We are pleased to announce that SQLCipher 4.5.0 is now available. It includes the following important changes:
- Updates baseline to use SQLite 3.36.0
- Changes the enhanced memory security feature to be DISABLED by default; once enabled by
PRAGMA cipher_memory_security = ON, it can’t be turned off for the lifetime of the process
PRAGMA cipher_migrateto permanently enter an error state if a migration fails
- Fixes memory locking/unlocking issue with
reallocimplementation on hardened runtimes when memory security is enabled
cipher_migrateto cleanup the temporary database if a migration fails
- Removes logging of non-string pointers when compiling with trace level logging
Important Upgrade Considerations
SQLCipher 4.5.0 contains two important changes that alter the fundamental behavior of SQLCipher.
Memory Security: SQLCipher 4.0 introduced a new enhanced memory security feature. While SQLCipher had previously implemented memory sanitization and locking for internal allocations related directly to SQLCipher’s cryptographic implementation, the new memory security feature extended to ALL memory allocated by the library (i.e. by SQLite internal logic outside of SQLCipher). Initially this feature was enabled by default. However, after reviewing feedback from customers and the community, we have decided to disable this feature by default, but still allow it to be enabled on demand. This will allow developers to selectively turn on this feature when dictated by their security requirements without impacting performance for all use cases. Note that if your application requires the memory security feature, it must call
PRAGMA cipher_memory_security = ON early in the application life-cycle to enable the feature. Once memory security is enabled it can’t be disabled for the lifetime of the process.
Migration: Previous versions of SQLCipher’s
PRAGMA cipher_migrate could leave a database connection usable after a failed upgrade. While an error would be reported in the result set, if an application ignored the return it could continue to use the database at the older version’s security setting. The most common cause of this issue would be inadequate drive space to perform the migration or an attempt to migrate on a read only connection. In SQLCipher 4.5.0 the database connection will be rendered unusable (causing an exception to be thrown or a hard error reported). Applications that use
cipher_migrate and upgrade to 4.5.0 should ensure they check the result set from the PRAGMA and handle any migration exceptions.
SQLCipher Commercial and Enterprise
The following changes and enhancements are available for Commercial and Enterprise packages:
- The SQLCipher Statistics feature now includes detailed memory usage information. The
sqlcipher_statsvirtual table will now return current library memory use, high memory use, memory allocation, reallocation, and free times and counts. These statistics are inclusive of memory sanitization time, allowing for detailed profiling of the enhanced memory security feature.
- Packages now use in-memory temporary storage by default, but allow an application to override that setting using
PRAGMA temp_store = FILE;. Using FILE temporary storage may be necessary in certain circumstances, like performing a VACUUM on a very large database.
- SQLite’s snapshot feature is now enabled.
- Java and .NET library wrappers have been updated to the latest available versions.
- non-FIPS packages using OpenSSL now include the latest release of 1.1.1l.
SQLCipher for Android Refresh Upcoming
Zetetic is actively developing a new SQLCipher for Android library that is completely rebuilt with an updated Java API, more closely tied to the current Android
android.database.sqlite implementation. This new library is seprate from, and being developed in parallel with, the current SQLCipher For Android library. It natively supports connection pooling and other advanced features providing vastly improved performance, concurrency, and developer experience.
This new SQLCipher for Android will initially be available on GitHub and will require developer build integration for dependencies. Community and Commercial build artifacts will be available once we begin to transition to the new library after thorough testing. The existing SQLCipher for Android packages (android-database-sqlcipher) will continue to be maintained in parallel during a transition period, before the old library is eventually deprecated. Keep an eye out for future details about the availability of the new library!
Commercial and Enterprise - On-demand access to new releases of SQLCipher packages are available to all licensees with an active support subscription from the Customer Downloads fulfillment site. Licensees will also receive a separate email notification regarding the update and can contact us at any time for private support directly from the SQLCipher development team.
Community Edition - SQLCipher Community Edition source code is available on GitHub, via AAR packaging for Android, and CocoaPods for iOS.