-
Notifications
You must be signed in to change notification settings - Fork 521
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question: Encryption #40
Comments
in short yes. does it support it now? Obviously not. Would it be easy to add encryption? I have to think about a proper x-platform approach considering native libs on Android etc... |
A relatively easy way would be to use SQLCipher. I support a SQLCipher version of the Cordova plugin at: https://github.com/litehelpers/Cordova-sqlcipher-adapter |
Hey Andpor, I'm working on encryption implementation for android and ios in our internal repository. I have following questions for you:
|
To be honest I would favor supporting sqlcipher in a separate project. SQLCipher adds some things that the rest of the community would not want for a couple major reasons:
This is what I did in the Cordova sqlite/sqlcipher plugins that I maintain. Yes it would probably be a pain to keep merging changes but this may be the best solution for now. |
@maxpowa you may have to do it yourself. I don't think the owner @andpor will do this and @dryganets seems to have dropped off. I hope someone will share a version with sqlcipher with the user community. To answer some questions raised by @dryganets:
I think that is the correct way, assuming you include the SQLCipher JAR and native libs. The android-native version uses my Android-sqlite-connector library which is currently not supported with SQLCipher. (I hope to do this someday ref: sqlcipher/sqlcipher#125)
I tried using a git submodule in the past and was not so happy with it. It adds an extra build step which is not so great for plugins and I find it a bit inflexible in certain ways. For example: if I would remove an external module from git then add it again (from a different location for example) there is still an extra artifact in the local I think your best bet is to just include the sqlcipher code, libs, and dependencies in your git repo. You should be able to use git to merge in updates from this git project moving forward. I can think of the following extra alternatives:
|
I could prepare a pull request with SQLite cipher for both iOS and android If there are enough people interested in it. We are using this internally for a few months. It's worth to mention that SQLite cipher supports only exclusive transactions out of the box so you might experience some performance degradation as result of usage of the plugin. I have a couple of fixes to share with the community as well. In the long term, we are going to move to our internal implementation as:
If plans wouldn't change I will start on our internal implementation of the plugin in typescript. But it would take a time to release it's publically. |
@brodybits, Android toLowerCase fix for Turkish locale. It's a root cause of insert and begin commands failures for Turkish locale. Probably specific to SQLiteCipher too, but the fix is safe anyway: Android correctly close statements and queries: You need to merge #131 iOS fix for crash on module dealloc: |
@dryganets - this is awesome. Thanks a lot for these. I will review and merge tonight. |
https://github.com/dryganets/react-native-sqlite-storage/tree/sergeyd/sqlite-cipher has our implementation. I would make sure that iOS builds correctly tomorrow. |
From #132 (comment):
@andpor I would recommend keeping encryption separate. When publishing apps with encryption people would have to follow the guide at https://discuss.zetetic.net/t/export-requirements-for-applications-using-sqlcipher/47 and it may be even worse in places like France. |
Yep, It's better to make a plugin system. In addition to that we get rid of an extra project with code duplication. |
According to @brodybits arguments: can we leave this optional per #ifdef direction on objC-Side and something similar on android? |
There is no #ifdef on android. I think I would take a time at some moment and refactor this to plugin model on android. As for iOS - I updated the branch. Basically, the problem is to have a relative path to SQLiteCipher customized. My intention was to keep plugin compile as a part of another project and on it's own. On android, it's not a problem as we have a gradle dependency management and we could get any dependency we want not relying on npm. On iOS I choose cocoa pods integration and this way requires react native sources modification. They are using <React/Header> and by some reason pods sees only "Header". maybe it's my bad, though and there is a better way to do it. |
@dryganets This changed with RN 0.40 from "header" to <React/Header>. That means you should just concentrate on the ne format <React/Header> |
Probably, I just didn't figure out how to make it compile with pods @itinance :( For now, we have our own fork of react-native for Skype so we are free to revert this commit. |
@dryganets can you tell me a concrete issue? CocoaPods works well in my newest app (i am working on several ones using RN) and the thing with headers is that there was a huge change with RN 0.40 as you can see in the commit of you previous comment here i'd like to help you on iOS-side |
CocoaPods/CocoaPods#4605 as a structure is flattened. |
i have run the latest with cocoapods setup and have not had any issues...i am not sure I understand what the problem is... |
Hi, and thanks for the awesome work guys. |
@dryganets is the man behind the encryption...maybe he can share how to get this going. |
Integration should be as easy as:
When I would have a time I'll add sample app to my fork and add the more accurate description. All changes you need on js level - pass the key as a parameter to the open method. It should be easy to fix, as I remember there is a function to re-encrypt the database in sqlitecipher though we don't have such a use-case so it's not implemented. |
Hi, with the latest release, we experienced this issue when compiling the iOS project:
The library works fine until 3.2.2 so the cipher support is a breaking change. As @brodybits mentioned, would it be possible to keep the encryption separate? |
@mikaelfs +1 |
this is fixed in 3.3.1 |
@dryganets Your fork is awesome, but I would like to know more on how Android can make use of SQLCipher? iOS side has no problem, yet not working on Android... But I'm quite sure I have linked it well. I have to manually import SQLCipher jars and native libs right?
Can you tell me which files I have to go through (actually I am an iOS developer :P) |
@henryphtang already uses SQLite cipher packages. https://github.com/dryganets/react-native-sqlite-storage/blob/sergeyd/sqlite-cipher/src/android/build.gradle So if you are using https://github.com/dryganets/react-native-sqlite-storage/blob/sergeyd/sqlite-cipher/src/android everything should work. https://github.com/dryganets/react-native-sqlite-storage/blob/sergeyd/sqlite-cipher/src/android-native doesn't have sqlitecipher integrated. I'll try to take a time on this weekend and contribute the plugin system to this repository. |
https://github.com/dryganets/react-native-sqlite-storage/tree/sergeyd/plugin-system It's work in progress already close to done, but I didn't finish few moments yet + needs to be tested. |
It looks like it is pretty close: |
btw @dryganets - I have added a #ifdef for SQLCIPHER to iOS codebase for SQL Cipher key retrieval. If you define this at your main project level the library will pick up the code automatically else it will just work as plain database. |
Quick question: SQLCipher would usually use CommonCrypto by default on iOS to do the actual encryption. Can you tell if this would already be linked by this plugin, the react-native framework, or something else? In general a library should not link to such a framework, even dynamically, unless explicitly required for the application. |
Could you update the component as cipher support? |
Guys, does react-native-sqlite-storage supports encryption databases? |
Is there any way to support encryption?
The text was updated successfully, but these errors were encountered: