How to implement SQLCipher when using SQLiteOpenHelper

Asked 19/7, 2013 at 19:46 Answered 1/11, 2013 at 12:58

I am trying to secure some sensible data by implementing encryption in my already existing and functioning database setup in an android application.

I tried to follow this tutorial (http://sqlcipher.net/sqlcipher-for-android/) and I browsed a lot of foruns, including the google group for Cipher. However, I still don't clearly understand how does SQLCipher work and how I should adapt my code to serve my needs.

I am following this implementation of databases in android: http://www.vogella.com/articles/AndroidSQLite/#databasetutorial_database, meaning I have an extension of the SQLiteOpenHelper class and another class to store CRUD methods.

In this situation how should I use SQLCipher? Where should I define the password? Where should I use loadLibs(context)? Only in the main activity? Or in every activity that accesses the database?

I feel I'm almost there, I just need the final push to figure this out :P Thanks in advance!

Brassware answered 19/7, 2013 at 19:46 Comment(1)

"Where should I define the password?" - Very good question, the sqlcipher helper creates the db but doesnt seem to have any paramter or anything for password. Got the same issue atm. – Bostow 1/11, 2013 at 12:45

In this situation how should I use SQLCipher?

Exactly like an normal your normal sql implementation.

Where should I define the password?

If you are using SQLiteHelper it will create the database when you first get it like this:

helper.getWriteableDatabase("myPassword");

On the first call it will create the database with this Password. On the upcoing calls it will only work with this password.

( Figured that out when i went to the Source: https://github.com/sqlcipher/android-database-sqlcipher/blob/master/android-database-sqlcipher/src/main/java/net/sqlcipher/database/SQLiteOpenHelper.java, checkout the method getWriteableDatabase( String pw ) there! )

Where should I use loadLibs(context)?

Right before you call helper.getWriteableDatabase("myPassword"); the first time!

Bostow answered 1/11, 2013 at 12:58 Comment(1)

How do we handle app upgrade from plain Content Provider to Encrypted Content provider (using SQLCipher)? My app crashes when I try to upgrade the app with these changes. – Triplet 20/1, 2016 at 10:41

In this situation how should I use SQLCipher?

That is impossible to answer in the abstract. You would use it largely the same way that you use SQLite.

Where should I define the password?

You should get it from the user.

Where should I use loadLibs(context)? Only in the main activity? Or in every activity that accesses the database?

Once per process is sufficient (in fact, more could conceivably be a problem). If you are using a ContentProvider for your SQLCipher database, call loadLibs() in onCreate() of the ContentProvider. If you are using a custom Application, call loadLibs() in onCreate() of the Application.

Touslesmois answered 19/7, 2013 at 20:10 Comment(7)

"That is impossible to answer in the abstract. You would use it largely the same way that you use SQLite." I am asking how to integrate it with SQLiteOpenHelper, not in abstract. But thanks for the rest. – Brassware 19/7, 2013 at 20:56

@JZweige: SQLCipher for Android has its own SQLiteOpenHelper replacement. You would use it largely the same way that you use the SQLiteOpenHelper that is part of standard Android. – Touslesmois 19/7, 2013 at 21:4

So you're saying that the only thing I need to do is to replace the imports and add loadLibs()? Interesting going to try that and do some tests, I'll see how it goes. – Brassware 19/7, 2013 at 22:23

@JZweige: "So you're saying that the only thing I need to do is to replace the imports and add loadLibs()?" -- you will also need to collect a password from the user and use that when you call getReadabaleDatabase() and getWritableDatabase(). Otherwise, yes, it's pretty much a drop-in replacement. – Touslesmois 19/7, 2013 at 22:25

How do we handle app upgrade from plain Content Provider to Encrypted Content provider (using SQLCipher)? My app crashes when I try to upgrade the app with these changes. Fresh install with encryption works good. – Triplet 21/1, 2016 at 12:41

@Kaps: "My app crashes when I try to upgrade the app with these changes" -- then ask a fresh Stack Overflow question, where you provide the Java stack trace associated with the crash, along with the Java code that generates that crash. – Touslesmois 21/1, 2016 at 12:44

@CommonsWare: Have done that, but not getting any resolution from folks, #34898115 – Triplet 21/1, 2016 at 12:47

Recommended topics

Hot tags