在 iOS 上加密 SQLite 数据库文件
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4753433/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Encrypting SQLite database file on iOS
提问by Chiron
My client asked me if it is possible to encrypt his iOS SQLite file.
I checked this two resources:
我的客户问我是否可以加密他的 iOS SQLite 文件。
我检查了这两个资源:
Encrypt & Decrypt Sqlite file (Using Core Data)
http://support.apple.com/kb/HT4175
加密和解密 Sqlite 文件(使用核心数据)
http://support.apple.com/kb/HT4175
Please correct me if I'm wrong, the file will be encrypted so no one will be able to crack into it (although it will be possible for a determined cracker I think).
如果我错了,请纠正我,该文件将被加密,因此没有人能够破解它(尽管我认为坚定的破解者是可能的)。
Core Data queries will run as usual right? I mean there is no performance penalty neither a different API.
Core Data 查询会照常运行,对吗?我的意思是没有性能损失,也没有不同的 API。
回答by Kendall Helmstetter Gelner
The links you provided talk about encrypting storage across the whole device; However if the goal is that the user not be able to open the database file directly then will not help you, as the only thing that protects against is your data being accessed in the event the device is stolen. It also relies on the user to set it up, the app cannot mandate that the device storage is encrypted.
您提供的链接讨论了在整个设备上加密存储;但是,如果目标是用户无法直接打开数据库文件,那么将无济于事,因为唯一可以防止您的数据在设备被盗的情况下被访问。它还依赖于用户进行设置,应用程序不能强制要求对设备存储进行加密。
Basically, what is the motivation behind wanting the storage encrypted?
基本上,想要加密存储背后的动机是什么?
EDIT:
编辑:
Based on the response chain, I think using the encrypted variant of SQLLite at:
基于响应链,我认为在以下位置使用 SQLLite 的加密变体:
is a good solution. This encrypts database contents before they hit storage, which is great. An attacker still might be able to find the key used in your code to decrypt the database, but any layer of defense you can add will help. I don't think you could use that with CoreData (as it is built atop the built-in sqllite libraries) but you could probably use it with a wrapper like FMDB:
是一个很好的解决方案。这会在数据库内容进入存储之前对其进行加密,这很棒。攻击者可能仍然能够找到您的代码中使用的密钥来解密数据库,但是您可以添加的任何防御层都会有所帮助。我不认为你可以将它与 CoreData 一起使用(因为它是建立在内置的 sqllite 库之上的),但你可能可以将它与像 FMDB 这样的包装器一起使用:
