encrypt sqlite database Android:

Amsheer picture Amsheer · Jul 4, 2014 · Viewed 12.8k times · Source

Hi in my running app i already have an existing sqlite database. And now the problem is anybody can pull the sqlite database from device and can be use it. Now i need to encrypt the sqlite file. I found that SQLCipher is used to encrypt the sqlite database. But the real problem is i don't have any idea with SQLCipher and don't know how it works. Try to use different projects. Nothing help. Please anyone tell me how to encrypt my sqlite database.

Thanks in advance.

Answer

CommonsWare picture CommonsWare · Jul 4, 2014

Step #0: Add the code to your UI to prompt the user to enter a passphrase.

Step #1: Download the SQLCipher for Android ZIP file.

Step #2: UnZIP the ZIP file and navigate to the directory that has an assets/ and a libs/ folder.

Step #3: Copy the contents of the assets/ directory into your project's assets/ directory.

Step #4: Copy the contents of the libs/ directory into your project's libs/ directory. Gradle/Android Studio users will also need to add a line to the top-level dependencies closure loading up the contents of libs/, if you do not have one already.

Step #5: Replace all relevant android.database.* and android.database.sqlite.* imports with their SQLCipher for Android equivalents. If you are using an IDE that can help you resolve missing imports (e.g., Ctrl-Shift-O in Eclipse), the easiest thing to do is to get rid of all existing android.database.* and android.database.sqlite.* imports and let the IDE help resolve them. Choose the net.sqlcipher imports when given the choice.

Step #6: You will now have compiler errors on a few methods where you open a database (e.g., getReadableDatabase() on SQLiteOpenHelper), where you now need to pass in the passphrase you collected from the user in Step #0.

This will work for new apps starting up with new databases. There is additional work involved to upgrade an existing app with existing users, if you want to allow those users to switch to an encrypted database.