SQLCipher 4.3.0 Release

2019-12-20 07:00:00 -0500

SQLCipher 4.3.0, which includes the following important changes, is now available:

SQLCipher Core

• Updates baseline to upstream SQLite 3.30.1
• PRAGMA key now returns text result value “ok” after execution (consistent with upstream)
• Adjusts backup API so that encrypted-to-encrypted backups are permitted
• Adds a NSS crypto provider implementation
• Improves OpenSSL provider compatibility with BoringSSL
• Corrects output of PRAGMA cipher_integrity_check on big endian platforms
• General cryptographic provider interface cleanup
• Improvements to mutex allocation and management
• Separates memory related traces to reduce verbosity of logging
• Resolves miscellaneous build warnings
• Forces error state at database pager level if SQLCipher initialization fails

SQLCipher for Android

SQLCipher for Android now includes support for utilizing Android Room. Room is a Google supported ORM library that provides an abstraction layer over direct database access. Integration instructions for the library can be found here. Thank you to Mark Murphy for providing the necessary contributions from the CWAC-SafeRoom project for this addition.

SQLCipher Commercial and Enterprise

Starting with the release of SQLCipher 4.3.0, Commercial and Enterprise packages now include exclusive features that are not available in Community Edition distributions:

• SQLCipher Value Level Encryption - SQL functions for partial data encryption
• SQLCipher Encrypted Virtual Tables - Table-level data encryption
• SQLCipher Performance Counters and Statistics - Performance counters for optimization and tuning purposes

The SQLCipher Value Level Encryption (VLE) and Encrypted Virtual Table features extend SQLCipher to allow partial encryption of data. Instead of applying encryption to the entire database, they selectively expose convenient SQL Functions and a Virtual Table module that operate transparently to encrypt and decrypt data. These features still use SQLCipher’s well-trusted underlying cryptographic providers. While not intended as a substitute for full-database encryption, these features can serve the needs of several classes of applications, for instance when:

1. Only a subset of database information needs to be secured
2. Multiple overlapping layers of security with separate keys are required (e.g. multiple keys for different data sets)
3. Full-database encryption is not appropriate due to other considerations (e.g. performance, compression, etc.)

The new 4.3.0 features also include a special extension that exposes internal performance counters for SQLCipher’s encryption module. These additional statistics provide deeper insight to applications which can be useful for performance optimization and tuning purposes.

In additon to these new features, the official iOS native package for Xcode now include framework support for Mac Catalyst, which allows iPad applications to be built for and run on macOS computers.

Availability

Commercial Edition - On-demand access to new releases of SQLCipher Commercial Edition are available to licensees with an active CipherCare subscriber subscription, along with private, prioritized support directly from Zetetic. CipherCare subscribers will receive a separate email notification regarding the update and can contact us to request the latest SQLCipher distribution and applicable software license codes.

SQLCipher Enterprise Program - Enterprise Program Subscription customers will receive a separate email notification about the release, and the latest SQLCipher packages and license codes will be provided directly via your organization’s private online software delivery share.

Community Edition - SQLCipher 4.3.0 in source format is directly available on GitHub. The Community Edition of SQLCipher for Android (4.3.0) is available via AAR packaging. The Community Edition of SQLCipher for iOS can be compiled from source or using CocoaPods.