I am trying to secure some sensible data by implementing encryption in my already existing and functioning database setup in an android application.
I tried to follow this tutorial (http://sqlcipher.net/sqlcipher-for-android/) and I browsed a lot of foruns, including the google group for Cipher. However, I still don't clearly understand how does SQLCipher work and how I should adapt my code to serve my needs.
I am following this implementation of databases in android: http://www.vogella.com/articles/AndroidSQLite/#databasetutorial_database, meaning I have an extension of the SQLiteOpenHelper class and another class to store CRUD methods.
In this situation how should I use SQLCipher? Where should I define the password? Where should I use loadLibs(context)? Only in the main activity? Or in every activity that accesses the database?
I feel I'm almost there, I just need the final push to figure this out :P
Thanks in advance!
In this situation how should I use SQLCipher?
Exactly like an normal your normal sql implementation.
Where should I define the password?
If you are using SQLiteHelper it will create the database when you first get it like this:
helper.getWriteableDatabase("myPassword");
On the first call it will create the database with this Password. On the upcoing calls it will only work with this password.
( Figured that out when i went to the Source: https://github.com/sqlcipher/android-database-sqlcipher/blob/master/android-database-sqlcipher/src/main/java/net/sqlcipher/database/SQLiteOpenHelper.java, checkout the method getWriteableDatabase( String pw )
there! )
Where should I use loadLibs(context)?
Right before you call helper.getWriteableDatabase("myPassword"); the first time!
In this situation how should I use SQLCipher?
That is impossible to answer in the abstract. You would use it largely the same way that you use SQLite.
Where should I define the password?
You should get it from the user.
Where should I use loadLibs(context)? Only in the main activity? Or in every activity that accesses the database?
Once per process is sufficient (in fact, more could conceivably be a problem). If you are using a ContentProvider for your SQLCipher database, call loadLibs() in onCreate() of the ContentProvider. If you are using a custom Application, call loadLibs() in onCreate() of the Application.
Related
I am looking for a way to test against an sqllite database, I know that Mocks Objects can't do it.
What is the best possible way?
I have already tried to look into writing sql scripts to delete the data out of there, but that just cluttered my production code with test code.
Assuming you need to actually test query your database, usually a separate test database is created, which mimics your 'real' database. Before each test, truncate the tables (and seed if necessary).
If you do not actually need to query your database, definitely use mocks. Create an interface and a class implementing it doing the actual queries, and mock the interface in your tests. Of course you need to test this implementing class, which you can do in the way described above.
I am working on an application whose purpose is to display a listview whose content will depend on which button the user clicks, and whose data come from a sql databse. It means my database will be using a "readable" attribute only, no need to change information from the database.
So, to learn how to do it, I am reading and doing lot of tutorials and i feel a bit lost about what is really required and what is optional in the design of the application.
Here is why. I have learned that to do so, my app will need:
- a ----Helper class (extending SQLiteOpenHelper)
- a ----Adapter class (to define my methods and queries for the database)
- a ----Table class (one class for each table of my database)
- my MainActivity (in my case, extending ListActivities)
And then, i found out that to do so I also need :
- CursorLoader
- ContentProvider
- fillData()
Every time I try to learn more, I find out about more and more classes or methods to use, it seems endless and I don't know if I really need to have that many classes for my application.
If someone can tell me if it seems right to have that many things, thanks in advance!
First of all, you need to have a high level overview of what exactly you are going to do with the database and how. And, what you have figured out is almost correct.
Basic Steps for any DB app in android are :
You will require Helper class, using which you can create or upgrade database along with tables.
Once you have database ready, there is a need for the class which will contain the data that you need to save in the database.
And lastly, there will be a class which will fire queries and retrieve data from database.
Till here, all backend functions are complete. Now you need to display the data that you have retrieved from db. For which, you use another class(in your class, one which extends ListActivity).
Don't get overwhelmed by number of classes, all the functionalities are kept in separate classes just to avoid cluttered code. But the basic steps remain same !
And then, i found out that to do so I also need :
- CursorLoader
- ContentProvider
- fillData()
Yes, these are different things that you could use to perform required function, like ContentProvider is used if you want to share data with other applications. So just figure out if you want to do that, and then only move ahead. Else the basic steps are enough.
Hope this helps!
You may refer a very nice tutorial on this : http://www.vogella.com/articles/AndroidSQLite/article.html
I have location obtained in one activity.Now I want to store it somewhere so that I can use it later in another activity.How can I do that ? Is there any way of doing this android ?
As said in the comments, you should take a look in the android docs here: http://developer.android.com/guide/topics/data/data-storage.html
If you want to use this data immediately in another activity then you could pass the data via an intent to the other activity. An example of this is here: How to pass an object from one activity to another on Android
With regard to data storage, SQLLite databases may be hard for a beginner, so in this instance, I would probably reccomend you use 'shared preferences' as they are easier to work with.
you can use the SQLite database to store the data, but you have to implement the DbHelper class in order to do so.
Another approach would be storing the data in the Application class, in a field or something, but I wouldn't recommend it because it would be messy, but that's my opinion; this approach is a lot more easy and fast to implement.
There are two simple ways to achieve this , either use sharedpreference or use bundle
I'm new to android development and I've got a little stuck with the new API, I can't seem to find a tutorial to help.
I've got a database with a SQLOpenHelper and a Database adapter that I've seen used in many examples, such as this. I want to hook up the data into a list, so have created a ListFragment. The tutorials that I've seen use the startManagingCursor(c) method in Activity, however the documentation says that this is depreciated and to use CursorLoader.
To use the CursorLoader it looks like I need a uri, which implies I need a content provider. I don't need a content provider for my app, so I'm not sure how to implement this or what is the correct/ recommended way.
A shove in the right direction would be great!
Some points that I need to add here
Use CursorLoader instead of startManagingCursor. It is easy to use and more safe
Check The Problem with "Managed Cursors", explain that correctly
Definitely the best approach is to use content provider in front of your database to get the uri
It is very simple to implement Content provider with your db, check Simple Content Provider for db operations
From what I've read and understood, the Android team encourages the use of a ContentProvider that sits in front of your database. As you can see with CursorLoader, the Android API is also encouraging this usage pattern.
Letting aside discussions if this is the best approach for small apps, I think you should not fight the API and go with a ContentProvider. CursorLoader handles a lot of stuff for you and I find it works really well.
Yes, use ContentProvider, that's Google teams encounge to do. Remember the three layers in database book:storage, logic,application. Contentprovider act as the logic.
I want to create my own SyncAdapter, that syncs information from my app with some server.
The thing is - I want the sync itself to run from my own application's context, using my own connection to the DB, w/o the need to access my DB using a ContentProvider.
Is that possible?
Thank you,
Udi
Short answer: No, it's not possible.
Long answer: The Android platform's model for sync is to link a user Account to a ContentProvider through a SyncAdapter. You can't set up the XML tags in AndroidManifest to be read by the Android platform without having set up all three.
Biased answer: You should never write an app with a local DB. ContentProvider is by far the way to go, for the reasons listed here.