On Thu, 25 Feb 2016 14:01:31 +0800
<admin at shuling.net> wrote:
> Does SQLite provide a good way to encrypt the SQL query strings while
> does not affect the performance when executing the queries?
If you're worried about the user examining your program image
statically, you could encrypt your SQL by whatever means, and decrypt
it "just in time":
sqlite3_prepare(db, decrypt(sql, key), ... );
Of course, if the key is also present in the image, you're only
discouraging the uninterested. (Something I suppose Tim Cook knows a
thing or two about...)
If you're worried about the user examining the running program -- for
example, with ltrace(1) -- then your question is moot, because at some
point the encrypted SQL wiill have to be decrypted before SQLite
interprets it.
--jkl
