SQLite Encryption Extension

Using System.Data.SQLite with SEE via NuGet
Login

In order to successfully make use of SEE with System.Data.SQLite via the published NuGet packages:

  1. Add a reference to the System.Data.SQLite.Core NuGet package OR one of the (parent) packages that have a dependency on it, e.g. System.Data.SQLite.
  1. Add a reference to the SQLite.Encryption.Extension NuGet package.
  1. When building for .NET Core, set the CopyLocalLockFileAssemblies MSBuild property in your project file.
  1. Make sure your "SDS-SEE.exml" license certificate file is copied into the application directory during the build process and included with the application deployment files.
  1. Prior to accessing an encrypted database, i.e. one that uses one of the "Password" connection string properties, the following snippet of code must be executed:
      System.AppDomain.CurrentDomain.SetData(System.String.Format(
          "Id_from_License_Certificate_{0}",
          System.Diagnostics.Process.GetCurrentProcess().Id),
          "EntityName_from_License_Certificate");

      System.Data.SQLite.SQLiteCommand.Execute(
          "PRAGMA activate_extensions='see-7bb07b8d471d642e';",
          System.Data.SQLite.SQLiteExecuteType.NonQuery,
          "Data Source=:memory:;");
In the above code, the strings "Id_from_License_Certificate" and "EntityName_from_License_Certificate" must match the text of the "Id" and "EntityName" values from your license certificate file, respectively, and will be provided with your license certificate file.
Care should be taken to retain the trailing literal underscore, between the "Id_from_License_Certificate" value and the remainder of the format string.
The "System.Data.SQLite.SQLiteCommand.Execute" method call above must be used verbatim.
In cases where a non-default application domain (AppDomain) is in use, e.g. Microsoft Office, other third-party applications, test frameworks, web services, etc, some code similar the following may be required as well:
      /*
       * NOTE: The .NET Core (and later) runtimes support only
       *       one application domain.  On those runtimes, the
       *       following environment variable has no effect.
       */
      System.Environment.SetEnvironmentVariable(
          "LicenseOtherAppDomain", "1");

      /*
       * NOTE: Depending on exactly how the application domain
       *       has been configured, the following environment
       *       variable may not be necessary; however, as long
       *       as it is set to the directory containing the
       *       correct "System.Data.SQLite.SEE.License.dll"
       *       file, setting it should be harmless.
       */
      System.Environment.SetEnvironmentVariable(
          "LicenseAssemblyPath",
          System.AppDomain.CurrentDomain.BaseDirectory);
To determine if code is executing in a non-default application domain, check the System.AppDomain.CurrentDomain.IsDefaultAppDomain property. If the resulting value is not true, the application domain in use is not the default application domain.
  1. Then, use the connection string property "Password", "HexPassword", or "TextPassword" to enable encryption for a database connection.
Please consult the System.Data.SQLite Documentation for further details.
Per section "8.1 Encryption algorithm selection using a key prefix" of the README, the specific encryption algorithm to use can be selected by using a short prefix on the connection string property value, e.g. to use the AES-256 encryption algorithm, prefix the string "aes256:" to the desired password.
Here is a short example:
      SQLiteConnection connection = new SQLiteConnection();

      connection.ConnectionString =
          "Data Source=test.db;Password=aes256:secret;";

      connection.Open();
  1. When deploying your application, the following files are required to be present in the application binary directory:
      <bin>\System.Data.SQLite.dll
      <bin>\x86\SQLite.Interop.dll
      <bin>\x64\SQLite.Interop.dll
      <bin>\System.Data.SQLite.SEE.License.dll
      <bin>\Eagle.dll
      <bin>\Harpy.dll
      <bin>\SDS-SEE.exml
When using the NuGet packages within Visual Studio, these files should be copied into the application binary directory automatically, via the project build process.
  1. When debugging your application (e.g. in Visual Studio), the following additional files are also required to be present within the application binary directory:
      <bin>\Eagle.Eye.dll
      <bin>\Configurations\Harpy.v1.eagle
      <bin>\Configurations\Harpy.v1.eagle.b64sig
When using the NuGet packages within Visual Studio, these files should be copied into the application binary directory automatically, via the project build process.