Encrypt on linux, decrypt in IOS application issues


#1

Hello

We have an issue SQLCipher and we cannot figure out why it is not working. Basically , our current pipeline is setup in such a way

  1. We build SQLITE DB on mac OS
  2. We encrypt it with SQLCipher on mac OS
  3. we decrypt it in IOS app

Now, what we are trying to change is to move step 1 and 2 to linux machines. I was able to install everything on ubuntu image and tried to encrypt DB(which was created on Mac OS) on ubuntu with using raw queries:

sqlite> ATTACH DATABASE ‘encrypted.db’ AS encrypted KEY ‘testkey’;
sqlite> SELECT sqlcipher_export(‘encrypted’);

sqlite> DETACH DATABASE encrypted;
sqlite> .exit

I was able to encrypt it and to decrypt it if I am using raw queries. Everything works fine. But I cannot decrypt
encrypted database in IOS application. It is just returning error 26 file is encrypted or not a database. I tried to use both sqlite3_key and “PRAGMA key = ‘xxx’”, but it is still returning the same error…Could it be something related to OS? darwin vs linux? I spent 2 days on that, but I cant find any clue… Any help will be greatly appreciated

UPDATE 1 :
I noticed that our IOS app is using very old cipher version - 2.0.6, while on Ubuntu I have 3.4.0


#2

Hi @Alizons_Nematovs

What versions of SQLCipher are being used on both the Linux and iOS side? You can determine this by executing the following command:

PRAGMA cipher_version;

Were there any runtime configuration changes made when creating the database (e.g., kdf_iter, cipher, cipher_use_hmac, etc)?


#3

Hi @developernotes,

Thank you for the prompt response!
We didnt do any runtime config changes in my knowledge.
IOS app has cipher version 2.0.6 and yesterday I was able to download and compile the same old version on Linux machine from https://github.com/sqlcipher/sqlcipher/releases/tag/v2.0.6. Both sqlite3 version and SQLCipher
versions are identical now on IOS and Linux

Please see below code from ios app, perhaps it will help you to understand why it is not working

Open database:

int err = sqlite3_open((_databasePath ? [_databasePath fileSystemRepresentation] : “:memory:”), &_db );

Setting pragma key:

int rc = sqlite3_key(_db, [key UTF8String], (int)strlen([key UTF8String]));

Making queries:

rc = sqlite3_prepare_v2(_db, [sql UTF8String], -1, &pStmt, 0);

First query we are making after DB is opened and key is set is “PRAGMA integrity_check”.
Thank you!


#4

I think we sorted that out. Apparently it was a version mismatch. We had another sqlite version installed on linux machine, so once we got rid of that sqlite cipher and sqlite versions are matching now and it is working fine. Apologies, and thank you for your reponse

P.S. Can be useful for someone - if you are using old version of SQLCipher, like 2.0.6. you will notice that there is no sqlcipher executable after make is done. sqlcipher is bundled inside sqlite3, so use sqlite3 instead.