Sqlcipher encrypt export with byte array password

eternalblue · January 25, 2021, 7:31am

This is database encryption example in github
(sqlcipher-android-tests/ImportUnencryptedDatabaseTest.java at master · sqlcipher/sqlcipher-android-tests · GitHub)

database = SQLiteDatabase.openOrCreateDatabase(unencryptedDatabase, “”, null);
database.rawExecSQL(String.format(“ATTACH DATABASE ‘%s’ AS encrypted KEY ‘%s’”,
encryptedDatabase.getAbsolutePath(), ZeteticApplication.DATABASE_PASSWORD));
database.rawExecSQL(“select sqlcipher_export(‘encrypted’)”);
database.rawExecSQL(“DETACH DATABASE encrypted”);
database.close();

after that, I cannot open with same password.
Because there’s difference between byte array password and converted string.
rawExecSQL using only string format.

If I open database like below, it opened. (byte password)

SQLiteDatabase db = SQLiteDatabase.openOrCreateDatabase(sourceDbFile.getAbsolutePath(), “”, null);
destDbFile.getAbsolutePath().length()-3);
db.rawExecSQL(String.format(“ATTACH DATABASE ‘%s’ AS encrypted KEY ‘%s’;”, destDbFile.getAbsolutePath(), password));
db.rawExecSQL(“SELECT sqlcipher_export(‘encrypted’)”);
db.rawExecSQL(“DETACH DATABASE encrypted;”);
db.close();

db.SQLiteDatabase.openOrCreateDatabase(destDbFile, String.valueOf(password), null)

Is there another way to passing byte array parameter?

developernotes · January 25, 2021, 2:11pm

Hi @eternalblue

You can use the ? within the string for binding parameter values. Would you give that a try?

eternalblue · January 26, 2021, 12:28am

Thanks for reply.
I just want to bind parameter by byte array value like below.

(byte password)
db.rawExecSQL(String.format(“ATTACH DATABASE ‘%s’ AS encrypted KEY ‘%s’;”, destDbFile.getAbsolutePath(), password));

getWritableDatabse, getReadableDatabase API can get byte array value,
but there’s no way to passing byte array when sqlcipher_export query.

developernotes · January 26, 2021, 8:13pm

Hi @eternalblue

You can use execSQL(...) to pass an Object[] for your parameters. You can do that in conjunction with using the ? operator within your SQL statement itself.

developernotes · January 26, 2021, 10:09pm

Hi @eternalblue

I just wanted to call attention to some of our guidance around keying a database, please make sure you are using a valid UTF-8 sequence of key material when opting for a byte array.

Topic		Replies	Views
Passing a byte array passphrase to SQLCipher via Java SQLCipher	4	1220	June 7, 2019
Encrypt database SQLCipher	4	1424	August 19, 2016
Feature Request: rawExecSql(char[]) or rawExecSQL(String, Object[]) SQLCipher	4	860	December 8, 2018
SQLCipher Android (Data Migration from unencrypted DB to encrypted one...) SQLCipher	5	6894	September 3, 2015
Fail to open database after encryption in Android SQLCipher	3	3525	March 23, 2018

Sqlcipher encrypt export with byte array password

Related Topics