The Basics of SQLCipher for Android
The ToDoCrypt module of the book ’ s primary sample visualize contains its own edition of those classes, plus the whole disturbance app UI that employs them. In addition, this app adds SQLCipher for Android, in case the drug user actually wants to protect those disturbance items.
Adding the Dependency
Zetetic maintains a standard Android AAR artifact, available in Maven Central and its mirrors ( for example, Bintray ’ s JCenter ), using net.zetetic:android-database-sqlcipher as the base Maven coordinates. therefore, ToDoCrypt adds that library to the roll of libraries that it pulls in via the dependencies closing in the faculty ’ second build.gradle file :
execution `` net.zetetic : android-database-sqlcipher:4.4.2 '' Reading: The Basics of SQLCipher for Android
Creating and Applying the Factory
That gives us access to a SupportFactory class. This is an implementation of SupportSQLiteHelper.Factory and serves as the “ glue ” between SQLCipher for Android and clients like Room. The simplest SupportFactory builder takes a byte[] that represents the passphrase for the database. This will be used in two cases :
- If the database does not yet exist, SQLCipher for Android will create one, and this passphrase will be used for encrypting the database
- If the database does exist, SQLCipher for Android will try to open it using this passphrase to decrypt the database
How you get that byte[] for the passphrase is up to you. In this sample, we take a identical easy and identical icky approach : hardcoding it. so, we have a PASSPHRASE changeless and use that in the SupportFactory builder :
box com.commonsware.todo.repo
significance android.content.Context
import androidx.room.Database
meaning androidx.room.Room
consequence androidx.room.RoomDatabase
import androidx.room.TypeConverters
spell net.sqlcipher.database.SupportFactory
secret const val DB_NAME = `` stuff.db ''
secret const val PASSPHRASE = `` sekr1t ''
@ Database ( entities = [ ToDoEntity : : classify ], version = 1 )
@ TypeConverters ( TypeTransmogrifier : : class )
abstract class ToDoDatabase Read more: A Few Thoughts on Cryptographic Engineering
: RoomDatabase ( ) {
abstract fun todoStore ( ) : ToDoEntity. memory
companion object {
fun newInstance ( context : context ) =
room. databaseBuilder ( context, ToDoDatabase : : class. java, DB_NAME )
. openHelperFactory ( SupportFactory ( PASSPHRASE. toByteArray ( ) ) )
. build ( )
}
} We pass that SupportFactory to openHelperFactory() on our RoomDatabase.Builder, and from there, Room will take over and integrate with SQLCipher for Android.
Using the Database
The smasher of the SupportSQLite* kin of APIs is that, for the most part, Room clients neither know nor care about the actual SQLite execution. ToDoEntity and ToDoEntity.Store do not need anything extra for SQLCipher for Android. evening ToDoDatabase has just the change to add that one openHelperFactory() name — nothing else is affected. ToDoRepository and its clients ( for example, viewmodels ) are besides unmoved. so, everything that has been covered to date in the bible good works, with the add improvement of encoding.
Using the Database… Outside the App
To work with a database encrypted by SQLCipher for Android, you will need a client that has SQLCipher compiled in. SQLCipher databases are portable across platforms, barely as SQLite databases are, but plain SQLite clients will not know how to deal with SQLCipher ’ s encoding dodge. so, for example, neither Android Studio ’ s Database Inspector nor the sqlite3 binary that is region of Android itself will be able to work with SQLCipher for Android databases. DB Browser for SQLite, however, does support SQLCipher.