# wxSQLite3 encryption extension for SQLite3
This document describes the SQLite3 encryption extension provided by wxSQLite3. The document is work in progress and still incomplete.
## Table of contents
- [Installation](#installation)
- [General](#general)
- [wxMSW](#wxmsw)
- [wxGTK](#wxgtk)
- [Supported ciphers](#ciphers)
- [wxSQLite3: AES 128 Bit CBC - No HMAC](#cipher_aes128cbc)
- [wxSQLite3: AES 256 Bit CBC - No HMAC](#cipher_aes256cbc)
- [sqleet: ChaCha20 - Poly1305 HMAC](#cipher_chacha20)
- [SQLCipher: AES 256 Bit CBC - SHA1/SHA256/SHA512 HMAC](#cipher_sqlcipher)
- [Legacy cipher modes](#legacy)
- [Encryption API](#encryptionapi)
- [Overview](#encryption_overview)
- [`sqlite3_key()` and `sqlite3_key_v2()`](#encryption_key)
- [`sqlite3_rekey()` and `sqlite3_rekey_v2()`](#encryption_rekey)
- [`wxsqlite3_config()`](#encryption_config)
- [`wxsqlite3_config_cipher()`](#encryption_config_cipher)
- [`wxsqlite3_codec_data()`](#encryption_codec_data)
- [SQL interface](#encryption_sql)
- [URI parameters](#encryption_uri)
- [SQLite3 Backup API](#backupapi)
## <a name="installation" />Installation
The build system is based on [Premake5](http://premake.github.io/). Premake 5.0-alpha14 or higher is recommended.
Ready to use project files are provided for Visual C++ 2010, 2012, 2013, 2015, 2017, and 2019. Additionally, GNU Makefiles are provided supporting for example TDM-GCC MinGW.
For Visual Studio 2010+ solutions it is possible to customize the build by creating a `wx_local.props` file in the build directory which is used, if it exists, by the projects. The settings in that file override the default values for the properties. The typical way to make the file is to copy `wx_setup.props` to `wx_local.props` and then edit locally.
For GNU Makefiles the file `config.gcc` serves the same purpose as the file wx_setup.props for Visual C++ projects.
The customization files `wx_setup.props` resp. `config.gcc` allow to customize certain settings like for example the version number and the root directory of the wxWidgets library.
### <a name="general" />General
This implementation of the SQLite encryption support uses internally an adjusted version of the SQLite function `sqlite3RunVacuum` when rekeying a database. New versions of SQLite may change the implementation of this function. Therefore it is strongly recommended to regenerate the source file `rekeyvacuum.c` containing the adjusted implementation, whenever the SQLite version is updated. For this purposes the script `rekeyvacuum.sh` can be used. This script has been adopted from [sqleet](https://github.com/resilar/sqleet). Simply run `../rekeyvacuum.sh sqlite3.c >rekeyvacuum.c` from directory `sqlite3secure/src`. On Windows platforms one can use for example the __Git Bash__ coming with [Git for Windows](https://gitforwindows.org).
Occasionally, the signature of function `sqlite3RunVaccum` changes. If that should be the case the code invoking the adjusted function needs to be adjusted as well.
### <a name="wxmsw" />wxMSW
When building on Win32 or Win64, you can use the makefiles or one of the Microsoft Visual Studio solution files in the `build` folder.
For Visual C++ the debugging properties are set up in such a way that debugging the sample applications should work right out of the box. For release builds you may need to copy the wxSQLite3 DLL or add the `lib` folder path to the Windows search path (PATH environment variable).
The SQLite3 library is now compiled as an integrated part of wxSQLite3. The advantage is that SQLite3 and wxSQLite3 are always compiled with matching configuration options. Additionally, the SQLite3 encryption extension is automatically enabled, too.
A precompiled SQLite shell program supporting encrypted databases is provided as a separate download. Use
```
PRAGMA KEY="encryption key";
```
to create or open an encrypted database. Use
```
ATTACH DATABASE x AS y KEY z;
```
to attach an encrypted database.
### <a name="wxgtk" />wxGTK
When building on an autoconf-based system (like Linux/GNU-based systems), the first setup is to recreate the configure script doing:
```
autoreconf
```
Thereafter you should create a build directory
```
mkdir build-gtk [or any other suitable name]
cd build-gtk
../configure [here you should use the same flags you used to configure wxWidgets]
make
```
Type `../configure --help` for more info.
The autoconf-based system also supports a `make install` target which builds the library and then copies the headers of the component to `/usr/local/include` and the lib to `/usr/local/lib`.
## <a name="ciphers" />Supported ciphers
The following ciphers are currently supported by **wxSQLite3**:
- [AES 128 Bit CBC - No HMAC (wxSQLite3)](#cipher_aes128cbc)
- [AES 256 Bit CBC - No HMAC (wxSQLite3)](#cipher_aes256cbc)
- [ChaCha20 - Poly1305 HMAC (sqleet)](#cipher_chacha20)
- [AES 256 Bit CBC - SHA1/SHA256/SHA512 HMAC (SQLCipher)](#cipher_sqlcipher)
Definition of abbreviations:
- AES = Advanced Encryption Standard (Rijndael algorithm)
- CBC = Cipher Block Chaining mode
- HMAC = Hash Message Authentication Code
- ChaCha20 = symmetric stream cipher developed by Daniel J. Bernstein
- Poly1305 = cryptographic message authentication code (MAC) developed by Daniel J. Bernstein
- SHA1 = Secure Hash Algorithm 1
- SHA256 = Secure Hash Algorithm 2 (256 bit hash)
- SHA512 = Secure Hash Algorithm 2 (512 bit hash)
### <a name="cipher_aes128cbc"/>wxSQLite3: AES 128 Bit CBC - No HMAC
This cipher was added to **wxSQLite3** in 2007 as the first supported encryption scheme. It is a 128 bit AES encryption in CBC mode.
The encryption key is derived from the passphrase according to the algorithm described in the PDF specification (using the MD5 hash function and the RC4 algorithm).
The initial vector for the encryption of each database page is derived from the page number.
The cipher does not use a HMAC, and requires therefore no reserved bytes per database page.
The following table lists all parameters related to this cipher that can be set before activating database encryption.
| Parameter | Default | Min | Max | Description |
| :--- | :---: | :---: | :---: | :--- |
| `legacy` | 0 | 0 | 1 | Boolean flag whether the legacy mode should be used |
| `legacy_page_size` | 0 | 0 | 65536 | Page size to use in legacy mode, 0 = default SQLite page size |
**Note**: It is not recommended to use _legacy_ mode for encrypting new databases. It is supported for compatibility reasons only, so that databases that were encrypted in _legacy_ mode can be accessed.
### <a name="cipher_aes256cbc"/>wxSQLite3: AES 256 Bit CBC - No HMAC
This cipher was added to **wxSQLite3** in 2010. It is a 256 bit AES encryption in CBC mode.
The encryption key is derived from the passphrase using an SHA256 hash function.
The initial vector for the encryption of each database page is derived from the page number.
The cipher does not use a Hash Message Authentication Code (HMAC), and requires therefore no reserved bytes per database page.
The following table lists all parameters related to this cipher that can be set before activating database encryption.
| Parameter | Default | Min | Max | Description |
| :--- | :---: | :---: | :---: | :--- |
| `kdf_iter` | 4001 | 1 | | Number of iterations for the key derivation function
| `legacy` | 0 | 0 | 1 | Boolean flag whether the legacy mode should be used |
| `legacy_page_size` | 0 | 0 | 65536 | Page size to use in legacy mode, 0 = default SQLite page size |
**Note**: It is not recommended to use _legacy_ mode for encrypting new databases. It is supported for compatibility reasons only, so that databases that were encrypted in _legacy_ mode can be accessed.
### <a name="cipher_chacha20"/>sqleet: ChaCha20 - Poly1305 HMAC
This cipher was introduced for SQLite database encryption by the project [sqleet](https://github.com/resilar/sqleet) in 2017.
The Internet Engineering Task Force (IETF) officially standardized
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
sqlite3易语言支持库和模块,esqlite3 V1.1 相对于1.0的更新;1、增加了全局命令: S3互斥体进入 S3互斥体退出 S3聚合上下文 S3取数据库自上下文;2、增加了zySqlite数据库 命令 繁忙超时 繁忙处理 取文件名 是否只读 取互斥体 是否自动提交 进度处理 取下一记录集 取总影响行;3、增加了 zySqlite记录集 命令 是否繁忙 是否只读 取数据库句柄 取行数;4、数据库.开始事务() 增加了 事务锁状态 参数,此参数在多线程中非常重要。5、记录集必须手动关闭,任何内部方法都不再自动关闭。6、增加 数据库.附加数据库() 的密码参数;7、增加 数据库.取记录集多个() 支持分号分割的SQL语句, 并获取所有相应的记录集
资源推荐
资源详情
资源评论
收起资源包目录
sqlite3易语言支持库和模块,相对于1.0的更新 (413个子文件)
configure.ac 3KB
configure.ac 2KB
Makefile.am 4KB
Makefile.am 4KB
appveyor.bat 289B
appveyor-test.bat 253B
sqlite3.c 7.58MB
shell.c 575KB
rijndael.c 100KB
codec.c 85KB
extensionfunctions.c 52KB
sha2.c 33KB
csv.c 28KB
fileio.c 28KB
regexp.c 23KB
shathree.c 20KB
fastpbkdf2.c 20KB
codecext.c 18KB
series.c 13KB
carray.c 12KB
userauth.c 12KB
rekeyvacuum.c 11KB
chacha20poly1305.c 10KB
sqlite3secure.c 10KB
sha1.c 9KB
md5.c 9KB
test_windirent.c 5KB
compile 7KB
applicationhost.config 82KB
wxsqlite3.cpp 168KB
esqlite3.cpp 126KB
minimal.cpp 30KB
foldertree.cpp 24KB
treeviewsample.cpp 21KB
mem.cpp 14KB
projectlist.cpp 11KB
untshare.cpp 7KB
container.cpp 7KB
fnshare.cpp 5KB
treeviewapp.cpp 5KB
helper.cpp 4KB
test.csv 221B
test.csv 221B
test.csv 221B
Solution.VC.db 1.46MB
sqlcipher-2.0-beta-testkey.db 1011KB
sqlcipher-3.0-testkey.db 1000KB
sqlcipher-2.0-le-testkey.db 1000KB
sqlcipher-2.0-be-testkey.db 1000KB
sqlcipher-1.1.8-testkey.db 990KB
sqlcipher-4.0-testkey.db 956KB
Solution.VC.db 668KB
测试库.db 64KB
sm.db 12KB
test2.db 11KB
test.DB 11KB
test2.db 11KB
sqlite3.def 6KB
esqlite3.def 29B
depcomp 23KB
sqlite3.dll 1.3MB
sqlite3.dll 988KB
sqlite3.dll 988KB
sqlite3.dll 988KB
Doxyfile 109KB
zySqlite3.35.5.e 132KB
zySqlite3.30.1.e 132KB
例程(模块版).e 63KB
多线程测试(模块版).e 58KB
例程(模块版).e 57KB
多线程测试(支持库版).e 24KB
例程(支持库版).e 22KB
zySQLite3.ec 114KB
zySQLite3.ec 114KB
KbbSqliteManage3.20.1.exe 1.67MB
sqlite3.exp 43KB
wxsqlite3_vc10_wxsqlite3.vcxproj.filters 3KB
wxsqlite3_vc14_wxsqlite3.vcxproj.filters 3KB
wxsqlite3_vc12_wxsqlite3.vcxproj.filters 3KB
wxsqlite3_vc15_wxsqlite3.vcxproj.filters 3KB
wxsqlite3_vc11_wxsqlite3.vcxproj.filters 3KB
wxsqlite3_vc16_wxsqlite3.vcxproj.filters 3KB
SQLite3Secure_vc12_dll.vcxproj.filters 2KB
SQLite3Secure_vc10_dll.vcxproj.filters 2KB
SQLite3Secure_vc15_dllicu.vcxproj.filters 2KB
SQLite3Secure_vc15_dll.vcxproj.filters 2KB
SQLite3Secure_vc10_dllicu.vcxproj.filters 2KB
SQLite3Secure_vc14_dllicu.vcxproj.filters 2KB
SQLite3Secure_vc11_dllicu.vcxproj.filters 2KB
SQLite3Secure_vc11_dll.vcxproj.filters 2KB
SQLite3Secure_vc12_dllicu.vcxproj.filters 2KB
SQLite3Secure_vc14_dll.vcxproj.filters 2KB
SQLite3Secure_vc16_dllicu.vcxproj.filters 2KB
SQLite3Secure_vc16_dll.vcxproj.filters 2KB
SQLite3Secure_vc10_libicu.vcxproj.filters 2KB
SQLite3Secure_vc11_libicu.vcxproj.filters 2KB
SQLite3Secure_vc10_lib.vcxproj.filters 2KB
SQLite3Secure_vc16_libicu.vcxproj.filters 2KB
SQLite3Secure_vc16_lib.vcxproj.filters 2KB
SQLite3Secure_vc12_libicu.vcxproj.filters 2KB
共 413 条
- 1
- 2
- 3
- 4
- 5
资源评论
- mir288882023-12-08内容与描述一致,超赞的资源,值得借鉴的内容很多,支持!
Java程序员-张凯
- 粉丝: 1w+
- 资源: 6656
下载权益
C知道特权
VIP文章
课程特权
开通VIP
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功