Portable encryption library


#1

I got the code to compile using openssl but compiling openssl is a pain in the a… :-), while sqlcipher amalgamation is very easy to consume, once generated.
Have you guys considered using a portable pure C library like “openaes” as a new library option, and get this part of the amalgamation? I bet this is similar to what the SQlite guys do with SEE. It might not be the fastest runtime option, but it would make the SQLCipher integration a lot easier, at least for the first steps. And you still sell the openssl version. From a development effort standpoint, it seems fairly straight forward as the access to the encryption methods is well isolated in SQLCipher.


#2

Hi @priand

SQLCipher has support for 3 different crypto providers at this time,
OpenSSL, CommonCrypto, and libtomcrypt. Integrating a new crypto
provider is fairly straightforward should you wish to use openaes.
Please let us know if you have any further questions. Thanks!


#3

@priand Sorry for the late response, but to build on this thread, it’s worth mentioning that SQLCipher has several additional requirements outside of AES. For example, SQLCipher also requires a strong CSPRNG, SHA1, HMAC-SH1, and PBKDF2 implementation for complete functionality. These requirements wouldn’t be met by a openaes alone, so it probably wouldn’t be suitable as a drop-in provider.