iOS file is encrypted or is not a database


#1

Hi all,

We’re using SQLcipher libraries from Couchbase https://github.com/couchbaselabs/couchbase-lite-libsqlcipher in our iOS app.

The version we’re using is v3.4.1 with SQLite 3.19.2 amalgamation.

Everything seemed to be ok most of the time but lately we’re getting constant reports from iPhone X users (different iOS versions affected, from 11.2 to latest) that the chat history (we use sqlcipher to securely store chat history) is always empty.

Digging deeper we noticed that in our app’s logs SQLcipher cannot seem to open the db file.

ERROR Error in creation: file is encrypted or is not a database.

Is this just happening to us or have others been experiencing the same problem?

By the way, I tried searching in case this was already asked but search doesn’t seem to be working.

Thanks


#2

Hello @pdarcos

Thanks for getting in touch. We haven’t had any reports of issues with relation to SQLCipher running on iPhone X devices. Unfortunately there isn’t enough information here to speculate about what might be going on. That error most likely means that the key material provided to open the database is incorrect - depending on how you source that key material (e.g. from Secure Enclave / keychain) that might be one place to start.

I must also mention explicitly that we do not support the Couchbase fork of SQLCipher, either publicly or privately. That fork includes an unverified combination of SQLCipher and SQLite versions (e.g. 3.4.1 and 3.19.2) that appear to be assembled by hand using copy/paste, sometimes featuring an unsupported cryptographic provider, and built using custom scripts. While you are certainly free to use that fork in your applications under SQLCipher’s open source license, you will would need to either support it yourself or request support from Couchbase for any issues.

Alternately, if you are able to provide more details and create a reproducible error scenario in one of the standard SQLCipher distributions (either community or commercial edition) we’d be happy to look into it further.


#3

Hi @sjlombardo,

Thanks for the quick response!

We will try to figure out how we can reliably reproduce in order to try and pinpoint where the problem is occurring.
I know you cannot offer support for the Couchbase fork. The reason we’re using it is because we need support for mbedTLS and I don’t think you offer that, do you?


#4

@pdarcos Great, let us know what you find. If I may ask, why do you have a requirement for mbedTLS? Is there a reason you can’t use the CommonCrypto provider, which is ubiquitous on iOS?


#5

Will do. We need mbedTLS because we use it already in other platforms and it would be a pain to have to use CC in iOS. Not that it’s hard, but it just changes our workflow and is an extra pain we could do without.