Golang SQLCipher driver conforming to the built-in database/sql interface and using the latest sqlite3 code.
SQLCipher driver conforming to the built-in database/sql interface and using the latest sqlite3 code.
NOTE: v2.0.1 or higher is unfortunatal release. So there are no big changes. And does not provide v2 feature.
which is
3.31.0
Working with sqlcipher version which is
4.3.0
It's wrapper with * go-sqlite3 sqlite3 driver for go that using database/sql. * SQLCipher SQLCipher is an SQLite extension that provides 256 bit AES encryption of database files. * Using openssl as the 256 bit AES encryption.
Supported Golang version: See .travis.yml
This package follows the official Golang Release Policy.
Due to the go-sqlite3 project change its way to load the
PRAGMAvariables. Setting the encrypting key won't work for the existing database anymore. But you can load the encrypt key by setting with query parameter
_key, like:
golang b, err = sql.Open("sqlite3", databasefile +"?_key=password")
To upgrade SQLCipher from 3.x to 4.x, please take a look of: 1. https://www.zetetic.net/sqlcipher/sqlcipher-api/#cipher_migrate 2. Upgrading to SQLCipher 4
This package can be installed with the go get command:
go get github.com/xeodou/go-sqlcipher
go-sqlcipher is cgo package. If you want to build your app using go-sqlcipher, you need gcc. However, if you install go-sqlcipher with
go install github.com/xeodou/go-sqlcipher, you don't need gcc to build your app anymore.
Important: because this is a
CGOenabled package you are required to set the environment variable
CGO_ENABLED=1and have a
gcccompile present within your path.
API documentation can be found here: http://godoc.org/github.com/xeodou/go-sqlcipher
Examples can be found under the examples directory
When creating a new SQLite database or connection to an existing one, with the file name additional options can be given. This is also known as a DSN string. (Data Source Name).
Options are append after the filename of the SQLite database. The database filename and options are seperated by an
?(Question Mark). Options should be URL-encoded (see url.QueryEscape).
This also applies when using an in-memory database instead of a file.
Options can be given using the following format:
KEYWORD=VALUEand multiple options can be combined with the
&ersand.
This library supports dsn options of SQLite itself and provides additional options.
Boolean values can be one of: *
0
no
false
off*
1
yes
true
on
| Name | Key | Value(s) | Description | |------|-----|----------|-------------| | UA - Create |
_auth| - | Create User Authentication, for more information see User Authentication | | UA - Username |
_auth_user|
string| Username for User Authentication, for more information see User Authentication | | UA - Password |
_auth_pass|
string| Password for User Authentication, for more information see User Authentication | | UA - Crypt |
_auth_crypt|
_auth_salt|
string| Salt to use if the configure password encoder requires a salt, for User Authentication, for more information see User Authentication | | Auto Vacuum |
_auto_vacuum|
_vacuum|
0|
none
1|
full
2|
incremental
_busy_timeout|
_timeout|
int| Specify value for sqlite3busytimeout. For more information see PRAGMA busy_timeout | | Case Sensitive LIKE |
_case_sensitive_like|
_cslike|
boolean| For more information see PRAGMA casesensitivelike | | Defer Foreign Keys |
_defer_foreign_keys|
_defer_fk|
boolean| For more information see PRAGMA deferforeignkeys | | Foreign Keys |
_foreign_keys|
_fk|
boolean| For more information see PRAGMA foreign_keys | | Ignore CHECK Constraints |
_ignore_check_constraints|
boolean| For more information see PRAGMA ignorecheckconstraints | | Immutable |
immutable|
boolean| For more information see Immutable | | Journal Mode |
_journal_mode|
_journal|
_locking_mode|
_locking|
mode|
_mutex|
_query_only|
boolean| For more information see PRAGMA query_only | | Recursive Triggers |
_recursive_triggers|
_rt|
boolean| For more information see PRAGMA recursive_triggers | | Secure Delete |
_secure_delete|
boolean|
FAST| For more information see PRAGMA secure_delete | | Shared-Cache Mode |
cache|
_synchronous|
_sync|
_loc| auto | Specify location of time format. | | Transaction Lock |
_txlock|
_writable_schema|
Boolean| When this pragma is on, the SQLITE_MASTER tables in which database can be changed using ordinary UPDATE, INSERT, and DELETE statements. Warning: misuse of this pragma can easily result in a corrupt database file. |
file:test.db?cache=shared&mode=memory
This package allows additional configuration of features available within SQLite3 to be enabled or disabled by golang build constraints also known as build
tags.
Click here for more information about build tags / constraints.
Please notice The
userAuthenticationextention is not support the library, since the SQLCipher is already let you create the encrypted database.
If you wish to build this library with additional extensions / features. Use the following command.
go build --tags ""
If you want to build the project without the
libcrypto, you could specific the openssl library by using the command.
bash CGO_ENABLE=1 CGO_LDFLAGS="-L/usr/local/opt/openssl/lib" CGO_CPPFLAGS="-I/usr/local/opt/openssl/include" go build _example/encrypto/encrypto.go
For available features see the extension list. When using multiple build tags, all the different tags should be space delimted.
Example:
go build --tags "icu json1 fts5 secure_delete"
| Extension | Build Tag | Description |
|-----------|-----------|-------------|
| Additional Statistics | sqlitestat4 | This option adds additional logic to the ANALYZE command and to the query planner that can help SQLite to chose a better query plan under certain situations. The ANALYZE command is enhanced to collect histogram data from all columns of every index and store that data in the sqlitestat4 table.
The query planner will then use the histogram data to help it make better index choices. The downside of this compile-time option is that it violates the query planner stability guarantee making it more difficult to ensure consistent performance in mass-produced applications.
SQLITEENABLESTAT4 is an enhancement of SQLITEENABLESTAT3. STAT3 only recorded histogram data for the left-most column of each index whereas the STAT4 enhancement records histogram data from all columns of each index.
The SQLITEENABLESTAT3 compile-time option is a no-op and is ignored if the SQLITEENABLESTAT4 compile-time option is used |
| Allow URI Authority | sqliteallowuriauthority | URI filenames normally throws an error if the authority section is not either empty or "localhost".
However, if SQLite is compiled with the SQLITEALLOWURIAUTHORITY compile-time option, then the URI is converted into a Uniform Naming Convention (UNC) filename and passed down to the underlying operating system that way |
| App Armor | sqliteapparmor | When defined, this C-preprocessor macro activates extra code that attempts to detect misuse of the SQLite API, such as passing in NULL pointers to required parameters or using objects after they have been destroyed.
App Armor is not available under
Windows. | | Disable Load Extensions | sqliteomitloadextension | Loading of external extensions is enabled by default.
This package requires
CGO_ENABLED=1ennvironment variable if not set by default, and the presence of the
gcccompiler.
If you need to add additional CFLAGS or LDFLAGS to the build command, and do not want to modify this package. Then this can be achieved by using the
CGO_CFLAGSand
CGO_LDFLAGSenvironment variables.
This package can be compiled for android. Compile with:
go build --tags "android"
For more information see #201
To compile for
ARMuse the following environment.
env CC=arm-linux-gnueabihf-gcc CXX=arm-linux-gnueabihf-g++ \ CGO_ENABLED=1 GOOS=linux GOARCH=arm GOARM=7 \ go build -v
Additional information: - #242 - #504
This library can be cross-compiled.
In some cases you are required to the
CCenvironment variable with the cross compiler.
Additional information: - #491 - #560
Building on GCP is not possible because Google Cloud Platform does not allow
gccto be executed.
Please work only with compiled final binaries.
To compile this package on Linux you must install the development tools for your linux distribution.
To compile under linux use the build tag
linux.
go build --tags "linux"
If you wish to link directly to libsqlite3 then you can use the
libsqlite3build tag.
go build --tags "libsqlite3 linux"
When building in an
alpinecontainer run the following command before building.
apk add --update gcc musl-dev
sudo yum groupinstall "Development Tools" "Development Libraries"
sudo apt-get install build-essential
OSX should have all the tools present to compile this package, if not install XCode this will add all the developers tools.
Required dependency
brew install sqlite3
For OSX there is an additional package install which is required if you wish to build the
icuextension.
This additional package can be installed with
homebrew.
brew upgrade icu4c
To compile for Mac OSX.
go build --tags "darwin"
If you wish to link directly to libsqlite3 then you can use the
libsqlite3build tag.
go build --tags "libsqlite3 darwin"
Additional information: - #206 - #404
The golang code is copy from go-sqlite3 If you have some issue, maybe you can find from https://github.com/mattn/go-sqlite3/issues
Here is some help from go-sqlite3 project.
1) Install a Windows
gcctoolchain. 2) Add the
binfolders to the Windows path if the installer did not do this by default. 3) Open a terminal for the TDM-GCC toolchain, can be found in the Windows Start menu. 4) Navigate to your project folder and run the
go build ...command for this package.
For example the TDM-GCC Toolchain can be found here.
Compile error:
can not be used when making a shared object; recompile with -fPIC
When receiving a compile time error referencing recompile with
-FPICthen you are probably using a hardend system.
You can compile the library on a hardend system with the following command.
go build -ldflags '-extldflags=-fno-PIC'
More details see #120
Can't build go-sqlite3 on windows 64bit.
Probably, you are using go 1.0, go1.0 has a problem when it comes to compiling/linking on windows 64bit. See: https://github.com/mattn/go-sqlite3/issues/27
go get github.com/mattn/go-sqlite3throws compilation error.
gccthrows:
internal compiler error
Remove the download repository from your disk and try re-install with:
go install github.com/mattn/go-sqlite3
This package supports the SQLite User Authentication module.
To use the User authentication module the package has to be compiled with the tag
sqlite_userauth. See Features.
To create a database protected by user authentication provide the following argument to the connection string
_auth. This will enable user authentication within the database. This option however requires two additional arguments:
_auth_user
_auth_pass
When
_authis present on the connection string user authentication will be enabled and the provided user will be created as an
adminuser. After initial creation, the parameter
_authhas no effect anymore and can be omitted from the connection string.
Example connection string:
Create an user authentication database with user
adminand password
admin.
file:test.s3db?_auth&_auth_user=admin&_auth_pass=admin
Create an user authentication database with user
adminand password
adminand use
SHA1for the password encoding.
file:test.s3db?_auth&_auth_user=admin&_auth_pass=admin&_auth_crypt=sha1
The passwords within the user authentication module of SQLite are encoded with the SQLite function
sqlite_cryp. This function uses a ceasar-cypher which is quite insecure. This library provides several additional password encoders which can be configured through the connection string.
The password cypher can be configured with the key
_auth_crypt. And if the configured password encoder also requires an salt this can be configured with
_auth_salt.
Operations on the database regarding to user management can only be preformed by an administrator user.
The user authentication supports two kinds of users
User management can be done by directly using the
*SQLiteConnor by SQL.
The following sql functions are available for user management.
| Function | Arguments | Description | |----------|-----------|-------------| |
authenticate| username
string, password
string| Will authenticate an user, this is done by the connection; and should not be used manually. | |
auth_user_add| username
string, password
string, admin
int| This function will add an user to the database.
adminis an integer identifying if the added user should be an administrator. Only Administrators can add administrators. | |
auth_user_change| username
string, password
string, admin
int| Function to modify an user. Users can change their own password, but only an administrator can change the administrator flag. | |
authUserDelete| username
string| Delete an user from the database. Can only be used by an administrator. The current logged in administrator cannot be deleted. This is to make sure their is always an administrator remaining. |
These functions will return an integer.
// Autheticate user // Create Admin User SELECT auth_user_add('admin2', 'admin2', 1);// Change password for user SELECT auth_user_change('user', 'userpassword', 0);
// Delete user SELECT user_delete('user');
The following functions are available for User authentication from the
*SQLiteConn.
| Function | Description | |----------|-------------| |
Authenticate(username, password string) error| Authenticate user | |
AuthUserAdd(username, password string, admin bool) error| Add user | |
AuthUserChange(username, password string, admin bool) error| Modify user | |
AuthUserDelete(username string) error| Delete user |
When using attached databases. SQLite will use the authentication from the
maindatabase for the attached database(s).
If you want your own extension to be listed here or you want to add a reference to an extension; please submit an Issue for this.
Spatialite is available as an extension to SQLite, and can be used in combination with this repository. For an example see shaxbee/go-spatialite.
extension-functions.c is available as an extension to SQLite, and provides the following functions:
For an example see dinedal/go-sqlite3-extension-functions.
Getting insert error while query is opened.
You can pass some arguments into the connection string, for example, a URI. See: #39
Do you want to cross compile? mingw on Linux or Mac?
See: #106 See also: http://www.limitlessfx.com/cross-compile-golang-app-for-windows-from-linux.html
Want to get time.Time with current locale
Use
_loc=autoin SQLite3 filename schema like
file:foo.db?_loc=auto.
Can I use this in multiple routines concurrently?
Yes for readonly. But, No for writable. See #50, #51, #209, #274.
Why I'm getting
no such tableerror?
Why is it racy if I use a
sql.Open("sqlite3", ":memory:")database?
Each connection to
":memory:"opens a brand new in-memory sql database, so if the stdlib's sql engine happens to open another connection and you've only specified
":memory:", that connection will see a brand new database. A workaround is to use
"file::memory:?cache=shared"(or
"file:foobar?mode=memory&cache=shared"). Every connection to this string will point to the same in-memory database.
Note that if the last database connection in the pool closes, the in-memory database is deleted. Make sure the max idle connection limit is > 0, and the connection lifetime is infinite.
For more information see
Reading from database with large amount of goroutines fails on OSX.
OS X limits OS-wide to not have more than 1000 files open simultaneously by default.
For more information see #289
Trying to execute a
.(dot) command throws an error.
Error:
Error: near ".": syntax errorDot command are part of SQLite3 CLI not of this library.
You need to implement the feature or call the sqlite3 cli.
More information see #305
Error:
database is locked
You can ignore these messages.
Example:
go db, err := sql.Open("sqlite3", "file:locked.sqlite?cache=shared")
Second please set the database connections of the SQL package to 1.
db.SetMaxOpenConns(1)
More information see #209
This project exists thanks to all the people who contribute. [Contribute].
Become a financial contributor and help us sustain our community. [Contribute]
Support this project with your organization. Your logo will show up here with a link to your website. [Contribute]
MIT:
sqlite3-binding.c, sqlite3-binding.h, sqlite3ext.h
The -binding suffix was added to avoid build failures under gccgo.
In this repository, those files are amalgamation code that copied from SQLCipher. The license of those codes are depend on the license of SQLCipher.
In this repository, those files are an amalgamation of code that was copied from SQLite3. The license of that code is the same as the license of SQLite3.
Original repository https://github.com/mattn/go-sqlite3 is under MIT.