oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions 21 Packages Projects Releases Wiki Activity
Files
a9405a0d28afd226d20ece933dab2c9b20f901c3
aitbc/apps/blockchain-node/scripts/migrate_to_sqlcipher.py
aitbc 19d415a235
Some checks failed
Blockchain Synchronization Verification / sync-verification (push) Failing after 3s
Details
CLI Tests / test-cli (push) Failing after 3s
Details
Cross-Chain Functionality Tests / test-cross-chain-sync (push) Successful in 2s
Details
Cross-Chain Functionality Tests / test-cross-chain-transactions (push) Successful in 3s
Details
Cross-Chain Functionality Tests / test-cross-chain-bridge (push) Has been skipped
Details
Cross-Chain Functionality Tests / test-multi-chain-consensus (push) Successful in 2s
Details
Cross-Chain Functionality Tests / aggregate-results (push) Has been skipped
Details
Deploy to Testnet / deploy-testnet (push) Successful in 1m12s
Details
Documentation Validation / validate-docs (push) Failing after 8s
Details
Documentation Validation / validate-policies-strict (push) Successful in 3s
Details
Integration Tests / test-service-integration (push) Successful in 2m6s
Details
Multi-Chain Island Architecture Tests / test-multi-chain-island (push) Successful in 2s
Details
Multi-Node Blockchain Health Monitoring / health-check (push) Failing after 4s
Details
P2P Network Verification / p2p-verification (push) Successful in 4s
Details
Package Tests / Python package - aitbc-agent-sdk (push) Successful in 32s
Details
Package Tests / Python package - aitbc-core (push) Successful in 14s
Details
Package Tests / Python package - aitbc-crypto (push) Successful in 12s
Details
Package Tests / Python package - aitbc-sdk (push) Successful in 9s
Details
Package Tests / JavaScript package - aitbc-sdk-js (push) Successful in 8s
Details
Package Tests / JavaScript package - aitbc-token (push) Successful in 17s
Details
Python Tests / test-python (push) Successful in 15s
Details
Security Scanning / security-scan (push) Successful in 27s
Details
Node Failover Simulation / failover-test (push) Successful in 7s
Details
Multi-Node Stress Testing / stress-test (push) Successful in 6s
Details
Cross-Node Transaction Testing / transaction-test (push) Successful in 4s
Details
feat: add SQLCipher database encryption support and consolidate agent documentation 
- Add SQLCipher encryption for ait-mainnet database with configurable flag
- Add db_encryption_enabled and db_encryption_key_path config settings
- Implement encryption key loading and PRAGMA key setup via connection events
- Add shutdown_db function for proper database cleanup
- Export middleware classes in aitbc/__init__.py
- Fix import path in sync.py for settings
- Remove duplicate agent documentation from docs
2026-05-03 12:00:38 +02:00

94 lines
3.0 KiB
Python
Raw Blame History

#!/usr/bin/env python3
"""
Migrate existing SQLite database to SQLCipher encrypted format.
This script converts an existing unencrypted SQLite database to SQLCipher
encrypted format using the built-in sqlcipher_export function.
"""
import sys
import os
from pathlib import Path
# Add repo root to path for imports
repo_root = Path(__file__).parent.parent.parent.parent
sys.path.insert(0, str(repo_root))
try:
import sqlcipher3 as sqlite3
except ImportError:
print("ERROR: sqlcipher3-binary not installed")
print("Run: pip install sqlcipher3-binary")
sys.exit(1)
def migrate_to_sqlcipher(db_path: Path, key_path: Path) -> None:
"""Migrate database to SQLCipher encrypted format.
Uses SQLCipher's built-in sqlcipher_export function to properly
encrypt the database while maintaining SQLite's internal structure.
Args:
db_path: Path to the existing SQLite database
key_path: Path to the encryption key file
"""
if not db_path.exists():
print(f"ERROR: Database file not found: {db_path}")
sys.exit(1)
if not key_path.exists():
print(f"ERROR: Key file not found: {key_path}")
sys.exit(1)
# Read encryption key (stored as raw binary bytes)
with open(key_path, 'rb') as f:
key_bytes = f.read()
# Convert raw bytes to hex for SQLCipher
key_hex = key_bytes.hex()
# Create backup
backup_path = db_path.with_suffix('.db.backup')
print(f"Creating backup: {backup_path}")
import shutil
shutil.copy2(db_path, backup_path)
# Create temporary encrypted database
temp_encrypted_path = db_path.with_suffix('.db.encrypted')
# Open unencrypted database
print(f"Opening unencrypted database: {db_path}")
conn_unencrypted = sqlite3.connect(str(db_path))
# Attach encrypted database
print(f"Creating encrypted database: {temp_encrypted_path}")
conn_unencrypted.execute(f"ATTACH DATABASE '{temp_encrypted_path}' AS encrypted KEY '{key_hex}'")
# Export data to encrypted database
print("Exporting data to encrypted database...")
conn_unencrypted.execute("SELECT sqlcipher_export('encrypted')")
conn_unencrypted.commit()
# Detach encrypted database
conn_unencrypted.execute("DETACH DATABASE encrypted")
conn_unencrypted.close()
# Replace original with encrypted
print(f"Replacing original with encrypted database")
temp_encrypted_path.replace(db_path)
print(f"Database migrated successfully to SQLCipher format")
print(f"Backup available at: {backup_path}")
if __name__ == "__main__":
import argparse
parser = argparse.ArgumentParser(description="Migrate SQLite database to SQLCipher encrypted format")
parser.add_argument("--db-path", type=Path, required=True, help="Path to the SQLite database")
parser.add_argument("--key-path", type=Path, default=Path("/etc/aitbc/secrets/db_encryption.key"), help="Path to the encryption key file")
args = parser.parse_args()
migrate_to_sqlcipher(args.db_path, args.key_path)
Reference in New Issue View Git Blame Copy Permalink