SQLite Encrypted Databases

Similar Messages

• SQLite encrypted Database does not get attached Using Adobe Air,Why?

  Hi,
  Any one knows the solution, am trying to attach the encrypted SQLite database adobe air-adobe flex bulder , it does not get attached using sqlconnection.attach throws error, though the given key is correct, but it gets open using sqlconnection.open with the same key, any one knows the solution, how to attach the encrypted data base, since am using two data base one is opened and another must be attached to the existing ,thanks in advance. using adobe air- flex related. i use the following code
                 databaseFile1 = File.applicationStorageDirectory.resolvePath("Sample_1.sqlite");
                 databaseFile2 = File.applicationStorageDirectory.resolvePath("Sample_2.sqlite");
  dbConnection.open(databaseFile1, SQLMode.CREATE, false, 1024, secKey);
  dbConnection.attach("db2",databaseFile2,null,secKey);
  got the following error.
  ERROR #3125 Unable to open the database file.

  And I would say more "this is the issue" !
  It should be possible as it is clearly stated in the doc :
  public function attach(name:String, reference:Object = null, responder:Responder = null, encryptionKey:ByteArray = null):void
  with 
  encryptionKey:ByteArray (default = null) — The encryption key for the database file. If the attach() call creates a database, the database is encrypted and the specified key is used as the encryption key for the database. If the call attaches an existing encrypted database, the value must match the database's encryption key or an error occurs. If the database being attached is not encrypted, or to create an unencrypted database, the value must be null (the default).
  so with a same encryptionkey, I (and this should be the same for FinalTarget) can open the encrypted db but not to attach it... quite strange.

• BTREE - C# Api, Can't encrypt database

  Hi. I've a problem using berkeley api for C#. I'm trying to create an encrypted db.
  That's an example of code I'm trying using:
  BTreeDatabase btreeDB;
  DatabaseEntry key ;
  DatabaseEntry data;
  public void dummy()
  dbo.dbs = dbs;
  String dbFileName = "Messaggi.db";
  BTreeDatabaseConfig cfg = new BTreeDatabaseConfig();
  DatabaseEnvironmentConfig dbCfg = new DatabaseEnvironmentConfig();
  if (File.Exists(dbFileName))
  MessageBox.Show("Elimino il database");
  File.Delete(dbFileName);
  try
  cfg.Creation = CreatePolicy.ALWAYS;
  cfg.Encrypted = true;//?? it's needed?
  cfg.SetEncryption("123456789", EncryptionAlgorithm.DEFAULT);
  btreeDB = BTreeDatabase.Open(dbFileName, cfg);
  catch (BerkeleyDB.DatabaseException dbex)
  Debug.WriteLine(dbex.StackTrace);
  return;
  but it throw that's exception:
  Eccezione first-chance di tipo 'BerkeleyDB.DatabaseException' in libdb_dotnet53.dll
  +'ExportMessages.vshost.exe' (Gestito (v4.0.30319)): caricato 'C:\Windows\Microsoft.Net\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll'+
  in BerkeleyDB.DatabaseException.ThrowException(Int32 err) in D:\work\releases\db-5.3.21\lang\csharp\src\DatabaseException.cs:riga 72
  in BerkeleyDB.Internal.DB.open(DB_TXN txn, String file, String database, DBTYPE type, UInt32 flags, Int32 mode) in D:\work\releases\db-5.3.21\lang\csharp\src\Internal\DB.cs:riga 261
  in BerkeleyDB.BTreeDatabase.Open(String Filename, String DatabaseName, BTreeDatabaseConfig cfg, Transaction txn) in D:\work\releases\db-5.3.21\lang\csharp\src\BTreeDatabase.cs:riga 230
  in BerkeleyDB.BTreeDatabase.Open(String Filename, BTreeDatabaseConfig cfg) in D:\work\releases\db-5.3.21\lang\csharp\src\BTreeDatabase.cs:riga 97
  +in [...]+
  It's my mistake?
  Thank you.
  Massimiliano.

  Hi Massimiliano,
  We had a bug related to encrypting database when using the C# API, bug #18891, but that was fixed in 5.2 (see the entry in the 5.2 change log)
  +Fixed a bug where encryption could not be enabled for individual databases in an encrypted environment. [#18891]+
  , hence the fix is part of Berkeley DB 5.3.21.
  You haven't posted a complete stack trace or a small stand-alone testcase, so I cannot know exactly what is the problem.
  But, here are the rules around using encryption:
  A. When the database is part of an environment
  - you will need to specify the encryption password and encryption algorithm using the DatabaseEnvironmentConfig.SetEncryption() method
  - if you want a database in the environment to be encrypted (using the password and algorithm specified for the environment), you will need to set the DatabaseConfig.Encrypted property to true
  - note that it is an error to try to set an encryption password/algorithm using the DatabaseConfig.SetEncryption() method for a database that is part of an environment, because the database will use the encryption password/algorithm specified for the environment
  - here is a snippet of code showing how to correctly encrypt a database that is part of an environment:
       DatabaseEnvironmentConfig envCfg;
       envCfg = new DatabaseEnvironmentConfig();
       envCfg.Create = true;
       envCfg.UseMPool = true;
       envCfg.SetEncryption("123456789", EncryptionAlgorithm.DEFAULT);
       env = DatabaseEnvironment.Open(envHome, envCfg);
       BTreeDatabaseConfig btreeCfg = new BTreeDatabaseConfig();
       btreeCfg.Creation = CreatePolicy.IF_NEEDED;
       btreeCfg.Env = env;
       btreeCfg.Encrypted = true;
       db = BTreeDatabase.Open(dbName, btreeCfg);
       ...B. When the database is NOT part of an environment
       BTreeDatabaseConfig btreeCfg2 = new BTreeDatabaseConfig();
       btreeCfg2.Creation = CreatePolicy.IF_NEEDED;
       btreeCfg2.Encrypted = true;
       btreeCfg2.SetEncryption("123456789", EncryptionAlgorithm.DEFAULT);
       db2 = BTreeDatabase.Open(db2Name, btreeCfg2);This should clarify things. If not or you have additional questions let me know.
  Regards,
  Andrei

• Help, How to encrypt database exp  backup files?

  Hi all,
  Now, My customer want to encrypt the database backup file. We use exp command backup database, and the backup files can be restored on other servers.
  So, How to encrypt database exp backup files?
  Thanks.
  Eric David.

  Hi;
  In addition to Aman post, please mention your db and OS version,so we can help you more specificly.
  I also suggest please see below googling which mention and explain rman+encrypted backup
  http://www.google.com.tr/#hl=tr&sa=X&ei=dCAtTpuwHMjOswa1gOH3Dw&ved=0CBUQBSgA&q=RMAN%2Bencrypted+backup&spell=1&fp=503f556dbe78c402&biw=1280&bih=797
  Regard
  Helios

• OvD - Database Adapter (connect to encrypted database)

  HI,
  Is it possible to connect OvD to an SQL Server 2005 Database with encrypted data ? We have configured the adapter, but we see the encrypted uid instead of clear text.
  Any help is appreciated.
  Thanks.
  CI

  Sorted this out:
  Used custom URL and made sure that the OVD Manager IDE was not appending any additional information following the closing bracket of the URL.
  The full successful URL was as follows with no values in any of the other fields:
  jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=on)(ADDRESS = (PROTOCOL = TCP)(HOST = host1)(PORT = 1540))(ADDRESS = (PROTOCOL = TCP)(HOST = host2)(PORT = 1540))(CONNECT_DATA=(SERVICE_NAME=SNAME)))

• Encrypting Database settings

  Hello everyone,
  In a custome jsp/servlet led web-application, we either store the jdbc settings like database source, database name, username and password in a xml file or we specify them in the servlet itself.
  I want to know that what I should do or rather can do, to keep it (xml file) secret from everyone else so that no one other than me can know the db settings. Like, can we encrypt them or something like that, so that it is not visible even to other developers .. ??
  thanks

  You could create a library in the form of a JAR that you pass off to the other developers and let them just use it. But, really they could extract the JAR and decompile the classes to see the information. I would say give them a temporary username and password to the db and only allow them to see the data they need to see.
  Normally though, developers have access to the database. If they are to read and write to it you can't really hide data from them - minus using the JAR theory. And that's only if they don't care about seeing it. If they really want to get it, they can.
  Sensitive data should be stored in the production database while developers develop against a development database that has no sensitive data in it. That should solve any problems you have.

• Date Format in Safari's SQLite feed Database?

  Hi,
  I am working on newsfeed visualizations and would like to use Safari's database. However, I run into problems parsing the dates.
  Has anyone figured out the date format in Safari's feed database (located at ~/Library/Syndication/Database3)? It's just large integers, and does not seem to be a standard date or timestamp format. Any hints/clues?
  Would be fantastic!
    Mac OS X (10.4.7)  

  I have recently upgraded my DB to 11.2.0.1 and APEX to 4.0.1 then patched APEX to 4.0.2.00.07. With the upgrades, just like numerous other people, the date format is showing as mm/dd/yyyy in sql workshop tables and sql workshop window for my schema. The applications all still work fine with the previous and preferred date format of dd-mon-rr but trying to test code or export data from sql workshop gives errors when using my old code as my date format is dd-mon-rr.
  Running the following select statement results in different date formats: select * from V$NLS_PARAMETERS
  ...when run in SQL Developer as user RSC result:
  NLS_DATE_FORMAT DD-MON-RR
  ...when run in APEX SQL Workshop as user RSC result:
  NLS_DATE_FORMAT mm/dd/yyyy
  Telling me this is an APEX issue not a DB issue.
  I have searched this forum as well as every other post about this and cannot find anything that solves this issue. If anyone has any ideas how to resolve this issue I would greatly appreciate it as it is terribly disrupting to the APEX work.

• IN operator in sqlite local database

  New to the whole sql world, im building my first database air application.
  I have a database that i'm working with Asynchronously.
  I'm trying to get a sql result that gives me a list of all the entries (rows) that match a predefined list or array.
  I would like to use LIKE but that only returns to me one row in my database.
  I found the operator IN but i'm not getting the desired results
  with this following code
  i get multiple rows results.
  private function Add():void
                  var q:SQLStatement = new SQLStatement();
                  q.text = "SELECT * FROM testdb WHERE Symbol IN ('Apple', 'Orange', 'Cat');
                                 q.sqlConnection = conn;
                  q.addEventListener( SQLEvent.RESULT, Add2);
                  q.addEventListener( SQLErrorEvent.ERROR, queryError );
                  q.execute();
              private function Add2( event:SQLEvent ):void
                  var r:SQLResult = SQLStatement(event.currentTarget).getResult();
                  dg.dataProvider = r.data;
  If i use the LIKE statement then the lettercase of the word doesnt matter but i get only one result in my Datagrid.
  If i try to use a parameter, my ouput is an empty grid.
  if i change to the testArray variable, i receive the same thing.
            public var testString:String = "Orange, Apple, CAT";
            public var testArray:Array = new Array("Orange","Apple", "CAT");
               private function Add():void
                  var q:SQLStatement = new SQLStatement();
                  q.text = "SELECT * FROM testdb WHERE Symbol IN ?";
                  q.parameters[0] = testString;
                  q.sqlConnection = conn;
                  q.addEventListener( SQLEvent.RESULT, Add2);
                  q.addEventListener( SQLErrorEvent.ERROR, queryError );
                  q.execute();
              private function Add2( event:SQLEvent ):void
                  var r:SQLResult = SQLStatement(event.currentTarget).getResult();
                  dg.dataProvider = r.data;
  IS there a way to get the IN operator to work with a parameter calling an array or string?
  IS there a way to get multiple results from a LIKE operator?
  thanks for the help in advance

  The login  you connected to the server  and run the above statement does not have permissions to operate  on this path "C:\Users\ISLLCdba\Desktop\MAA
  PROFILE PICTURES\"
  Best Regards,Uri Dimant SQL Server MVP,
  http://sqlblog.com/blogs/uri_dimant/
  MS SQL optimization: MS SQL Development and Optimization
  MS SQL Consulting:
  Large scale of database and data cleansing
  Remote DBA Services:
  Improves MS SQL Database Performance
  SQL Server Integration Services:
  Business Intelligence

• How to embed SQLite database to Air app?

  Now I connect to a database file like this:
  var dbFile:File = File.applicationStorageDirectory.resolvePath("myDB.db");
  conn = new SQLConnection();
  conn.openAsync(dbFile);
  conn.addEventListener(SQLEvent.OPEN, openSuccess);
  conn.addEventListener(SQLErrorEvent.ERROR, openFailure);
  Tell me please, how do I embed the DB file to the application? I need to have the database inside a swf.

  Here's info on encrypting a database in AIR:
  Creating an encrypted database
  Working with the encrypted local SQLite database
  flash.data.SQLConnection
  Chris

• ADF Mobile: Apple App Store: Encryption Registration Number for Sqlite

  When submitting apps to Apple App Store, you have to declare whether or not your app uses encryption. This is for export compliance reasons. If you answer Yes, you need to provide an Encryption Registration Number (ERN). I assume that since the Sqlite DB in ADF Mobile is encrypted, I need to answer Yes. I've gotten a lot of differing opinions on this, but I'm looking for a definitive answer from either Apple or Oracle. Has anyone been through this already?
  Thanks

  Hi, Mike, here is our response on this question. First thank you for your inquiry around Apple AppStore’s Encryption Export question. The exact question from Apple’s iTunesConnect portal is “Have you added or made changes to encryption features since you last uploaded a binary for this product?”. While we will do our best to suggest an answer based on our understanding of the situation, ultimately any answer that relates to an Apple process or website needs to come from Apple.
  Our understanding of the question is that it pertains to the functionality or features of the application you developed using Oracle ADF Mobile and Apple iOS SDK, not to the capabilities of the development tools nor the framework. Furthermore, the question focus on changes between previous (there may be none) and current version of the application. Therefore, for the following scenarios:
  •     V1– no encrypted database nor secured SSL communication to the backend services.
  o     Based on our understanding of the question, the answer would be “No” as you have not added any encryption feature.
  •     V2 – adds encrypted local database and/or secured SSL communication to backend service
  o     Based on our understanding, the answer would be “Yes” as there are changes in the encryption features
  •     V3 – same database encryption and SSL communication as v2.
  o     Based on our understanding, the answer would be “No” as there is no change in the encryption features between v2 and v3.
  Hope this helps, and please let me know if you have any questions.
  Thanks,
  Joe Huang

• Database encryption supported in Exchange 2013?

  hi,
  according to this: 
  http://technet.microsoft.com/en-us/library/aa998022(v=exchg.80).aspx
  MS doesn't support storing Exchange databases on  EFS volumes.
  Is the recommendation the same for Exchange 2013?
  Is there any support for encrypting databases in an Exchange 2013 environment other than in transit traffic?
  Thanks,
  rudif

  Yes Bitlocker
  http://technet.microsoft.com/en-us/library/ee832792(v=exchg.150).aspx
  Windows BitLocker (volume encryption)
  Windows BitLocker is a data protection feature in Windows Server 2008. BitLocker protects against data theft or exposure on computers that are lost or stolen, and it offers more secure data deletion when computers are decommissioned.
  Supported: All Exchange database and log files.
  Supported: All Exchange database and log files. Windows failover clusters require Windows Server 2008 R2 or Windows Server 2008 R2 SP1 and the following hotfix:
  You cannot enable BitLocker on a disk volume in Windows Server 2008 R2 if the computer is a failover cluster node. Exchange volumes with Bitlocker enabled are not supported on Windows
  failover clusters running earlier versions of Windows.
  For more information about Windows 7 BitLocker encryption, see
  BitLocker Drive Encryption in Windows 7: Frequently Asked Questions.
  Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

• Restroring Encrypted Production database to Encrypted Dev database

  I have a production instance of SQL Server 2008 R2 running Master Data Services encrypted using using a certificate named "MDSCertP" by password "CertP1234".  I have a development instance of SQL Server 2008 R2 running Master Data
  Services encrypted using using a certificate named "MDSCertD" by password "CertD1234".    I've been asked by the the developer to restore a production copy of the MDS database to dev.
  I understand that to restore successfully, I l need to physically copy the certificate (.cer) and private key (.pvk) to the dev server.
  Am I going to kill the dev instance by copying the prod certs?  Is there a better practice to refresh the data on dev?
  Thanks,
  :g

  Hi,
  To restore a encrypted database on another instance, besides the certificate and private key, you also need backup the master key and restore it on the second instance.
  RESTORE MASTER KEY FROM FILE = 'path_to_file'
      DECRYPTION BY PASSWORD = 'password'
      ENCRYPTION BY PASSWORD = 'password'
  [ FORCE ]
  You can refer to the below article for details:
  http://philipflint.com/2011/01/19/how-to-encrypt-a-sql-server-database/comment-page-1/
  BACKUP and RESTORE Statements (Transact-SQL)
  http://msdn.microsoft.com/en-us/library/ff848768.aspx
  Hope it helps.
  Tracy Cai
  TechNet Community Support

• Best practice on sqlite for games?

  Hi Everyone, I'm new to building games/apps, so I apologize if this question is redundant...
  I am developing a couple games for Android/iOS, and was initially using a regular (un-encrypted) sqlite database. I need to populate the database with a lot of info for the games, such as levels, store items, etc. Originally, I was creating the database with SQL Manager (Firefox) and then when I install a game on a device, it would copy that pre-populated database to the device. However, if someone was able to access that app's database, they could feasibly add unlimited coins to their account, unlock every level, etc.
  So I have a few questions:
  First, can someone access that data in an APK/IPA app once downloaded from the app store, or is the method I've been using above secure and good practice?
  Second, is the best solution to go with an encrypted database? I know Adobe Air has the built-in support for that, and I have the perfect article on how to create it (Ten tips for building better Adobe AIR applications | Adobe Developer Connection) but I would like the expert community opinion on this.
  Now, if the answer is to go with encrypted, that's great - but, in doing so, is it possible to still use the copy function at the beginning or do I need to include all of the script to create the database tables and then populate them with everything? That will be quite a bit of script to handle the initial setup, and if the user was to abandon the app halfway through that population, it might mess things up.
  Any thoughts / best practice / recommendations are very appreciated. Thank you!

  I'll just post my own reply to this.
  What I ended up doing, was creating the script that self-creates the database and then populates the tables (as unencrypted... the encryption portion is commented out until store publishing). It's a tremendous amount of code, completely repetitive with the exception of the values I'm entering, but you can't do an insert loop or multi-line insert statement in AIR's SQLite so the best move is to create everything line by line.
  This creates the database, and since it's not encrypted, it can be tested using Firefox's SQLite manager or some other database program. Once you're ready for deployment to the app stores, you simply modify the above set to use encryption instead of the unencrypted method used for testing.
  So far this has worked best for me. If anyone needs some example code, let me know and I can post it.

• Adobe AIR 1.5.1: issue on opening encrypted DB

  Hi all,
  I got a sqlite DB that's encrypted using sqlite3 command line tool:
  sqlite3.exe -key test123Test test.db
  I able to do this encryption because I bought the SEE license.
  And I did test that the encryption does work, I could not view the DB content directly using the DB Admin Tool I have but I could view the content using the sqlite3 command line tool.
  I believe the reason why my DB Admin Tool couldn't work because it doesn't have the SEE license.
  Anyway, I tried to open this with ADOBE AIR and I did make sure passing the encryption key as part of the argument.
  But what I got is an error msg:
  Error message: Error #3125: Unable to open the database file.
  Details: An encryption key cannot be specified when the database is not encrypted.
  So this brings me to this question:
  - What kind of SQLite encryption does ADOBE AIR really supports?
  - Does ADOBE have SEE license?
  Please enlighten me.
  Thx!

  Hi
       I am getting same problem ,, you had find any solution then please post in to this
       and also sqlite expert professioanl not supports this kind of algorithm
       so how can i open the encrypted .db in the browser
  Thanks

• Open encrypted SQL Lite created in flex from other languages

  Hi,
  How open/decrypt encrypted database sqlite from air in other languages as c++,c or java?, Because after encrypt it in flex I can not open it any other languages

  The following example shows how you can restrict which characters a user can enter into a Spark TextInput control by setting the restrict property in Flex 4.
  http://blog.flexexamples.com/2009/04/21/restricting-which-characters-a-user-can-type-in-a- spark-textinput-control-in-flex-gumbo/