ciphered-local-storage-plugin
Mobile icon

Ciphered Local Storage Plugin

Supported
Stable version 3.2.4 (Compatible with OutSystems 11)
Other versions available for 10
Uploaded
 on 15 Nov
 by 
OutSystems
4.8
 (4 ratings)
ciphered-local-storage-plugin

Ciphered Local Storage Plugin

Details
This plugin enables you to keep your mobile application's sensitive data safe using a ciphered Local Storage database.
Read more

This plugin enables you to keep your mobile application's sensitive data safe using a ciphered Local Storage database.


How to use this plugin?

Just add a dependency to all elements of this plugin in a module of your application. Once the dependency is in place, your application starts using a newly created database which replicates the structure of your previous local database but which is now ciphered.


To make this change effective you need to:

  • Publish and rebuild your app - to replace the old local storage database with the new ciphered database.

  • Uninstall the previous version of your app - to remove the old local storage for security reasons. The old local storage can no longer be accessed by the application.

  • Install the new version - only this version references the new ciphered database.


Using this plugin disables Android’s Auto Backup for your apps. Auto Backup for Apps automatically backs up user data from different apps. If the app is then installed in a new device, Android tries to restore the ciphered local database that was backed up and the device tries to decrypt it with a new key. This causes the app to crash, thus disabling Auto Backup protects your app from crashing.

This plugin uses a set of open source components, whose license requires a visible reference in your application. For your convenience, you can find the license in the 'License' block under the Public flow of the CipheredLocalStoragePlugin module.


Enable Self Healing

Resets the local database to recover the app when the device is unable to decipher the local database. By default, this is disabled. To enable it, set the EnableSQLCipherSelfHealing preference to true in the Extensibility Configurations.

---

{

   "preferences":{

       "global": [{

           "name": "EnableSQLCipherSelfHealing",

           "value": true

       }]

   }

}

---

Note: Enable Self Healing feature will only reset the local database “restart” when the encryption key would become corrupt or disappear.  


Limitations

For Android devices a PIN must be set in the device, otherwise the application won’t start. Removal of the PIN will render the local storage database useless and its data will be lost. Changing the PIN has no effect in the local storage database.

Version 2.1.0 (O11) and 1.1.0 (O10) or higher versions are not compatible with the previous version, so it's supported the upgrade but the downgrade won't work.

The upgrade for version 3.0.0 (Support for 64-bits) is supported but once on this version, the downgrade won't work.

The app will stop working if there is a change in the hostname or the application path because the plugin will not be able to read the key to decrypt the local database. Additionally, users will lose all local data from the device.

A Mobile Application running and with data stored, won't work with an update which includes the Cipher Plugin.


Removing the plugin

Removing the plugin is a destructive operation. After you remove the cipher plugin the app cannot work and you lose all data in the Database. We recommend uninstalling the app, and then installing a new version that uses the Database without encryption.


Performance

The overhead added by this plugin affects response times of the local storage access.

In iOS devices, performance is affected only in scenarios where binary data is read/written .You may experience response times 2x slower. 

For Android devices, performance is affected for all scenarios, as the secure version is between 3x and 5x slower for both simple operations and binary data queries.


MABS Compatibility

The latest version (3.2.3) of Ciphered Local Storage Plugin is compatible with the supported MABS versions available: 

  • MABS 10.0 

  • MABS 9.0


Licensing

OutSystems Secure SQLite Plugin
MIT License (MIT)
Copyright (c) 2016 OutSystems

Follows the 3rd party components used and their licenses:

Cordova/PhoneGap SQLCipher adapter plugin
MIT License (MIT)
Copyright (c) 2016 Brodysoft LiteHelpers

SQLCipher Community Edition
SQLCipher Community Edition License
Copyright (c) 2008-2012 Zetetic LLC

SecureStorage plugin for Apache Cordova
MIT License (MIT)
Copyright 2015 Crypho AS

Release notes (3.2.4)

Fixes

  • Android: Update SQLCipher and SQLite versions to support devices with 16KB page sizes, making the plugin compatible with MABS 11.
License (3.2.4)
Reviews (1)
by 
2022-06-02
in version 3.1.5
very nice component.
Team
OutSystems
Other assets in this category