• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 583
  • Last Modified:

SQLite 3 encryption

I've been looking at using SQLite instead of MySQL to aid deployment of my applications, however Im concerned about security and reading up on SQLite and PHP you cant encrypt the database, you seem to be able to in everything else but PHP. This cant be true surely??

I have read you can buy encrpytion plugins but costs serious ££££.

Anyone have any suggestion for running a file type database (As opposed to a service like MySQL) that works with PHP?

Thank you
0
tonelm54
Asked:
tonelm54
  • 3
  • 2
1 Solution
 
GaryCommented:
0
 
Ray PaseurCommented:
Given that it's a deployed application, what is the objective you're seeking by encrypting the database?
0
 
tonelm54Author Commented:
Good morning,
Sorry for the delay in reply, been working on a VPN project instead of this :-S

The idea is to just to keep the package simple to deploy and restore from backups. My manager wants to restore a project Im working on with one click (not have to restore the files and then the database), however as its going onto a shared server which Im not in charge of security I wanted to be able to protect the SQLite database as much as I can (I know someone with access will either be able to crack it or use the code to crack).

My current suggestion is to backup the database to a folder on a daily basis, then on application statup check the database, if its empty suggest restoring from one of the backups, then hopefully it will be a one click restore then I can control a wizard to restore the database, as then I can encripty the database backup.

Im surprised that there is no encyption built into PHP.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Ray PaseurCommented:
there is no encyption built into PHP
That's not entirely true.  PHP has six cryptography extensions.
http://www.php.net/manual/en/refs.crypto.php

Here is a simple example using mcrypt.
<?php // demo/encrypt_decrypt.php
error_reporting(E_ALL);

// MAN PAGE: http://php.net/manual/en/ref.mcrypt.php

class Encryption
{
    protected $key;

    public function __construct($key='quay')
    {
        // THE KEY MUST BE KNOWN TO BOTH PARTS OF THE ALGORITHM
        $this->key = $key;
    }

    public function encrypt($text)
    {
        // ENCRYPT THE DATA
        $data = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $this->key, $text, MCRYPT_MODE_ECB);

        // MAKE IT base64() STRING SAFE FOR STORAGE AND TRANSMISSION
        return base64_encode($data);
    }

    public function decrypt($text)
    {
        // DECODE THE DATA INTO THE BINARY ENCRYPTED STRING
        $text = base64_decode($text);

        // DECRYPT THE STRING
        $data = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $this->key, $text, MCRYPT_MODE_ECB);

        // DECLOP NUL-BYTES BEFORE THE RETURN
        return trim($data);
    }
}

// INSTANTIATE AN ENCRYPTION OBJECT FROM THE CLASS
$c = new Encryption();

// INITIALIZE VARS FOR LATER USE IN THE HTML FORM
$encoded = $decoded = NULL;

// IF ANYTHING WAS POSTED SHOW THE DATA
if (!empty($_POST["clearstring"]))
{
    $encoded = $c->encrypt($_POST["clearstring"]);
    echo "<br/>{$_POST["clearstring"]} YIELDS ENCODED ";
    var_dump($encoded);
}

if (!empty($_POST["cryptstring"]))
{
    $decoded = $c->decrypt($_POST["cryptstring"]);
    echo "<br/>{$_POST["cryptstring"]} YIELDS DECODED ";
    var_dump($decoded);
}

// CREATE THE FORM USING HEREDOC NOTATION
$form = <<<FORM
<form method="post">
<input name="clearstring" value="$decoded" />
<input type="submit" value="ENCRYPT" />
<br/>
<input name="cryptstring" value="$encoded" />
<input type="submit" value="DECRYPT" />
</form>
FORM;

echo $form;

Open in new window

0
 
tonelm54Author Commented:
Sorry, what I meant was 'no encryption for SQLite'  built into PHP (or as far as Im aware)
0
 
Ray PaseurCommented:
Agreed.  It's not in the PHP native SQLite extension.  But you might find some useful information over here:
http://www.sqlite.org/search?q=encryption
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now