Skip to content

SQLite encrypted additional package #482

Closed
fileman wants to merge 1 commit into
CommunityToolkit:mainfrom
fileman:main
Closed

SQLite encrypted additional package #482
fileman wants to merge 1 commit into
CommunityToolkit:mainfrom
fileman:main

Conversation

@fileman

@fileman fileman commented Jun 20, 2026
edited
Loading

Copy link
Copy Markdown

Add SQLite encryption as additional package without 3rd party license required (see .net 11 breaking change)

@fileman @claude
Add encrypted offline SQLite store package (SQLite3 Multiple Ciphers)
fec10d4 
Introduces CommunityToolkit.Datasync.Client.EncryptedSqlite, an additional
package that provides an encrypted offline SQLite store backed by SQLite3
Multiple Ciphers (SQLCipher-compatible). The encryption key is generated on
first run and supplied via EncryptedSqliteOptions.

- EncryptedSqliteDbContextOptionsExtensions / EncryptedSqliteFactory wire the
  encrypted connection into an offline DbContext.
- Correct rekey handling with WAL journaling and a SQLCipher-compatible reopen.
- TodoApp.MAUI.Encrypted sample demonstrates the encrypted offline store with a
  key generated on first run.
- Test project covering the encrypted store and offline DbContext behaviour.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@fileman fileman marked this pull request as ready for review June 20, 2026 16:26
@adrianhall

adrianhall commented Jun 21, 2026

Copy link
Copy Markdown
Collaborator

This needs a thorough review, so it won't be a part of 10.1.0 - love the idea, though.

@adrianhall adrianhall self-assigned this Jun 21, 2026
@adrianhall adrianhall added the Client Improvements or additions to the client code label Jun 21, 2026
@adrianhall adrianhall self-requested a review June 21, 2026 18:15
@adrianhall

adrianhall commented Jun 21, 2026

Copy link
Copy Markdown
Collaborator

LLM Review:

The new encryption package is well-designed, well-documented, and genuinely proves its core claims through tests. The single headline issue is architectural, not cryptographic: swapping the core client to the bundle-less …Sqlite.Core provider is a silent breaking change that will compile fine but crash at runtime for every existing consumer that doesn't add its own SQLitePCLRaw bundle (P0).

Adrians Notes:

First of all, thank you for taking the time to present a well-thought out codebase. It's rare that the LLM reviewer does not have ANY security issues reported.

That being said, I am unwilling to break existing developers in this way. This one can't be accepted as is. I'm willing to discuss a refactor of the underlying client-side database for the v12 release (aligned with .NET 12) but not in a v10 release.

We should probably take up this design in a Discussion first so we can determine the best way forward for a v12 release. We can then bring some of this work (refactored) along for the ride then.

Until then, you should consider a fork of the library for encrypted SQLite instead.

@adrianhall adrianhall closed this Jun 21, 2026
@fileman

fileman commented Jun 21, 2026

Copy link
Copy Markdown
Author

LLM Review:

The new encryption package is well-designed, well-documented, and genuinely proves its core claims through tests. The single headline issue is architectural, not cryptographic: swapping the core client to the bundle-less …Sqlite.Core provider is a silent breaking change that will compile fine but crash at runtime for every existing consumer that doesn't add its own SQLitePCLRaw bundle (P0).

Adrians Notes:

First of all, thank you for taking the time to present a well-thought out codebase. It's rare that the LLM reviewer does not have ANY security issues reported.

That being said, I am unwilling to break existing developers in this way. This one can't be accepted as is. I'm willing to discuss a refactor of the underlying client-side database for the v12 release (aligned with .NET 12) but not in a v10 release.

We should probably take up this design in a Discussion first so we can determine the best way forward for a v12 release. We can then bring some of this work (refactored) along for the ride then.

Until then, you should consider a fork of the library for encrypted SQLite instead.

LLM reviewed before create PR 😅
I leave it in 10, but the real problem came with .net 11, we can talk about it future

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adrianhall adrianhall Awaiting requested review from adrianhall

Assignees

@adrianhall adrianhall

Labels

Client Improvements or additions to the client code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fileman @adrianhall