Page MenuHomePhabricator

Use SQLCipher as SQLite engine on web
ClosedPublic

Authored by marcin on Dec 22 2023, 7:26 AM.
Tags
None
Referenced Files
F3378349: D10450.diff
Wed, Nov 27, 9:47 AM
Unknown Object (File)
Wed, Nov 13, 7:07 AM
Unknown Object (File)
Wed, Nov 13, 7:07 AM
Unknown Object (File)
Wed, Nov 13, 7:07 AM
Unknown Object (File)
Oct 14 2024, 3:28 AM
Unknown Object (File)
Oct 11 2024, 9:18 PM
Unknown Object (File)
Oct 11 2024, 9:18 PM
Unknown Object (File)
Oct 11 2024, 9:15 PM
Subscribers

Details

Summary

This differential compiles SQLCipher-amalgamation as SQLite engine instead of SQLite-amalgamation. Since SQLCipher-amalgamation compilation requires linking
against openssl we additionally compile openssl to emscripten wasm and link SQLCipher-amalgamation against it.

Test Plan
  1. Open web app before creating new WASM to create database handled by original WASM.
  2. Hardcode encryption key in SQLiteQueryExecutor and build new WASM.
  3. Ensure that database is re-encrypted by examining logs from shared worker.
  4. Ensure that app is as usable as before.

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

I mentioned this on Linear, but figure it's worth mentioning here too:

I wonder if we should package SQLCipher + OpenSSL as a separate wasm binary. That way, the client would only need to redownload those parts if they change.

I mentioned this on Linear, but figure it's worth mentioning here too:

I wonder if we should package SQLCipher + OpenSSL as a separate wasm binary. That way, the client would only need to redownload those parts if they change.

Responded on Linear

  1. Refactor the script to extract independent steps.
  2. Add no-dso option to OpenSSL compilation configuration. Without this option I was seeing errors like this and I debugged that it originates from this code.
kamil added inline comments.
web/scripts/run_emscripten.sh
61 ↗(On Diff #35015)

I think it's better to use pushd and popd in script rather than cd

This revision is now accepted and ready to land.Jan 2 2024, 4:20 AM
  1. Ensure encryption key is never set on web db to avoid performance degradation.
  2. Use pushd and popd instead of cd.
This revision was automatically updated to reflect the committed changes.