e = create_engine('sqlite+pysqlcipher://:testing@//path/to/foo.db')
-A selection of additional encryption-related pragmas supported by SQLCipher
-as documented at https://www.zetetic.net/sqlcipher/sqlcipher-api/ can be passed
-in the query string, and will result in that PRAGMA being called for each
-new connection. Currently, ``cipher``, ``kdf_iter``
-``cipher_page_size`` and ``cipher_use_hmac`` are supported::
+Additional encryption-related pragmas must be executed manually,
+using the ``first_connect`` pool event. A selection of the pragmas supported
+by SQLCipher is documented at
+https://www.zetetic.net/sqlcipher/sqlcipher-api/.
- e = create_engine('sqlite+pysqlcipher://:testing@/foo.db?cipher=aes-256-cfb&kdf_iter=64000')
+.. warning:: Previously the documentation wrongly stated that these
+ pragma could be passed in the url string. This has never worked
+ for the 1.3 series of sqlalchemy. The 1.4 series adds proper
+ support for them when passed in the url string.
Pooling Behavior
class SQLiteDialect_pysqlcipher(SQLiteDialect_pysqlite):
driver = "pysqlcipher"
- pragmas = ("kdf_iter", "cipher", "cipher_page_size", "cipher_use_hmac")
-
@classmethod
def dbapi(cls):
try:
def connect(self, *cargs, **cparams):
passphrase = cparams.pop("passphrase", "")
- pragmas = dict((key, cparams.pop(key, None)) for key in self.pragmas)
-
conn = super(SQLiteDialect_pysqlcipher, self).connect(
*cargs, **cparams
)
conn.execute('pragma key="%s"' % passphrase)
- for prag, value in pragmas.items():
- if value is not None:
- conn.execute('pragma %s="%s"' % (prag, value))
return conn