I've got a string which I created with a custom cipher, which can have any char value (0 through 0xFFFF). This string is created by taking an input plaintext and rotating each character by a pseudorandom value, so I have no control over what the output characters might be.
Can I safely store and retrieve this exactly without any issues into a SQLiteDatabase TEXT field?
I'm think that Java uses UTF-16, so I'm somewhat afraid of chars like NULL, END OF TEXT, ESCAPE, ', ", 0xfeff / 0xfffe (BOM) etc appearing in random places into my string, and I'm not really sure how SQLite will store this internally. If it uses any text-based markers to determine the start and end of fields I'm afraid this will fail.
Ideally I'd like to get back out the exact same character sequence I put in, so that I can put it through the reverse cipher.
I will be using the managed insert(ContentValues) method of SqLiteDatabase, so I think that this would take care of any issues regarding escaping the input string, but I'm still not quite convinced that this can work.
Is this a safe operation, and if not, what else should I do instead to store my encrypted string?
Avoid a Cryptographically weak custom cypher that also causes you problems, instead use Java's built in capabilities which can provide you with a cryptographically strong string.
http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html#CipherClass
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With