I have implemented a project using Ionic2 and SQLite. Now I want to use SQLCipher for encrypting data. But after installing plugin cordova-sqlcipher-adapter, i am not able to use it. As per documentation, i need to use it like this:
This basically tells the typescript compiler to shut up and execute It’s now assuming window is of type any instead of type Window (functionality of window is untouched though!)
I am puzzled. Is it so difficult to use SQLCipher with Ionic2? Why is there so little material available on SQLCipher? Or there are other alternatives available? Please answer as I am not able to make progress.
Thanks for your reply. I have shown the code in my first post. The error is “property sqliteplugin does not exist on type window”. I have used import as
import { SQLite, SQLiteObject } from ‘@ionic-native/sqlite’;
Installed the plugin cordova-sqlcipher-adapter. Project is working fine with SQLite database.
Many many thanks. You are a life-saver . Now the errors have gone. However I am not able to do insert and select from the database.
var db = null;
document.addEventListener('deviceready', function() {
db = (<any>window).sqlitePlugin.openDatabase({name:'datanew.db', key: 'test', location: 'default'});
db.transaction(function(tx) {
tx.executeSql('CREATE TABLE IF NOT EXISTS usertbl (id INTEGER PRIMARY KEY AUTOINCREMENT, loginid string, password string)');
tx.executeSql('INSERT INTO usertbl(loginid, password) VALUES (?,?)', [[this.rndLogin], [this.rndPass]]);
}, function(error) {
console.log('Transaction ERROR: ' + error.message);
}, function() {
console.log('Populated database OK');
});
});
When I try to login and match the input values with those in DB, the login does not go through but no error is shown either. Please guide in this regard.
var db = null;
db = (<any>window).sqlitePlugin.openDatabase({name:'datanew.db', key: 'test', location: 'default'});
db.transaction(function (tx) {
tx.executeSql('select * from usertbl',[], function (tx, resultSet) {
if ((this.loginid == resultSet.rows.item(0).loginid) && (this.password == resultSet.rows.item(0).password))
this.navCtrl.setRoot('HomePage');
else {
alert("Wrong credential !!");
this.loginForm.reset();
}
console.log('Record login (expected to be 1): ' + resultSet.rows.item(0).loginid);
}, function (tx, error) {
console.log('SELECT error: ' + error.message);
}, function (error) {
console.log('transaction error: ' + error.message);
}, function () {
console.log('transaction ok');
});
});
Thanks both of you. Replacing function with => did the trick. I am curious as to what role the key plays while opening the database. Is it a good practice to store the key in source code? Also as I have read, in SQLCipher all data in the main database file is encrypted. How do I view the encrypted data ?
I don’t have any experience with the plugin in question unfortunately, but storing the key in the source code certainly seems to defeat some of the purpose of encrypting the DB.
I’d imagine that you’d want to store the key on a server potentially, or have the key be specific to the user such as their password. I’m no security or encryption expert, though.
Best would be to not store the key in a readible form in the application If someone would get the apk/ipa and decompile it, and read the key, they can access the data. Storing a generated key for a user/device would be better; at least a person with bad intentions wouldn’t be able to decompile every database, but just the one for the user/device. But if you save the key for the user/device, and save it in a way the app can access it, someone with bad intentions can probably still get the key.
I’ve had a server where the user would login with their username/password combo, and the database password would be returned from the server; but you have to make sure that someone with bad intentions is not able to get it by network sniffing.
Best would be to make it a “password” like feature for the user; ask the user to enter their “database password” and thus unlock their app. And never ever save that password anywhere. Worst case a user forgets their password and they lose the data on the sqlite database because you can’t access it anymore.
Ofcourse it depends on the level of protection you’d want
Hi! I just started to switch from SQLite to SQLCipher, but I’m even struggling at the beginning. The code snippets in the docs might be helpful when it’s running, but it won’t on my machine.
You helped me a bit, but I still can’t get it working. I’m not even totally sure where to put the code exactly.
Can you please provide some more code? Or describe where to put what (constructor, function, provider, …)
It’s now assuming 
. Now the errors have gone. However I am not able to do insert and select from the database.