Re: [sqlite] Database Encryption (System.Data.SQLite)

2019-04-01 Thread Paul 
As I was using the unchanged nuget package I assumed it would be a “default” 
encryption as it isn’t something I compiled or changed?

Tithras

Sent from my iPhone

> On 1 Apr 2019, at 15:33, Simon Slavin  wrote:
> 
>> On 1 Apr 2019, at 3:30pm, Mattock Paul  wrote:
>> 
>> Thanks, do we have any idea on what Algorithm is used?
> 
> Since more than one algorithm is available, this would be something selected 
> by the software you were using.  So I can only suggest you read the source 
> code for the bit of the software which created the database.
> 
> It might be possible for someone clever with encryption to work it out, given 
> a copy of your database, but that's not something I've ever tried.
> ___
> sqlite-users mailing list
> sqlite-users@mailinglists.sqlite.org
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] Database Encryption (System.Data.SQLite)

2019-04-01 Thread Simon Slavin 
On 1 Apr 2019, at 3:30pm, Mattock Paul  wrote:

> Thanks, do we have any idea on what Algorithm is used?

Since more than one algorithm is available, this would be something selected by 
the software you were using.  So I can only suggest you read the source code 
for the bit of the software which created the database.

It might be possible for someone clever with encryption to work it out, given a 
copy of your database, but that's not something I've ever tried.
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] Database Encryption (System.Data.SQLite)

2019-04-01 Thread Mattock Paul 
Simon,
Thanks, do we have any idea on what Algorithm is used?

Tithras

> On 01 April 2019 at 14:28 Simon Slavin  wrote:
> 
> 
> On 1 Apr 2019, at 1:15pm, Mattock Paul  wrote:
> 
> > Just to confirm I am using the nuget package (System.Data.SQLite v1.0.109.2)
> 
> This uses PCL Crypto, which in turn accesses crypto implemented in PCL itself 
> rather than implmenting its own.  A list of crypto methods it supports, 
> tabled against OS, can be found here:
> 
> 
> 
> Also see the 'Legal Key Sizes' link on that page.
> 
> So the bad part is that your cryto is done entirely outside SQLite so we 
> don't know much about it.  But the good part is that there is a source that 
> does.
> ___
> sqlite-users mailing list
> sqlite-users@mailinglists.sqlite.org
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] Database Encryption (System.Data.SQLite)

2019-04-01 Thread Simon Slavin 
On 1 Apr 2019, at 1:15pm, Mattock Paul  wrote:

> Just to confirm I am using the nuget package (System.Data.SQLite v1.0.109.2)

This uses PCL Crypto, which in turn accesses crypto implemented in PCL itself 
rather than implmenting its own.  A list of crypto methods it supports, tabled 
against OS, can be found here:



Also see the 'Legal Key Sizes' link on that page.

So the bad part is that your cryto is done entirely outside SQLite so we don't 
know much about it.  But the good part is that there is a source that does.
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] Database Encryption (System.Data.SQLite)

2019-04-01 Thread Mattock Paul 
Jim,
Thanks for the information.

Just to confirm I am using the nuget package (System.Data.SQLite v1.0.109.2) 
and my sqlite database is encrypted without any additional modules associated 
with my release. A code snippet of the section which handles the initial 
database encryption is as follows:

using (SQLiteConnection localDBConnection = new SQLiteConnection(connection))
{
 localDBConnection.SetPassword("password");
 localDBConnection.Open();

 using (SQLiteCommand command = new SQLiteCommand(localDBConnection))
 {
  command.CommandText = createTableSNBuild;
  command.ExecuteNonQuery();
 }
}

Regards,
Tithras

> On 01 April 2019 at 12:52 Jim Borden  wrote:
> 
> 
> From looking at the System.Data.SQLite source (someone please correct me if I 
> am wrong)
> 
> It would use whatever cipher was provided to it via the native library that 
> it was deployed with.  It's designed with sqlite encryption extension in mind 
> but I suppose in theory it would work with any implementation that properly 
> implements the sqlite3_key APIs / PRAGMAs.  As far as I can tell it is not a 
> foregone conclusion in the C# as to what algorithm is used.
> 
> The one on Nuget just ships with the vanilla sqlite which has no encryption 
> support.  Decompiling and searching for the sqlite3_key binding shows that it 
> is not present in the library (which makes sense since it is guarded by an 
> #if in the source base)
> 
> On 2019/04/01 18:27, "sqlite-users on behalf of Mattock Paul" 
>  pmatt...@ntlworld.com> wrote:
> 
> All,
> 
> Would anyone be able to confirm what cipher is used for encrypting an 
> SQLite database when password="" is used?
> 
> 
> I have seen old posts online which state its 128bit but assume this is 
> now wrong and am after completing a design document which requires I state 
> the encryption level.
> 
> 
> Regards,
> 
> Tithras
> ___
> sqlite-users mailing list
> sqlite-users@mailinglists.sqlite.org
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
> 
> 
> 
> Privacy Policy
> Marketing 
> Preferences
> ___
> sqlite-users mailing list
> sqlite-users@mailinglists.sqlite.org
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] Database Encryption (System.Data.SQLite)

2019-04-01 Thread Jim Borden 
From looking at the System.Data.SQLite source (someone please correct me if I 
am wrong)

It would use whatever cipher was provided to it via the native library that it 
was deployed with.  It's designed with sqlite encryption extension in mind but 
I suppose in theory it would work with any implementation that properly 
implements the sqlite3_key APIs / PRAGMAs.  As far as I can tell it is not a 
foregone conclusion in the C# as to what algorithm is used.

The one on Nuget just ships with the vanilla sqlite which has no encryption 
support.  Decompiling and searching for the sqlite3_key binding shows that it 
is not present in the library (which makes sense since it is guarded by an #if 
in the source base)

On 2019/04/01 18:27, "sqlite-users on behalf of Mattock Paul" 
 wrote:

All,

Would anyone be able to confirm what cipher is used for encrypting an 
SQLite database when password="" is used?


I have seen old posts online which state its 128bit but assume this is now 
wrong and am after completing a design document which requires I state the 
encryption level.


Regards,

Tithras
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users



Privacy Policy
Marketing 
Preferences
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

[sqlite] Database Encryption (System.Data.SQLite)

2019-04-01 Thread Mattock Paul 
All,

Would anyone be able to confirm what cipher is used for encrypting an SQLite 
database when password="" is used?


I have seen old posts online which state its 128bit but assume this is now 
wrong and am after completing a design document which requires I state the 
encryption level.


Regards,

Tithras
___
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users