Android Question pragma cipher_memory_security = OFF

RB Smissaert · Apr 9, 2024

Using the latest version of SQLCipher, recently uploaded by Erel: 1.7.
SQLite version is 3.41.2

Before changing to the latest SQLCipher version I used to be able to change this pragma setting while running the app by
just running:
pragma cipher_memory_security = OFF
or
pragma cipher_memory_security = ON

Now I can turn it on OK but I am unable to then turn if off again.
I did some Googling and found on this:

SUSE Package Hub -

packagehub.suse.com

* Changes the enhanced memory security feature to be DISABLED by default; once enabled by PRAGMA cipher_memory_security = ON, it can't be turned off for the lifetime of the process

Not sure if this explains the mentioned behaviour.
When I run pragma cipher_memory_security = OFF and then recompile then the setting is off OK, not sure why this is.
I would like to be able to turn it both on and off while running the app.

Any suggestions how to do this?

RBS

RB Smissaert · Apr 10, 2024

RB Smissaert said:
Using the latest version of SQLCipher, recently uploaded by Erel: 1.7.
SQLite version is 3.41.2

Before changing to the latest SQLCipher version I used to be able to change this pragma setting while running the app by
just running:
pragma cipher_memory_security = OFF
or
pragma cipher_memory_security = ON

Now I can turn it on OK but I am unable to then turn if off again.
I did some Googling and found on this:

SUSE Package Hub -

packagehub.suse.com

* Changes the enhanced memory security feature to be DISABLED by default; once enabled by PRAGMA cipher_memory_security = ON, it can't be turned off for the lifetime of the process

Not sure if this explains the mentioned behaviour.
When I run pragma cipher_memory_security = OFF and then recompile then the setting is off OK, not sure why this is.
I would like to be able to turn it both on and off while running the app.

Any suggestions how to do this?

RBS

The strange thing about this bug is that if the app is started from a compile, cipher_memory_security is set to on fine (that is set to off as in the saved setting), but if
the app is started from a normal app icon click the setting is not applied OK.
How can I make the app (or the SQLite database) behave as when it is started from a compile?

RBS

RB Smissaert · Apr 10, 2024

RB Smissaert said:
The strange thing about this bug is that if the app is started from a compile, cipher_memory_security is set to on fine (that is set to off as in the saved setting), but if
the app is started from a normal app icon click the setting is not applied OK.
How can I make the app (or the SQLite database) behave as when it is started from a compile?

RBS

Got a reply from Nick from Zetetic:

The PRAGMA cipher_memory_security feature is off by default due to the performance impact of the feature. Once enabled at runtime, you cannot disable it .

RBS

RB Smissaert · Apr 10, 2024

RB Smissaert said:
Got a reply from Nick from Zetetic:

The PRAGMA cipher_memory_security feature is off by default due to the performance impact of the feature. Once enabled at runtime, you cannot disable it .

RBS

To confirm this:

Indeed if pragma cipher_memory_security doesn’t run at the app startup, then a recompile of the app
will turn it off. So it was not the pragma that changed the setting in a compile off the app, but it just returned to the default, that is off.
All established now and it looks you can only turn it on at runtime, but not off.

RBS

RB Smissaert · Apr 11, 2024

RB Smissaert said:
To confirm this:

Indeed if pragma cipher_memory_security doesn’t run at the app startup, then a recompile of the app
will turn it off. So it was not the pragma that changed the setting in a compile off the app, but it just returned to the default, that is off.
All established now and it looks you can only turn it on at runtime, but not off.

RBS

Just one more thing to mention about this:
Don't be fooled by the fact that running:
pragma cipher_memory_security
(just after initializing the SQLite DB)
shows: 0
after you had turned it on, closed the app
and then restarted the app (without re-compiling the app).
Although it says 0, memory security is still turned on. Only a re-compile of the app can turn it off.
Quite confusing!

I am thinking that I may compile 2 apps, both exactly the same, apart from the cipher_memory_security state.
With that you would be able to turn it both on and off.

RBS

RB Smissaert · Apr 11, 2024

RB Smissaert said:
Just one more thing to mention about this:
Don't be fooled by the fact that running:
pragma cipher_memory_security
(just after initializing the SQLite DB)
shows: 0
after you had turned it on, closed the app
and then restarted the app (without re-compiling the app).
Although it says 0, memory security is still turned on. Only a re-compile of the app can turn it off.
Quite confusing!

I am thinking that I may compile 2 apps, both exactly the same, apart from the cipher_memory_security state.
With that you would be able to turn it both on and off.

RBS

RB Smissaert · Apr 11, 2024

This is a confusing topic and this was still not right.
After running:
Pragma cipher_memory_security = ON
Then running:
Pragma cipher_memory_security = OFF
Then closing the app restarting the phone
and starting the app, cipher_memory_security will be off!
So there is no need to have app in the 2 different cipher_memory_security states and no need to recompile.

RBS

Android Question pragma cipher_memory_security = OFF

RB Smissaert

Well-Known Member

SUSE Package Hub -

RB Smissaert

Well-Known Member

SUSE Package Hub -

RB Smissaert

Well-Known Member

RB Smissaert

Well-Known Member

RB Smissaert

Well-Known Member

RB Smissaert

Well-Known Member

RB Smissaert

Well-Known Member

Similar Threads

Android Question pragma cipher_memory_security = OFF

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Similar Threads

Privacy & Transparency

Privacy & Transparency