Task #31 — SqlCipher backend - encrypted Sqlite3Attached to Project — OpenDBX
Last edited by Norbert Sendetzky (nose) - Monday, 26 Apr 2010, 8:34am
There's an API compatible version of Sqlite3 with "on-the-fly" encryption: http://www.zetetic.net/software/sqlcipher/
The /usr/lib/sqlite3.so may be replaced with this in order to use encrypted database support. Perhaps there is someone able to implement the sqlite3_key(), sqlite3_rekey(), ... functions to a new sqlcipher-backend.
Hope someone will be able to get sqlcipher working correctly with OpenDBX as using 'PRAGMA key="xxx"' leads to some memory leaks, at least what I experienced here on my dev system using valgrind.
It should be possible to hand over the keys using odbx_set_option() and execute sqlite_key() in the odbx_sqlite_bind() method if a key was set. The existing sqlite3 backend can be extended this way (using conditional compilation) without the need of implementing a new backend. Unfortunately, the key is not allowed to contain "zero byte" characters as odbx_set_option() doesn't support an additional size parameter. Also not sure about the sqlite_rekey() function.