website icon indicating copy to clipboard operation
website copied to clipboard

Published 20 hours ago verified publisher icon sequelize

Sequelize using SQLcipher to encrypt DB

Open juancampuzano opened this issue 5 years ago • 8 comments

Issue Description

I am trying to encrypt the database using SQLCipher. In the Sequelize documentation it says that it is possible to do: "Supports SQLCipher encryption for SQLite." But in the documentation I can't find the steps of how to do. I am trying to follow the following example found in Stackoverflow but I get the error: "SQLITE_NOTAD"

StackOverflow / Slack attempts

related case: https://stackoverflow.com/questions/33363075/how-to-make-encrypted-sqlite3-database-with-nodejs-in-windows-platform

Is this issue dialect-specific?

  • [ ] No. This issue is relevant to Sequelize as a whole.
  • [x] Yes. This issue only applies to the following dialect(s): SQLCipher on Sequelize
  • [ ] I don't know.

Would you be willing to resolve this issue by submitting a Pull Request?

  • [ ] Yes, I have the time and I know how to start.
  • [ ] Yes, I have the time but I don't know how to start, I would need guidance.
  • [ ] No, I don't have the time, although I believe I could do it if I had the time...
  • [x] No, I don't have the time and I wouldn't even know how to start.

juancampuzano avatar Oct 24 '19 14:10 juancampuzano

Hello, can you please try a few things:

  • Try with the first version of sequelize that had support for this feature (in this case, v4.0.0-1)

  • See if you can do it without sequelize using the sqlite3 package directly

  • Try to create a sequelize-sscce for it considering that I have no idea how SQLCipher works (so try to make it 100% ready for test)

Let me know, thanks

papb avatar Oct 24 '19 16:10 papb

I was testing with version v4.0.0-1 but I had the same problem.

However, I have the following question: is it possible to encrypt the database using sequelize in other way?

How can I run the following command PRAGMA key = 'mysecret' when starting sequelize?

juancampuzano avatar Oct 24 '19 23:10 juancampuzano

I am not familiar with database encryption unfortunately. I would suggest you try a direct raw query as early as possible in your code: sequelize.query("PRAGMA key = 'mysecret'") but I don't know if it should work.

papb avatar Oct 25 '19 01:10 papb

@papb it works.

Base on node-sqlcipher, I only have to put the following code:

  const sequelize = new Sequelize('database', '', 'your-encryption-key' {
    dialect: 'sqlite',
    dialectModulePath: '@journeyapps/sqlcipher',
    storage:  'path/to/db.sqlite',
  });

  // SQLCipher config
  sequelize.query('PRAGMA cipher_compatibility = 3');
  sequelize.query("PRAGMA key = 'your-encryption-key'");

juancampuzano avatar Oct 25 '19 14:10 juancampuzano

Fantastic!! I will leave it open as a docs issue :grimacing:

papb avatar Oct 25 '19 18:10 papb

Do you create the documentation?

juancampuzano avatar Jan 31 '20 19:01 juancampuzano

@juancampuzano @papb How can we default it to use sqlcipher 4 without cipher_compatibility? I have opened an issue in node-sqlcipher too https://github.com/journeyapps/node-sqlcipher/issues/33

rohit5ram avatar Apr 16 '20 06:04 rohit5ram

This issue has been automatically marked as stale because it has been open for 7 days without activity. It will be closed if no further activity occurs. If this is still an issue, just leave a comment or remove the "stale" label. 🙂

github-actions[bot] avatar Nov 06 '21 00:11 github-actions[bot]