C# 密码保护 SQLite 数据库。是否可以?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1381264/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Password Protect a SQLite DB. Is it possible?
提问by Jhonny D. Cano -Leftware-
I have to face a new little project. It will have about 7 or 9 tables, the biggest of them will grow by a max rate of 1000 rows a month.
我必须面对一个新的小项目。它将有大约 7 或 9 个表,其中最大的表将以每月 1000 行的最大速度增长。
I thought about SQLite as my db... But i will need to protect the db in case anybody wants to change data from the db
我认为 SQLite 作为我的数据库...但我需要保护数据库以防有人想更改数据库中的数据
My main question is:
我的主要问题是:
Is it possible password protect a sqlite db as you would do on access?
是否可以像访问时一样使用密码保护 sqlite 数据库?
What other RDBMS would you recommend for such a small solution?
对于这么小的解决方案,您会推荐哪些其他 RDBMS?
The development would be on C#, but i'm searching something free.
开发将在 C# 上进行,但我正在寻找免费的东西。
采纳答案by Mangesh
You can password protect a SQLite3 DB. Before doing any operations, set the password as follows.
您可以密码保护 SQLite3 数据库。在进行任何操作之前,请按如下方式设置密码。
SQLiteConnection conn = new SQLiteConnection("Data Source=MyDatabase.sqlite;Version=3;");
conn.SetPassword("password");
conn.Open();
then next time you can access it like
那么下次你可以像这样访问它
conn = new SQLiteConnection("Data Source=MyDatabase.sqlite;Version=3;Password=password;");
conn.Open();
This wont allow any GUI editor to view your data. Some editors can decrypt the DB if you provide the password. The algorithm used is RSA.
这将不允许任何 GUI 编辑器查看您的数据。如果您提供密码,一些编辑器可以解密数据库。使用的算法是RSA。
Later if you wish to change the password, use
稍后如果您想更改密码,请使用
conn.ChangePassword("new_password");
To reset or remove password, use
要重置或删除密码,请使用
conn.ChangePassword(String.Empty);
回答by Reed Copsey
回答by rogeriopvl
You can encrypt your SQLite database with the SEE addon. This way you prevent unauthorized access/modification.
您可以使用 SEE 插件加密您的 SQLite 数据库。这样可以防止未经授权的访问/修改。
Quoting SQLite documentation:
引用 SQLite 文档:
The SQLite Encryption Extension (SEE) is an enhanced version of SQLite that encrypts database files using 128-bit or 256-Bit AES to help prevent unauthorized access or modification. The entire database file is encrypted so that to an outside observer, the database file appears to contain white noise. There is nothing that identifies the file as an SQLite database.
SQLite 加密扩展 (SEE) 是 SQLite 的增强版本,它使用 128 位或 256 位 AES 加密数据库文件,以帮助防止未经授权的访问或修改。整个数据库文件都经过加密,因此对于外部观察者来说,数据库文件似乎包含白噪声。没有任何东西可以将该文件标识为 SQLite 数据库。
You can find more info about this addon in this link.
您可以在此链接中找到有关此插件的更多信息。
回答by John Boker
for your question about password protecting your sqlite db, i don't think it can be done.
对于您关于密码保护您的 sqlite 数据库的问题,我认为这是不可能的。
you can encrypt it though, here's some information on that:
你可以加密它,这里有一些关于它的信息:
it's $149 per platform.
每个平台 149 美元。
回答by Liron Levi
You can use the built-in encryption of the sqlite .net provider (System.Data.SQLite). See more details at http://web.archive.org/web/20070813071554/http://sqlite.phxsoftware.com/forums/t/130.aspx
您可以使用 sqlite .net 提供程序 (System.Data.SQLite) 的内置加密。在http://web.archive.org/web/20070813071554/http://sqlite.phxsoftware.com/forums/t/130.aspx查看更多详细信息
To encrypt an existing unencrypted database, or to change the password of an encrypted database, open the database and then use the ChangePassword() function of SQLiteConnection:
要加密现有的未加密数据库,或更改加密数据库的密码,请打开数据库,然后使用 SQLiteConnection 的 ChangePassword() 函数:
// Opens an unencrypted database
SQLiteConnection cnn = new SQLiteConnection("Data Source=c:\test.db3");
cnn.Open();
// Encrypts the database. The connection remains valid and usable afterwards.
cnn.ChangePassword("mypassword");
To decrypt an existing encrypted databasecall ChangePassword()with a NULLor ""password:
要使用 a或密码解密现有的加密数据库调用:ChangePassword()NULL""
// Opens an encrypted database
SQLiteConnection cnn = new SQLiteConnection("Data Source=c:\test.db3;Password=mypassword");
cnn.Open();
// Removes the encryption on an encrypted database.
cnn.ChangePassword(null);
To open an existing encrypted database, or to create a new encrypted database, specify a password in the ConnectionStringas shown in the previous example, or call the SetPassword()function before opening a new SQLiteConnection. Passwords specified in the ConnectionStringmust be cleartext, but passwords supplied in the SetPassword()function may be binary byte arrays.
要打开现有的加密数据库,或创建新的加密数据库,请ConnectionString在前面的示例中指定密码,或SetPassword()在打开新的SQLiteConnection. 中指定的密码ConnectionString必须是明文,但SetPassword()函数中提供的密码可以是二进制字节数组。
// Opens an encrypted database by calling SetPassword()
SQLiteConnection cnn = new SQLiteConnection("Data Source=c:\test.db3");
cnn.SetPassword(new byte[] { 0xFF, 0xEE, 0xDD, 0x10, 0x20, 0x30 });
cnn.Open();
// The connection is now usable
By default, the ATTACH keyword will use the same encryption key as the main database when attaching another database file to an existing connection. To change this behavior, you use the KEY modifier as follows:
默认情况下,将另一个数据库文件附加到现有连接时,ATTACH 关键字将使用与主数据库相同的加密密钥。要更改此行为,请按如下方式使用 KEY 修饰符:
If you are attaching an encrypted database using a cleartext password:
如果您使用明文密码附加加密数据库:
// Attach to a database using a different key than the main database
SQLiteConnection cnn = new SQLiteConnection("Data Source=c:\test.db3");
cnn.Open();
cmd = new SQLiteCommand("ATTACH DATABASE 'c:\pwd.db3' AS [Protected] KEY 'mypassword'", cnn);
cmd.ExecuteNonQuery();
To attach an encrypted database using a binary password:
要使用二进制密码附加加密数据库:
// Attach to a database encrypted with a binary key
SQLiteConnection cnn = new SQLiteConnection("Data Source=c:\test.db3");
cnn.Open();
cmd = new SQLiteCommand("ATTACH DATABASE 'c:\pwd.db3' AS [Protected] KEY X'FFEEDD102030'", cnn);
cmd.ExecuteNonQuery();
回答by Trever Fischer
Why do you need to encrypt the database? The user could easily disassemble your program and figure out the key. If you're encrypting it for network transfer, then consider using PGP instead of squeezing an encryption layer into a database layer.
为什么需要加密数据库?用户可以轻松地反汇编您的程序并找出密钥。如果您要对其进行加密以进行网络传输,请考虑使用 PGP,而不是将加密层压缩到数据库层中。
回答by Avdaff
Use SQLCipher, it's an opensource extension for SQLite that provides transparent 256-bit AES encryption of database files. http://sqlcipher.net
使用 SQLCipher,它是 SQLite 的开源扩展,提供透明的 256 位 AES 数据库文件加密。http://sqlcipher.net
回答by Bronek
If you use FluentNHibernateyou can use following configuration code:
如果您使用FluentNHibernate,则可以使用以下配置代码:
private ISessionFactory createSessionFactory()
{
return Fluently.Configure()
.Database(SQLiteConfiguration.Standard.UsingFileWithPassword(filename, password))
.Mappings(m => m.FluentMappings.AddFromAssemblyOf<DBManager>())
.ExposeConfiguration(this.buildSchema)
.BuildSessionFactory();
}
private void buildSchema(Configuration config)
{
if (filename_not_exists == true)
{
new SchemaExport(config).Create(false, true);
}
}
Method UsingFileWithPassword(filename, password)encrypts a database file and sets password.
It runs only if the new database file is created. The old one not encrypted fails when is opened with this method.
方法UsingFileWithPassword(filename, password)加密数据库文件并设置密码。
它仅在创建新数据库文件时运行。使用此方法打开未加密的旧文件时会失败。
回答by David Price
I know this is an old question but wouldn't the simple solution be to just protect the file at the OS level? Just prevent the users from accessing the file and then they shouldn't be able to touch it. This is just a guess and I'm not sure if this is an ideal solution.
我知道这是一个老问题,但简单的解决方案不是只在操作系统级别保护文件吗?只是阻止用户访问该文件,然后他们就不能触摸它。这只是一个猜测,我不确定这是否是理想的解决方案。
