Pages: 1

#1 2025-12-22 04:00:46

Sapiem
Member
Registered: 2017-12-08
Posts: 66

Help with SQLite3 static encryption

Please, could someone provide me with a hint, reading or example of how to implement encryption in sqlite3 database with static access? In mormot1 it worked perfectly with the .o and .obj I had. But not now. Thanks

Offline

#2 2025-12-22 07:25:46

zen010101
Member
Registered: 2024-06-15
Posts: 163

Re: Help with SQLite3 static encryption

In mORMot 2, SQLite3 encryption is built into the static library. Here's how to use it:

  1. Download static files from https://synopse.info/files/mormot2static.7z
  2. Add mormot.db.raw.sqlite3.static to your uses clause
  3. Pass password when creating the database:

  uses
    mormot.db.raw.sqlite3.static,
    mormot.orm.sqlite3;

  var
    Model: TOrmModel;
    Rest: TRestServerDB;
  begin
    Model := TOrmModel.Create([...]);
    Rest := TRestServerDB.Create(Model, 'mydata.db3', False, 'MyPassword');

  Or with TSqlDatabase directly:
  DB := TSqlDatabase.Create('mydata.db3', 'MyPassword');

  Important notes:
  - This encryption is NOT compatible with official SQLite SEE or wxsqlite3
  - NOT compatible with old mORMot 1 format (before 1.18.4413) - use OldSqlEncryptTablePassWordToPlain() to migrate
  - Uses AES-128 with PBKDF2 key derivation

Offline

#3 2025-12-23 20:01:09

Sapiem
Member
Registered: 2017-12-08
Posts: 66

Re: Help with SQLite3 static encryption

Thanks, but how can I change or set new password to existing database?

Offline

#4 2025-12-24 07:39:50

zen010101
Member
Registered: 2024-06-15
Posts: 163

Re: Help with SQLite3 static encryption

Use ChangeSqlEncryptTablePassWord() function from mormot.db.raw.sqlite3.static unit:

     ChangeSqlEncryptTablePassWord('mydata.db3', 'OldPassword', 'NewPassword');

  Notes:
  - Database file must be closed before calling this function
  - To check if a file is encrypted: IsSQLite3FileEncrypted('mydata.db3')

  Don't forget to back up your database before the test!!!

Offline

#5 2025-12-24 07:55:26

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 15,350
Website

Re: Help with SQLite3 static encryption

First of all, no-one knows what "does not work now" mean. smile

/// this function may be used to create a plain database file from an existing
// one encrypted with our old/deprecated/unsupported format (<1.18.4413)
// - then call ChangeSqlEncryptTablePassWord() to convert to the new safer format
procedure OldSqlEncryptTablePassWordToPlain(const FileName: TFileName;
  const OldPassWord: RawUtf8);

I guess you are using something newer than 1.18.4413. So you don't need to call this function.
Then you may need to set ForceSQLite3LegacyAes = true if your version was < 1.18.4607.
And since you switch to mORMot 2, and could recreate the database, consider ForceSQLite3AesCtr := true to use CTR which is much faster on Intel/AMD - you almost won't have any performance penalty by using encryption.

Offline

Pages: 1

Board footer

Powered by FluxBB