Answer the question
In order to leave comments, you need to log in
SQLite3 database encryption
Greetings!
In php, the SQLite3 database opening function has an encryption_key parameter. There is no such parameter in
C.
Great Google says that encryption in C/C++ etc. is done by third party, often not free for commercial use, libraries.
Questions:
1. What algorithm is used in PHP and how well is it encrypted? I understand that you can see the PHP sources, but I'm afraid this is beyond my understanding.
2. Can a database encrypted in PHP be opened in C/C++ and how?
3. Do I understand correctly that encryption with your own algorithm is possible through create_function , or update_hook , or even vfs ?
Answer the question
In order to leave comments, you need to log in
Since it is unrealistic to get money for libraries in our office, I implemented my bike with encryption using vfs.
Used page-by-page RCA encryption. The key was generated on the fly based on the passphrase.
Inside vfs, encryption is carried out on all pages except the first one. Because the sqlite engine calls it very often to lock/unlock the database file.
Then I added an exception for log files, I don’t need to encrypt them.
If the hands are not crooked - work 2 days + tests to automate for your task.
My database is not loaded and the overall performance of the application has fallen within the measurement errors.
Z.Y. And yet - to detect that the database is encrypted on the first page of the database file, I insert a label into the unused part of the database header.
And what in the php source codes it is impossible to look at answers to questions chtol?
Using the function, you can only encrypt individual fields in the database.
Moreover, this function will have to be inserted into all requests that use encrypted fields. Not very comfortable.
True, with encryption of the entire database, there are some disadvantages:
- the overhead for encrypting any service information (it would be possible not to do it)
- in case of damage to the database, the entire database can be thrown out.
But in my case, these disadvantages are not significant.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question