== How to fix it in SQLCipher

=== Code examples

In the example below, a local database is opened using a hardcoded key. To fix this, the key is moved to a secure location instead and retrieved using a `getKey()` method.

==== Noncompliant code example

[source,kotlin,diff-id=201,diff-type=noncompliant]
----
val key = "gb09ym9ydoolp3w886d0tciczj6ve9kszqd65u7d126040gwy86xqimjpuuc788g"
val db = SQLiteDatabase.openOrCreateDatabase("test.db", key, null) // Noncompliant
----

==== Compliant solution

[source,kotlin,diff-id=201,diff-type=compliant]
----
val db = SQLiteDatabase.openOrCreateDatabase("test.db", getKey(), null)
----

=== How does this work?

include::../../common/fix/android-apis.adoc[]

include::../../common/fix/dynamic-retrieval.adoc[]

=== Going the extra mile

include::../../common/extra-mile/avoid-local-data.adoc[]