[Android][Room] Are migrations automatically applied to encrypted database?

We have a current database in production that we want to encrypt in the next version.

Checking some examples looks like we need to call the encrypt database method and add the SupportOpenHelperFactory to the room database.

1- I saw this example cwac-saferoom/saferoom/src/main/java/com/commonsware/cwac/saferoom/SQLCipherUtils.java at master · commonsguy/cwac-saferoom · GitHub (it is an old code) to encrypt the database based in current state. This is still needed? Or will be automatically encrypted the first time?

2 - If we need to add migrations, the migrations will be applied automatically by the SupportOpenHelperFactory or we need to:

  • Decrypt database using the passphrase
  • Apply migrations
  • Encrypt database again

I am not able to found a reasonable answer in the web.

I saw this two post but are confusing about encrypt and migrations.

Thanks in advance

Hi @agustinsivoplas,

Thanks for your interest in SQLCipher. I would recommend encrypting the plaintext SQLite database to SQLCipher before you attempt to interface with the Room API. You can use the sqlcipher_export(...) convenience function [1] to convert from plaintext to SQLCipher. You would then use SupportOpenHelperFactory to allow Room to interface with SQLCipher for Android when performing any database operations.

We don’t generally use the Room API, however, it appears they have some documentation [2] that covers various schema migration approaches based on your needs. SQLCipher for Android doesn’t provide any specific mechanism for managing/apply schema migrations outside of executing SQL statements. Just as with accessing the data stored within a SQLCipher-encrypted database, a password or raw key would need to be provided to the library to in order to execute any SQL command that would modify the schema of the database itself.

  1. SQLCipher API - Full Database Encryption PRAGMAs, Functions, and Settings | Zetetic ↩︎

  2. Migrar o banco de dados do Room  |  Android Developers ↩︎