The SQLite Compressed and Encrypted Read-Only Database (CEROD) Extension


The SQLite Compressed and Encrypted Read-Only Database (CEROD) Extension is an add-on to the public domain version of SQLite that allows an application to read compressed and encrypted database files in addition to ordinary SQLite database files. Compression is done using zLib and encryption uses either AES-128 or the RC4 algorithm. The encryption phase is optional - CEROD will also read databases that are compressed but not encrypted.

The original intent of CEROD was to compress large proprietary databases so that they would fit into a CDROM or other space-limited media, though licensees have found other creative uses for the product.

The CEROD extension is fully compatible with the SQLite Encryption Extension (SEE). It is possible to build a version of SQLite that will read and write SEE-encrypted databases and also read CEROD-compressed databases.

The CEROD database file format can support databases up to 500 GB in size.

Building CEROD

The CEROD extension is shipped as source code. The licensee is responsible for compiling the code into working form. The CEROD extension consists of a single file of ANSI-C source code which is appended to an ordinary public-domain version of the SQLite amalgamation. The combined source code file is then compiled as it normally would be, except that the -DSQLITE_ENABLE_CEROD=1 command-line option must be added to the compiler and the result must be linked against the zLib library (usually accomplished by adding the -lz option to the compiler.)

CEROD is written entirely in uncomplicated ANSI-C code. Anyone who is able to compile the public domain SQLite should have no difficulty compiling the CEROD extension.

CEROD includes a separate utility program used to construct a read-only CEROD database. This utility program (called cerod_build.exe) reads an ordinary, uncompressed and unencrypted SQLite database built by a public-domain version of SQLite and constructs an equivalent compressed and encrypted CEROD database. The cerod_build.exe utility program is implemented in a single file of uncomplicated ANSI-C code and is easy to compile for Windows, Linux, MacOS-X, or any other workstation.

Using CEROD

CEROD-enhanced SQLite will read and write ordinary SQLite database files just like the public domain version of SQLite. In fact, a CEROD-enhanced version of SQLite should be a drop-in replacement for public-domain SQLite in existing applications. No changes are required to the application. There are no new APIs.

To access a CEROD database, the application merely prepends a string containing the database encryption password to the front of the filename that is passed to sqlite3_open() when opening the database. If the encryption password is "passwd" and the name of the CEROD database file is "filename.db", then the CEROD database might be opened like this:

rc = sqlite3_open(":cerod:passwd:filename.db", &db);

Readers who are familiar with the SQLite C interface will recognize that the only difference is the addition of the :cerod:passwd: prefix to the filename. To open an unencrypted CEROD database, simply provide a prefix with an empty password: :cerod::.

Because no new C-level APIs are involved, CEROD can also be used in applications written in languages other than C or C++. Simple add the appropriate prefix to the database filename, and the CEROD extension will recognize that the database is a CEROD database and open it correctly.

Deliverables

After you purchase a license to use CEROD, you will be issued a userid and password to the on-line software configuration management system for CEROD. You can then log in and download the latest CEROD source code and documentation whenever you like. Your license is perpetual, so your login never expires. You can log in as often as you like to obtain the latest updates.

License

The CEROD is licensed software. Here is a copy of a sample license agreement. Your license is perpetual. You can ship as many compiled, binary copies of SQLite with your commercial product as long as each copy is attached to your product in such a way that it cannot be separated from your product. Normally this means that you should statically link CEROD with your product, thought exceptions to this rule can be made as circumstances require. There are no per-copy royalties are fees and there are no license renewals.

Your CEROD license is valid for multiple products as long as all products are developed and maintained by a single team. For the purposes of this paragraph a "team" is a group of people who work together and all know each others names. For smaller organizations, an entire company is usually considered a single team. However, for larger firms, we may ask that different project teams each acquire their own separate license.

The cost of a perpetual source code license for CEROD is US $2000. You can order on-line or send email to sqlite@hwaci.com or call during east-coast business hours: +1.704.948.4565.

Support

The base price of CEROD does not include support. We will answer a few simple questions to help you get started, and we will fix any bugs you find within 90 days of purchase. But for help beyond this, we ask that you obtain an Annual Maintenance Subscription for SQLite. An Annual Maintenance Subscription entitles you to support for both CEROD and for the public-domain SQLite code.

Higher levels of support are available on a negotiated basis. Baseline support packages include a Technical Support Agreements and SQLite Consortium Membership. Consortium membership is the highest level of support offered. The US $2000 CEROD license fee is waived for Consortium members.

Evaluation Versions and Additional Information

For additional information about SQLite and/or CEROD or to arrange to receive a evaluation version of CEROD, please contact us directly at sqlite@hwaci.com or by phone at +1.704.948.4565 during east-coast business hours.