    Username = entry.Strings.ReadSafe("UserName"),
                    Password = entry.Strings.ReadSafe("Password"),
                    URL = entry.Strings.ReadSafe("URL"),
                    Notes = entry.Strings.ReadSafe("Notes")

                };                                      
db.Close();
Medicare answered 27/1, 2012 at 3:2 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.