Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Microsoft.Data.Sqlite: Update encryption sample #18452

Merged
merged 1 commit into from
Oct 19, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90 changes: 41 additions & 49 deletions samples/Microsoft.Data.Sqlite/EncryptionSample/Program.cs
Original file line number Diff line number Diff line change
Expand Up @@ -2,32 +2,34 @@
using System.IO;
using Microsoft.Data.Sqlite;

using static SQLitePCL.raw;

namespace EncryptionSample
{
class Program
{
static void Main()
{
const string connectionString = "Data Source=EncryptionSample.db";
const string baseConnectionString = "Data Source=EncryptionSample.db";

// Notice which packages are referenced by this project:
// - Microsoft.Data.Sqlite.Core
// - SQLitePCLRaw.bundle_sqlcipher

// The Password keyword in the connection string specifies the encryption key
var connectionString = new SqliteConnectionStringBuilder(baseConnectionString)
{
Mode = SqliteOpenMode.ReadWriteCreate,
Password = "password"
}.ToString();

using (var connection = new SqliteConnection(connectionString))
{
// When a new database is created, it will be encrypted using the key
connection.Open();

// Notice which packages are referenced by this project:
// - Microsoft.Data.Sqlite.Core
// - SQLitePCLRaw.bundle_sqlcipher

// Immediately after opening the connection, send PRAGMA key to use encryption
var keyCommand = connection.CreateCommand();
keyCommand.CommandText =
@"
PRAGMA key = 'password';
";
keyCommand.ExecuteNonQuery();

var createCommand = connection.CreateCommand();
createCommand.CommandText =
var command = connection.CreateCommand();
command.CommandText =
@"
CREATE TABLE data (
value TEXT
Expand All @@ -36,52 +38,42 @@ value TEXT
INSERT INTO data
VALUES ('Hello, encryption!');
";
createCommand.ExecuteNonQuery();
command.ExecuteNonQuery();
}

using (var connection = new SqliteConnection(connectionString))
{
connection.Open();

Console.Write("Password (it's 'password'): ");
var password = Console.ReadLine();

// Sanitize the user input using the quote() function
var quoteCommand = connection.CreateCommand();
quoteCommand.CommandText =
@"
SELECT quote($value)
";
quoteCommand.Parameters.AddWithValue("$value", password);
var quotedPassword = (string)quoteCommand.ExecuteScalar();
Console.Write("Password (it's 'password'): ");
var password = Console.ReadLine();

// PRAGMA statements can't be parameterized. We're forced to concatenate the
// escaped user input
var keyCommand = connection.CreateCommand();
keyCommand.CommandText =
$@"
PRAGMA key = {quotedPassword}
";
keyCommand.ExecuteScalar();
connectionString = new SqliteConnectionStringBuilder(baseConnectionString)
{
Mode = SqliteOpenMode.ReadWrite,
Password = password
}.ToString();

using (var connection = new SqliteConnection(connectionString))
{
try
{
var queryCommand = connection.CreateCommand();
queryCommand.CommandText =
@"
SELECT *
FROM data
";
var data = (string)queryCommand.ExecuteScalar();
Console.WriteLine(data);
// If the key is incorrect, this will throw
connection.Open();
}
catch (SqliteException ex) when (ex.SqliteErrorCode == SQLitePCL.raw.SQLITE_NOTADB)
catch (SqliteException ex) when (ex.SqliteErrorCode == SQLITE_NOTADB)
{
Console.WriteLine("Access denied.");
goto Cleanup;
}

var command = connection.CreateCommand();
command.CommandText =
@"
SELECT *
FROM data
";
var data = (string)command.ExecuteScalar();
Console.WriteLine(data);
}

// Clean up
Cleanup:
File.Delete("EncryptionSample.db");
}
}
Expand Down
8 changes: 5 additions & 3 deletions samples/Microsoft.Data.Sqlite/InteropSample/Program.cs
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
using System;
using Microsoft.Data.Sqlite;

using static SQLitePCL.raw;

namespace InteropSample
{
class Program
Expand All @@ -13,7 +15,7 @@ static void Main()

// Get the underlying sqlite3 object
var db = connection.Handle;
SQLitePCL.raw.sqlite3_trace(
sqlite3_trace(
db,
(_, statement) => Console.WriteLine(statement),
null);
Expand All @@ -29,9 +31,9 @@ static void Main()
{
// Get the underlying sqlite3_stmt object
var stmt = reader.Handle;
var steps = SQLitePCL.raw.sqlite3_stmt_status(
var steps = sqlite3_stmt_status(
stmt,
SQLitePCL.raw.SQLITE_STMTSTATUS_VM_STEP,
SQLITE_STMTSTATUS_VM_STEP,
resetFlg: 0);
Console.WriteLine($"VM operations: {steps}");

Expand Down