github.com/meow-io/go-sqlcipher
Advanced tools
Self-contained Go sqlite3 driver with an AES-256 encrypted sqlite3 database conforming to the built-in database/sql interface. It is based on:
SQLite itself is part of SQLCipher.
The version tags of go-sqlcipher employ semver. As this library is based on mattn/go-sqlite3 and sqlcipher/sqlcipher, if either one receives a minor or major version update, the version number of this will also receieve a minor or major update. The CHANGELOG.md details the changes in each version.
SQLCipher 4.x is incompatible with SQLCipher 3.x!
go-sqlcipher does not implement any migration strategies at the moment. So if you upgrade a major version of go-sqlcipher, you yourself are responsible to upgrade existing database files.
See migrating databases for details.
This package can be installed with the go get command:
go get github.com/meow-io/go-sqlcipher
To create and open encrypted database files use the following DSN parameters:
key := "2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99"
dbname := fmt.Sprintf("db?_pragma_key=x'%s'&_pragma_cipher_page_size=4096", key)
db, _ := sql.Open("sqlite3", dbname)
_pragma_key is the hex encoded 32 byte key (must be 64 characters long).
_pragma_cipher_page_size is the page size of the encrypted database (set if
you want a different value than the default size).
key := url.QueryEscape("secret")
dbname := fmt.Sprintf("db?_pragma_key=%s&_pragma_cipher_page_size=4096", key)
db, _ := sql.Open("sqlite3", dbname)
This uses a passphrase directly as _pragma_key with the key derivation function in
SQLCipher. Do not forget the url.QueryEscape() call in your code!
See also PRAGMA key.
API documentation can be found here: http://godoc.org/github.com/meow-io/go-sqlcipher
Use the function sqlite3.IsEncrypted() to check whether a database file is encrypted or not.
Examples can be found under the ./_example directory
The code of the originating packages is covered by their respective licenses. See LICENSE file for details.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A mini Shai-Hulud campaign compromised Red Hat Cloud Services npm packages to steal developer and CI/CD secrets during installation.
Research
/Security News
The North Korean malware loader hides in a Packagist-listed package and its GitHub branch to fetch and execute remote code in a likely Contagious Interview-style lure.
Security News
The Rust project is moving toward formal rules on LLM use in contributions after months of internal debate over maintainer burden, code quality, and contributor experience.