不知道如何使用SQLCipher加密数据库

Question

I have included SQLCipher into my project exactly like explained in this link: http://sqlcipher.net/ios-tutorial/

But I am not sure how to encrypt the database I have read description from above link but not getting.
Actually what I am doing is if application is opening first time then it will copy the database(ie without encryption) to the document directory. One more thing my database is blank when copying from bundle to document directory.
I have tried to use sqlite3_key function after opening the database but nothing is encrypted. But I didn't found something like how to encrypt database when copying from bundle to document directory. I am planning to use FMDB so it would be better to reply according to that.
Please guide me how to do that or point to direction if is there any tutorial for it. Also suggest what should be the standard approach to do that.

Answer 1

For those looking for a simple tutorial on how to accomplish this, I was able to create one: http://www.guilmo.com/fmdb-with-sqlcipher-tutorial/

But the most important parts are, Opening your existing DB and attaching a new encrypted one. Then setting the key in your FMDB connections.

SQLCipher - Encrypting the database

// Import sqlite3.h in your AppDelegate
#import <sqlite3.h>

// Set the new encrypted database path to be in the Documents Folder
NSArray *documentPaths = NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES);
NSString *documentDir = [documentPaths objectAtIndex:0];
NSString *ecDB = [documentDir stringByAppendingPathComponent:@"encrypted.sqlite"];

// SQL Query. NOTE THAT DATABASE IS THE FULL PATH NOT ONLY THE NAME
const char* sqlQ = [[NSString stringWithFormat:@"ATTACH DATABASE '%@' AS encrypted KEY 'secretKey';",ecDB] UTF8String];

sqlite3 *unencrypted_DB;    
if (sqlite3_open([self.databasePath UTF8String], &unencrypted_DB) == SQLITE_OK) {

    // Attach empty encrypted database to unencrypted database
    sqlite3_exec(unencrypted_DB, sqlQ, NULL, NULL, NULL);

    // export database
    sqlite3_exec(unencrypted_DB, "SELECT sqlcipher_export('encrypted');", NULL, NULL, NULL);

    // Detach encrypted database
    sqlite3_exec(unencrypted_DB, "DETACH DATABASE encrypted;", NULL, NULL, NULL);

    sqlite3_close(unencrypted_DB);
}
else {
    sqlite3_close(unencrypted_DB);
    NSAssert1(NO, @"Failed to open database with message '%s'.", sqlite3_errmsg(unencrypted_DB));
}

self.databasePath = [documentDir stringByAppendingPathComponent:@"encrypted.sqlite"];

Note that we set 2 parameters in SQL Query, the DATABASE and the KEY. The DATABASE should be the full path to the encrypted database you want to create, in this case, string ecDB, and the KEY parameter is the key that's going to be use to ENCRYPT your database, so choose a strong one

Now on your FMDB functions, call [db setKey:@"strongKey"] after every time you open the db.

// FMDatabase Example
FMDatabase *db = [FMDatabase databaseWithPath:[self getDatabasePath]];
[db open];
[db setKey:@"secretKey"];


// FMDatabaseQueue Exmple
FMDatabaseQueue *queue = [FMDatabaseQueue databaseQueueWithPath:[self getDatabasePath]];

[queue inDatabase:^(FMDatabase *db) {
    [db setKey:@"secretKey"];
    ...
}];

Let me know if you have any questions!

Answer 2

Instructions for this are in the SQLCipher API Page [1] for using sqlcipher_export(), under "Example 1: Encrypt a Plaintext Database"

[1] http://sqlcipher.net/sqlcipher-api/#sqlcipher_export