1 / 22

SQLCipher on Objective-C

SQLCipher on Objective-C. Andrew Craze @ AndrewCr acraze at dxysolutions.com. Agenda. What are SQLite and SQLCipher ? Why not just use Core Data? How do I set up and use SQLCipher ? What other concerns are there?. What is SQLite?. Portable (C) implementation of SQL Open-source

terris
Download Presentation

SQLCipher on Objective-C

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SQLCipher on Objective-C Andrew Craze @AndrewCr acraze at dxysolutions.com

  2. Agenda What are SQLite and SQLCipher? Why not just use Core Data? How do I set up and use SQLCipher? What other concerns are there?

  3. What is SQLite? • Portable (C) implementation of SQL • Open-source • Available on/for: • Mobile: iOS, Android, .NET • Desktop: OSX, Win/.NET, Linux • Web: Ruby, PHP, Python, Java, .NET • Underpins CoreData on iOS

  4. What is SQLCipher? • SQLite extension for encryption • 256-bit secure encryption using OpenSSL • Open source (BSD License) • Pay-support option, binaries, too

  5. SQLite/SQLCipher vs. CoreData CoreData has: Great built-in support Update mechanism Abstraction But, encryption only when entire device is locked

  6. SQLite/SQLCipher vs. CoreData SQLite has: Better data-aggregation & searching Transactions Cross-platform compatibility Strong encryption But, poor object support

  7. Setting up SQLCipher 2 options: buy or build Buy: Cough up $150 Add lib to project (includes OpenSSL) Add header paths Add c flag: SQLITE_HAS_CODEC

  8. Setting up SQLCipher Build: Download or clone sqlcipher Download OpenSSL Download or clone OpenSSL-Xcode Add source path in XCode: OPENSSL_SRC Add the subprojects Add header paths Add c flag: SQLITE_HAS_CODEC

  9. Getting the tools

  10. Setting the Source Path

  11. Setting the Search Path

  12. Setting the C Flags

  13. Using SQLCipher After opening the DB, set the key constchar* key = [@”MyKey123" UTF8String];sqlite3_key(db, key, strlen(key)); or execute this SQL statement PRAGMA key = 'MyKey123'; or with FMDB database.key = @"MyKey123"; (That’s it.)

  14. Unencrypted hexdump

  15. Encrypted hexdump

  16. Using SQLite with FMDB FMDatabase* db = [FMDatabasedatabaseWithPath:path];BOOL fOpened = [db open]; NSString* sql= @"SELECT id, friendlyName FROM Device WHERE serialNumber= ?;”;NSArray* args = [NSArrayarrayWithObjects:serialNumber, nil];FMResultSet* rs = [dbexecuteQuery:sqlwithArgumentsInArray:args]; if ([rs next]) {NSString* friendlyName = [rsstringForColumn:@"friendlyName"]; // …} BOOL fClosed = [db close];

  17. Other issues Distributing the key with the database Performance cost Not compatible with CoreData Pragma for Android compatibility Export restrictions

  18. Compatibility with Android After setting the key, execute NSString* pragmaSql = @"PRAGMA cipher_use_hmac= OFF;”;BOOL fPragmaSucceeded = [ret executeUpdate:pragmaSql];

  19. Export Restrictions You’ll have to answer “Yes” to Crypto App must be reviewed by the Department of Commerce App is a “Mass-market encryption item” Walkthroughs of the process online Not rocket surgery, but it takes time

  20. Handy Reference Links SQLite API (c/c++)http://sqlite.org/c3ref/intro.html FMDB (Obj-C wrapper for SQLite)https://github.com/ccgus/fmdb SQLCipher main pagehttp://sqlcipher.net OpenSSL sourcehttp://www.openssl.org/source/ Nice SQLCipher tutorialhttp://www.mobileorchard.com/tutorial-iphone-sqlite-encryption-with-sqlcipher/ Comparison of CoreData and “Traditional” Databaseshttp://www.cocoawithlove.com/2010/02/differences-between-core-data-and.html Walk-through of export-license processhttp://zetetic.net/blog/2009/08/03/mass-market-encryption-commodity-classification-for-iphone-applications-in-8-easy-steps/and an updatehttp://tigelane.blogspot.com/2011/01/apple-itunes-export-restrictions-on.html

  21. Questions, Maybe Answers Andrew Craze @AndrewCr http://blog.andrewcraze.com acrazeat dxysolutions.com

  22. A Quick Pitch for Speakers You learn something new at least once every week-or-two anyway It’s not that painful 8) It’s the best way I know to get ahead

More Related