zhiyazw zhiyazw - 22 days ago 13
Android Question

sqlcipher_export didn't export my tables

I am using sqlciper with android to encrypt an existing sqlite db, and ran into a problem that the encrypted db didn't contain my tables, it only contains sqlite_master and android_metadata.

My original db looks like:

shell@umts_spyder:/sdcard $ sqlite3 d000000.dat
sqlite3 d000000.dat
SQLite version 3.7.4
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> select * from sqlite_master;
select * from sqlite_master;
table|android_metadata|android_metadata|2|CREATE TABLE android_metadata (locale TEXT)
table|PageData|PageData|3|CREATE TABLE PageData(File_Path TEXT NOT NULL UNIQUE, File_Content BLOB)
index|sqlite_autoindex_PageData_1|PageData|4|


I paste my encrypting code below, use empty key("") to open the plain db, if using null, NullPointerException raised(For both plain db I mentioned in the end of my post):

File plain = new File(mDbPath); /* /sdcard/d0000000.dat */
File encrypt = new File(plain.getParent(), "encrypted.dat");
encrypt.delete();
SQLiteDatabase db = SQLiteDatabase.openOrCreateDatabase(mDbPath, "", null);
String sql = String.format("ATTACH DATABASE '%s' AS encrypted KEY '%s'", encrypt.getPath(), mvKey.getText().toString()); // key is qqqqqqqq
db.execSQL(sql);
db.rawQuery("SELECT sqlcipher_export('encrypted')", null);
db.execSQL("DETACH DATABASE encrypted");


and below is the the code I used to test the encrypted db, there is only "android_metadata, " in the output, my table PageData lost. If I use "select * from PageData" directly, it raises no such table exception:

File file = new File(Environment.getExternalStorageDirectory(), "encrypted.dat");
if(!file.exists())
{
mvBrowse.setText("not exist");
return;
}
String key = mvKey.getText().toString();
SQLiteDatabase db = SQLiteDatabase.openOrCreateDatabase(file, key, null);
Cursor cursor = db.rawQuery("SELECT * FROM sqlite_master", null);
String str = new String();
while(cursor.moveToNext())
{
str += cursor.getString(1)+", ";
}
mvBrowse.setText(str); // output is "android_metadata, "
cursor.close();
db.close();


The encrypting should work, because if I open encrypted.dat with empty("") key, it raise "file is encrypted or is not a database" exception, but I can read sqlite_master and android_metadata table with correct key.

I Confirmed the path I tested is the same one I write encryption to;

Tested creating plain db by sqlcipher, using empty key:

SQLiteDatabase db = SQLiteDatabase.openOrCreateDatabase(file, "", null); /* /sdcard/d000000.dat */
db.execSQL("CREATE TABLE PageData(File_Path TEXT NOT NULL UNIQUE, File_Content BLOB)");


As well as creating it by standard sqlite tools(SQLite Export Professional, and I didn't use BLOB field in this case, just only TEXT and INTEGER);

And tested with two API versions, "SQLCipher for Android v2.2.2" and "SQLCipher for Android v3.0.0".

I also tried to apply the Decrypt precedure as describled in http://sqlcipher.net/sqlcipher-api/ to a encrypted db.

All above got the same result. Will somebody help me? I beleive there is some tiny wrong inside but I can't figure it out.

Answer

Finally, I get fixed my problem, by learning from https://github.com/sqlcipher/sqlcipher-android-tests/blob/master/src/main/java/net/zetetic/tests/ImportUnencryptedDatabaseTest.java. The problem was, when executing the encrypting precedure, one must NOT use execSQL or rawQuery, but use a new introduced method "rawExecSQL. To be clear, the following code just work fine:

    String sql = String.format("ATTACH DATABASE '%s' AS encrypted KEY '%s'", encrypt.getPath(), mvKey.getText().toString());
    db.rawExecSQL(sql);
    db.rawExecSQL("SELECT sqlcipher_export('encrypted')");
    db.rawExecSQL("DETACH DATABASE encrypted");
Comments