diff --git a/_example/custom_driver_name/Makefile b/_example/custom_driver_name/Makefile index 91fcde6a..730bcc43 100644 --- a/_example/custom_driver_name/Makefile +++ b/_example/custom_driver_name/Makefile @@ -6,7 +6,7 @@ endif all : $(TARGET) $(TARGET) : main.go - go build -ldflags="-X 'github.com/mattn/go-sqlite3.driverName=my-sqlite3'" + go build -ldflags="-X 'github.com/fhir-fli/go-sqlite3-sqlcipher.driverName=my-sqlite3'" clean : rm -f $(TARGET) diff --git a/_example/custom_driver_name/main.go b/_example/custom_driver_name/main.go index 3148caed..aeda371f 100644 --- a/_example/custom_driver_name/main.go +++ b/_example/custom_driver_name/main.go @@ -3,7 +3,7 @@ package main import ( "database/sql" - _ "github.com/mattn/go-sqlite3" + _ "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func main() { diff --git a/_example/custom_func/main.go b/_example/custom_func/main.go index 85657e62..d4b6ce13 100644 --- a/_example/custom_func/main.go +++ b/_example/custom_func/main.go @@ -7,7 +7,7 @@ import ( "math" "math/rand" - sqlite "github.com/mattn/go-sqlite3" + sqlite "github.com/fhir-fli/go-sqlite3-sqlcipher" ) // Computes x^y diff --git a/_example/fuzz/fuzz_openexec.go b/_example/fuzz/fuzz_openexec.go index 53260449..521332cb 100644 --- a/_example/fuzz/fuzz_openexec.go +++ b/_example/fuzz/fuzz_openexec.go @@ -5,7 +5,7 @@ import ( "database/sql" "io/ioutil" - _ "github.com/mattn/go-sqlite3" + _ "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func FuzzOpenExec(data []byte) int { diff --git a/_example/hook/hook.go b/_example/hook/hook.go index 60231815..8c9b0d26 100644 --- a/_example/hook/hook.go +++ b/_example/hook/hook.go @@ -5,7 +5,7 @@ import ( "log" "os" - "github.com/mattn/go-sqlite3" + "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func main() { diff --git a/_example/json/json.go b/_example/json/json.go index 181934b9..120039f6 100644 --- a/_example/json/json.go +++ b/_example/json/json.go @@ -5,9 +5,10 @@ import ( "database/sql/driver" "encoding/json" "fmt" - _ "github.com/mattn/go-sqlite3" "log" "os" + + _ "github.com/fhir-fli/go-sqlite3-sqlcipher" ) type Tag struct { diff --git a/_example/limit/limit.go b/_example/limit/limit.go index c1adfe81..47b88b7b 100644 --- a/_example/limit/limit.go +++ b/_example/limit/limit.go @@ -7,7 +7,7 @@ import ( "os" "strings" - "github.com/mattn/go-sqlite3" + "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func createBulkInsertQuery(n int, start int) (query string, args []any) { diff --git a/_example/mod_regexp/extension.go b/_example/mod_regexp/extension.go index 61ceb55e..620b13c0 100644 --- a/_example/mod_regexp/extension.go +++ b/_example/mod_regexp/extension.go @@ -3,8 +3,9 @@ package main import ( "database/sql" "fmt" - "github.com/mattn/go-sqlite3" "log" + + "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func main() { diff --git a/_example/mod_vtable/extension.go b/_example/mod_vtable/extension.go index f738af6a..4c00baf6 100644 --- a/_example/mod_vtable/extension.go +++ b/_example/mod_vtable/extension.go @@ -5,7 +5,7 @@ import ( "fmt" "log" - "github.com/mattn/go-sqlite3" + "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func main() { diff --git a/_example/simple/Dockerfile b/_example/simple/Dockerfile index 8ed0473e..e6958092 100644 --- a/_example/simple/Dockerfile +++ b/_example/simple/Dockerfile @@ -28,7 +28,7 @@ COPY . /workspace/ RUN \ cd _example/simple && \ go mod init github.com/mattn/sample && \ - go mod edit -replace=github.com/mattn/go-sqlite3=../.. && \ + go mod edit -replace=github.com/fhir-fli/go-sqlite3-sqlcipher=../.. && \ go mod tidy && \ go install -ldflags='-s -w -extldflags "-static"' ./simple.go diff --git a/_example/simple/simple.go b/_example/simple/simple.go index 0c347919..68c68442 100644 --- a/_example/simple/simple.go +++ b/_example/simple/simple.go @@ -3,9 +3,10 @@ package main import ( "database/sql" "fmt" - _ "github.com/mattn/go-sqlite3" "log" "os" + + _ "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func main() { diff --git a/_example/trace/main.go b/_example/trace/main.go index bef3d159..45b2aba9 100644 --- a/_example/trace/main.go +++ b/_example/trace/main.go @@ -6,7 +6,7 @@ import ( "log" "os" - sqlite3 "github.com/mattn/go-sqlite3" + sqlite3 "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func traceCallback(info sqlite3.TraceInfo) int { diff --git a/_example/vtable/main.go b/_example/vtable/main.go index aad8dda7..051a5d0e 100644 --- a/_example/vtable/main.go +++ b/_example/vtable/main.go @@ -5,7 +5,7 @@ import ( "fmt" "log" - "github.com/mattn/go-sqlite3" + "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func main() { diff --git a/_example/vtable/vtable.go b/_example/vtable/vtable.go index c65535b7..93c22f24 100644 --- a/_example/vtable/vtable.go +++ b/_example/vtable/vtable.go @@ -6,7 +6,7 @@ import ( "io/ioutil" "net/http" - "github.com/mattn/go-sqlite3" + "github.com/fhir-fli/go-sqlite3-sqlcipher" ) type githubRepo struct { diff --git a/_example/vtable_eponymous_only/main.go b/_example/vtable_eponymous_only/main.go index 17b58afa..eddca004 100644 --- a/_example/vtable_eponymous_only/main.go +++ b/_example/vtable_eponymous_only/main.go @@ -5,7 +5,7 @@ import ( "fmt" "log" - "github.com/mattn/go-sqlite3" + "github.com/fhir-fli/go-sqlite3-sqlcipher" ) func main() { diff --git a/_example/vtable_eponymous_only/vtable.go b/_example/vtable_eponymous_only/vtable.go index 9f22ebcc..b0ba4c7d 100644 --- a/_example/vtable_eponymous_only/vtable.go +++ b/_example/vtable_eponymous_only/vtable.go @@ -3,7 +3,7 @@ package main import ( "fmt" - "github.com/mattn/go-sqlite3" + "github.com/fhir-fli/go-sqlite3-sqlcipher" ) type seriesModule struct{} diff --git a/go.mod b/go.mod index e342dcc3..eb4d08a6 100644 --- a/go.mod +++ b/go.mod @@ -1,7 +1,5 @@ -module github.com/mattn/go-sqlite3 +module github.com/fhir-fli/go-sqlite3-sqlcipher go 1.19 -retract ( - [v2.0.0+incompatible, v2.0.6+incompatible] // Accidental; no major changes or features. -) +retract [v2.0.0+incompatible, v2.0.6+incompatible] // Accidental; no major changes or features. diff --git a/main/main.go b/main/main.go new file mode 100644 index 00000000..549644f9 --- /dev/null +++ b/main/main.go @@ -0,0 +1,25 @@ +package main + +import ( + "database/sql" + "log" + + _ "github.com/fhir-fli/go-sqlite3-sqlcipher" +) + +func main() { + // Open database connection + db, err := sql.Open("sqlite3", "file:test_encrypted.db?mode=rwc&_pragma_key=test_secret") + if err != nil { + log.Fatalf("Failed to open database: %v", err) + } + defer db.Close() + + // Create a table to test + _, err = db.Exec("CREATE TABLE IF NOT EXISTS test (id INTEGER PRIMARY KEY, value TEXT);") + if err != nil { + log.Fatalf("Failed to create table: %v", err) + } + + log.Println("Database created and encrypted successfully!") +} diff --git a/sqlite3-binding.c b/sqlite3-binding.c index 52ee2a3d..2c44b44f 100644 --- a/sqlite3-binding.c +++ b/sqlite3-binding.c @@ -19,7 +19,44 @@ ** separate file. This file contains only code for the core SQLite library. ** ** The content in this amalgamation comes from Fossil check-in -** c9c2ab54ba1f5f46360f1b4f35d849cd3f08. +** c9c2ab54ba1f5f46360f1b4f35d849cd3f08 with changes in files: +** +** .fossil-settings/empty-dirs +** .fossil-settings/ignore-glob +** LICENSE.md +** Makefile.in +** Makefile.msc +** README.md +** aclocal.m4 +** configure +** configure.ac +** ltmain.sh +** sqlite3.1 +** sqlite3.pc.in +** sqlite_cfg.h.in +** src/attach.c +** src/backup.c +** src/ctime.c +** src/func.c +** src/global.c +** src/main.c +** src/malloc.c +** src/pager.c +** src/pager.h +** src/pragma.c +** src/pragma.h +** src/shell.c.in +** src/sqlite.h.in +** src/sqliteInt.h +** src/tclsqlite.c +** src/test1.c +** src/test_config.c +** src/test_thread.c +** src/util.c +** src/vacuum.c +** src/wal.c +** tool/mkpragmatab.tcl +** tool/mksqlite3c.tcl */ #define SQLITE_CORE 1 #define SQLITE_AMALGAMATION 1 @@ -462,7 +499,7 @@ extern "C" { */ #define SQLITE_VERSION "3.46.1" #define SQLITE_VERSION_NUMBER 3046001 -#define SQLITE_SOURCE_ID "2024-08-13 09:16:08 c9c2ab54ba1f5f46360f1b4f35d849cd3f080e6fc2b6c60e91b16c63f69a1e33" +#define SQLITE_SOURCE_ID "2024-08-13 09:16:08 c9c2ab54ba1f5f46360f1b4f35d849cd3f080e6fc2b6c60e91b16c63f69aalt1" /* ** CAPI3REF: Run-Time Library Version Numbers @@ -6717,6 +6754,66 @@ SQLITE_API int sqlite3_collation_needed16( void(*)(void*,sqlite3*,int eTextRep,const void*) ); +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +/* +** Specify the key for an encrypted database. This routine should be +** called right after sqlite3_open(). +** +** The code to implement this API is not available in the public release +** of SQLite. +*/ +SQLITE_API int sqlite3_key( + sqlite3 *db, /* Database to be rekeyed */ + const void *pKey, int nKey /* The key */ +); +SQLITE_API int sqlite3_key_v2( + sqlite3 *db, /* Database to be rekeyed */ + const char *zDbName, /* Name of the database */ + const void *pKey, int nKey /* The key */ +); + +/* +** Change the key on an open database. If the current database is not +** encrypted, this routine will encrypt it. If pNew==0 or nNew==0, the +** database is decrypted. +** +** The code to implement this API is not available in the public release +** of SQLite. +*/ +/* SQLCipher usage note: + + If the current database is plaintext SQLCipher will NOT encrypt it. + If the current database is encrypted and pNew==0 or nNew==0, SQLCipher + will NOT decrypt it. + + This routine will ONLY work on an already encrypted database in order + to change the key. + + Conversion from plaintext-to-encrypted or encrypted-to-plaintext should + use an ATTACHed database and the sqlcipher_export() convenience function + as per the SQLCipher Documentation. +*/ +SQLITE_API int sqlite3_rekey( + sqlite3 *db, /* Database to be rekeyed */ + const void *pKey, int nKey /* The new key */ +); +SQLITE_API int sqlite3_rekey_v2( + sqlite3 *db, /* Database to be rekeyed */ + const char *zDbName, /* Name of the database */ + const void *pKey, int nKey /* The new key */ +); + +/* +** Specify the activation key for a SEE database. Unless +** activated, none of the SEE routines will work. +*/ +SQLITE_API void sqlite3_activate_see( + const char *zPassPhrase /* Activation phrase */ +); +#endif +/* END SQLCIPHER */ + #ifdef SQLITE_ENABLE_CEROD /* ** Specify the activation key for a CEROD database. Unless @@ -15897,6 +15994,11 @@ SQLITE_PRIVATE int sqlite3PagerReadFileheader(Pager*, int, unsigned char*); /* Functions used to configure a Pager object. */ SQLITE_PRIVATE void sqlite3PagerSetBusyHandler(Pager*, int(*)(void *), void *); SQLITE_PRIVATE int sqlite3PagerSetPagesize(Pager*, u32*, int); +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +SQLITE_PRIVATE void sqlite3PagerAlignReserve(Pager*,Pager*); +#endif +/* END SQLCIPHER */ SQLITE_PRIVATE Pgno sqlite3PagerMaxPageCount(Pager*, Pgno); SQLITE_PRIVATE void sqlite3PagerSetCachesize(Pager*, int); SQLITE_PRIVATE int sqlite3PagerSetSpillsize(Pager*, int); @@ -15993,6 +16095,12 @@ SQLITE_PRIVATE void sqlite3PagerTruncateImage(Pager*,Pgno); SQLITE_PRIVATE void sqlite3PagerRekey(DbPage*, Pgno, u16); +/* BEGIN SQLCIPHER */ +#if defined(SQLITE_HAS_CODEC) && !defined(SQLITE_OMIT_WAL) +void *sqlcipherPagerCodec(DbPage *); +#endif +/* END SQLCIPHER */ + /* Functions to support testing and debugging. */ #if !defined(NDEBUG) || defined(SQLITE_TEST) SQLITE_PRIVATE Pgno sqlite3PagerPagenumber(DbPage*); @@ -20890,7 +20998,13 @@ SQLITE_PRIVATE void sqlite3EndTable(Parse*,Token*,Token*,u32,Select*); SQLITE_PRIVATE void sqlite3AddReturning(Parse*,ExprList*); SQLITE_PRIVATE int sqlite3ParseUri(const char*,const char*,unsigned int*, sqlite3_vfs**,char**,char **); -#define sqlite3CodecQueryParameters(A,B,C) 0 +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +SQLITE_PRIVATE int sqlite3CodecQueryParameters(sqlite3*,const char*,const char*); +#else +# define sqlite3CodecQueryParameters(A,B,C) 0 +#endif +/* END SQLCIPHER */ SQLITE_PRIVATE Btree *sqlite3DbNameToBtree(sqlite3*,const char*); #ifdef SQLITE_UNTESTABLE @@ -22259,6 +22373,11 @@ static const char * const sqlite3azCompileOpt[] = { #ifdef SQLITE_FTS5_NO_WITHOUT_ROWID "FTS5_NO_WITHOUT_ROWID", #endif +/* BEGIN SQLCIPHER */ +#if SQLITE_HAS_CODEC + "HAS_CODEC", +#endif +/* END SQLCIPHER */ #if HAVE_ISNAN || SQLITE_HAVE_ISNAN "HAVE_ISNAN", #endif @@ -22842,9 +22961,18 @@ SQLITE_PRIVATE const unsigned char sqlite3CtypeMap[256] = { ** EVIDENCE-OF: R-43642-56306 By default, URI handling is globally ** disabled. The default value may be changed by compiling with the ** SQLITE_USE_URI symbol defined. +** +** URI filenames are enabled by default if SQLITE_HAS_CODEC is +** enabled. */ #ifndef SQLITE_USE_URI -# define SQLITE_USE_URI 0 +/* BEGIN SQLCIPHER */ +# ifdef SQLITE_HAS_CODEC +# define SQLITE_USE_URI 1 +# else +# define SQLITE_USE_URI 0 +# endif +/* END SQLCIPHER */ #endif /* EVIDENCE-OF: R-38720-18127 The default setting is determined by the @@ -30385,6 +30513,17 @@ SQLITE_PRIVATE int sqlite3MallocInit(void){ } rc = sqlite3GlobalConfig.m.xInit(sqlite3GlobalConfig.m.pAppData); if( rc!=SQLITE_OK ) memset(&mem0, 0, sizeof(mem0)); +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + /* install wrapping functions for memory management + that will wipe all memory allocated by SQLite + when freed */ + if( rc==SQLITE_OK ) { + extern void sqlcipher_init_memmethods(void); + sqlcipher_init_memmethods(); + } +#endif +/* END SQLCIPHER */ return rc; } @@ -36426,7 +36565,8 @@ SQLITE_PRIVATE u8 sqlite3HexToInt(int h){ return (u8)(h & 0xf); } -#if !defined(SQLITE_OMIT_BLOB_LITERAL) +/* BEGIN SQLCIPHER */ +#if !defined(SQLITE_OMIT_BLOB_LITERAL) || defined(SQLITE_HAS_CODEC) /* ** Convert a BLOB literal of the form "x'hhhhhh'" into its binary ** value. Return a pointer to its binary value. Space to hold the @@ -36447,7 +36587,8 @@ SQLITE_PRIVATE void *sqlite3HexToBlob(sqlite3 *db, const char *z, int n){ } return zBlob; } -#endif /* !SQLITE_OMIT_BLOB_LITERAL */ +#endif /* !SQLITE_OMIT_BLOB_LITERAL || SQLITE_HAS_CODEC */ +/* END SQLCIPHER */ /* ** Log an error that is an API call on a connection pointer that should @@ -57515,6 +57656,22 @@ int sqlite3PagerTrace=1; /* True to enable tracing */ */ #define UNKNOWN_LOCK (EXCLUSIVE_LOCK+1) +/* +** A macro used for invoking the codec if there is one +*/ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +# define CODEC1(P,D,N,X,E) \ + if( P->xCodec && P->xCodec(P->pCodec,D,N,X)==0 ){ E; } +# define CODEC2(P,D,N,X,E,O) \ + if( P->xCodec==0 ){ O=(char*)D; }else \ + if( (O=(char*)(P->xCodec(P->pCodec,D,N,X)))==0 ){ E; } +#else +# define CODEC1(P,D,N,X,E) /* NO-OP */ +# define CODEC2(P,D,N,X,E,O) O=(char*)D +#endif +/* END SQLCIPHER */ + /* ** The maximum allowed sector size. 64KiB. If the xSectorsize() method ** returns a value larger than this, then MAX_SECTOR_SIZE is used instead. @@ -57803,6 +57960,14 @@ struct Pager { #endif void (*xReiniter)(DbPage*); /* Call this routine when reloading pages */ int (*xGet)(Pager*,Pgno,DbPage**,int); /* Routine to fetch a patch */ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + void *(*xCodec)(void*,void*,Pgno,int); /* Routine for en/decoding data */ + void (*xCodecSizeChng)(void*,int,int); /* Notify of page size changes */ + void (*xCodecFree)(void*); /* Destructor for the codec */ + void *pCodec; /* First argument to xCodec... methods */ +#endif +/* END SQLCIPHER */ char *pTmpSpace; /* Pager.pageSize bytes of space for tmp use */ PCache *pPCache; /* Pointer to page cache object */ #ifndef SQLITE_OMIT_WAL @@ -57924,6 +58089,11 @@ static const unsigned char aJournalMagic[] = { SQLITE_PRIVATE int sqlite3PagerDirectReadOk(Pager *pPager, Pgno pgno){ if( pPager->fd->pMethods==0 ) return 0; if( sqlite3PCacheIsDirty(pPager->pPCache) ) return 0; +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + if( pPager->xCodec!=0 ) return 0; +#endif +/* END SQLCIPHER */ #ifndef SQLITE_OMIT_WAL if( pPager->pWal ){ u32 iRead = 0; @@ -58156,7 +58326,13 @@ static void setGetterMethod(Pager *pPager){ if( pPager->errCode ){ pPager->xGet = getPageError; #if SQLITE_MAX_MMAP_SIZE>0 - }else if( USEFETCH(pPager) ){ + }else if( USEFETCH(pPager) +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + && pPager->xCodec==0 +#endif +/* END SQLCIPHER */ + ){ pPager->xGet = getPageMMap; #endif /* SQLITE_MAX_MMAP_SIZE>0 */ }else{ @@ -59348,6 +59524,39 @@ static u32 pager_cksum(Pager *pPager, const u8 *aData){ return cksum; } +/* +** Report the current page size and number of reserved bytes back +** to the codec. +*/ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +static void pagerReportSize(Pager *pPager){ + if( pPager->xCodecSizeChng ){ + pPager->xCodecSizeChng(pPager->pCodec, pPager->pageSize, + (int)pPager->nReserve); + } +} +#else +# define pagerReportSize(X) /* No-op if we do not support a codec */ +#endif +/* END SQLCIPHER */ + +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +/* +** Make sure the number of reserved bits is the same in the destination +** pager as it is in the source. This comes up when a VACUUM changes the +** number of reserved bits to the "optimal" amount. +*/ +SQLITE_PRIVATE void sqlite3PagerAlignReserve(Pager *pDest, Pager *pSrc){ + if( pDest->nReserve!=pSrc->nReserve ){ + pDest->nReserve = pSrc->nReserve; + pagerReportSize(pDest); + } +} +#endif +/* END SQLCIPHER */ + /* ** Read a single page from either the journal file (if isMainJrnl==1) or ** from the sub-journal (if isMainJrnl==0) and playback that page. @@ -59399,6 +59608,13 @@ static int pager_playback_one_page( char *aData; /* Temporary storage for the page */ sqlite3_file *jfd; /* The file descriptor for the journal file */ int isSynced; /* True if journal page is synced */ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + /* The jrnlEnc flag is true if Journal pages should be passed through + ** the codec. It is false for pure in-memory journals. */ + const int jrnlEnc = (isMainJrnl || pPager->subjInMemory==0); +#endif +/* END SQLCIPHER */ assert( (isMainJrnl&~1)==0 ); /* isMainJrnl is 0 or 1 */ assert( (isSavepnt&~1)==0 ); /* isSavepnt is 0 or 1 */ @@ -59461,6 +59677,7 @@ static int pager_playback_one_page( */ if( pgno==1 && pPager->nReserve!=((u8*)aData)[20] ){ pPager->nReserve = ((u8*)aData)[20]; + pagerReportSize(pPager); } /* If the pager is in CACHEMOD state, then there must be a copy of this @@ -59528,12 +59745,30 @@ static int pager_playback_one_page( ** is if the data was just read from an in-memory sub-journal. In that ** case it must be encrypted here before it is copied into the database ** file. */ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + if( !jrnlEnc ){ + CODEC2(pPager, aData, pgno, 7, rc=SQLITE_NOMEM_BKPT, aData); + rc = sqlite3OsWrite(pPager->fd, (u8 *)aData, pPager->pageSize, ofst); + CODEC1(pPager, aData, pgno, 3, rc=SQLITE_NOMEM_BKPT); + }else +#endif +/* END SQLCIPHER */ rc = sqlite3OsWrite(pPager->fd, (u8 *)aData, pPager->pageSize, ofst); if( pgno>pPager->dbFileSize ){ pPager->dbFileSize = pgno; } if( pPager->pBackup ){ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + if( jrnlEnc ){ + CODEC1(pPager, aData, pgno, 3, rc=SQLITE_NOMEM_BKPT); + sqlite3BackupUpdate(pPager->pBackup, pgno, (u8*)aData); + CODEC2(pPager, aData, pgno, 7, rc=SQLITE_NOMEM_BKPT,aData); + }else +#endif +/* END SQLCIPHER */ sqlite3BackupUpdate(pPager->pBackup, pgno, (u8*)aData); } }else if( !isMainJrnl && pPg==0 ){ @@ -59584,6 +59819,13 @@ static int pager_playback_one_page( if( pgno==1 ){ memcpy(&pPager->dbFileVers, &((u8*)pData)[24],sizeof(pPager->dbFileVers)); } + + /* Decode the page just read from disk */ +/* BEGIN SQLCIPHER */ +#if SQLITE_HAS_CODEC + if( jrnlEnc ){ CODEC1(pPager, pData, pPg->pgno, 3, rc=SQLITE_NOMEM_BKPT); } +#endif +/* END SQLCIPHER */ sqlite3PcacheRelease(pPg); } return rc; @@ -60162,6 +60404,8 @@ static int readDbPage(PgHdr *pPg){ memcpy(&pPager->dbFileVers, dbFileVers, sizeof(pPager->dbFileVers)); } } + CODEC1(pPager, pPg->pData, pPg->pgno, 3, rc = SQLITE_NOMEM_BKPT); + PAGER_INCR(sqlite3_pager_readdb_count); PAGER_INCR(pPager->nRead); IOTRACE(("PGIN %p %d\n", pPager, pPg->pgno)); @@ -60905,6 +61149,7 @@ SQLITE_PRIVATE int sqlite3PagerSetPagesize(Pager *pPager, u32 *pPageSize, int nR if( nReserve<0 ) nReserve = pPager->nReserve; assert( nReserve>=0 && nReserve<1000 ); pPager->nReserve = (i16)nReserve; + pagerReportSize(pPager); pagerFixMaplimit(pPager); } return rc; @@ -61307,6 +61552,13 @@ SQLITE_PRIVATE int sqlite3PagerClose(Pager *pPager, sqlite3 *db){ sqlite3OsClose(pPager->fd); sqlite3PageFree(pTmp); sqlite3PcacheClose(pPager->pPCache); + +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + if( pPager->xCodecFree ) pPager->xCodecFree(pPager->pCodec); +#endif +/* END SQLCIPHER */ + assert( !pPager->aSavepoint && !pPager->pInJournal ); assert( !isOpen(pPager->jfd) && !isOpen(pPager->sjfd) ); @@ -61557,7 +61809,8 @@ static int pager_write_pagelist(Pager *pPager, PgHdr *pList){ assert( (pList->flags&PGHDR_NEED_SYNC)==0 ); if( pList->pgno==1 ) pager_write_changecounter(pList); - pData = pList->pData; + /* Encode the database */ + CODEC2(pPager, pList->pData, pgno, 6, return SQLITE_NOMEM_BKPT, pData); /* Write out the page data. */ rc = sqlite3OsWrite(pPager->fd, pData, pPager->pageSize, offset); @@ -61646,6 +61899,14 @@ static int subjournalPage(PgHdr *pPg){ void *pData = pPg->pData; i64 offset = (i64)pPager->nSubRec*(4+pPager->pageSize); char *pData2; + +/* BEGIN SQLCIPHER */ +#if SQLITE_HAS_CODEC + if( !pPager->subjInMemory ){ + CODEC2(pPager, pData, pPg->pgno, 7, return SQLITE_NOMEM_BKPT, pData2); + }else +#endif +/* END SQLCIPHER */ pData2 = pData; PAGERTRACE(("STMT-JOURNAL %d page %d\n", PAGERID(pPager), pPg->pgno)); rc = write32bits(pPager->sjfd, offset, pPg->pgno); @@ -62738,6 +62999,11 @@ static int getPageMMap( ); assert( USEFETCH(pPager) ); +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + assert( pPager->xCodec==0 ); +#endif +/* END SQLCIPHER */ /* Optimization note: Adding the "pgno<=1" term before "pgno==0" here ** allows the compiler optimizer to reuse the results of the "pgno>1" @@ -63082,7 +63348,7 @@ static SQLITE_NOINLINE int pagerAddPageToRollbackJournal(PgHdr *pPg){ assert( pPg->pgno!=PAGER_SJ_PGNO(pPager) ); assert( pPager->journalHdr<=pPager->journalOff ); - pData2 = pPg->pData; + CODEC2(pPager, pPg->pData, pPg->pgno, 7, return SQLITE_NOMEM_BKPT, pData2); cksum = pager_cksum(pPager, (u8*)pData2); /* Even if an IO or diskfull error occurs while journalling the @@ -63447,7 +63713,7 @@ static int pager_incr_changecounter(Pager *pPager, int isDirectMode){ if( DIRECT_MODE ){ const void *zBuf; assert( pPager->dbFileSize>0 ); - zBuf = pPgHdr->pData; + CODEC2(pPager, pPgHdr->pData, 1, 6, rc=SQLITE_NOMEM_BKPT, zBuf); if( rc==SQLITE_OK ){ rc = sqlite3OsWrite(pPager->fd, zBuf, pPager->pageSize, 0); pPager->aStat[PAGER_STAT_WRITE]++; @@ -64210,6 +64476,49 @@ SQLITE_PRIVATE const char *sqlite3PagerJournalname(Pager *pPager){ return pPager->zJournal; } +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +/* +** Set or retrieve the codec for this pager +*/ +void sqlcipherPagerSetCodec( + Pager *pPager, + void *(*xCodec)(void*,void*,Pgno,int), + void (*xCodecSizeChng)(void*,int,int), + void (*xCodecFree)(void*), + void *pCodec +){ + if( pPager->xCodecFree ){ + pPager->xCodecFree(pPager->pCodec); + }else{ + pager_reset(pPager); + } + pPager->xCodec = pPager->memDb ? 0 : xCodec; + pPager->xCodecSizeChng = xCodecSizeChng; + pPager->xCodecFree = xCodecFree; + pPager->pCodec = pCodec; + setGetterMethod(pPager); + pagerReportSize(pPager); +} +void *sqlcipherPagerGetCodec(Pager *pPager){ + return pPager->pCodec; +} + +/* +** This function is called by the wal module when writing page content +** into the log file. +** +** This function returns a pointer to a buffer containing the encrypted +** page content. If a malloc fails, this function may return NULL. +*/ +void *sqlcipherPagerCodec(PgHdr *pPg){ + void *aData = 0; + CODEC2(pPg->pPager, pPg->pData, pPg->pgno, 6, return 0, aData); + return aData; +} +#endif /* SQLITE_HAS_CODEC */ +/* END SQLCIPHER */ + #ifndef SQLITE_OMIT_AUTOVACUUM /* ** Move the page pPg to location pgno in the file. @@ -64908,6 +65217,27 @@ SQLITE_PRIVATE int sqlite3PagerWalSystemErrno(Pager *pPager){ #endif /* SQLITE_OMIT_DISKIO */ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + +SQLITE_API int sqlite3pager_is_sj_pgno(Pager *pPager, Pgno pgno) { + return (PAGER_SJ_PGNO(pPager) == pgno) ? 1 : 0; +} + +SQLITE_API void sqlite3pager_error(Pager *pPager, int error) { + pPager->errCode = error; + pPager->eState = PAGER_ERROR; + setGetterMethod(pPager); +} + +SQLITE_API void sqlite3pager_reset(Pager *pPager){ + pager_reset(pPager); +} + +#endif +/* END SQLCIPHER */ + + /************** End of pager.c ***********************************************/ /************** Begin file wal.c *********************************************/ /* @@ -68834,7 +69164,11 @@ static int walWriteOneFrame( int rc; /* Result code from subfunctions */ void *pData; /* Data actually written */ u8 aFrame[WAL_FRAME_HDRSIZE]; /* Buffer to assemble frame-header in */ +#if defined(SQLITE_HAS_CODEC) + if( (pData = sqlcipherPagerCodec(pPage))==0 ) return SQLITE_NOMEM_BKPT; +#else pData = pPage->pData; +#endif walEncodeFrame(p->pWal, pPage->pgno, nTruncate, pData, aFrame); rc = walWriteToLog(p, aFrame, sizeof(aFrame), iOffset); if( rc ) return rc; @@ -69019,7 +69353,11 @@ static int walFrames( if( pWal->iReCksum==0 || iWriteiReCksum ){ pWal->iReCksum = iWrite; } +#if defined(SQLITE_HAS_CODEC) + if( (pData = sqlcipherPagerCodec(p))==0 ) return SQLITE_NOMEM; +#else pData = p->pData; +#endif rc = sqlite3OsWrite(pWal->pWalFd, pData, szPage, iOff); if( rc ) return rc; p->flags &= ~PGHDR_WAL_APPEND; @@ -82165,6 +82503,27 @@ SQLITE_API sqlite3_backup *sqlite3_backup_init( } #endif +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + { + extern int sqlcipher_find_db_index(sqlite3*, const char*); + extern void sqlcipherCodecGetKey(sqlite3*, int, void**, int*); + int srcNKey, destNKey; + void *zKey; + + sqlcipherCodecGetKey(pSrcDb, sqlcipher_find_db_index(pSrcDb, zSrcDb), &zKey, &srcNKey); + sqlcipherCodecGetKey(pDestDb, sqlcipher_find_db_index(pDestDb, zDestDb), &zKey, &destNKey); + zKey = NULL; + + /* either both databases must be plaintext, or both must be encrypted */ + if((srcNKey == 0 && destNKey > 0) || (srcNKey > 0 && destNKey == 0)) { + sqlite3ErrorWithMsg(pDestDb, SQLITE_ERROR, "backup is not supported with encrypted databases"); + return NULL; + } + } +#endif +/* END SQLCIPHER */ + /* Lock the source database handle. The destination database ** handle is not locked in this routine, but it is locked in ** sqlite3_backup_step(). The user is required to ensure that no @@ -82247,6 +82606,16 @@ static int backupOnePage( int nDestPgsz = sqlite3BtreeGetPageSize(p->pDest); const int nCopy = MIN(nSrcPgsz, nDestPgsz); const i64 iEnd = (i64)iSrcPg*(i64)nSrcPgsz; +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + extern void *sqlcipherPagerGetCodec(Pager*); + /* Use BtreeGetReserveNoMutex() for the source b-tree, as although it is + ** guaranteed that the shared-mutex is held by this thread, handle + ** p->pSrc may not actually be the owner. */ + int nSrcReserve = sqlite3BtreeGetReserveNoMutex(p->pSrc); + int nDestReserve = sqlite3BtreeGetRequestedReserve(p->pDest); +#endif +/* END SQLCIPHER */ int rc = SQLITE_OK; i64 iOff; @@ -82257,6 +82626,28 @@ static int backupOnePage( assert( zSrcData ); assert( nSrcPgsz==nDestPgsz || sqlite3PagerIsMemdb(pDestPager)==0 ); +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + /* Backup is not possible if the page size of the destination is changing + ** and a codec is in use. + */ + if( nSrcPgsz!=nDestPgsz && sqlcipherPagerGetCodec(pDestPager)!=0 ){ + rc = SQLITE_READONLY; + } + + /* Backup is not possible if the number of bytes of reserve space differ + ** between source and destination. If there is a difference, try to + ** fix the destination to agree with the source. If that is not possible, + ** then the backup cannot proceed. + */ + if( nSrcReserve!=nDestReserve ){ + u32 newPgsz = nSrcPgsz; + rc = sqlite3PagerSetPagesize(pDestPager, &newPgsz, nSrcReserve); + if( rc==SQLITE_OK && newPgsz!=(u32)nSrcPgsz ) rc = SQLITE_READONLY; + } +#endif +/* END SQLCIPHER */ + /* This loop runs once for each destination page spanned by the source ** page. For each iteration, variable iOff is set to the byte offset ** of the destination page. @@ -82755,6 +83146,12 @@ SQLITE_PRIVATE int sqlite3BtreeCopyFile(Btree *pTo, Btree *pFrom){ b.pDest = pTo; b.iNext = 1; +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + sqlite3PagerAlignReserve(sqlite3BtreePager(pTo), sqlite3BtreePager(pFrom)); +#endif +/* END SQLCIPHER */ + /* 0x7FFFFFFF is the hard limit for the number of pages in a database ** file. By passing this as the number of pages to copy to ** sqlite3_backup_step(), we can guarantee that the copy finishes @@ -106460,6 +106857,4687 @@ SQLITE_PRIVATE int sqlite3JournalSize(sqlite3_vfs *pVfs){ } /************** End of memjournal.c ******************************************/ +/************** Begin file sqlcipher.c ***************************************/ +/* +** SQLCipher +** http://zetetic.net +** +** Copyright (c) 2008-2024, ZETETIC LLC +** All rights reserved. +** +** Redistribution and use in source and binary forms, with or without +** modification, are permitted provided that the following conditions are met: +** * Redistributions of source code must retain the above copyright +** notice, this list of conditions and the following disclaimer. +** * Redistributions in binary form must reproduce the above copyright +** notice, this list of conditions and the following disclaimer in the +** documentation and/or other materials provided with the distribution. +** * Neither the name of the ZETETIC LLC nor the +** names of its contributors may be used to endorse or promote products +** derived from this software without specific prior written permission. +** +** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY +** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY +** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +** +*/ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + +/* #include "sqliteInt.h" */ +/* #include "btreeInt.h" */ +/* #include "pager.h" */ +/* #include "vdbeInt.h" */ + +#if !defined(SQLCIPHER_OMIT_LOG_DEVICE) +#if defined(__ANDROID__) +#include +#elif defined(__APPLE__) +/* #include */ +#include +#endif +#endif + +/* #include */ + +#if defined(_WIN32) || defined(SQLITE_OS_WINRT) +/* #include ** amalgamator: dontcache ** */ +#else +/* #include ** amalgamator: dontcache ** */ +#endif + +#ifndef OMIT_MEMLOCK +#if defined(__unix__) || defined(__APPLE__) || defined(_AIX) +/* #include ** amalgamator: dontcache ** */ +/* #include ** amalgamator: dontcache ** */ +#include /* amalgamator: dontcache */ +/* #include ** amalgamator: dontcache ** */ +#endif +#endif + +/* #include */ +/************** Include sqlcipher.h in the middle of sqlcipher.c *************/ +/************** Begin file sqlcipher.h ***************************************/ +/* +** SQLCipher +** sqlcipher.h developed by Stephen Lombardo (Zetetic LLC) +** sjlombardo at zetetic dot net +** http://zetetic.net +** +** Copyright (c) 2008, ZETETIC LLC +** All rights reserved. +** +** Redistribution and use in source and binary forms, with or without +** modification, are permitted provided that the following conditions are met: +** * Redistributions of source code must retain the above copyright +** notice, this list of conditions and the following disclaimer. +** * Redistributions in binary form must reproduce the above copyright +** notice, this list of conditions and the following disclaimer in the +** documentation and/or other materials provided with the distribution. +** * Neither the name of the ZETETIC LLC nor the +** names of its contributors may be used to endorse or promote products +** derived from this software without specific prior written permission. +** +** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY +** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY +** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +** +*/ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +#ifndef SQLCIPHER_H +#define SQLCIPHER_H + +/* #include "sqlite3.h" */ + +#define SQLCIPHER_HMAC_SHA1 0 +#define SQLCIPHER_HMAC_SHA1_LABEL "HMAC_SHA1" +#define SQLCIPHER_HMAC_SHA256 1 +#define SQLCIPHER_HMAC_SHA256_LABEL "HMAC_SHA256" +#define SQLCIPHER_HMAC_SHA512 2 +#define SQLCIPHER_HMAC_SHA512_LABEL "HMAC_SHA512" + + +#define SQLCIPHER_PBKDF2_HMAC_SHA1 0 +#define SQLCIPHER_PBKDF2_HMAC_SHA1_LABEL "PBKDF2_HMAC_SHA1" +#define SQLCIPHER_PBKDF2_HMAC_SHA256 1 +#define SQLCIPHER_PBKDF2_HMAC_SHA256_LABEL "PBKDF2_HMAC_SHA256" +#define SQLCIPHER_PBKDF2_HMAC_SHA512 2 +#define SQLCIPHER_PBKDF2_HMAC_SHA512_LABEL "PBKDF2_HMAC_SHA512" + +typedef struct { + int (*activate)(void *ctx); + int (*deactivate)(void *ctx); + const char* (*get_provider_name)(void *ctx); + int (*add_random)(void *ctx, void *buffer, int length); + int (*random)(void *ctx, void *buffer, int length); + int (*hmac)(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out); + int (*kdf)(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key); + int (*cipher)(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out); + const char* (*get_cipher)(void *ctx); + int (*get_key_sz)(void *ctx); + int (*get_iv_sz)(void *ctx); + int (*get_block_sz)(void *ctx); + int (*get_hmac_sz)(void *ctx, int algorithm); + int (*ctx_init)(void **ctx); + int (*ctx_free)(void **ctx); + int (*fips_status)(void *ctx); + const char* (*get_provider_version)(void *ctx); +} sqlcipher_provider; + +/* public interfaces called externally */ +void sqlcipher_init_memmethods(void); +int sqlcipher_codec_pragma(sqlite3*, int, Parse*, const char *, const char*); +int sqlcipherCodecAttach(sqlite3*, int, const void *, int); +void sqlcipherCodecGetKey(sqlite3*, int, void**, int*); +void sqlcipher_exportFunc(sqlite3_context *, int, sqlite3_value **); +int sqlcipher_find_db_index(sqlite3 *, const char *); + +/* utility functions */ +void* sqlcipher_malloc(sqlite_uint64); +void* sqlcipher_memset(void *, unsigned char, sqlite_uint64); +int sqlcipher_ismemset(const void *, unsigned char, sqlite_uint64); +int sqlcipher_memcmp(const void *, const void *, int); +void sqlcipher_free(void *, sqlite_uint64); +char* sqlcipher_version(); + +/* provider interfaces */ +int sqlcipher_register_provider(sqlcipher_provider *); +sqlcipher_provider* sqlcipher_get_provider(void); + +#define SQLCIPHER_MUTEX_PROVIDER 0 +#define SQLCIPHER_MUTEX_PROVIDER_ACTIVATE 1 +#define SQLCIPHER_MUTEX_PROVIDER_RAND 2 +#define SQLCIPHER_MUTEX_RESERVED1 3 +#define SQLCIPHER_MUTEX_RESERVED2 4 +#define SQLCIPHER_MUTEX_RESERVED3 5 +#define SQLCIPHER_MUTEX_COUNT 6 + +sqlite3_mutex* sqlcipher_mutex(int); + +#define SQLCIPHER_LOG_NONE 0 +#define SQLCIPHER_LOG_ANY 0xffffffff + +#define SQLCIPHER_LOG_ERROR (1<<0) +#define SQLCIPHER_LOG_WARN (1<<1) +#define SQLCIPHER_LOG_INFO (1<<2) +#define SQLCIPHER_LOG_DEBUG (1<<3) +#define SQLCIPHER_LOG_TRACE (1<<4) + +#define SQLCIPHER_LOG_CORE (1<<0) +#define SQLCIPHER_LOG_MEMORY (1<<1) +#define SQLCIPHER_LOG_MUTEX (1<<2) +#define SQLCIPHER_LOG_PROVIDER (1<<3) + +#ifdef SQLCIPHER_OMIT_LOG +#define sqlcipher_log(level, source, message, ...) +#else +void sqlcipher_log(unsigned int level, unsigned int source, const char *message, ...); +#endif + +#ifdef CODEC_DEBUG_PAGEDATA +#define CODEC_HEXDUMP(DESC,BUFFER,LEN) \ + { \ + int __pctr; \ + printf(DESC); \ + for(__pctr=0; __pctr < LEN; __pctr++) { \ + if(__pctr % 16 == 0) printf("\n%05x: ",__pctr); \ + printf("%02x ",((unsigned char*) BUFFER)[__pctr]); \ + } \ + printf("\n"); \ + fflush(stdout); \ + } +#else +#define CODEC_HEXDUMP(DESC,BUFFER,LEN) +#endif + +#endif +#endif +/* END SQLCIPHER */ + + +/************** End of sqlcipher.h *******************************************/ +/************** Continuing where we left off in sqlcipher.c ******************/ + +/* extensions defined in pager.c */ +void *sqlcipherPagerGetCodec(Pager*); +void sqlcipherPagerSetCodec(Pager*, void *(*)(void*,void*,Pgno,int), void (*)(void*,int,int), void (*)(void*), void *); +SQLITE_API int sqlite3pager_is_sj_pgno(Pager*, Pgno); +SQLITE_API void sqlite3pager_error(Pager*, int); +SQLITE_API void sqlite3pager_reset(Pager *pPager); +/* end extensions defined in pager.c */ + +#if !defined (SQLCIPHER_CRYPTO_CC) \ + && !defined (SQLCIPHER_CRYPTO_LIBTOMCRYPT) \ + && !defined (SQLCIPHER_CRYPTO_NSS) \ + && !defined (SQLCIPHER_CRYPTO_OPENSSL) +#define SQLCIPHER_CRYPTO_OPENSSL +#endif + +#define FILE_HEADER_SZ 16 + +#define CIPHER_XSTR(s) CIPHER_STR(s) +#define CIPHER_STR(s) #s + +#ifndef CIPHER_VERSION_NUMBER +#define CIPHER_VERSION_NUMBER 4.6.1 +#endif + +#ifndef CIPHER_VERSION_BUILD +#define CIPHER_VERSION_BUILD community +#endif + +#define CIPHER_DECRYPT 0 +#define CIPHER_ENCRYPT 1 + +#define CIPHER_READ_CTX 0 +#define CIPHER_WRITE_CTX 1 +#define CIPHER_READWRITE_CTX 2 + +#ifndef PBKDF2_ITER +#define PBKDF2_ITER 256000 +#endif + +#define SQLCIPHER_FLAG_GET(FLAG,BIT) ((FLAG & BIT) != 0) +#define SQLCIPHER_FLAG_SET(FLAG,BIT) FLAG |= BIT +#define SQLCIPHER_FLAG_UNSET(FLAG,BIT) FLAG &= ~BIT + +/* possible flags for codec_ctx->flags */ +#define CIPHER_FLAG_HMAC (1 << 0) +#define CIPHER_FLAG_LE_PGNO (1 << 1) +#define CIPHER_FLAG_BE_PGNO (1 << 2) +#define CIPHER_FLAG_KEY_USED (1 << 3) +#define CIPHER_FLAG_HAS_KDF_SALT (1 << 4) + + +#ifndef DEFAULT_CIPHER_FLAGS +#define DEFAULT_CIPHER_FLAGS CIPHER_FLAG_HMAC | CIPHER_FLAG_LE_PGNO +#endif + + +/* by default, sqlcipher will use a reduced number of iterations to generate + the HMAC key / or transform a raw cipher key + */ +#ifndef FAST_PBKDF2_ITER +#define FAST_PBKDF2_ITER 2 +#endif + +/* this if a fixed random array that will be xor'd with the database salt to ensure that the + salt passed to the HMAC key derivation function is not the same as that used to derive + the encryption key. This can be overridden at compile time but it will make the resulting + binary incompatible with the default builds when using HMAC. A future version of SQLcipher + will likely allow this to be defined at runtime via pragma */ +#ifndef HMAC_SALT_MASK +#define HMAC_SALT_MASK 0x3a +#endif + +#ifndef CIPHER_MAX_IV_SZ +#define CIPHER_MAX_IV_SZ 16 +#endif + +#ifndef CIPHER_MAX_KEY_SZ +#define CIPHER_MAX_KEY_SZ 64 +#endif + + +/* +** Simple shared routines for converting hex char strings to binary data + */ +static int cipher_hex2int(char c) { + return (c>='0' && c<='9') ? (c)-'0' : + (c>='A' && c<='F') ? (c)-'A'+10 : + (c>='a' && c<='f') ? (c)-'a'+10 : 0; +} + +static void cipher_hex2bin(const unsigned char *hex, int sz, unsigned char *out){ + int i; + for(i = 0; i < sz; i += 2){ + out[i/2] = (cipher_hex2int(hex[i])<<4) | cipher_hex2int(hex[i+1]); + } +} + +static void cipher_bin2hex(const unsigned char* in, int sz, char *out) { + int i; + for(i=0; i < sz; i++) { + sqlite3_snprintf(3, out + (i*2), "%02x ", in[i]); + } +} + +static int cipher_isHex(const unsigned char *hex, int sz){ + int i; + for(i = 0; i < sz; i++) { + unsigned char c = hex[i]; + if ((c < '0' || c > '9') && + (c < 'A' || c > 'F') && + (c < 'a' || c > 'f')) { + return 0; + } + } + return 1; +} + +/* the default implementation of SQLCipher uses a cipher_ctx + to keep track of read / write state separately. The following + struct and associated functions are defined here */ +typedef struct { + int derive_key; + int pass_sz; + unsigned char *key; + unsigned char *hmac_key; + unsigned char *pass; + char *keyspec; +} cipher_ctx; + + +typedef struct { + int store_pass; + int kdf_iter; + int fast_kdf_iter; + int kdf_salt_sz; + int key_sz; + int iv_sz; + int block_sz; + int page_sz; + int keyspec_sz; + int reserve_sz; + int hmac_sz; + int plaintext_header_sz; + int hmac_algorithm; + int kdf_algorithm; + unsigned int flags; + unsigned char *kdf_salt; + unsigned char *hmac_kdf_salt; + unsigned char *buffer; + Btree *pBt; + cipher_ctx *read_ctx; + cipher_ctx *write_ctx; + sqlcipher_provider *provider; + void *provider_ctx; +} codec_ctx ; + + +#ifdef SQLCIPHER_TEST +/* possible flags for simulating specific test conditions */ +#define TEST_FAIL_ENCRYPT 0x01 +#define TEST_FAIL_DECRYPT 0x02 +#define TEST_FAIL_MIGRATE 0x04 + +static volatile unsigned int cipher_test_flags = 0; +static volatile int cipher_test_rand = 0; + +static int sqlcipher_get_test_fail() { + int x; + + /* if cipher_test_rand is not set to a non-zero value always fail (return true) */ + if (cipher_test_rand == 0) return 1; + + sqlite3_randomness(sizeof(x), &x); + return ((x % cipher_test_rand) == 0); +} +#endif + +static volatile unsigned int default_flags = DEFAULT_CIPHER_FLAGS; +static volatile unsigned char hmac_salt_mask = HMAC_SALT_MASK; +static volatile int default_kdf_iter = PBKDF2_ITER; +static volatile int default_page_size = 4096; +static volatile int default_plaintext_header_size = 0; +static volatile int default_hmac_algorithm = SQLCIPHER_HMAC_SHA512; +static volatile int default_kdf_algorithm = SQLCIPHER_PBKDF2_HMAC_SHA512; +static volatile int sqlcipher_mem_security_on = 0; +static volatile int sqlcipher_mem_executed = 0; +static volatile int sqlcipher_mem_initialized = 0; +static volatile unsigned int sqlcipher_activate_count = 0; +static volatile sqlite3_mem_methods default_mem_methods; +static sqlcipher_provider *default_provider = NULL; + +static sqlite3_mutex* sqlcipher_static_mutex[SQLCIPHER_MUTEX_COUNT]; +static FILE* sqlcipher_log_file = NULL; +static volatile int sqlcipher_log_device = 0; +static volatile unsigned int sqlcipher_log_level = SQLCIPHER_LOG_NONE; +static volatile unsigned int sqlcipher_log_source = SQLCIPHER_LOG_ANY; +static volatile int sqlcipher_log_set = 0; + +sqlite3_mutex* sqlcipher_mutex(int mutex) { + if(mutex < 0 || mutex >= SQLCIPHER_MUTEX_COUNT) return NULL; + return sqlcipher_static_mutex[mutex]; +} + +static void sqlcipher_mlock(void *ptr, sqlite_uint64 sz) { +#ifndef OMIT_MEMLOCK +#if defined(__unix__) || defined(__APPLE__) + int rc; + unsigned long pagesize = sysconf(_SC_PAGESIZE); + unsigned long offset = (unsigned long) ptr % pagesize; + + if(ptr == NULL || sz == 0) return; + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_mlock: calling mlock(%p,%lu); _SC_PAGESIZE=%lu", ptr - offset, sz + offset, pagesize); + rc = mlock(ptr - offset, sz + offset); + if(rc!=0) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_MEMORY, "sqlcipher_mlock: mlock() returned %d errno=%d", rc, errno); + sqlcipher_log(SQLCIPHER_LOG_INFO, SQLCIPHER_LOG_MEMORY, "sqlcipher_mlock: mlock(%p,%lu) returned %d errno=%d", ptr - offset, sz + offset, rc, errno); + } +#elif defined(_WIN32) +#if !(defined(WINAPI_FAMILY) && (WINAPI_FAMILY == WINAPI_FAMILY_PHONE_APP || WINAPI_FAMILY == WINAPI_FAMILY_PC_APP)) + int rc; + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_mlock: calling VirtualLock(%p,%d)", ptr, sz); + rc = VirtualLock(ptr, sz); + if(rc==0) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_MEMORY, "sqlcipher_mlock: VirtualLock() returned %d LastError=%d", rc, GetLastError()); + sqlcipher_log(SQLCIPHER_LOG_INFO, SQLCIPHER_LOG_MEMORY, "sqlcipher_mlock: VirtualLock(%p,%d) returned %d LastError=%d", ptr, sz, rc, GetLastError()); + } +#endif +#endif +#endif +} + +static void sqlcipher_munlock(void *ptr, sqlite_uint64 sz) { +#ifndef OMIT_MEMLOCK +#if defined(__unix__) || defined(__APPLE__) + int rc; + unsigned long pagesize = sysconf(_SC_PAGESIZE); + unsigned long offset = (unsigned long) ptr % pagesize; + + if(ptr == NULL || sz == 0) return; + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_munlock: calling munlock(%p,%lu)", ptr - offset, sz + offset); + rc = munlock(ptr - offset, sz + offset); + if(rc!=0) { + sqlcipher_log(SQLCIPHER_LOG_INFO, SQLCIPHER_LOG_MEMORY, "sqlcipher_munlock: munlock(%p,%lu) returned %d errno=%d", ptr - offset, sz + offset, rc, errno); + } +#elif defined(_WIN32) +#if !(defined(WINAPI_FAMILY) && (WINAPI_FAMILY == WINAPI_FAMILY_PHONE_APP || WINAPI_FAMILY == WINAPI_FAMILY_PC_APP)) + int rc; + + if(ptr == NULL || sz == 0) return; + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_munlock: calling VirtualUnlock(%p,%d)", ptr, sz); + rc = VirtualUnlock(ptr, sz); + + /* because memory allocations may be made from the same individual page, it is possible for VirtualUnlock to be called + * multiple times for the same page. Subsequent calls will return an error, but this can be safely ignored (i.e. because + * the previous call for that page unlocked the memory already). Log an info level event only in that case. */ + if(!rc) { + sqlcipher_log(SQLCIPHER_LOG_INFO, SQLCIPHER_LOG_MEMORY, "sqlcipher_munlock: VirtualUnlock(%p,%d) returned %d LastError=%d", ptr, sz, rc, GetLastError()); + } +#endif +#endif +#endif +} + +static int sqlcipher_mem_init(void *pAppData) { + return default_mem_methods.xInit(pAppData); +} +static void sqlcipher_mem_shutdown(void *pAppData) { + default_mem_methods.xShutdown(pAppData); +} +static void *sqlcipher_mem_malloc(int n) { + void *ptr = default_mem_methods.xMalloc(n); + if(!sqlcipher_mem_executed) sqlcipher_mem_executed = 1; + if(sqlcipher_mem_security_on) { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_mem_malloc: calling sqlcipher_mlock(%p,%d)", ptr, n); + sqlcipher_mlock(ptr, n); + } + return ptr; +} +static int sqlcipher_mem_size(void *p) { + return default_mem_methods.xSize(p); +} +static void sqlcipher_mem_free(void *p) { + int sz; + if(!sqlcipher_mem_executed) sqlcipher_mem_executed = 1; + if(sqlcipher_mem_security_on) { + sz = sqlcipher_mem_size(p); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_mem_free: calling sqlcipher_memset(%p,0,%d) and sqlcipher_munlock(%p, %d)", p, sz, p, sz); + sqlcipher_memset(p, 0, sz); + sqlcipher_munlock(p, sz); + } + default_mem_methods.xFree(p); +} +static void *sqlcipher_mem_realloc(void *p, int n) { + void *new = NULL; + int orig_sz = 0; + if(sqlcipher_mem_security_on) { + orig_sz = sqlcipher_mem_size(p); + if (n==0) { + sqlcipher_mem_free(p); + return NULL; + } else if (!p) { + return sqlcipher_mem_malloc(n); + } else if(n <= orig_sz) { + return p; + } else { + new = sqlcipher_mem_malloc(n); + if(new) { + memcpy(new, p, orig_sz); + sqlcipher_mem_free(p); + } + return new; + } + } else { + return default_mem_methods.xRealloc(p, n); + } +} + +static int sqlcipher_mem_roundup(int n) { + return default_mem_methods.xRoundup(n); +} + +static sqlite3_mem_methods sqlcipher_mem_methods = { + sqlcipher_mem_malloc, + sqlcipher_mem_free, + sqlcipher_mem_realloc, + sqlcipher_mem_size, + sqlcipher_mem_roundup, + sqlcipher_mem_init, + sqlcipher_mem_shutdown, + 0 +}; + +void sqlcipher_init_memmethods() { + if(sqlcipher_mem_initialized) return; + if(sqlite3_config(SQLITE_CONFIG_GETMALLOC, &default_mem_methods) != SQLITE_OK || + sqlite3_config(SQLITE_CONFIG_MALLOC, &sqlcipher_mem_methods) != SQLITE_OK) { + sqlcipher_mem_security_on = sqlcipher_mem_executed = sqlcipher_mem_initialized = 0; + } else { +#if !defined(OMIT_MEMLOCK) && defined(_WIN32) && !(defined(WINAPI_FAMILY) && (WINAPI_FAMILY == WINAPI_FAMILY_PHONE_APP || WINAPI_FAMILY == WINAPI_FAMILY_PC_APP)) + HANDLE process = NULL; + SYSTEM_INFO info; + SIZE_T dflt_min_size, dflt_max_size, min_size, max_size; + DWORD pid = GetCurrentProcessId(); + + if(pid == 0) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_MEMORY, "sqlcipher_init_memmethods: error calling GetCurrentProcessId: %d", GetLastError()); + goto cleanup; + } + + if((process = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_SET_QUOTA, FALSE, pid)) == NULL) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_MEMORY, "sqlcipher_init_memmethods: error calling OpenProcess for pid=%d: %d", pid, GetLastError()); + goto cleanup; + } + + /* lookup native memory page size for caclulating default working set sizes */ + GetNativeSystemInfo(&info); + + /* https://learn.microsoft.com/en-us/windows/win32/api/memoryapi/nf-memoryapi-setprocessworkingsetsize#parameters + Default Min Set Size is 50 pages. + Default Max Set Size is 345 pages */ + dflt_min_size = info.dwPageSize * 50; + dflt_max_size = info.dwPageSize * 345; + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_init_memmethods: calculated dflt_min_size=%zu dflt_max_size=%zu for memory page size %d", dflt_min_size, dflt_max_size, info.dwPageSize); + + /* retrieve current min and max set sizes for comparison */ + if(!GetProcessWorkingSetSize(process, &min_size, &max_size)) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_MEMORY, "sqlcipher_init_memmethods: error calling GetProcessWorkingSetSize %d", GetLastError()); + goto cleanup; + } + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_init_memmethods: GetProcessWorkingSetSize returned min=%zu max=%zu", min_size, max_size); + + if(min_size == dflt_min_size && max_size == dflt_max_size) { + /* application has not set any special non-default working set sizes. Caclulate the new min working set size to be + 5 times default to allow greater number of pages to be VirtualLocked, max size will be left unchanged */ + min_size *= 5; + if(!SetProcessWorkingSetSize(process, min_size, max_size)) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_MEMORY, "sqlcipher_init_memmethods: error calling SetProcessWorkingSetSize with min=%zu max=%zu: %d", min_size, max_size, GetLastError()); + goto cleanup; + } + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "sqlcipher_init_memmethods: called SetProcessWorkingSetSize for min=%zu max=%zu", min_size, max_size); + } else { + sqlcipher_log(SQLCIPHER_LOG_INFO, SQLCIPHER_LOG_MEMORY, "sqlcipher_init_memmethods: application has custom working set sizes min=%zu max=%zu - skipped alteration of working set sizes", min_size, max_size); + } + +cleanup: + if (process) CloseHandle(process); +#endif + sqlcipher_mem_initialized = 1; + } +} + +int sqlcipher_register_provider(sqlcipher_provider *p) { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_register_provider: entering SQLCIPHER_MUTEX_PROVIDER"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_register_provider: entered SQLCIPHER_MUTEX_PROVIDER"); + + if(default_provider != NULL && default_provider != p) { + /* only free the current registerd provider if it has been initialized + and it isn't a pointer to the same provider passed to the function + (i.e. protect against a caller calling register twice for the same provider) */ + sqlcipher_free(default_provider, sizeof(sqlcipher_provider)); + } + default_provider = p; + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_register_provider: leaving SQLCIPHER_MUTEX_PROVIDER"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_register_provider: left SQLCIPHER_MUTEX_PROVIDER"); + + return SQLITE_OK; +} + +/* return a pointer to the currently registered provider. This will + allow an application to fetch the current registered provider and + make minor changes to it */ +sqlcipher_provider* sqlcipher_get_provider() { + return default_provider; +} + +static void sqlcipher_activate() { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_activate: entering static master mutex"); + sqlite3_mutex_enter(sqlite3_mutex_alloc(SQLITE_MUTEX_STATIC_MASTER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_activate: entered static master mutex"); + + /* allocate new mutexes */ + if(sqlcipher_activate_count == 0) { + int i; + for(i = 0; i < SQLCIPHER_MUTEX_COUNT; i++) { + sqlcipher_static_mutex[i] = sqlite3_mutex_alloc(SQLITE_MUTEX_FAST); + } +#ifndef SQLCIPHER_OMIT_DEFAULT_LOGGING + /* when sqlcipher is first activated, set a default log target and level of WARN if the + logging settings have not yet been initialized. Use the "device log" for + android (logcat) or apple (console). Use stderr on all other platforms. */ + if(!sqlcipher_log_set) { + + /* set log level if it is different than the uninitalized default value of NONE */ + if(sqlcipher_log_level == SQLCIPHER_LOG_NONE) { + sqlcipher_log_level = SQLCIPHER_LOG_WARN; + } + + /* set the default file or device if neither is already set */ + if(sqlcipher_log_device == 0 && sqlcipher_log_file == NULL) { +#if defined(__ANDROID__) || defined(__APPLE__) + sqlcipher_log_device = 1; +#else + sqlcipher_log_file = stderr; +#endif + } + sqlcipher_log_set = 1; + } +#endif + } + + /* check to see if there is a provider registered at this point + if there no provider registered at this point, register the + default provider */ + if(sqlcipher_get_provider() == NULL) { + sqlcipher_provider *p = sqlcipher_malloc(sizeof(sqlcipher_provider)); +#if defined (SQLCIPHER_CRYPTO_CC) + extern int sqlcipher_cc_setup(sqlcipher_provider *p); + sqlcipher_cc_setup(p); +#elif defined (SQLCIPHER_CRYPTO_LIBTOMCRYPT) + extern int sqlcipher_ltc_setup(sqlcipher_provider *p); + sqlcipher_ltc_setup(p); +#elif defined (SQLCIPHER_CRYPTO_NSS) + extern int sqlcipher_nss_setup(sqlcipher_provider *p); + sqlcipher_nss_setup(p); +#elif defined (SQLCIPHER_CRYPTO_OPENSSL) + extern int sqlcipher_openssl_setup(sqlcipher_provider *p); + sqlcipher_openssl_setup(p); +#elif defined (SQLCIPHER_CRYPTO_OSSL3) + extern int sqlcipher_ossl3_setup(sqlcipher_provider *p); + sqlcipher_ossl3_setup(p); +#else +#error "NO DEFAULT SQLCIPHER CRYPTO PROVIDER DEFINED" +#endif + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_activate: calling sqlcipher_register_provider(%p)", p); + sqlcipher_register_provider(p); + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_activate: called sqlcipher_register_provider(%p)",p); + } + + sqlcipher_activate_count++; /* increment activation count */ + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_activate: leaving static master mutex"); + sqlite3_mutex_leave(sqlite3_mutex_alloc(SQLITE_MUTEX_STATIC_MASTER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_activate: left static master mutex"); +} + +static void sqlcipher_deactivate() { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_deactivate: entering static master mutex"); + sqlite3_mutex_enter(sqlite3_mutex_alloc(SQLITE_MUTEX_STATIC_MASTER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_deactivate: entered static master mutex"); + + sqlcipher_activate_count--; + /* if no connections are using sqlcipher, cleanup globals */ + if(sqlcipher_activate_count < 1) { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_deactivate: entering SQLCIPHER_MUTEX_PROVIDER"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_deactivate: entered SQLCIPHER_MUTEX_PROVIDER"); + + if(default_provider != NULL) { + sqlcipher_free(default_provider, sizeof(sqlcipher_provider)); + default_provider = NULL; + } + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_deactivate: leaving SQLCIPHER_MUTEX_PROVIDER"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_deactivate: left SQLCIPHER_MUTEX_PROVIDER"); + + /* last connection closed, free mutexes */ + if(sqlcipher_activate_count == 0) { + int i; + for(i = 0; i < SQLCIPHER_MUTEX_COUNT; i++) { + sqlite3_mutex_free(sqlcipher_static_mutex[i]); + } + } + sqlcipher_activate_count = 0; /* reset activation count */ + } + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_deactivate: leaving static master mutex"); + sqlite3_mutex_leave(sqlite3_mutex_alloc(SQLITE_MUTEX_STATIC_MASTER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_deactivate: left static master mutex"); +} + +/* constant time memset using volitile to avoid having the memset + optimized out by the compiler. + Note: As suggested by Joachim Schipper (joachim.schipper@fox-it.com) +*/ +void* sqlcipher_memset(void *v, unsigned char value, sqlite_uint64 len) { + volatile sqlite_uint64 i = 0; + volatile unsigned char *a = v; + + if (v == NULL) return v; + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_memset: setting %p[0-%llu]=%d)", a, len, value); + for(i = 0; i < len; i++) { + a[i] = value; + } + + return v; +} + +/* constant time memory check tests every position of a memory segement + matches a single value (i.e. the memory is all zeros) + returns 0 if match, 1 of no match */ +int sqlcipher_ismemset(const void *v, unsigned char value, sqlite_uint64 len) { + const volatile unsigned char *a = v; + volatile sqlite_uint64 i = 0, result = 0; + + for(i = 0; i < len; i++) { + result |= a[i] ^ value; + } + + return (result != 0); +} + +/* constant time memory comparison routine. + returns 0 if match, 1 if no match */ +int sqlcipher_memcmp(const void *v0, const void *v1, int len) { + const volatile unsigned char *a0 = v0, *a1 = v1; + volatile int i = 0, result = 0; + + for(i = 0; i < len; i++) { + result |= a0[i] ^ a1[i]; + } + + return (result != 0); +} + +/** + * Free and wipe memory. Uses SQLites internal sqlite3_free so that memory + * can be countend and memory leak detection works in the test suite. + * If ptr is not null memory will be freed. + * If sz is greater than zero, the memory will be overwritten with zero before it is freed + * If sz is > 0, and not compiled with OMIT_MEMLOCK, system will attempt to unlock the + * memory segment so it can be paged + */ +void sqlcipher_free(void *ptr, sqlite_uint64 sz) { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_free: calling sqlcipher_memset(%p,0,%llu)", ptr, sz); + sqlcipher_memset(ptr, 0, sz); + sqlcipher_munlock(ptr, sz); + sqlite3_free(ptr); +} + +/** + * allocate memory. Uses sqlite's internall malloc wrapper so memory can be + * reference counted and leak detection works. Unless compiled with OMIT_MEMLOCK + * attempts to lock the memory pages so sensitive information won't be swapped + */ +void* sqlcipher_malloc(sqlite_uint64 sz) { + void *ptr; + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_malloc: calling sqlite3Malloc(%llu)", sz); + ptr = sqlite3Malloc(sz); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MEMORY, "sqlcipher_malloc: calling sqlcipher_memset(%p,0,%llu)", ptr, sz); + sqlcipher_memset(ptr, 0, sz); + sqlcipher_mlock(ptr, sz); + return ptr; +} + +char* sqlcipher_version() { +#ifdef CIPHER_VERSION_QUALIFIER + char *version = sqlite3_mprintf("%s %s %s", CIPHER_XSTR(CIPHER_VERSION_NUMBER), CIPHER_XSTR(CIPHER_VERSION_QUALIFIER), CIPHER_XSTR(CIPHER_VERSION_BUILD)); +#else + char *version = sqlite3_mprintf("%s %s", CIPHER_XSTR(CIPHER_VERSION_NUMBER), CIPHER_XSTR(CIPHER_VERSION_BUILD)); +#endif + return version; +} + +/** + * Initialize new cipher_ctx struct. This function will allocate memory + * for the cipher context and for the key + * + * returns SQLITE_OK if initialization was successful + * returns SQLITE_NOMEM if an error occured allocating memory + */ +static int sqlcipher_cipher_ctx_init(codec_ctx *ctx, cipher_ctx **iCtx) { + cipher_ctx *c_ctx; + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "sqlcipher_cipher_ctx_init: allocating context"); + *iCtx = (cipher_ctx *) sqlcipher_malloc(sizeof(cipher_ctx)); + c_ctx = *iCtx; + if(c_ctx == NULL) return SQLITE_NOMEM; + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "sqlcipher_cipher_ctx_init: allocating key"); + c_ctx->key = (unsigned char *) sqlcipher_malloc(ctx->key_sz); + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "sqlcipher_cipher_ctx_init: allocating hmac_key"); + c_ctx->hmac_key = (unsigned char *) sqlcipher_malloc(ctx->key_sz); + + if(c_ctx->key == NULL) return SQLITE_NOMEM; + if(c_ctx->hmac_key == NULL) return SQLITE_NOMEM; + + return SQLITE_OK; +} + +/** + * Free and wipe memory associated with a cipher_ctx + */ +static void sqlcipher_cipher_ctx_free(codec_ctx* ctx, cipher_ctx **iCtx) { + cipher_ctx *c_ctx = *iCtx; + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "cipher_ctx_free: iCtx=%p", iCtx); + if(c_ctx->key) sqlcipher_free(c_ctx->key, ctx->key_sz); + if(c_ctx->hmac_key) sqlcipher_free(c_ctx->hmac_key, ctx->key_sz); + if(c_ctx->pass) sqlcipher_free(c_ctx->pass, c_ctx->pass_sz); + if(c_ctx->keyspec) sqlcipher_free(c_ctx->keyspec, ctx->keyspec_sz); + sqlcipher_free(c_ctx, sizeof(cipher_ctx)); +} + +static int sqlcipher_codec_ctx_reserve_setup(codec_ctx *ctx) { + int base_reserve = ctx->iv_sz; /* base reserve size will be IV only */ + int reserve = base_reserve; + + ctx->hmac_sz = ctx->provider->get_hmac_sz(ctx->provider_ctx, ctx->hmac_algorithm); + + if(SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_HMAC)) + reserve += ctx->hmac_sz; /* if reserve will include hmac, update that size */ + + /* calculate the amount of reserve needed in even increments of the cipher block size */ + if(ctx->block_sz > 0) { + reserve = ((reserve % ctx->block_sz) == 0) ? reserve : + ((reserve / ctx->block_sz) + 1) * ctx->block_sz; + } + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_reserve_setup: base_reserve=%d block_sz=%d md_size=%d reserve=%d", + base_reserve, ctx->block_sz, ctx->hmac_sz, reserve); + + ctx->reserve_sz = reserve; + + return SQLITE_OK; +} + +/** + * Compare one cipher_ctx to another. + * + * returns 0 if all the parameters (except the derived key data) are the same + * returns 1 otherwise + */ +static int sqlcipher_cipher_ctx_cmp(cipher_ctx *c1, cipher_ctx *c2) { + int are_equal = ( + c1->pass_sz == c2->pass_sz + && ( + c1->pass == c2->pass + || !sqlcipher_memcmp((const unsigned char*)c1->pass, + (const unsigned char*)c2->pass, + c1->pass_sz) + )); + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_cmp: c1=%p c2=%p sqlcipher_memcmp(c1->pass, c2_pass)=%d are_equal=%d", + c1, c2, + (c1->pass == NULL || c2->pass == NULL) ? + -1 : + sqlcipher_memcmp( + (const unsigned char*)c1->pass, + (const unsigned char*)c2->pass, + c1->pass_sz + ), + are_equal + ); + + return !are_equal; /* return 0 if they are the same, 1 otherwise */ +} + +/** + * Copy one cipher_ctx to another. For instance, assuming that read_ctx is a + * fully initialized context, you could copy it to write_ctx and all yet data + * and pass information across + * + * returns SQLITE_OK if initialization was successful + * returns SQLITE_NOMEM if an error occured allocating memory + */ +static int sqlcipher_cipher_ctx_copy(codec_ctx *ctx, cipher_ctx *target, cipher_ctx *source) { + void *key = target->key; + void *hmac_key = target->hmac_key; + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_copy: target=%p, source=%p", target, source); + if(target->pass) sqlcipher_free(target->pass, target->pass_sz); + if(target->keyspec) sqlcipher_free(target->keyspec, ctx->keyspec_sz); + memcpy(target, source, sizeof(cipher_ctx)); + + target->key = key; /* restore pointer to previously allocated key data */ + memcpy(target->key, source->key, ctx->key_sz); + + target->hmac_key = hmac_key; /* restore pointer to previously allocated hmac key data */ + memcpy(target->hmac_key, source->hmac_key, ctx->key_sz); + + if(source->pass && source->pass_sz) { + target->pass = sqlcipher_malloc(source->pass_sz); + if(target->pass == NULL) return SQLITE_NOMEM; + memcpy(target->pass, source->pass, source->pass_sz); + } + if(source->keyspec) { + target->keyspec = sqlcipher_malloc(ctx->keyspec_sz); + if(target->keyspec == NULL) return SQLITE_NOMEM; + memcpy(target->keyspec, source->keyspec, ctx->keyspec_sz); + } + return SQLITE_OK; +} + +/** + * Set the keyspec for the cipher_ctx + * + * returns SQLITE_OK if assignment was successfull + * returns SQLITE_NOMEM if an error occured allocating memory + */ +static int sqlcipher_cipher_ctx_set_keyspec(codec_ctx *ctx, cipher_ctx *c_ctx, const unsigned char *key) { + /* free, zero existing pointers and size */ + if(c_ctx->keyspec) sqlcipher_free(c_ctx->keyspec, ctx->keyspec_sz); + c_ctx->keyspec = NULL; + + c_ctx->keyspec = sqlcipher_malloc(ctx->keyspec_sz); + if(c_ctx->keyspec == NULL) return SQLITE_NOMEM; + + c_ctx->keyspec[0] = 'x'; + c_ctx->keyspec[1] = '\''; + cipher_bin2hex(key, ctx->key_sz, c_ctx->keyspec + 2); + cipher_bin2hex(ctx->kdf_salt, ctx->kdf_salt_sz, c_ctx->keyspec + (ctx->key_sz * 2) + 2); + c_ctx->keyspec[ctx->keyspec_sz - 1] = '\''; + return SQLITE_OK; +} + +static void sqlcipher_set_derive_key(codec_ctx *ctx, int derive) { + if(ctx->read_ctx != NULL) ctx->read_ctx->derive_key = derive; + if(ctx->write_ctx != NULL) ctx->write_ctx->derive_key = derive; +} + +/** + * Set the passphrase for the cipher_ctx + * + * returns SQLITE_OK if assignment was successfull + * returns SQLITE_NOMEM if an error occured allocating memory + */ +static int sqlcipher_cipher_ctx_set_pass(cipher_ctx *ctx, const void *zKey, int nKey) { + /* free, zero existing pointers and size */ + if(ctx->pass) sqlcipher_free(ctx->pass, ctx->pass_sz); + ctx->pass = NULL; + ctx->pass_sz = 0; + + if(zKey && nKey) { /* if new password is provided, copy it */ + ctx->pass_sz = nKey; + ctx->pass = sqlcipher_malloc(nKey); + if(ctx->pass == NULL) return SQLITE_NOMEM; + memcpy(ctx->pass, zKey, nKey); + } + return SQLITE_OK; +} + +static int sqlcipher_codec_ctx_set_pass(codec_ctx *ctx, const void *zKey, int nKey, int for_ctx) { + cipher_ctx *c_ctx = for_ctx ? ctx->write_ctx : ctx->read_ctx; + int rc; + + if((rc = sqlcipher_cipher_ctx_set_pass(c_ctx, zKey, nKey)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_set_pass: error %d from sqlcipher_cipher_ctx_set_pass", rc); + return rc; + } + + c_ctx->derive_key = 1; + + if(for_ctx == 2) { + if((rc = sqlcipher_cipher_ctx_copy(ctx, for_ctx ? ctx->read_ctx : ctx->write_ctx, c_ctx)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_set_pass: error %d from sqlcipher_cipher_ctx_copy", rc); + return rc; + } + } + + return SQLITE_OK; +} + +static int sqlcipher_codec_ctx_set_kdf_iter(codec_ctx *ctx, int kdf_iter) { + ctx->kdf_iter = kdf_iter; + sqlcipher_set_derive_key(ctx, 1); + return SQLITE_OK; +} + +static int sqlcipher_codec_ctx_set_fast_kdf_iter(codec_ctx *ctx, int fast_kdf_iter) { + ctx->fast_kdf_iter = fast_kdf_iter; + sqlcipher_set_derive_key(ctx, 1); + return SQLITE_OK; +} + +/* set the global default flag for HMAC */ +static void sqlcipher_set_default_use_hmac(int use) { + if(use) SQLCIPHER_FLAG_SET(default_flags, CIPHER_FLAG_HMAC); + else SQLCIPHER_FLAG_UNSET(default_flags,CIPHER_FLAG_HMAC); +} + +/* set the codec flag for whether this individual database should be using hmac */ +static int sqlcipher_codec_ctx_set_use_hmac(codec_ctx *ctx, int use) { + if(use) { + SQLCIPHER_FLAG_SET(ctx->flags, CIPHER_FLAG_HMAC); + } else { + SQLCIPHER_FLAG_UNSET(ctx->flags, CIPHER_FLAG_HMAC); + } + + return sqlcipher_codec_ctx_reserve_setup(ctx); +} + +/* the length of plaintext header size must be: + * 1. greater than or equal to zero + * 2. a multiple of the cipher block size + * 3. less than the usable size of the first database page + */ +static int sqlcipher_codec_ctx_set_plaintext_header_size(codec_ctx *ctx, int size) { + if(size >= 0 && ctx->block_sz > 0 && (size % ctx->block_sz) == 0 && size < (ctx->page_sz - ctx->reserve_sz)) { + ctx->plaintext_header_sz = size; + return SQLITE_OK; + } + ctx->plaintext_header_sz = -1; + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_set_plaintext_header_size: attempt to set invalid plantext_header_size %d", size); + return SQLITE_ERROR; +} + +static int sqlcipher_codec_ctx_set_hmac_algorithm(codec_ctx *ctx, int algorithm) { + ctx->hmac_algorithm = algorithm; + return sqlcipher_codec_ctx_reserve_setup(ctx); +} + +static int sqlcipher_codec_ctx_set_kdf_algorithm(codec_ctx *ctx, int algorithm) { + ctx->kdf_algorithm = algorithm; + return SQLITE_OK; +} + +static void sqlcipher_codec_ctx_set_error(codec_ctx *ctx, int error) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_set_error %d", error); + sqlite3pager_error(ctx->pBt->pBt->pPager, error); + ctx->pBt->pBt->db->errCode = error; +} + +static int sqlcipher_codec_ctx_init_kdf_salt(codec_ctx *ctx) { + sqlite3_file *fd = sqlite3PagerFile(ctx->pBt->pBt->pPager); + + if(SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_HAS_KDF_SALT)) { + return SQLITE_OK; /* don't reload salt when not needed */ + } + + /* read salt from header, if present, otherwise generate a new random salt */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init_kdf_salt: obtaining salt"); + if(fd == NULL || fd->pMethods == 0 || sqlite3OsRead(fd, ctx->kdf_salt, ctx->kdf_salt_sz, 0) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init_kdf_salt: unable to read salt from file header, generating random"); + if(ctx->provider->random(ctx->provider_ctx, ctx->kdf_salt, ctx->kdf_salt_sz) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init_kdf_salt: error retrieving random bytes from provider"); + return SQLITE_ERROR; + } + } + SQLCIPHER_FLAG_SET(ctx->flags, CIPHER_FLAG_HAS_KDF_SALT); + return SQLITE_OK; +} + +static int sqlcipher_codec_ctx_set_kdf_salt(codec_ctx *ctx, unsigned char *salt, int size) { + if(size >= ctx->kdf_salt_sz) { + memcpy(ctx->kdf_salt, salt, ctx->kdf_salt_sz); + SQLCIPHER_FLAG_SET(ctx->flags, CIPHER_FLAG_HAS_KDF_SALT); + return SQLITE_OK; + } + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_set_kdf_salt: attempt to set salt of incorrect size %d", size); + return SQLITE_ERROR; +} + +static int sqlcipher_codec_ctx_get_kdf_salt(codec_ctx *ctx, void** salt) { + int rc = SQLITE_OK; + if(!SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_HAS_KDF_SALT)) { + if((rc = sqlcipher_codec_ctx_init_kdf_salt(ctx)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_get_kdf_salt: error %d from sqlcipher_codec_ctx_init_kdf_salt", rc); + } + } + *salt = ctx->kdf_salt; + + return rc; +} + +static int sqlcipher_codec_ctx_set_pagesize(codec_ctx *ctx, int size) { + if(!((size != 0) && ((size & (size - 1)) == 0)) || size < 512 || size > 65536) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "cipher_page_size not a power of 2 and between 512 and 65536 inclusive"); + return SQLITE_ERROR; + } + /* attempt to free the existing page buffer */ + if(ctx->buffer) sqlcipher_free(ctx->buffer,ctx->page_sz); + ctx->page_sz = size; + + /* pre-allocate a page buffer of PageSize bytes. This will + be used as a persistent buffer for encryption and decryption + operations to avoid overhead of multiple memory allocations*/ + ctx->buffer = sqlcipher_malloc(size); + if(ctx->buffer == NULL) return SQLITE_NOMEM; + + return SQLITE_OK; +} + +static int sqlcipher_codec_ctx_init(codec_ctx **iCtx, Db *pDb, Pager *pPager, const void *zKey, int nKey) { + int rc; + codec_ctx *ctx; + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "sqlcipher_codec_ctx_init: allocating context"); + + *iCtx = sqlcipher_malloc(sizeof(codec_ctx)); + ctx = *iCtx; + + if(ctx == NULL) return SQLITE_NOMEM; + + ctx->pBt = pDb->pBt; /* assign pointer to database btree structure */ + + /* allocate space for salt data. Then read the first 16 bytes + directly off the database file. This is the salt for the + key derivation function. If we get a short read allocate + a new random salt value */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "sqlcipher_codec_ctx_init: allocating kdf_salt"); + ctx->kdf_salt_sz = FILE_HEADER_SZ; + ctx->kdf_salt = sqlcipher_malloc(ctx->kdf_salt_sz); + if(ctx->kdf_salt == NULL) return SQLITE_NOMEM; + + /* allocate space for separate hmac salt data. We want the + HMAC derivation salt to be different than the encryption + key derivation salt */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "sqlcipher_codec_ctx_init: allocating hmac_kdf_salt"); + ctx->hmac_kdf_salt = sqlcipher_malloc(ctx->kdf_salt_sz); + if(ctx->hmac_kdf_salt == NULL) return SQLITE_NOMEM; + + /* setup default flags */ + ctx->flags = default_flags; + + /* setup the crypto provider */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "sqlcipher_codec_ctx_init: allocating provider"); + ctx->provider = (sqlcipher_provider *) sqlcipher_malloc(sizeof(sqlcipher_provider)); + if(ctx->provider == NULL) return SQLITE_NOMEM; + + /* make a copy of the provider to be used for the duration of the context */ + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_codec_ctx_init: entering SQLCIPHER_MUTEX_PROVIDER"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_codec_ctx_init: entered SQLCIPHER_MUTEX_PROVIDER"); + + memcpy(ctx->provider, default_provider, sizeof(sqlcipher_provider)); + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_codec_ctx_init: leaving SQLCIPHER_MUTEX_PROVIDER"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_codec_ctx_init: left SQLCIPHER_MUTEX_PROVIDER"); + + if((rc = ctx->provider->ctx_init(&ctx->provider_ctx)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d returned from ctx_init", rc); + return rc; + } + + ctx->key_sz = ctx->provider->get_key_sz(ctx->provider_ctx); + ctx->iv_sz = ctx->provider->get_iv_sz(ctx->provider_ctx); + ctx->block_sz = ctx->provider->get_block_sz(ctx->provider_ctx); + + /* establic the size for a hex-formated key specification, containing the + raw encryption key and the salt used to generate it format. will be x'hexkey...hexsalt' + so oversize by 3 bytes */ + ctx->keyspec_sz = ((ctx->key_sz + ctx->kdf_salt_sz) * 2) + 3; + + /* + Always overwrite page size and set to the default because the first page of the database + in encrypted and thus sqlite can't effectively determine the pagesize. this causes an issue in + cases where bytes 16 & 17 of the page header are a power of 2 as reported by John Lehman + */ + if((rc = sqlcipher_codec_ctx_set_pagesize(ctx, default_page_size)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d returned from sqlcipher_codec_ctx_set_pagesize with %d", rc, default_page_size); + return rc; + } + + /* establish settings for the KDF iterations and fast (HMAC) KDF iterations */ + if((rc = sqlcipher_codec_ctx_set_kdf_iter(ctx, default_kdf_iter)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d setting default_kdf_iter %d", rc, default_kdf_iter); + return rc; + } + + if((rc = sqlcipher_codec_ctx_set_fast_kdf_iter(ctx, FAST_PBKDF2_ITER)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d setting fast_kdf_iter to %d", rc, FAST_PBKDF2_ITER); + return rc; + } + + /* set the default HMAC and KDF algorithms which will determine the reserve size */ + if((rc = sqlcipher_codec_ctx_set_hmac_algorithm(ctx, default_hmac_algorithm)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d setting sqlcipher_codec_ctx_set_hmac_algorithm with %d", rc, default_hmac_algorithm); + return rc; + } + + /* Note that use_hmac is a special case that requires recalculation of page size + so we call set_use_hmac to perform setup */ + if((rc = sqlcipher_codec_ctx_set_use_hmac(ctx, SQLCIPHER_FLAG_GET(default_flags, CIPHER_FLAG_HMAC))) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d setting use_hmac %d", rc, SQLCIPHER_FLAG_GET(default_flags, CIPHER_FLAG_HMAC)); + return rc; + } + + if((rc = sqlcipher_codec_ctx_set_kdf_algorithm(ctx, default_kdf_algorithm)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d setting sqlcipher_codec_ctx_set_kdf_algorithm with %d", rc, default_kdf_algorithm); + return rc; + } + + /* setup the default plaintext header size */ + if((rc = sqlcipher_codec_ctx_set_plaintext_header_size(ctx, default_plaintext_header_size)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d setting sqlcipher_codec_ctx_set_plaintext_header_size with %d", rc, default_plaintext_header_size); + return rc; + } + + /* initialize the read and write sub-contexts. this must happen after key_sz is established */ + if((rc = sqlcipher_cipher_ctx_init(ctx, &ctx->read_ctx)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d initializing read_ctx", rc); + return rc; + } + + if((rc = sqlcipher_cipher_ctx_init(ctx, &ctx->write_ctx)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d initializing write_ctx", rc); + return rc; + } + + /* set the key material on one of the sub cipher contexts and sync them up */ + if((rc = sqlcipher_codec_ctx_set_pass(ctx, zKey, nKey, 0)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d setting pass key", rc); + return rc; + } + + if((rc = sqlcipher_cipher_ctx_copy(ctx, ctx->write_ctx, ctx->read_ctx)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_init: error %d copying write_ctx to read_ctx", rc); + return rc; + } + + return SQLITE_OK; +} + +/** + * Free and wipe memory associated with a cipher_ctx, including the allocated + * read_ctx and write_ctx. + */ +static void sqlcipher_codec_ctx_free(codec_ctx **iCtx) { + codec_ctx *ctx = *iCtx; + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_MEMORY, "codec_ctx_free: iCtx=%p", iCtx); + if(ctx->kdf_salt) sqlcipher_free(ctx->kdf_salt, ctx->kdf_salt_sz); + if(ctx->hmac_kdf_salt) sqlcipher_free(ctx->hmac_kdf_salt, ctx->kdf_salt_sz); + if(ctx->buffer) sqlcipher_free(ctx->buffer, ctx->page_sz); + + if(ctx->provider) { + ctx->provider->ctx_free(&ctx->provider_ctx); + sqlcipher_free(ctx->provider, sizeof(sqlcipher_provider)); + } + + sqlcipher_cipher_ctx_free(ctx, &ctx->read_ctx); + sqlcipher_cipher_ctx_free(ctx, &ctx->write_ctx); + sqlcipher_free(ctx, sizeof(codec_ctx)); +} + +/** convert a 32bit unsigned integer to little endian byte ordering */ +static void sqlcipher_put4byte_le(unsigned char *p, u32 v) { + p[0] = (u8)v; + p[1] = (u8)(v>>8); + p[2] = (u8)(v>>16); + p[3] = (u8)(v>>24); +} + +static int sqlcipher_page_hmac(codec_ctx *ctx, cipher_ctx *c_ctx, Pgno pgno, unsigned char *in, int in_sz, unsigned char *out) { + unsigned char pgno_raw[sizeof(pgno)]; + /* we may convert page number to consistent representation before calculating MAC for + compatibility across big-endian and little-endian platforms. + + Note: The public release of sqlcipher 2.0.0 to 2.0.6 had a bug where the bytes of pgno + were used directly in the MAC. SQLCipher convert's to little endian by default to preserve + backwards compatibility on the most popular platforms, but can optionally be configured + to use either big endian or native byte ordering via pragma. */ + + if(SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_LE_PGNO)) { /* compute hmac using little endian pgno*/ + sqlcipher_put4byte_le(pgno_raw, pgno); + } else if(SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_BE_PGNO)) { /* compute hmac using big endian pgno */ + sqlite3Put4byte(pgno_raw, pgno); /* sqlite3Put4byte converts 32bit uint to big endian */ + } else { /* use native byte ordering */ + memcpy(pgno_raw, &pgno, sizeof(pgno)); + } + + /* include the encrypted page data, initialization vector, and page number in HMAC. This will + prevent both tampering with the ciphertext, manipulation of the IV, or resequencing otherwise + valid pages out of order in a database */ + return ctx->provider->hmac( + ctx->provider_ctx, ctx->hmac_algorithm, c_ctx->hmac_key, + ctx->key_sz, in, + in_sz, (unsigned char*) &pgno_raw, + sizeof(pgno), out); +} + +/* + * ctx - codec context + * pgno - page number in database + * size - size in bytes of input and output buffers + * mode - 1 to encrypt, 0 to decrypt + * in - pointer to input bytes + * out - pouter to output bytes + */ +static int sqlcipher_page_cipher(codec_ctx *ctx, int for_ctx, Pgno pgno, int mode, int page_sz, unsigned char *in, unsigned char *out) { + cipher_ctx *c_ctx = for_ctx ? ctx->write_ctx : ctx->read_ctx; + unsigned char *iv_in, *iv_out, *hmac_in, *hmac_out, *out_start; + int size; + + /* calculate some required positions into various buffers */ + size = page_sz - ctx->reserve_sz; /* adjust size to useable size and memset reserve at end of page */ + iv_out = out + size; + iv_in = in + size; + + /* hmac will be written immediately after the initialization vector. the remainder of the page reserve will contain + random bytes. note, these pointers are only valid when using hmac */ + hmac_in = in + size + ctx->iv_sz; + hmac_out = out + size + ctx->iv_sz; + out_start = out; /* note the original position of the output buffer pointer, as out will be rewritten during encryption */ + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_page_cipher: pgno=%d, mode=%d, size=%d", pgno, mode, size); + CODEC_HEXDUMP("sqlcipher_page_cipher: input page data", in, page_sz); + + /* the key size should never be zero. If it is, error out. */ + if(ctx->key_sz == 0) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_page_cipher: error possible context corruption, key_sz is zero for pgno=%d", pgno); + goto error; + } + + if(mode == CIPHER_ENCRYPT) { + /* start at front of the reserve block, write random data to the end */ + if(ctx->provider->random(ctx->provider_ctx, iv_out, ctx->reserve_sz) != SQLITE_OK) goto error; + } else { /* CIPHER_DECRYPT */ + memcpy(iv_out, iv_in, ctx->iv_sz); /* copy the iv from the input to output buffer */ + } + + if(SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_HMAC) && (mode == CIPHER_DECRYPT)) { + if(sqlcipher_page_hmac(ctx, c_ctx, pgno, in, size + ctx->iv_sz, hmac_out) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_page_cipher: hmac operation on decrypt failed for pgno=%d", pgno); + goto error; + } + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_page_cipher: comparing hmac on in=%p out=%p hmac_sz=%d", hmac_in, hmac_out, ctx->hmac_sz); + if(sqlcipher_memcmp(hmac_in, hmac_out, ctx->hmac_sz) != 0) { /* the hmac check failed */ + if(sqlite3BtreeGetAutoVacuum(ctx->pBt) != BTREE_AUTOVACUUM_NONE && sqlcipher_ismemset(in, 0, page_sz) == 0) { + /* first check if the entire contents of the page is zeros. If so, this page + resulted from a short read (i.e. sqlite attempted to pull a page after the end of the file. these + short read failures must be ignored for autovaccum mode to work so wipe the output buffer + and return SQLITE_OK to skip the decryption step. */ + sqlcipher_log(SQLCIPHER_LOG_INFO, SQLCIPHER_LOG_CORE, "sqlcipher_page_cipher: zeroed page (short read) for pgno %d with autovacuum enabled", pgno); + sqlcipher_memset(out, 0, page_sz); + return SQLITE_OK; + } else { + /* if the page memory is not all zeros, it means the there was data and a hmac on the page. + since the check failed, the page was either tampered with or corrupted. wipe the output buffer, + and return SQLITE_ERROR to the caller */ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_page_cipher: hmac check failed for pgno=%d", pgno); + goto error; + } + } + } + + if(ctx->provider->cipher(ctx->provider_ctx, mode, c_ctx->key, ctx->key_sz, iv_out, in, size, out) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_page_cipher: cipher operation mode=%d failed for pgno=%d", mode, pgno); + goto error; + }; + + if(SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_HMAC) && (mode == CIPHER_ENCRYPT)) { + if(sqlcipher_page_hmac(ctx, c_ctx, pgno, out_start, size + ctx->iv_sz, hmac_out) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_page_cipher: hmac operation on encrypt failed for pgno=%d", pgno); + goto error; + }; + } + + CODEC_HEXDUMP("sqlcipher_page_cipher: output page data", out_start, page_sz); + + return SQLITE_OK; +error: + sqlcipher_memset(out, 0, page_sz); + return SQLITE_ERROR; +} + +/** + * Derive an encryption key for a cipher contex key based on the raw password. + * + * If the raw key data is formated as x'hex' and there are exactly enough hex chars to fill + * the key (i.e 64 hex chars for a 256 bit key) then the key data will be used directly. + + * Else, if the raw key data is formated as x'hex' and there are exactly enough hex chars to fill + * the key and the salt (i.e 92 hex chars for a 256 bit key and 16 byte salt) then it will be unpacked + * as the key followed by the salt. + * + * Otherwise, a key data will be derived using PBKDF2 + * + * returns SQLITE_OK if initialization was successful + * returns SQLITE_ERROR if the key could't be derived (for instance if pass is NULL or pass_sz is 0) + */ +static int sqlcipher_cipher_ctx_key_derive(codec_ctx *ctx, cipher_ctx *c_ctx) { + int rc; + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_key_derive: ctx->kdf_salt_sz=%d ctx->kdf_iter=%d ctx->fast_kdf_iter=%d ctx->key_sz=%d", + ctx->kdf_salt_sz, ctx->kdf_iter, ctx->fast_kdf_iter, ctx->key_sz); + + if(c_ctx->pass && c_ctx->pass_sz) { /* if key material is present on the context for derivation */ + + /* if necessary, initialize the salt from the header or random source */ + if(!SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_HAS_KDF_SALT)) { + if((rc = sqlcipher_codec_ctx_init_kdf_salt(ctx)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_key_derive: error %d from sqlcipher_codec_ctx_init_kdf_salt", rc); + return rc; + } + } + + if (c_ctx->pass_sz == ((ctx->key_sz * 2) + 3) && sqlite3StrNICmp((const char *)c_ctx->pass ,"x'", 2) == 0 && cipher_isHex(c_ctx->pass + 2, ctx->key_sz * 2)) { + int n = c_ctx->pass_sz - 3; /* adjust for leading x' and tailing ' */ + const unsigned char *z = c_ctx->pass + 2; /* adjust lead offset of x' */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_key_derive: using raw key from hex"); + cipher_hex2bin(z, n, c_ctx->key); + } else if (c_ctx->pass_sz == (((ctx->key_sz + ctx->kdf_salt_sz) * 2) + 3) && sqlite3StrNICmp((const char *)c_ctx->pass ,"x'", 2) == 0 && cipher_isHex(c_ctx->pass + 2, (ctx->key_sz + ctx->kdf_salt_sz) * 2)) { + const unsigned char *z = c_ctx->pass + 2; /* adjust lead offset of x' */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_key_derive: using raw key from hex"); + cipher_hex2bin(z, (ctx->key_sz * 2), c_ctx->key); + cipher_hex2bin(z + (ctx->key_sz * 2), (ctx->kdf_salt_sz * 2), ctx->kdf_salt); + } else { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_key_derive: deriving key using full PBKDF2 with %d iterations", ctx->kdf_iter); + if(ctx->provider->kdf(ctx->provider_ctx, ctx->kdf_algorithm, c_ctx->pass, c_ctx->pass_sz, + ctx->kdf_salt, ctx->kdf_salt_sz, ctx->kdf_iter, + ctx->key_sz, c_ctx->key) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_key_derive: error occurred from provider kdf generating encryption key"); + return SQLITE_ERROR; + } + } + + /* set the context "keyspec" containing the hex-formatted key and salt to be used when attaching databases */ + if((rc = sqlcipher_cipher_ctx_set_keyspec(ctx, c_ctx, c_ctx->key)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_key_derive: error %d from sqlcipher_cipher_ctx_set_keyspec", rc); + return rc; + } + + /* if this context is setup to use hmac checks, generate a seperate and different + key for HMAC. In this case, we use the output of the previous KDF as the input to + this KDF run. This ensures a distinct but predictable HMAC key. */ + if(ctx->flags & CIPHER_FLAG_HMAC) { + int i; + + /* start by copying the kdf key into the hmac salt slot + then XOR it with the fixed hmac salt defined at compile time + this ensures that the salt passed in to derive the hmac key, while + easy to derive and publically known, is not the same as the salt used + to generate the encryption key */ + memcpy(ctx->hmac_kdf_salt, ctx->kdf_salt, ctx->kdf_salt_sz); + for(i = 0; i < ctx->kdf_salt_sz; i++) { + ctx->hmac_kdf_salt[i] ^= hmac_salt_mask; + } + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "cipher_ctx_key_derive: deriving hmac key from encryption key using PBKDF2 with %d iterations", + ctx->fast_kdf_iter); + + + if(ctx->provider->kdf(ctx->provider_ctx, ctx->kdf_algorithm, c_ctx->key, ctx->key_sz, + ctx->hmac_kdf_salt, ctx->kdf_salt_sz, ctx->fast_kdf_iter, + ctx->key_sz, c_ctx->hmac_key) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_key_derive: error occurred from provider kdf generating HMAC key"); + return SQLITE_ERROR; + } + } + + c_ctx->derive_key = 0; + return SQLITE_OK; + } + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_cipher_ctx_key_derive: key material is not present on the context for key derivation"); + return SQLITE_ERROR; +} + +static int sqlcipher_codec_key_derive(codec_ctx *ctx) { + /* derive key on first use if necessary */ + if(ctx->read_ctx->derive_key) { + if(sqlcipher_cipher_ctx_key_derive(ctx, ctx->read_ctx) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_key_derive: error occurred deriving read_ctx key"); + return SQLITE_ERROR; + } + } + + if(ctx->write_ctx->derive_key) { + if(sqlcipher_cipher_ctx_cmp(ctx->write_ctx, ctx->read_ctx) == 0) { + /* the relevant parameters are the same, just copy read key */ + if(sqlcipher_cipher_ctx_copy(ctx, ctx->write_ctx, ctx->read_ctx) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_key_derive: error occurred copying read_ctx to write_ctx"); + return SQLITE_ERROR; + } + } else { + if(sqlcipher_cipher_ctx_key_derive(ctx, ctx->write_ctx) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_key_derive: error occurred deriving write_ctx key"); + return SQLITE_ERROR; + } + } + } + + /* wipe and free passphrase after key derivation */ + if(ctx->store_pass != 1) { + sqlcipher_cipher_ctx_set_pass(ctx->read_ctx, NULL, 0); + sqlcipher_cipher_ctx_set_pass(ctx->write_ctx, NULL, 0); + } + + return SQLITE_OK; +} + +static int sqlcipher_codec_key_copy(codec_ctx *ctx, int source) { + if(source == CIPHER_READ_CTX) { + return sqlcipher_cipher_ctx_copy(ctx, ctx->write_ctx, ctx->read_ctx); + } else { + return sqlcipher_cipher_ctx_copy(ctx, ctx->read_ctx, ctx->write_ctx); + } +} + +static int sqlcipher_check_connection(const char *filename, char *key, int key_sz, char *sql, int *user_version, char** journal_mode) { + int rc; + sqlite3 *db = NULL; + sqlite3_stmt *statement = NULL; + char *query_journal_mode = "PRAGMA journal_mode;"; + char *query_user_version = "PRAGMA user_version;"; + + rc = sqlite3_open(filename, &db); + if(rc != SQLITE_OK) goto cleanup; + + rc = sqlite3_key(db, key, key_sz); + if(rc != SQLITE_OK) goto cleanup; + + rc = sqlite3_exec(db, sql, NULL, NULL, NULL); + if(rc != SQLITE_OK) goto cleanup; + + /* start by querying the user version. + this will fail if the key is incorrect */ + rc = sqlite3_prepare(db, query_user_version, -1, &statement, NULL); + if(rc != SQLITE_OK) goto cleanup; + + rc = sqlite3_step(statement); + if(rc == SQLITE_ROW) { + *user_version = sqlite3_column_int(statement, 0); + } else { + goto cleanup; + } + sqlite3_finalize(statement); + + rc = sqlite3_prepare(db, query_journal_mode, -1, &statement, NULL); + if(rc != SQLITE_OK) goto cleanup; + + rc = sqlite3_step(statement); + if(rc == SQLITE_ROW) { + *journal_mode = sqlite3_mprintf("%s", sqlite3_column_text(statement, 0)); + } else { + goto cleanup; + } + rc = SQLITE_OK; + /* cleanup will finalize open statement */ + +cleanup: + if(statement) sqlite3_finalize(statement); + if(db) sqlite3_close(db); + return rc; +} + +static int sqlcipher_codec_ctx_integrity_check(codec_ctx *ctx, Parse *pParse, char *column) { + Pgno page = 1; + int rc = 0; + char *result; + unsigned char *hmac_out = NULL; + sqlite3_file *fd = sqlite3PagerFile(ctx->pBt->pBt->pPager); + i64 file_sz; + + Vdbe *v = sqlite3GetVdbe(pParse); + sqlite3VdbeSetNumCols(v, 1); + sqlite3VdbeSetColName(v, 0, COLNAME_NAME, column, SQLITE_STATIC); + + if(fd == NULL || fd->pMethods == 0) { + sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, "database file is undefined", P4_TRANSIENT); + sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1); + goto cleanup; + } + + if(!(ctx->flags & CIPHER_FLAG_HMAC)) { + sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, "HMAC is not enabled, unable to integrity check", P4_TRANSIENT); + sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1); + goto cleanup; + } + + if((rc = sqlcipher_codec_key_derive(ctx)) != SQLITE_OK) { + sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, "unable to derive keys", P4_TRANSIENT); + sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1); + goto cleanup; + } + + sqlite3OsFileSize(fd, &file_sz); + hmac_out = sqlcipher_malloc(ctx->hmac_sz); + + for(page = 1; page <= file_sz / ctx->page_sz; page++) { + i64 offset = (page - 1) * ctx->page_sz; + int payload_sz = ctx->page_sz - ctx->reserve_sz + ctx->iv_sz; + int read_sz = ctx->page_sz; + + /* skip integrity check on PAGER_SJ_PGNO since it will have no valid content */ + if(sqlite3pager_is_sj_pgno(ctx->pBt->pBt->pPager, page)) continue; + + if(page==1) { + int page1_offset = ctx->plaintext_header_sz ? ctx->plaintext_header_sz : FILE_HEADER_SZ; + read_sz = read_sz - page1_offset; + payload_sz = payload_sz - page1_offset; + offset += page1_offset; + } + + sqlcipher_memset(ctx->buffer, 0, ctx->page_sz); + sqlcipher_memset(hmac_out, 0, ctx->hmac_sz); + if(sqlite3OsRead(fd, ctx->buffer, read_sz, offset) != SQLITE_OK) { + result = sqlite3_mprintf("error reading %d bytes from file page %d at offset %d", read_sz, page, offset); + sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, result, P4_DYNAMIC); + sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1); + } else if(sqlcipher_page_hmac(ctx, ctx->read_ctx, page, ctx->buffer, payload_sz, hmac_out) != SQLITE_OK) { + result = sqlite3_mprintf("HMAC operation failed for page %d", page); + sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, result, P4_DYNAMIC); + sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1); + } else if(sqlcipher_memcmp(ctx->buffer + payload_sz, hmac_out, ctx->hmac_sz) != 0) { + result = sqlite3_mprintf("HMAC verification failed for page %d", page); + sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, result, P4_DYNAMIC); + sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1); + } + } + + if(file_sz % ctx->page_sz != 0) { + result = sqlite3_mprintf("page %d has an invalid size of %lld bytes (expected %d bytes)", page, file_sz - ((file_sz / ctx->page_sz) * ctx->page_sz), ctx->page_sz); + sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, result, P4_DYNAMIC); + sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1); + } + +cleanup: + if(hmac_out != NULL) sqlcipher_free(hmac_out, ctx->hmac_sz); + return SQLITE_OK; +} + +static int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) { + int i, pass_sz, keyspec_sz, nRes, user_version, rc, oflags; + Db *pDb = 0; + sqlite3 *db = ctx->pBt->db; + const char *db_filename = sqlite3_db_filename(db, "main"); + char *set_user_version = NULL, *pass = NULL, *attach_command = NULL, *migrated_db_filename = NULL, *keyspec = NULL, *temp = NULL, *journal_mode = NULL, *set_journal_mode = NULL, *pragma_compat = NULL; + Btree *pDest = NULL, *pSrc = NULL; + sqlite3_file *srcfile, *destfile; +#if defined(_WIN32) || defined(SQLITE_OS_WINRT) + LPWSTR w_db_filename = NULL, w_migrated_db_filename = NULL; + int w_db_filename_sz = 0, w_migrated_db_filename_sz = 0; +#endif + pass_sz = keyspec_sz = rc = user_version = 0; + + if(!db_filename || sqlite3Strlen30(db_filename) < 1) + goto cleanup; /* exit immediately if this is an in memory database */ + + /* pull the provided password / key material off the current codec context */ + pass_sz = ctx->read_ctx->pass_sz; + pass = sqlcipher_malloc(pass_sz+1); + memset(pass, 0, pass_sz+1); + memcpy(pass, ctx->read_ctx->pass, pass_sz); + + /* Version 4 - current, no upgrade required, so exit immediately */ + rc = sqlcipher_check_connection(db_filename, pass, pass_sz, "", &user_version, &journal_mode); + if(rc == SQLITE_OK){ + sqlcipher_log(SQLCIPHER_LOG_INFO, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: no upgrade required - exiting"); + goto cleanup; + } + + for(i = 3; i > 0; i--) { + pragma_compat = sqlite3_mprintf("PRAGMA cipher_compatibility = %d;", i); + rc = sqlcipher_check_connection(db_filename, pass, pass_sz, pragma_compat, &user_version, &journal_mode); + if(rc == SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: version %d format found", i); + goto migrate; + } + if(pragma_compat) sqlcipher_free(pragma_compat, sqlite3Strlen30(pragma_compat)); + pragma_compat = NULL; + } + + /* if we exit the loop normally we failed to determine the version, this is an error */ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: unable to determine format version for upgrade: this may indicate custom settings were used "); + goto handle_error; + +migrate: + + temp = sqlite3_mprintf("%s-migrated", db_filename); + /* overallocate migrated_db_filename, because sqlite3OsOpen will read past the null terminator + * to determine whether the filename was URI formatted */ + migrated_db_filename = sqlcipher_malloc(sqlite3Strlen30(temp)+2); + memcpy(migrated_db_filename, temp, sqlite3Strlen30(temp)); + sqlcipher_free(temp, sqlite3Strlen30(temp)); + + attach_command = sqlite3_mprintf("ATTACH DATABASE '%s' as migrate;", migrated_db_filename, pass); + set_user_version = sqlite3_mprintf("PRAGMA migrate.user_version = %d;", user_version); + + rc = sqlite3_exec(db, pragma_compat, NULL, NULL, NULL); + if(rc != SQLITE_OK){ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: set compatibility mode failed, error code %d", rc); + goto handle_error; + } + + /* force journal mode to DELETE, we will set it back later if different */ + rc = sqlite3_exec(db, "PRAGMA journal_mode = delete;", NULL, NULL, NULL); + if(rc != SQLITE_OK){ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: force journal mode DELETE failed, error code %d", rc); + goto handle_error; + } + + rc = sqlite3_exec(db, attach_command, NULL, NULL, NULL); + if(rc != SQLITE_OK){ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: attach failed, error code %d", rc); + goto handle_error; + } + + rc = sqlite3_key_v2(db, "migrate", pass, pass_sz); + if(rc != SQLITE_OK){ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: keying attached database failed, error code %d", rc); + goto handle_error; + } + + rc = sqlite3_exec(db, "SELECT sqlcipher_export('migrate');", NULL, NULL, NULL); + if(rc != SQLITE_OK){ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: sqlcipher_export failed, error code %d", rc); + goto handle_error; + } + +#ifdef SQLCIPHER_TEST + if((cipher_test_flags & TEST_FAIL_MIGRATE) > 0) { + rc = SQLITE_ERROR; + sqlcipher_log(SQLCIPHER_LOG_WARN, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: simulated migrate failure, error code %d", rc); + goto handle_error; + } +#endif + + rc = sqlite3_exec(db, set_user_version, NULL, NULL, NULL); + if(rc != SQLITE_OK){ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: set user version failed, error code %d", rc); + goto handle_error; + } + + if( !db->autoCommit ){ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: cannot migrate from within a transaction"); + goto handle_error; + } + if( db->nVdbeActive>1 ){ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: cannot migrate - SQL statements in progress"); + goto handle_error; + } + + pDest = db->aDb[0].pBt; + pDb = &(db->aDb[db->nDb-1]); + pSrc = pDb->pBt; + + nRes = sqlite3BtreeGetRequestedReserve(pSrc); + /* unset the BTS_PAGESIZE_FIXED flag to avoid SQLITE_READONLY */ + pDest->pBt->btsFlags &= ~BTS_PAGESIZE_FIXED; + rc = sqlite3BtreeSetPageSize(pDest, default_page_size, nRes, 0); + if(rc != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: failed to set btree page size to %d res %d rc %d", default_page_size, nRes, rc); + goto handle_error; + } + + sqlcipherCodecGetKey(db, db->nDb - 1, (void**)&keyspec, &keyspec_sz); + SQLCIPHER_FLAG_UNSET(ctx->flags, CIPHER_FLAG_KEY_USED); + sqlcipherCodecAttach(db, 0, keyspec, keyspec_sz); + + srcfile = sqlite3PagerFile(pSrc->pBt->pPager); + destfile = sqlite3PagerFile(pDest->pBt->pPager); + + sqlite3OsClose(srcfile); + sqlite3OsClose(destfile); + +#if defined(_WIN32) || defined(SQLITE_OS_WINRT) + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: performing windows MoveFileExA"); + + w_db_filename_sz = MultiByteToWideChar(CP_UTF8, 0, (LPCCH) db_filename, -1, NULL, 0); + w_db_filename = sqlcipher_malloc(w_db_filename_sz * sizeof(wchar_t)); + w_db_filename_sz = MultiByteToWideChar(CP_UTF8, 0, (LPCCH) db_filename, -1, (const LPWSTR) w_db_filename, w_db_filename_sz); + + w_migrated_db_filename_sz = MultiByteToWideChar(CP_UTF8, 0, (LPCCH) migrated_db_filename, -1, NULL, 0); + w_migrated_db_filename = sqlcipher_malloc(w_migrated_db_filename_sz * sizeof(wchar_t)); + w_migrated_db_filename_sz = MultiByteToWideChar(CP_UTF8, 0, (LPCCH) migrated_db_filename, -1, (const LPWSTR) w_migrated_db_filename, w_migrated_db_filename_sz); + + if(!MoveFileExW(w_migrated_db_filename, w_db_filename, MOVEFILE_REPLACE_EXISTING)) { + rc = SQLITE_ERROR; + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: error occurred while renaming migration files %d", rc); + goto handle_error; + } +#else + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: performing POSIX rename"); + if ((rc = rename(migrated_db_filename, db_filename)) != 0) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: error occurred while renaming migration files %s to %s: %d", migrated_db_filename, db_filename, rc); + goto handle_error; + } +#endif + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: renamed migration database %s to main database %s: %d", migrated_db_filename, db_filename, rc); + + rc = sqlite3OsOpen(db->pVfs, migrated_db_filename, srcfile, SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE|SQLITE_OPEN_MAIN_DB, &oflags); + if(rc != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: failed to reopen migration database %s: %d", migrated_db_filename, rc); + goto handle_error; + } + + rc = sqlite3OsOpen(db->pVfs, db_filename, destfile, SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE|SQLITE_OPEN_MAIN_DB, &oflags); + if(rc != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: failed to reopen main database %s: %d", db_filename, rc); + goto handle_error; + } + + sqlite3pager_reset(pDest->pBt->pPager); + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: reset pager"); + + rc = sqlite3_exec(db, "DETACH DATABASE migrate;", NULL, NULL, NULL); + if(rc != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_WARN, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: DETACH DATABASE migrate failed: %d", rc); + } + + sqlite3ResetAllSchemasOfConnection(db); + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: reset all schemas"); + + set_journal_mode = sqlite3_mprintf("PRAGMA journal_mode = %s;", journal_mode); + rc = sqlite3_exec(db, set_journal_mode, NULL, NULL, NULL); + if(rc != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: failed to re-set journal mode via %s: %d", set_journal_mode, rc); + goto handle_error; + } + + goto cleanup; + +handle_error: + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: an error occurred attempting to migrate the database - last error %d", rc); + +cleanup: + if(migrated_db_filename) { + int del_rc = sqlite3OsDelete(db->pVfs, migrated_db_filename, 0); + if(del_rc != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_ctx_migrate: failed to delete migration database %s: %d", migrated_db_filename, del_rc); + } + } + + if(pass) sqlcipher_free(pass, pass_sz); + if(attach_command) sqlcipher_free(attach_command, sqlite3Strlen30(attach_command)); + if(migrated_db_filename) sqlcipher_free(migrated_db_filename, sqlite3Strlen30(migrated_db_filename)); + if(set_user_version) sqlcipher_free(set_user_version, sqlite3Strlen30(set_user_version)); + if(set_journal_mode) sqlcipher_free(set_journal_mode, sqlite3Strlen30(set_journal_mode)); + if(journal_mode) sqlcipher_free(journal_mode, sqlite3Strlen30(journal_mode)); + if(pragma_compat) sqlcipher_free(pragma_compat, sqlite3Strlen30(pragma_compat)); +#if defined(_WIN32) || defined(SQLITE_OS_WINRT) + if(w_db_filename) sqlcipher_free(w_db_filename, w_db_filename_sz); + if(w_migrated_db_filename) sqlcipher_free(w_migrated_db_filename, w_migrated_db_filename_sz); +#endif + return rc; +} + +static int sqlcipher_codec_add_random(codec_ctx *ctx, const char *zRight, int random_sz){ + const char *suffix = &zRight[random_sz-1]; + int n = random_sz - 3; /* adjust for leading x' and tailing ' */ + if (n > 0 && + sqlite3StrNICmp((const char *)zRight ,"x'", 2) == 0 && + sqlite3StrNICmp(suffix, "'", 1) == 0 && + n % 2 == 0) { + int rc = 0; + int buffer_sz = n / 2; + unsigned char *random; + const unsigned char *z = (const unsigned char *)zRight + 2; /* adjust lead offset of x' */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_add_random: using raw random blob from hex"); + random = sqlcipher_malloc(buffer_sz); + memset(random, 0, buffer_sz); + cipher_hex2bin(z, n, random); + rc = ctx->provider->add_random(ctx->provider_ctx, random, buffer_sz); + sqlcipher_free(random, buffer_sz); + return rc; + } + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_add_random: attemt to add random with invalid format"); + return SQLITE_ERROR; +} + +#if !defined(SQLITE_OMIT_TRACE) + +#define SQLCIPHER_PROFILE_FMT "Elapsed time:%.3f ms - %s\n" +#define SQLCIPHER_PROFILE_FMT_OSLOG "Elapsed time:%{public}.3f ms - %{public}s\n" + +static int sqlcipher_profile_callback(unsigned int trace, void *file, void *stmt, void *run_time){ + FILE *f = (FILE*) file; + double elapsed = (*((sqlite3_uint64*)run_time))/1000000.0; + if(f == NULL) { +#if !defined(SQLCIPHER_OMIT_LOG_DEVICE) +#if defined(__ANDROID__) + __android_log_print(ANDROID_LOG_DEBUG, "sqlcipher", SQLCIPHER_PROFILE_FMT, elapsed, sqlite3_sql((sqlite3_stmt*)stmt)); +#elif defined(__APPLE__) + os_log(OS_LOG_DEFAULT, SQLCIPHER_PROFILE_FMT_OSLOG, elapsed, sqlite3_sql((sqlite3_stmt*)stmt)); +#endif +#endif + } else { + fprintf(f, SQLCIPHER_PROFILE_FMT, elapsed, sqlite3_sql((sqlite3_stmt*)stmt)); + } + return SQLITE_OK; +} +#endif + +static int sqlcipher_cipher_profile(sqlite3 *db, const char *destination){ +#if defined(SQLITE_OMIT_TRACE) + return SQLITE_ERROR; +#else + FILE *f = NULL; + if(sqlite3_stricmp(destination, "off") == 0){ + sqlite3_trace_v2(db, 0, NULL, NULL); /* disable tracing */ + } else { + if(sqlite3_stricmp(destination, "stdout") == 0){ + f = stdout; + }else if(sqlite3_stricmp(destination, "stderr") == 0){ + f = stderr; + }else if(sqlite3_stricmp(destination, "logcat") == 0 || sqlite3_stricmp(destination, "device") == 0){ + f = NULL; /* file pointer will be NULL indicating the device target (i.e. logcat or oslog). We will accept logcat for backwards compatibility */ + }else{ +#if !defined(SQLCIPHER_PROFILE_USE_FOPEN) && (defined(_WIN32) && (__STDC_VERSION__ > 199901L) || defined(SQLITE_OS_WINRT)) + if(fopen_s(&f, destination, "a") != 0) return SQLITE_ERROR; +#else + if((f = fopen(destination, "a")) == 0) return SQLITE_ERROR; +#endif + } + sqlite3_trace_v2(db, SQLITE_TRACE_PROFILE, sqlcipher_profile_callback, f); + } + return SQLITE_OK; +#endif +} + +static char *sqlcipher_get_log_level_str(unsigned int level) { + switch(level) { + case SQLCIPHER_LOG_ERROR: + return "ERROR"; + case SQLCIPHER_LOG_WARN: + return "WARN"; + case SQLCIPHER_LOG_INFO: + return "INFO"; + case SQLCIPHER_LOG_DEBUG: + return "DEBUG"; + case SQLCIPHER_LOG_TRACE: + return "TRACE"; + case SQLCIPHER_LOG_ANY: + return "ANY"; + } + return "NONE"; +} + +static char *sqlcipher_get_log_source_str(unsigned int source) { + switch(source) { + case SQLCIPHER_LOG_NONE: + return "NONE"; + case SQLCIPHER_LOG_CORE: + return "CORE"; + case SQLCIPHER_LOG_MEMORY: + return "MEMORY"; + case SQLCIPHER_LOG_MUTEX: + return "MUTEX"; + case SQLCIPHER_LOG_PROVIDER: + return "PROVIDER"; + } + return "ANY"; +} + +static char *sqlcipher_get_log_sources_str(unsigned int source) { + if(source == SQLCIPHER_LOG_NONE) { + return sqlite3_mprintf("%s", "NONE"); + } else if (source == SQLCIPHER_LOG_ANY) { + return sqlite3_mprintf("%s", "ANY"); + } else { + char *sources = NULL; + unsigned int flag; + for(flag = SQLCIPHER_LOG_CORE; flag != 0; flag = flag << 1) { + if(SQLCIPHER_FLAG_GET(source, flag)) { + char *src = sqlcipher_get_log_source_str(flag); + if(sources) { + char *tmp = sqlite3_mprintf("%s %s", sources, src); + sqlite3_free(sources); + sources = tmp; + } else { + sources = sqlite3_mprintf("%s", src); + } + } + } + return sources; + } +} + +#ifndef SQLCIPHER_OMIT_LOG +/* constants from https://github.com/Alexpux/mingw-w64/blob/master/mingw-w64-crt/misc/gettimeofday.c */ +#define FILETIME_1970 116444736000000000ull /* seconds between 1/1/1601 and 1/1/1970 */ +#define HECTONANOSEC_PER_SEC 10000000ull +#define MAX_LOG_LEN 8192 +void sqlcipher_log(unsigned int level, unsigned int source, const char *message, ...) { + va_list params; + va_start(params, message); + char formatted[MAX_LOG_LEN]; + size_t len = 0; + +#ifdef CODEC_DEBUG +#if defined(SQLCIPHER_OMIT_LOG_DEVICE) || (!defined(__ANDROID__) && !defined(__APPLE__)) + vfprintf(stderr, message, params); + fprintf(stderr, "\n"); + goto end; +#else +#if defined(__ANDROID__) + __android_log_vprint(ANDROID_LOG_DEBUG, "sqlcipher", message, params); + goto end; +#elif defined(__APPLE__) + sqlite3_vsnprintf(MAX_LOG_LEN, formatted, message, params); + os_log(OS_LOG_DEFAULT, "%{public}s", formatted); + goto end; +#endif +#endif +#endif + if( + level > sqlcipher_log_level /* log level is higher, e.g. level filter is at ERROR but this message is DEBUG */ + || !SQLCIPHER_FLAG_GET(sqlcipher_log_source, source) /* source filter doesn't match this message source */ + || (sqlcipher_log_device == 0 && sqlcipher_log_file == NULL) /* no configured log target */ + ) { + /* skip logging this message */ + goto end; + } + + sqlite3_snprintf(MAX_LOG_LEN, formatted, "%s %s ", sqlcipher_get_log_level_str(level), sqlcipher_get_log_source_str(source)); + len = strlen(formatted); + sqlite3_vsnprintf(MAX_LOG_LEN - (int) len, formatted + (int) len, message, params); + +#if !defined(SQLCIPHER_OMIT_LOG_DEVICE) + if(sqlcipher_log_device) { +#if defined(__ANDROID__) + __android_log_write(ANDROID_LOG_DEBUG, "sqlcipher", formatted); + goto end; +#elif defined(__APPLE__) + os_log(OS_LOG_DEFAULT, "%{public}s", formatted); + goto end; +#endif + } +#endif + + if(sqlcipher_log_file != NULL){ + char buffer[24]; + struct tm tt; + int ms; + time_t sec; +#ifdef _WIN32 + SYSTEMTIME st; + FILETIME ft; + GetSystemTime(&st); + SystemTimeToFileTime(&st, &ft); + sec = (time_t) ((*((sqlite_int64*)&ft) - FILETIME_1970) / HECTONANOSEC_PER_SEC); + ms = st.wMilliseconds; + localtime_s(&tt, &sec); +#else + struct timeval tv; + gettimeofday(&tv, NULL); + sec = tv.tv_sec; + ms = tv.tv_usec/1000.0; + localtime_r(&sec, &tt); +#endif + if(strftime(buffer, sizeof(buffer), "%Y-%m-%d %H:%M:%S", &tt)) { + fprintf((FILE*)sqlcipher_log_file, "%s.%03d: %s\n", buffer, ms, formatted); + goto end; + } + } + +end: + va_end(params); +} +#endif + +static int sqlcipher_set_log(const char *destination){ +#ifdef SQLCIPHER_OMIT_LOG + return SQLITE_ERROR; +#else + /* close open trace file if it is not stdout or stderr, then + reset trace settings */ + if(sqlcipher_log_file != NULL && sqlcipher_log_file != stdout && sqlcipher_log_file != stderr) { + fclose((FILE*)sqlcipher_log_file); + } + sqlcipher_log_file = NULL; + sqlcipher_log_device = 0; + + if(sqlite3_stricmp(destination, "logcat") == 0 || sqlite3_stricmp(destination, "device") == 0){ + /* use the appropriate device log. accept logcat for backwards compatibility */ + sqlcipher_log_device = 1; + } else if(sqlite3_stricmp(destination, "stdout") == 0){ + sqlcipher_log_file = stdout; + }else if(sqlite3_stricmp(destination, "stderr") == 0){ + sqlcipher_log_file = stderr; + }else if(sqlite3_stricmp(destination, "off") != 0){ +#if !defined(SQLCIPHER_PROFILE_USE_FOPEN) && (defined(_WIN32) && (__STDC_VERSION__ > 199901L) || defined(SQLITE_OS_WINRT)) + if(fopen_s(&sqlcipher_log_file, destination, "a") != 0) return SQLITE_ERROR; +#else + if((sqlcipher_log_file = fopen(destination, "a")) == 0) return SQLITE_ERROR; +#endif + } + sqlcipher_log(SQLCIPHER_LOG_INFO, SQLCIPHER_LOG_CORE, "sqlcipher_set_log: set log to %s", destination); + return SQLITE_OK; +#endif +} + +static void sqlcipher_vdbe_return_string(Parse *pParse, const char *zLabel, const char *value, int value_type){ + Vdbe *v = sqlite3GetVdbe(pParse); + sqlite3VdbeSetNumCols(v, 1); + sqlite3VdbeSetColName(v, 0, COLNAME_NAME, zLabel, SQLITE_STATIC); + sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, value, value_type); + sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1); +} + +static int codec_set_btree_to_codec_pagesize(sqlite3 *db, Db *pDb, codec_ctx *ctx) { + int rc; + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "codec_set_btree_to_codec_pagesize: sqlite3BtreeSetPageSize() size=%d reserve=%d", ctx->page_sz, ctx->reserve_sz); + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "codec_set_btree_to_codec_pagesize: entering database mutex %p", db->mutex); + sqlite3_mutex_enter(db->mutex); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "codec_set_btree_to_codec_pagesize: entered database mutex %p", db->mutex); + db->nextPagesize = ctx->page_sz; + + /* before forcing the page size we need to unset the BTS_PAGESIZE_FIXED flag, else + sqliteBtreeSetPageSize will block the change */ + pDb->pBt->pBt->btsFlags &= ~BTS_PAGESIZE_FIXED; + rc = sqlite3BtreeSetPageSize(pDb->pBt, ctx->page_sz, ctx->reserve_sz, 0); + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "codec_set_btree_to_codec_pagesize: sqlite3BtreeSetPageSize returned %d", rc); + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "codec_set_btree_to_codec_pagesize: leaving database mutex %p", db->mutex); + sqlite3_mutex_leave(db->mutex); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "codec_set_btree_to_codec_pagesize: left database mutex %p", db->mutex); + + return rc; +} + +static int codec_set_pass_key(sqlite3* db, int nDb, const void *zKey, int nKey, int for_ctx) { + struct Db *pDb = &db->aDb[nDb]; + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "codec_set_pass_key: db=%p nDb=%d for_ctx=%d", db, nDb, for_ctx); + if(pDb->pBt) { + codec_ctx *ctx = (codec_ctx*) sqlcipherPagerGetCodec(pDb->pBt->pBt->pPager); + + if(ctx) { + return sqlcipher_codec_ctx_set_pass(ctx, zKey, nKey, for_ctx); + } else { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "codec_set_pass_key: error ocurred fetching codec from pager on db %d", nDb); + return SQLITE_ERROR; + } + } + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "codec_set_pass_key: no btree present on db %d", nDb); + return SQLITE_ERROR; +} + +int sqlcipher_codec_pragma(sqlite3* db, int iDb, Parse *pParse, const char *zLeft, const char *zRight) { + struct Db *pDb = &db->aDb[iDb]; + codec_ctx *ctx = NULL; + int rc; + + if(pDb->pBt) { + ctx = (codec_ctx*) sqlcipherPagerGetCodec(pDb->pBt->pBt->pPager); + } + + if(sqlite3_stricmp(zLeft, "key") !=0 && sqlite3_stricmp(zLeft, "rekey") != 0) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_codec_pragma: db=%p iDb=%d pParse=%p zLeft=%s zRight=%s ctx=%p", db, iDb, pParse, zLeft, zRight, ctx); + } + +#ifdef SQLCIPHER_TEST + if( sqlite3_stricmp(zLeft,"cipher_test_on")==0 ){ + if( zRight ) { + if(sqlite3_stricmp(zRight, "fail_encrypt")==0) { + SQLCIPHER_FLAG_SET(cipher_test_flags,TEST_FAIL_ENCRYPT); + } else + if(sqlite3_stricmp(zRight, "fail_decrypt")==0) { + SQLCIPHER_FLAG_SET(cipher_test_flags,TEST_FAIL_DECRYPT); + } else + if(sqlite3_stricmp(zRight, "fail_migrate")==0) { + SQLCIPHER_FLAG_SET(cipher_test_flags,TEST_FAIL_MIGRATE); + } + } + } else + if( sqlite3_stricmp(zLeft,"cipher_test_off")==0 ){ + if( zRight ) { + if(sqlite3_stricmp(zRight, "fail_encrypt")==0) { + SQLCIPHER_FLAG_UNSET(cipher_test_flags,TEST_FAIL_ENCRYPT); + } else + if(sqlite3_stricmp(zRight, "fail_decrypt")==0) { + SQLCIPHER_FLAG_UNSET(cipher_test_flags,TEST_FAIL_DECRYPT); + } else + if(sqlite3_stricmp(zRight, "fail_migrate")==0) { + SQLCIPHER_FLAG_UNSET(cipher_test_flags,TEST_FAIL_MIGRATE); + } + } + } else + if( sqlite3_stricmp(zLeft,"cipher_test")==0 ){ + char *flags = sqlite3_mprintf("%u", cipher_test_flags); + sqlcipher_vdbe_return_string(pParse, "cipher_test", flags, P4_DYNAMIC); + }else + if( sqlite3_stricmp(zLeft,"cipher_test_rand")==0 ){ + if( zRight ) { + int rand = atoi(zRight); + cipher_test_rand = rand; + } else { + char *rand = sqlite3_mprintf("%d", cipher_test_rand); + sqlcipher_vdbe_return_string(pParse, "cipher_test_rand", rand, P4_DYNAMIC); + } + } else +#endif + if( sqlite3_stricmp(zLeft, "cipher_fips_status")== 0 && !zRight ){ + if(ctx) { + char *fips_mode_status = sqlite3_mprintf("%d", ctx->provider->fips_status(ctx->provider_ctx)); + sqlcipher_vdbe_return_string(pParse, "cipher_fips_status", fips_mode_status, P4_DYNAMIC); + } + } else + if( sqlite3_stricmp(zLeft, "cipher_store_pass")==0 && zRight ) { + if(ctx) { + char *deprecation = "PRAGMA cipher_store_pass is deprecated, please remove from use"; + ctx->store_pass = sqlite3GetBoolean(zRight, 1); + sqlcipher_vdbe_return_string(pParse, "cipher_store_pass", deprecation, P4_TRANSIENT); + sqlite3_log(SQLITE_WARNING, deprecation); + } + } else + if( sqlite3_stricmp(zLeft, "cipher_store_pass")==0 && !zRight ) { + if(ctx){ + char *store_pass_value = sqlite3_mprintf("%d", ctx->store_pass); + sqlcipher_vdbe_return_string(pParse, "cipher_store_pass", store_pass_value, P4_DYNAMIC); + } + } + if( sqlite3_stricmp(zLeft, "cipher_profile")== 0 && zRight ){ + char *profile_status = sqlite3_mprintf("%d", sqlcipher_cipher_profile(db, zRight)); + sqlcipher_vdbe_return_string(pParse, "cipher_profile", profile_status, P4_DYNAMIC); + } else + if( sqlite3_stricmp(zLeft, "cipher_add_random")==0 && zRight ){ + if(ctx) { + char *add_random_status = sqlite3_mprintf("%d", sqlcipher_codec_add_random(ctx, zRight, sqlite3Strlen30(zRight))); + sqlcipher_vdbe_return_string(pParse, "cipher_add_random", add_random_status, P4_DYNAMIC); + } + } else + if( sqlite3_stricmp(zLeft, "cipher_migrate")==0 && !zRight ){ + if(ctx){ + int status = sqlcipher_codec_ctx_migrate(ctx); + char *migrate_status = sqlite3_mprintf("%d", status); + sqlcipher_vdbe_return_string(pParse, "cipher_migrate", migrate_status, P4_DYNAMIC); + if(status != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipher_codec_pragma: error occurred during cipher_migrate: %d", status); + sqlcipher_codec_ctx_set_error(ctx, status); + } + } + } else + if( sqlite3_stricmp(zLeft, "cipher_provider")==0 && !zRight ){ + if(ctx) { + sqlcipher_vdbe_return_string(pParse, "cipher_provider", + ctx->provider->get_provider_name(ctx->provider_ctx), P4_TRANSIENT); + } + } else + if( sqlite3_stricmp(zLeft, "cipher_provider_version")==0 && !zRight){ + if(ctx) { + sqlcipher_vdbe_return_string(pParse, "cipher_provider_version", + ctx->provider->get_provider_version(ctx->provider_ctx), P4_TRANSIENT); + } + } else + if( sqlite3_stricmp(zLeft, "cipher_version")==0 && !zRight ){ + sqlcipher_vdbe_return_string(pParse, "cipher_version", sqlcipher_version(), P4_DYNAMIC); + }else + if( sqlite3_stricmp(zLeft, "cipher")==0 ){ + if(ctx) { + if( zRight ) { + const char* message = "PRAGMA cipher is no longer supported."; + sqlcipher_vdbe_return_string(pParse, "cipher", message, P4_TRANSIENT); + sqlite3_log(SQLITE_WARNING, message); + }else { + sqlcipher_vdbe_return_string(pParse, "cipher", + ctx->provider->get_cipher(ctx->provider_ctx), P4_TRANSIENT); + } + } + }else + if( sqlite3_stricmp(zLeft, "rekey_cipher")==0 && zRight ){ + const char* message = "PRAGMA rekey_cipher is no longer supported."; + sqlcipher_vdbe_return_string(pParse, "rekey_cipher", message, P4_TRANSIENT); + sqlite3_log(SQLITE_WARNING, message); + }else + if( sqlite3_stricmp(zLeft,"cipher_default_kdf_iter")==0 ){ + if( zRight ) { + default_kdf_iter = atoi(zRight); /* change default KDF iterations */ + } else { + char *kdf_iter = sqlite3_mprintf("%d", default_kdf_iter); + sqlcipher_vdbe_return_string(pParse, "cipher_default_kdf_iter", kdf_iter, P4_DYNAMIC); + } + }else + if( sqlite3_stricmp(zLeft, "kdf_iter")==0 ){ + if(ctx) { + if( zRight ) { + sqlcipher_codec_ctx_set_kdf_iter(ctx, atoi(zRight)); /* change of RW PBKDF2 iteration */ + } else { + char *kdf_iter = sqlite3_mprintf("%d", ctx->kdf_iter); + sqlcipher_vdbe_return_string(pParse, "kdf_iter", kdf_iter, P4_DYNAMIC); + } + } + }else + if( sqlite3_stricmp(zLeft, "fast_kdf_iter")==0){ + if(ctx) { + if( zRight ) { + char *deprecation = "PRAGMA fast_kdf_iter is deprecated, please remove from use"; + sqlcipher_codec_ctx_set_fast_kdf_iter(ctx, atoi(zRight)); /* change of RW PBKDF2 iteration */ + sqlcipher_vdbe_return_string(pParse, "fast_kdf_iter", deprecation, P4_TRANSIENT); + sqlite3_log(SQLITE_WARNING, deprecation); + } else { + char *fast_kdf_iter = sqlite3_mprintf("%d", ctx->fast_kdf_iter); + sqlcipher_vdbe_return_string(pParse, "fast_kdf_iter", fast_kdf_iter, P4_DYNAMIC); + } + } + }else + if( sqlite3_stricmp(zLeft, "rekey_kdf_iter")==0 && zRight ){ + const char* message = "PRAGMA rekey_kdf_iter is no longer supported."; + sqlcipher_vdbe_return_string(pParse, "rekey_kdf_iter", message, P4_TRANSIENT); + sqlite3_log(SQLITE_WARNING, message); + }else + if( sqlite3_stricmp(zLeft,"page_size")==0 || sqlite3_stricmp(zLeft,"cipher_page_size")==0 ){ + /* PRAGMA cipher_page_size will alter the size of the database pages while ensuring that the + required reserve space is allocated at the end of each page. This will also override the + standard SQLite PRAGMA page_size behavior if a codec context is attached to the database handle. + If PRAGMA page_size is invoked but a codec context is not attached (i.e. dealing with a standard + unencrypted database) then return early and allow the standard PRAGMA page_size logic to apply. */ + if(ctx) { + if( zRight ) { + int size = atoi(zRight); + rc = sqlcipher_codec_ctx_set_pagesize(ctx, size); + if(rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, rc); + rc = codec_set_btree_to_codec_pagesize(db, pDb, ctx); + if(rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, rc); + } else { + char * page_size = sqlite3_mprintf("%d", ctx->page_sz); + sqlcipher_vdbe_return_string(pParse, "cipher_page_size", page_size, P4_DYNAMIC); + } + } else { + return 0; /* return early so that the PragTyp_PAGE_SIZE case logic in pragma.c will take effect */ + } + }else + if( sqlite3_stricmp(zLeft,"cipher_default_page_size")==0 ){ + if( zRight ) { + default_page_size = atoi(zRight); + } else { + char *page_size = sqlite3_mprintf("%d", default_page_size); + sqlcipher_vdbe_return_string(pParse, "cipher_default_page_size", page_size, P4_DYNAMIC); + } + }else + if( sqlite3_stricmp(zLeft,"cipher_default_use_hmac")==0 ){ + if( zRight ) { + sqlcipher_set_default_use_hmac(sqlite3GetBoolean(zRight,1)); + } else { + char *default_use_hmac = sqlite3_mprintf("%d", SQLCIPHER_FLAG_GET(default_flags, CIPHER_FLAG_HMAC)); + sqlcipher_vdbe_return_string(pParse, "cipher_default_use_hmac", default_use_hmac, P4_DYNAMIC); + } + }else + if( sqlite3_stricmp(zLeft,"cipher_use_hmac")==0 ){ + if(ctx) { + if( zRight ) { + rc = sqlcipher_codec_ctx_set_use_hmac(ctx, sqlite3GetBoolean(zRight,1)); + if(rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, rc); + /* since the use of hmac has changed, the page size may also change */ + rc = codec_set_btree_to_codec_pagesize(db, pDb, ctx); + if(rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, rc); + } else { + char *hmac_flag = sqlite3_mprintf("%d", SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_HMAC)); + sqlcipher_vdbe_return_string(pParse, "cipher_use_hmac", hmac_flag, P4_DYNAMIC); + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_hmac_pgno")==0 ){ + if(ctx) { + if(zRight) { + char *deprecation = "PRAGMA cipher_hmac_pgno is deprecated, please remove from use"; + /* clear both pgno endian flags */ + if(sqlite3_stricmp(zRight, "le") == 0) { + SQLCIPHER_FLAG_UNSET(ctx->flags, CIPHER_FLAG_BE_PGNO); + SQLCIPHER_FLAG_SET(ctx->flags, CIPHER_FLAG_LE_PGNO); + } else if(sqlite3_stricmp(zRight, "be") == 0) { + SQLCIPHER_FLAG_UNSET(ctx->flags, CIPHER_FLAG_LE_PGNO); + SQLCIPHER_FLAG_SET(ctx->flags, CIPHER_FLAG_BE_PGNO); + } else if(sqlite3_stricmp(zRight, "native") == 0) { + SQLCIPHER_FLAG_UNSET(ctx->flags, CIPHER_FLAG_LE_PGNO); + SQLCIPHER_FLAG_UNSET(ctx->flags, CIPHER_FLAG_BE_PGNO); + } + sqlcipher_vdbe_return_string(pParse, "cipher_hmac_pgno", deprecation, P4_TRANSIENT); + sqlite3_log(SQLITE_WARNING, deprecation); + + } else { + if(SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_LE_PGNO)) { + sqlcipher_vdbe_return_string(pParse, "cipher_hmac_pgno", "le", P4_TRANSIENT); + } else if(SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_BE_PGNO)) { + sqlcipher_vdbe_return_string(pParse, "cipher_hmac_pgno", "be", P4_TRANSIENT); + } else { + sqlcipher_vdbe_return_string(pParse, "cipher_hmac_pgno", "native", P4_TRANSIENT); + } + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_hmac_salt_mask")==0 ){ + if(ctx) { + if(zRight) { + char *deprecation = "PRAGMA cipher_hmac_salt_mask is deprecated, please remove from use"; + if (sqlite3StrNICmp(zRight ,"x'", 2) == 0 && sqlite3Strlen30(zRight) == 5) { + unsigned char mask = 0; + const unsigned char *hex = (const unsigned char *)zRight+2; + cipher_hex2bin(hex,2,&mask); + hmac_salt_mask = mask; + } + sqlcipher_vdbe_return_string(pParse, "cipher_hmac_salt_mask", deprecation, P4_TRANSIENT); + sqlite3_log(SQLITE_WARNING, deprecation); + } else { + char *mask = sqlite3_mprintf("%02x", hmac_salt_mask); + sqlcipher_vdbe_return_string(pParse, "cipher_hmac_salt_mask", mask, P4_DYNAMIC); + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_plaintext_header_size")==0 ){ + if(ctx) { + if( zRight ) { + int size = atoi(zRight); + /* deliberately ignore result code, if size is invalid it will be set to -1 + and trip the error later in the codec */ + sqlcipher_codec_ctx_set_plaintext_header_size(ctx, size); + } else { + char *size = sqlite3_mprintf("%d", ctx->plaintext_header_sz); + sqlcipher_vdbe_return_string(pParse, "cipher_plaintext_header_size", size, P4_DYNAMIC); + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_default_plaintext_header_size")==0 ){ + if( zRight ) { + default_plaintext_header_size = atoi(zRight); + } else { + char *size = sqlite3_mprintf("%d", default_plaintext_header_size); + sqlcipher_vdbe_return_string(pParse, "cipher_default_plaintext_header_size", size, P4_DYNAMIC); + } + }else + if( sqlite3_stricmp(zLeft,"cipher_salt")==0 ){ + if(ctx) { + if(zRight) { + if (sqlite3StrNICmp(zRight ,"x'", 2) == 0 && sqlite3Strlen30(zRight) == (FILE_HEADER_SZ*2)+3) { + unsigned char *salt = (unsigned char*) sqlite3_malloc(FILE_HEADER_SZ); + const unsigned char *hex = (const unsigned char *)zRight+2; + cipher_hex2bin(hex,FILE_HEADER_SZ*2,salt); + sqlcipher_codec_ctx_set_kdf_salt(ctx, salt, FILE_HEADER_SZ); + sqlite3_free(salt); + } + } else { + void *salt; + char *hexsalt = (char*) sqlite3_malloc((FILE_HEADER_SZ*2)+1); + if((rc = sqlcipher_codec_ctx_get_kdf_salt(ctx, &salt)) == SQLITE_OK) { + cipher_bin2hex(salt, FILE_HEADER_SZ, hexsalt); + sqlcipher_vdbe_return_string(pParse, "cipher_salt", hexsalt, P4_DYNAMIC); + } else { + sqlite3_free(hexsalt); + sqlcipher_codec_ctx_set_error(ctx, rc); + } + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_hmac_algorithm")==0 ){ + if(ctx) { + if(zRight) { + rc = SQLITE_ERROR; + if(sqlite3_stricmp(zRight, SQLCIPHER_HMAC_SHA1_LABEL) == 0) { + rc = sqlcipher_codec_ctx_set_hmac_algorithm(ctx, SQLCIPHER_HMAC_SHA1); + } else if(sqlite3_stricmp(zRight, SQLCIPHER_HMAC_SHA256_LABEL) == 0) { + rc = sqlcipher_codec_ctx_set_hmac_algorithm(ctx, SQLCIPHER_HMAC_SHA256); + } else if(sqlite3_stricmp(zRight, SQLCIPHER_HMAC_SHA512_LABEL) == 0) { + rc = sqlcipher_codec_ctx_set_hmac_algorithm(ctx, SQLCIPHER_HMAC_SHA512); + } + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = codec_set_btree_to_codec_pagesize(db, pDb, ctx); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + } else { + int algorithm = ctx->hmac_algorithm; + if(ctx->hmac_algorithm == SQLCIPHER_HMAC_SHA1) { + sqlcipher_vdbe_return_string(pParse, "cipher_hmac_algorithm", SQLCIPHER_HMAC_SHA1_LABEL, P4_TRANSIENT); + } else if(algorithm == SQLCIPHER_HMAC_SHA256) { + sqlcipher_vdbe_return_string(pParse, "cipher_hmac_algorithm", SQLCIPHER_HMAC_SHA256_LABEL, P4_TRANSIENT); + } else if(algorithm == SQLCIPHER_HMAC_SHA512) { + sqlcipher_vdbe_return_string(pParse, "cipher_hmac_algorithm", SQLCIPHER_HMAC_SHA512_LABEL, P4_TRANSIENT); + } + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_default_hmac_algorithm")==0 ){ + if(zRight) { + rc = SQLITE_OK; + if(sqlite3_stricmp(zRight, SQLCIPHER_HMAC_SHA1_LABEL) == 0) { + default_hmac_algorithm = SQLCIPHER_HMAC_SHA1; + } else if(sqlite3_stricmp(zRight, SQLCIPHER_HMAC_SHA256_LABEL) == 0) { + default_hmac_algorithm = SQLCIPHER_HMAC_SHA256; + } else if(sqlite3_stricmp(zRight, SQLCIPHER_HMAC_SHA512_LABEL) == 0) { + default_hmac_algorithm = SQLCIPHER_HMAC_SHA512; + } + } else { + if(default_hmac_algorithm == SQLCIPHER_HMAC_SHA1) { + sqlcipher_vdbe_return_string(pParse, "cipher_default_hmac_algorithm", SQLCIPHER_HMAC_SHA1_LABEL, P4_TRANSIENT); + } else if(default_hmac_algorithm == SQLCIPHER_HMAC_SHA256) { + sqlcipher_vdbe_return_string(pParse, "cipher_default_hmac_algorithm", SQLCIPHER_HMAC_SHA256_LABEL, P4_TRANSIENT); + } else if(default_hmac_algorithm == SQLCIPHER_HMAC_SHA512) { + sqlcipher_vdbe_return_string(pParse, "cipher_default_hmac_algorithm", SQLCIPHER_HMAC_SHA512_LABEL, P4_TRANSIENT); + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_kdf_algorithm")==0 ){ + if(ctx) { + if(zRight) { + rc = SQLITE_ERROR; + if(sqlite3_stricmp(zRight, SQLCIPHER_PBKDF2_HMAC_SHA1_LABEL) == 0) { + rc = sqlcipher_codec_ctx_set_kdf_algorithm(ctx, SQLCIPHER_PBKDF2_HMAC_SHA1); + } else if(sqlite3_stricmp(zRight, SQLCIPHER_PBKDF2_HMAC_SHA256_LABEL) == 0) { + rc = sqlcipher_codec_ctx_set_kdf_algorithm(ctx, SQLCIPHER_PBKDF2_HMAC_SHA256); + } else if(sqlite3_stricmp(zRight, SQLCIPHER_PBKDF2_HMAC_SHA512_LABEL) == 0) { + rc = sqlcipher_codec_ctx_set_kdf_algorithm(ctx, SQLCIPHER_PBKDF2_HMAC_SHA512); + } + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + } else { + if(ctx->kdf_algorithm == SQLCIPHER_PBKDF2_HMAC_SHA1) { + sqlcipher_vdbe_return_string(pParse, "cipher_kdf_algorithm", SQLCIPHER_PBKDF2_HMAC_SHA1_LABEL, P4_TRANSIENT); + } else if(ctx->kdf_algorithm == SQLCIPHER_PBKDF2_HMAC_SHA256) { + sqlcipher_vdbe_return_string(pParse, "cipher_kdf_algorithm", SQLCIPHER_PBKDF2_HMAC_SHA256_LABEL, P4_TRANSIENT); + } else if(ctx->kdf_algorithm == SQLCIPHER_PBKDF2_HMAC_SHA512) { + sqlcipher_vdbe_return_string(pParse, "cipher_kdf_algorithm", SQLCIPHER_PBKDF2_HMAC_SHA512_LABEL, P4_TRANSIENT); + } + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_default_kdf_algorithm")==0 ){ + if(zRight) { + rc = SQLITE_OK; + if(sqlite3_stricmp(zRight, SQLCIPHER_PBKDF2_HMAC_SHA1_LABEL) == 0) { + default_kdf_algorithm = SQLCIPHER_PBKDF2_HMAC_SHA1; + } else if(sqlite3_stricmp(zRight, SQLCIPHER_PBKDF2_HMAC_SHA256_LABEL) == 0) { + default_kdf_algorithm = SQLCIPHER_PBKDF2_HMAC_SHA256; + } else if(sqlite3_stricmp(zRight, SQLCIPHER_PBKDF2_HMAC_SHA512_LABEL) == 0) { + default_kdf_algorithm = SQLCIPHER_PBKDF2_HMAC_SHA512; + } + } else { + if(default_kdf_algorithm == SQLCIPHER_PBKDF2_HMAC_SHA1) { + sqlcipher_vdbe_return_string(pParse, "cipher_default_kdf_algorithm", SQLCIPHER_PBKDF2_HMAC_SHA1_LABEL, P4_TRANSIENT); + } else if(default_kdf_algorithm == SQLCIPHER_PBKDF2_HMAC_SHA256) { + sqlcipher_vdbe_return_string(pParse, "cipher_default_kdf_algorithm", SQLCIPHER_PBKDF2_HMAC_SHA256_LABEL, P4_TRANSIENT); + } else if(default_kdf_algorithm == SQLCIPHER_PBKDF2_HMAC_SHA512) { + sqlcipher_vdbe_return_string(pParse, "cipher_default_kdf_algorithm", SQLCIPHER_PBKDF2_HMAC_SHA512_LABEL, P4_TRANSIENT); + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_compatibility")==0 ){ + if(ctx) { + if(zRight) { + int version = atoi(zRight); + + switch(version) { + case 1: + rc = sqlcipher_codec_ctx_set_pagesize(ctx, 1024); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_hmac_algorithm(ctx, SQLCIPHER_HMAC_SHA1); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_kdf_algorithm(ctx, SQLCIPHER_PBKDF2_HMAC_SHA1); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_kdf_iter(ctx, 4000); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_use_hmac(ctx, 0); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + break; + + case 2: + rc = sqlcipher_codec_ctx_set_pagesize(ctx, 1024); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_hmac_algorithm(ctx, SQLCIPHER_HMAC_SHA1); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_kdf_algorithm(ctx, SQLCIPHER_PBKDF2_HMAC_SHA1); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_kdf_iter(ctx, 4000); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_use_hmac(ctx, 1); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + break; + + case 3: + rc = sqlcipher_codec_ctx_set_pagesize(ctx, 1024); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_hmac_algorithm(ctx, SQLCIPHER_HMAC_SHA1); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_kdf_algorithm(ctx, SQLCIPHER_PBKDF2_HMAC_SHA1); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_kdf_iter(ctx, 64000); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_use_hmac(ctx, 1); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + break; + + default: + rc = sqlcipher_codec_ctx_set_pagesize(ctx, 4096); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_hmac_algorithm(ctx, SQLCIPHER_HMAC_SHA512); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_kdf_algorithm(ctx, SQLCIPHER_PBKDF2_HMAC_SHA512); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_kdf_iter(ctx, 256000); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + rc = sqlcipher_codec_ctx_set_use_hmac(ctx, 1); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + break; + } + + rc = codec_set_btree_to_codec_pagesize(db, pDb, ctx); + if (rc != SQLITE_OK) sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_default_compatibility")==0 ){ + if(zRight) { + int version = atoi(zRight); + switch(version) { + case 1: + default_page_size = 1024; + default_hmac_algorithm = SQLCIPHER_HMAC_SHA1; + default_kdf_algorithm = SQLCIPHER_PBKDF2_HMAC_SHA1; + default_kdf_iter = 4000; + sqlcipher_set_default_use_hmac(0); + break; + + case 2: + default_page_size = 1024; + default_hmac_algorithm = SQLCIPHER_HMAC_SHA1; + default_kdf_algorithm = SQLCIPHER_PBKDF2_HMAC_SHA1; + default_kdf_iter = 4000; + sqlcipher_set_default_use_hmac(1); + break; + + case 3: + default_page_size = 1024; + default_hmac_algorithm = SQLCIPHER_HMAC_SHA1; + default_kdf_algorithm = SQLCIPHER_PBKDF2_HMAC_SHA1; + default_kdf_iter = 64000; + sqlcipher_set_default_use_hmac(1); + break; + + default: + default_page_size = 4096; + default_hmac_algorithm = SQLCIPHER_HMAC_SHA512; + default_kdf_algorithm = SQLCIPHER_PBKDF2_HMAC_SHA512; + default_kdf_iter = 256000; + sqlcipher_set_default_use_hmac(1); + break; + } + } + }else + if( sqlite3_stricmp(zLeft,"cipher_memory_security")==0 ){ + if( zRight ) { + if(sqlite3GetBoolean(zRight,1)) { + /* memory security can only be enabled, not disabled */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipher_set_mem_security: on"); + sqlcipher_mem_security_on = 1; + } + } else { + /* only report that memory security is enabled if pragma cipher_memory_security is ON and + SQLCipher's allocator/deallocator was run at least one time */ + int state = sqlcipher_mem_security_on && sqlcipher_mem_executed; + char *on = sqlite3_mprintf("%d", state); + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, + "sqlcipher_get_mem_security: sqlcipher_mem_security_on = %d, sqlcipher_mem_executed = %d", + sqlcipher_mem_security_on, sqlcipher_mem_executed); + sqlcipher_vdbe_return_string(pParse, "cipher_memory_security", on, P4_DYNAMIC); + } + }else + if( sqlite3_stricmp(zLeft,"cipher_settings")==0 ){ + if(ctx) { + int algorithm; + char *pragma; + + pragma = sqlite3_mprintf("PRAGMA kdf_iter = %d;", ctx->kdf_iter); + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + pragma = sqlite3_mprintf("PRAGMA cipher_page_size = %d;", ctx->page_sz); + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + pragma = sqlite3_mprintf("PRAGMA cipher_use_hmac = %d;", SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_HMAC)); + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + pragma = sqlite3_mprintf("PRAGMA cipher_plaintext_header_size = %d;", ctx->plaintext_header_sz); + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + algorithm = ctx->hmac_algorithm; + pragma = NULL; + if(algorithm == SQLCIPHER_HMAC_SHA1) { + pragma = sqlite3_mprintf("PRAGMA cipher_hmac_algorithm = %s;", SQLCIPHER_HMAC_SHA1_LABEL); + } else if(algorithm == SQLCIPHER_HMAC_SHA256) { + pragma = sqlite3_mprintf("PRAGMA cipher_hmac_algorithm = %s;", SQLCIPHER_HMAC_SHA256_LABEL); + } else if(algorithm == SQLCIPHER_HMAC_SHA512) { + pragma = sqlite3_mprintf("PRAGMA cipher_hmac_algorithm = %s;", SQLCIPHER_HMAC_SHA512_LABEL); + } + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + algorithm = ctx->kdf_algorithm; + pragma = NULL; + if(algorithm == SQLCIPHER_PBKDF2_HMAC_SHA1) { + pragma = sqlite3_mprintf("PRAGMA cipher_kdf_algorithm = %s;", SQLCIPHER_PBKDF2_HMAC_SHA1_LABEL); + } else if(algorithm == SQLCIPHER_PBKDF2_HMAC_SHA256) { + pragma = sqlite3_mprintf("PRAGMA cipher_kdf_algorithm = %s;", SQLCIPHER_PBKDF2_HMAC_SHA256_LABEL); + } else if(algorithm == SQLCIPHER_PBKDF2_HMAC_SHA512) { + pragma = sqlite3_mprintf("PRAGMA cipher_kdf_algorithm = %s;", SQLCIPHER_PBKDF2_HMAC_SHA512_LABEL); + } + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + } + }else + if( sqlite3_stricmp(zLeft,"cipher_default_settings")==0 ){ + char *pragma; + + pragma = sqlite3_mprintf("PRAGMA cipher_default_kdf_iter = %d;", default_kdf_iter); + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + pragma = sqlite3_mprintf("PRAGMA cipher_default_page_size = %d;", default_page_size); + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + pragma = sqlite3_mprintf("PRAGMA cipher_default_use_hmac = %d;", SQLCIPHER_FLAG_GET(default_flags, CIPHER_FLAG_HMAC)); + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + pragma = sqlite3_mprintf("PRAGMA cipher_default_plaintext_header_size = %d;", default_plaintext_header_size); + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + pragma = NULL; + if(default_hmac_algorithm == SQLCIPHER_HMAC_SHA1) { + pragma = sqlite3_mprintf("PRAGMA cipher_default_hmac_algorithm = %s;", SQLCIPHER_HMAC_SHA1_LABEL); + } else if(default_hmac_algorithm == SQLCIPHER_HMAC_SHA256) { + pragma = sqlite3_mprintf("PRAGMA cipher_default_hmac_algorithm = %s;", SQLCIPHER_HMAC_SHA256_LABEL); + } else if(default_hmac_algorithm == SQLCIPHER_HMAC_SHA512) { + pragma = sqlite3_mprintf("PRAGMA cipher_default_hmac_algorithm = %s;", SQLCIPHER_HMAC_SHA512_LABEL); + } + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + + pragma = NULL; + if(default_kdf_algorithm == SQLCIPHER_PBKDF2_HMAC_SHA1) { + pragma = sqlite3_mprintf("PRAGMA cipher_default_kdf_algorithm = %s;", SQLCIPHER_PBKDF2_HMAC_SHA1_LABEL); + } else if(default_kdf_algorithm == SQLCIPHER_PBKDF2_HMAC_SHA256) { + pragma = sqlite3_mprintf("PRAGMA cipher_default_kdf_algorithm = %s;", SQLCIPHER_PBKDF2_HMAC_SHA256_LABEL); + } else if(default_kdf_algorithm == SQLCIPHER_PBKDF2_HMAC_SHA512) { + pragma = sqlite3_mprintf("PRAGMA cipher_default_kdf_algorithm = %s;", SQLCIPHER_PBKDF2_HMAC_SHA512_LABEL); + } + sqlcipher_vdbe_return_string(pParse, "pragma", pragma, P4_DYNAMIC); + }else + if( sqlite3_stricmp(zLeft,"cipher_integrity_check")==0 ){ + if(ctx) { + sqlcipher_codec_ctx_integrity_check(ctx, pParse, "cipher_integrity_check"); + } + } else + if( sqlite3_stricmp(zLeft, "cipher_log_level")==0 ){ + if(zRight) { + sqlcipher_log_level = SQLCIPHER_LOG_NONE; + if(sqlite3_stricmp(zRight, "ERROR")==0) sqlcipher_log_level = SQLCIPHER_LOG_ERROR; + else if(sqlite3_stricmp(zRight, "WARN" )==0) sqlcipher_log_level = SQLCIPHER_LOG_WARN; + else if(sqlite3_stricmp(zRight, "INFO" )==0) sqlcipher_log_level = SQLCIPHER_LOG_INFO; + else if(sqlite3_stricmp(zRight, "DEBUG")==0) sqlcipher_log_level = SQLCIPHER_LOG_DEBUG; + else if(sqlite3_stricmp(zRight, "TRACE")==0) sqlcipher_log_level = SQLCIPHER_LOG_TRACE; + } + sqlcipher_vdbe_return_string(pParse, "cipher_log_level", sqlcipher_get_log_level_str(sqlcipher_log_level), P4_TRANSIENT); + } else + if( sqlite3_stricmp(zLeft, "cipher_log_source")==0 ){ + if(zRight) { + if(sqlite3_stricmp(zRight, "NONE" )==0) sqlcipher_log_source = SQLCIPHER_LOG_NONE; + else if(sqlite3_stricmp(zRight, "ANY" )==0) sqlcipher_log_source = SQLCIPHER_LOG_ANY; + else { + if(sqlite3_stricmp(zRight, "CORE" )==0) SQLCIPHER_FLAG_SET(sqlcipher_log_source, SQLCIPHER_LOG_CORE); + else if(sqlite3_stricmp(zRight, "MEMORY" )==0) SQLCIPHER_FLAG_SET(sqlcipher_log_source, SQLCIPHER_LOG_MEMORY); + else if(sqlite3_stricmp(zRight, "MUTEX" )==0) SQLCIPHER_FLAG_SET(sqlcipher_log_source, SQLCIPHER_LOG_MUTEX); + else if(sqlite3_stricmp(zRight, "PROVIDER")==0) SQLCIPHER_FLAG_SET(sqlcipher_log_source, SQLCIPHER_LOG_PROVIDER); + } + } + sqlcipher_vdbe_return_string(pParse, "cipher_log_source", sqlcipher_get_log_sources_str(sqlcipher_log_source), P4_DYNAMIC); + } else + if( sqlite3_stricmp(zLeft, "cipher_log")== 0 && zRight ){ + char *status = sqlite3_mprintf("%d", sqlcipher_set_log(zRight)); + sqlcipher_vdbe_return_string(pParse, "cipher_log", status, P4_DYNAMIC); + }else { + return 0; + } + return 1; +} + +/* these constants are used internally within SQLite's pager.c to differentiate between + operations on the main database or journal pages. This is important in the context + of a rekey operations, where the journal must be written using the original key + material (to allow a transactional rollback), while the new database pages are being + written with the new key material*/ +#define CODEC_READ_OP 3 +#define CODEC_WRITE_OP 6 +#define CODEC_JOURNAL_OP 7 + +/* + * sqlite3Codec can be called in multiple modes. + * encrypt mode - expected to return a pointer to the + * encrypted data without altering pData. + * decrypt mode - expected to return a pointer to pData, with + * the data decrypted in the input buffer + */ +static void* sqlite3Codec(void *iCtx, void *data, Pgno pgno, int mode) { + codec_ctx *ctx = (codec_ctx *) iCtx; + int offset = 0, rc = 0; + unsigned char *pData = (unsigned char *) data; + int cctx = CIPHER_READ_CTX; + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlite3Codec: pgno=%d, mode=%d, ctx->page_sz=%d", pgno, mode, ctx->page_sz); + + /* call to derive keys if not present yet */ + if((rc = sqlcipher_codec_key_derive(ctx)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3Codec: error occurred during key derivation: %d", rc); + sqlcipher_codec_ctx_set_error(ctx, rc); + return NULL; + } + + /* if the plaintext_header_size is negative that means an invalid size was set via + PRAGMA. We can't set the error state on the pager at that point because the pager + may not be open yet. However, this is a fatal error state, so abort the codec */ + if(ctx->plaintext_header_sz < 0) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3Codec: error invalid ctx->plaintext_header_sz: %d", ctx->plaintext_header_sz); + sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); + return NULL; + } + + if(pgno == 1) /* adjust starting pointers in data page for header offset on first page*/ + offset = ctx->plaintext_header_sz ? ctx->plaintext_header_sz : FILE_HEADER_SZ; + + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlite3Codec: switch mode=%d offset=%d", mode, offset); + switch(mode) { + case CODEC_READ_OP: /* decrypt */ + if(pgno == 1) /* copy initial part of file header or SQLite magic to buffer */ + memcpy(ctx->buffer, ctx->plaintext_header_sz ? pData : (void *) SQLITE_FILE_HEADER, offset); + + rc = sqlcipher_page_cipher(ctx, cctx, pgno, CIPHER_DECRYPT, ctx->page_sz - offset, pData + offset, (unsigned char*)ctx->buffer + offset); +#ifdef SQLCIPHER_TEST + if((cipher_test_flags & TEST_FAIL_DECRYPT) > 0 && sqlcipher_get_test_fail()) { + rc = SQLITE_ERROR; + sqlcipher_log(SQLCIPHER_LOG_WARN, SQLCIPHER_LOG_CORE, "sqlite3Codec: simulating decryption failure for pgno=%d, mode=%d, ctx->page_sz=%d\n", pgno, mode, ctx->page_sz); + } +#endif + if(rc != SQLITE_OK) { + /* failure to decrypt a page is considered a permanent error and will render the pager unusable + in order to prevent inconsistent data being loaded into page cache */ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3Codec: error decrypting page %d data: %d", pgno, rc); + sqlcipher_memset((unsigned char*) ctx->buffer+offset, 0, ctx->page_sz-offset); + sqlcipher_codec_ctx_set_error(ctx, rc); + } else { + SQLCIPHER_FLAG_SET(ctx->flags, CIPHER_FLAG_KEY_USED); + } + memcpy(pData, ctx->buffer, ctx->page_sz); /* copy buffer data back to pData and return */ + return pData; + break; + + case CODEC_WRITE_OP: /* encrypt database page, operate on write context and fall through to case 7, so the write context is used*/ + cctx = CIPHER_WRITE_CTX; + + case CODEC_JOURNAL_OP: /* encrypt journal page, operate on read context use to get the original page data from the database */ + if(pgno == 1) { /* copy initial part of file header or salt to buffer */ + void *kdf_salt = NULL; + /* retrieve the kdf salt */ + if((rc = sqlcipher_codec_ctx_get_kdf_salt(ctx, &kdf_salt)) != SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3Codec: error retrieving salt: %d", rc); + sqlcipher_codec_ctx_set_error(ctx, rc); + return NULL; + } + memcpy(ctx->buffer, ctx->plaintext_header_sz ? pData : kdf_salt, offset); + } + rc = sqlcipher_page_cipher(ctx, cctx, pgno, CIPHER_ENCRYPT, ctx->page_sz - offset, pData + offset, (unsigned char*)ctx->buffer + offset); +#ifdef SQLCIPHER_TEST + if((cipher_test_flags & TEST_FAIL_ENCRYPT) > 0 && sqlcipher_get_test_fail()) { + rc = SQLITE_ERROR; + sqlcipher_log(SQLCIPHER_LOG_WARN, SQLCIPHER_LOG_CORE, "sqlite3Codec: simulating encryption failure for pgno=%d, mode=%d, ctx->page_sz=%d\n", pgno, mode, ctx->page_sz); + } +#endif + if(rc != SQLITE_OK) { + /* failure to encrypt a page is considered a permanent error and will render the pager unusable + in order to prevent corrupted pages from being written to the main databased when using WAL */ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3Codec: error encrypting page %d data: %d", pgno, rc); + sqlcipher_memset((unsigned char*)ctx->buffer+offset, 0, ctx->page_sz-offset); + sqlcipher_codec_ctx_set_error(ctx, rc); + return NULL; + } + SQLCIPHER_FLAG_SET(ctx->flags, CIPHER_FLAG_KEY_USED); + return ctx->buffer; /* return persistent buffer data, pData remains intact */ + break; + + default: + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3Codec: error unsupported codec mode %d", mode); + sqlcipher_codec_ctx_set_error(ctx, SQLITE_ERROR); /* unsupported mode, set error */ + return pData; + break; + } +} + +static void sqlite3FreeCodecArg(void *pCodecArg) { + codec_ctx *ctx = (codec_ctx *) pCodecArg; + if(pCodecArg == NULL) return; + sqlcipher_codec_ctx_free(&ctx); /* wipe and free allocated memory for the context */ + sqlcipher_deactivate(); /* cleanup related structures, OpenSSL etc, when codec is detatched */ +} + +int sqlcipherCodecAttach(sqlite3* db, int nDb, const void *zKey, int nKey) { + struct Db *pDb = &db->aDb[nDb]; + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipherCodecAttach: db=%p, nDb=%d", db, nDb); + + if(nKey && zKey && pDb->pBt) { + int rc; + Pager *pPager = pDb->pBt->pBt->pPager; + sqlite3_file *fd; + codec_ctx *ctx; + + ctx = (codec_ctx*) sqlcipherPagerGetCodec(pDb->pBt->pBt->pPager); + + if(ctx != NULL && SQLCIPHER_FLAG_GET(ctx->flags, CIPHER_FLAG_KEY_USED)) { + /* there is already a codec attached to this database, so we should not proceed */ + sqlcipher_log(SQLCIPHER_LOG_WARN, SQLCIPHER_LOG_CORE, "sqlcipherCodecAttach: no codec attached to db"); + return SQLITE_OK; + } + + /* check if the sqlite3_file is open, and if not force handle to NULL */ + if((fd = sqlite3PagerFile(pPager))->pMethods == 0) fd = NULL; + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipherCodecAttach: calling sqlcipher_activate()"); + sqlcipher_activate(); /* perform internal initialization for sqlcipher */ + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipherCodecAttach: entering database mutex %p", db->mutex); + sqlite3_mutex_enter(db->mutex); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipherCodecAttach: entered database mutex %p", db->mutex); + + /* point the internal codec argument against the contet to be prepared */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipherCodecAttach: calling sqlcipher_codec_ctx_init()"); + rc = sqlcipher_codec_ctx_init(&ctx, pDb, pDb->pBt->pBt->pPager, zKey, nKey); + + if(rc != SQLITE_OK) { + /* initialization failed, do not attach potentially corrupted context */ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlcipherCodecAttach: context initialization failed, forcing error state with rc=%d", rc); + /* force an error at the pager level, such that even the upstream caller ignores the return code + the pager will be in an error state and will process no further operations */ + sqlite3pager_error(pPager, rc); + pDb->pBt->pBt->db->errCode = rc; + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipherCodecAttach: leaving database mutex %p (early return on rc=%d)", db->mutex, rc); + sqlite3_mutex_leave(db->mutex); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipherCodecAttach: left database mutex %p (early return on rc=%d)", db->mutex, rc); + return rc; + } + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipherCodecAttach: calling sqlcipherPagerSetCodec()"); + sqlcipherPagerSetCodec(sqlite3BtreePager(pDb->pBt), sqlite3Codec, NULL, sqlite3FreeCodecArg, (void *) ctx); + + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipherCodecAttach: calling codec_set_btree_to_codec_pagesize()"); + codec_set_btree_to_codec_pagesize(db, pDb, ctx); + + /* force secure delete. This has the benefit of wiping internal data when deleted + and also ensures that all pages are written to disk (i.e. not skipped by + sqlite3PagerDontWrite optimizations) */ + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipherCodecAttach: calling sqlite3BtreeSecureDelete()"); + sqlite3BtreeSecureDelete(pDb->pBt, 1); + + /* if fd is null, then this is an in-memory database and + we dont' want to overwrite the AutoVacuum settings + if not null, then set to the default */ + if(fd != NULL) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipherCodecAttach: calling sqlite3BtreeSetAutoVacuum()"); + sqlite3BtreeSetAutoVacuum(pDb->pBt, SQLITE_DEFAULT_AUTOVACUUM); + } + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipherCodecAttach: leaving database mutex %p", db->mutex); + sqlite3_mutex_leave(db->mutex); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipherCodecAttach: left database mutex %p", db->mutex); + } + return SQLITE_OK; +} + +int sqlcipher_find_db_index(sqlite3 *db, const char *zDb) { + int db_index; + if(zDb == NULL){ + return 0; + } + for(db_index = 0; db_index < db->nDb; db_index++) { + struct Db *pDb = &db->aDb[db_index]; + if(strcmp(pDb->zDbSName, zDb) == 0) { + return db_index; + } + } + return 0; +} + +SQLITE_API void sqlite3_activate_see(const char* in) { + /* do nothing, security enhancements are always active */ +} + +SQLITE_API int sqlite3_key(sqlite3 *db, const void *pKey, int nKey) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlite3_key: db=%p", db); + return sqlite3_key_v2(db, "main", pKey, nKey); +} + +SQLITE_API int sqlite3_key_v2(sqlite3 *db, const char *zDb, const void *pKey, int nKey) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlite3_key_v2: db=%p zDb=%s", db, zDb); + /* attach key if db and pKey are not null and nKey is > 0 */ + if(db && pKey && nKey) { + int db_index = sqlcipher_find_db_index(db, zDb); + return sqlcipherCodecAttach(db, db_index, pKey, nKey); + } + sqlcipher_log(SQLCIPHER_LOG_WARN, SQLCIPHER_LOG_CORE, "sqlite3_key_v2: no key provided"); + return SQLITE_ERROR; +} + +SQLITE_API int sqlite3_rekey(sqlite3 *db, const void *pKey, int nKey) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlite3_rekey: db=%p", db); + return sqlite3_rekey_v2(db, "main", pKey, nKey); +} + +/* sqlite3_rekey_v2 +** Given a database, this will reencrypt the database using a new key. +** There is only one possible modes of operation - to encrypt a database +** that is already encrpyted. If the database is not already encrypted +** this should do nothing +** The proposed logic for this function follows: +** 1. Determine if the database is already encryptped +** 2. If there is NOT already a key present do nothing +** 3. If there is a key present, re-encrypt the database with the new key +*/ +SQLITE_API int sqlite3_rekey_v2(sqlite3 *db, const char *zDb, const void *pKey, int nKey) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlite3_rekey_v2: db=%p zDb=%s", db, zDb); + if(db && pKey && nKey) { + int db_index = sqlcipher_find_db_index(db, zDb); + struct Db *pDb = &db->aDb[db_index]; + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlite3_rekey_v2: database zDb=%p db_index:%d", zDb, db_index); + if(pDb->pBt) { + codec_ctx *ctx; + int rc, page_count; + Pgno pgno; + PgHdr *page; + Pager *pPager = pDb->pBt->pBt->pPager; + + ctx = (codec_ctx*) sqlcipherPagerGetCodec(pDb->pBt->pBt->pPager); + + if(ctx == NULL) { + /* there was no codec attached to this database, so this should do nothing! */ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3_rekey_v2: no codec attached to db %s: rekey can't be used on an unencrypted database", zDb); + return SQLITE_MISUSE; + } + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlite3_rekey_v2: entering database mutex %p", db->mutex); + sqlite3_mutex_enter(db->mutex); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlite3_rekey_v2: entered database mutex %p", db->mutex); + + codec_set_pass_key(db, db_index, pKey, nKey, CIPHER_WRITE_CTX); + + /* do stuff here to rewrite the database + ** 1. Create a transaction on the database + ** 2. Iterate through each page, reading it and then writing it. + ** 3. If that goes ok then commit and put ctx->rekey into ctx->key + ** note: don't deallocate rekey since it may be used in a subsequent iteration + */ + rc = sqlite3BtreeBeginTrans(pDb->pBt, 1, 0); /* begin write transaction */ + sqlite3PagerPagecount(pPager, &page_count); + for(pgno = 1; rc == SQLITE_OK && pgno <= (unsigned int)page_count; pgno++) { /* pgno's start at 1 see pager.c:pagerAcquire */ + if(!sqlite3pager_is_sj_pgno(pPager, pgno)) { /* skip this page (see pager.c:pagerAcquire for reasoning) */ + rc = sqlite3PagerGet(pPager, pgno, &page, 0); + if(rc == SQLITE_OK) { /* write page see pager_incr_changecounter for example */ + rc = sqlite3PagerWrite(page); + if(rc == SQLITE_OK) { + sqlite3PagerUnref(page); + } else { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3_rekey_v2: error %d occurred writing page %d", rc, pgno); + } + } else { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3_rekey_v2: error %d occurred reading page %d", rc, pgno); + } + } + } + + /* if commit was successful commit and copy the rekey data to current key, else rollback to release locks */ + if(rc == SQLITE_OK) { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlite3_rekey_v2: committing"); + rc = sqlite3BtreeCommit(pDb->pBt); + sqlcipher_codec_key_copy(ctx, CIPHER_WRITE_CTX); + } else { + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlite3_rekey_v2: rollback"); + sqlite3BtreeRollback(pDb->pBt, SQLITE_ABORT_ROLLBACK, 0); + } + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlite3_rekey_v2: leaving database mutex %p", db->mutex); + sqlite3_mutex_leave(db->mutex); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlite3_rekey_v2: left database mutex %p", db->mutex); + } + return SQLITE_OK; + } + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_CORE, "sqlite3_rekey_v2: no key provided for db %s: rekey can't be used to decrypt an encrypted database", zDb); + return SQLITE_ERROR; +} + +void sqlcipherCodecGetKey(sqlite3* db, int nDb, void **zKey, int *nKey) { + struct Db *pDb = &db->aDb[nDb]; + sqlcipher_log(SQLCIPHER_LOG_DEBUG, SQLCIPHER_LOG_CORE, "sqlcipherCodecGetKey:db=%p, nDb=%d", db, nDb); + if( pDb->pBt ) { + codec_ctx *ctx = (codec_ctx*) sqlcipherPagerGetCodec(pDb->pBt->pBt->pPager); + + if(ctx) { + /* pass back the keyspec from the codec, unless PRAGMA cipher_store_pass + is set or keyspec has not yet been derived, in which case pass + back the password key material */ + *zKey = ctx->read_ctx->keyspec; + *nKey = ctx->keyspec_sz; + if(ctx->store_pass == 1 || *zKey == NULL) { + *zKey = ctx->read_ctx->pass; + *nKey = ctx->read_ctx->pass_sz; + } + } else { + *zKey = NULL; + *nKey = 0; + } + } +} + +/* + * Implementation of an "export" function that allows a caller + * to duplicate the main database to an attached database. This is intended + * as a conveneince for users who need to: + * + * 1. migrate from an non-encrypted database to an encrypted database + * 2. move from an encrypted database to a non-encrypted database + * 3. convert beween the various flavors of encrypted databases. + * + * This implementation is based heavily on the procedure and code used + * in vacuum.c, but is exposed as a function that allows export to any + * named attached database. + */ + +/* +** Finalize a prepared statement. If there was an error, store the +** text of the error message in *pzErrMsg. Return the result code. +** +** Based on vacuumFinalize from vacuum.c +*/ +static int sqlcipher_finalize(sqlite3 *db, sqlite3_stmt *pStmt, char **pzErrMsg){ + int rc; + rc = sqlite3VdbeFinalize((Vdbe*)pStmt); + if( rc ){ + sqlite3SetString(pzErrMsg, db, sqlite3_errmsg(db)); + } + return rc; +} + +/* +** Execute zSql on database db. Return an error code. +** +** Based on execSql from vacuum.c +*/ +static int sqlcipher_execSql(sqlite3 *db, char **pzErrMsg, const char *zSql){ + sqlite3_stmt *pStmt; + VVA_ONLY( int rc; ) + if( !zSql ){ + return SQLITE_NOMEM; + } + if( SQLITE_OK!=sqlite3_prepare(db, zSql, -1, &pStmt, 0) ){ + sqlite3SetString(pzErrMsg, db, sqlite3_errmsg(db)); + return sqlite3_errcode(db); + } + VVA_ONLY( rc = ) sqlite3_step(pStmt); + assert( rc!=SQLITE_ROW ); + return sqlcipher_finalize(db, pStmt, pzErrMsg); +} + +/* +** Execute zSql on database db. The statement returns exactly +** one column. Execute this as SQL on the same database. +** +** Based on execExecSql from vacuum.c +*/ +static int sqlcipher_execExecSql(sqlite3 *db, char **pzErrMsg, const char *zSql){ + sqlite3_stmt *pStmt; + int rc; + + rc = sqlite3_prepare(db, zSql, -1, &pStmt, 0); + if( rc!=SQLITE_OK ) return rc; + + while( SQLITE_ROW==sqlite3_step(pStmt) ){ + rc = sqlcipher_execSql(db, pzErrMsg, (char*)sqlite3_column_text(pStmt, 0)); + if( rc!=SQLITE_OK ){ + sqlcipher_finalize(db, pStmt, pzErrMsg); + return rc; + } + } + + return sqlcipher_finalize(db, pStmt, pzErrMsg); +} + +/* + * copy database and schema from the main database to an attached database + * + * Based on sqlite3RunVacuum from vacuum.c +*/ +void sqlcipher_exportFunc(sqlite3_context *context, int argc, sqlite3_value **argv) { + sqlite3 *db = sqlite3_context_db_handle(context); + const char* targetDb, *sourceDb; + int targetDb_idx = 0; + u64 saved_flags = db->flags; /* Saved value of the db->flags */ + u32 saved_mDbFlags = db->mDbFlags; /* Saved value of the db->mDbFlags */ + int saved_nChange = db->nChange; /* Saved value of db->nChange */ + int saved_nTotalChange = db->nTotalChange; /* Saved value of db->nTotalChange */ + u8 saved_mTrace = db->mTrace; /* Saved value of db->mTrace */ + int rc = SQLITE_OK; /* Return code from service routines */ + char *zSql = NULL; /* SQL statements */ + char *pzErrMsg = NULL; + + if(argc != 1 && argc != 2) { + rc = SQLITE_ERROR; + pzErrMsg = sqlite3_mprintf("invalid number of arguments (%d) passed to sqlcipher_export", argc); + goto end_of_export; + } + + if(sqlite3_value_type(argv[0]) == SQLITE_NULL) { + rc = SQLITE_ERROR; + pzErrMsg = sqlite3_mprintf("target database can't be NULL"); + goto end_of_export; + } + + targetDb = (const char*) sqlite3_value_text(argv[0]); + sourceDb = "main"; + + if(argc == 2) { + if(sqlite3_value_type(argv[1]) == SQLITE_NULL) { + rc = SQLITE_ERROR; + pzErrMsg = sqlite3_mprintf("target database can't be NULL"); + goto end_of_export; + } + sourceDb = (char *) sqlite3_value_text(argv[1]); + } + + + /* if the name of the target is not main, but the index returned is zero + there is a mismatch and we should not proceed */ + targetDb_idx = sqlcipher_find_db_index(db, targetDb); + if(targetDb_idx == 0 && targetDb != NULL && sqlite3_stricmp("main", targetDb) != 0) { + rc = SQLITE_ERROR; + pzErrMsg = sqlite3_mprintf("unknown database %s", targetDb); + goto end_of_export; + } + db->init.iDb = targetDb_idx; + + db->flags |= SQLITE_WriteSchema | SQLITE_IgnoreChecks; + db->mDbFlags |= DBFLAG_PreferBuiltin | DBFLAG_Vacuum; + db->flags &= ~(u64)(SQLITE_ForeignKeys | SQLITE_ReverseOrder | SQLITE_Defensive | SQLITE_CountRows); + db->mTrace = 0; + + /* Query the schema of the main database. Create a mirror schema + ** in the temporary database. + */ + zSql = sqlite3_mprintf( + "SELECT sql " + " FROM %s.sqlite_schema WHERE type='table' AND name!='sqlite_sequence'" + " AND rootpage>0" + , sourceDb); + rc = (zSql == NULL) ? SQLITE_NOMEM : sqlcipher_execExecSql(db, &pzErrMsg, zSql); + if( rc!=SQLITE_OK ) goto end_of_export; + sqlite3_free(zSql); + + zSql = sqlite3_mprintf( + "SELECT sql " + " FROM %s.sqlite_schema WHERE sql LIKE 'CREATE INDEX %%' " + , sourceDb); + rc = (zSql == NULL) ? SQLITE_NOMEM : sqlcipher_execExecSql(db, &pzErrMsg, zSql); + if( rc!=SQLITE_OK ) goto end_of_export; + sqlite3_free(zSql); + + zSql = sqlite3_mprintf( + "SELECT sql " + " FROM %s.sqlite_schema WHERE sql LIKE 'CREATE UNIQUE INDEX %%'" + , sourceDb); + rc = (zSql == NULL) ? SQLITE_NOMEM : sqlcipher_execExecSql(db, &pzErrMsg, zSql); + if( rc!=SQLITE_OK ) goto end_of_export; + sqlite3_free(zSql); + + /* Loop through the tables in the main database. For each, do + ** an "INSERT INTO rekey_db.xxx SELECT * FROM main.xxx;" to copy + ** the contents to the temporary database. + */ + zSql = sqlite3_mprintf( + "SELECT 'INSERT INTO %s.' || quote(name) " + "|| ' SELECT * FROM %s.' || quote(name) || ';'" + "FROM %s.sqlite_schema " + "WHERE type = 'table' AND name!='sqlite_sequence' " + " AND rootpage>0" + , targetDb, sourceDb, sourceDb); + rc = (zSql == NULL) ? SQLITE_NOMEM : sqlcipher_execExecSql(db, &pzErrMsg, zSql); + if( rc!=SQLITE_OK ) goto end_of_export; + sqlite3_free(zSql); + + /* Copy over the contents of the sequence table + */ + zSql = sqlite3_mprintf( + "SELECT 'INSERT INTO %s.' || quote(name) " + "|| ' SELECT * FROM %s.' || quote(name) || ';' " + "FROM %s.sqlite_schema WHERE name=='sqlite_sequence';" + , targetDb, sourceDb, targetDb); + rc = (zSql == NULL) ? SQLITE_NOMEM : sqlcipher_execExecSql(db, &pzErrMsg, zSql); + if( rc!=SQLITE_OK ) goto end_of_export; + sqlite3_free(zSql); + + /* Copy the triggers, views, and virtual tables from the main database + ** over to the temporary database. None of these objects has any + ** associated storage, so all we have to do is copy their entries + ** from the SQLITE_MASTER table. + */ + zSql = sqlite3_mprintf( + "INSERT INTO %s.sqlite_schema " + " SELECT type, name, tbl_name, rootpage, sql" + " FROM %s.sqlite_schema" + " WHERE type='view' OR type='trigger'" + " OR (type='table' AND rootpage=0)" + , targetDb, sourceDb); + rc = (zSql == NULL) ? SQLITE_NOMEM : sqlcipher_execSql(db, &pzErrMsg, zSql); + if( rc!=SQLITE_OK ) goto end_of_export; + sqlite3_free(zSql); + + zSql = NULL; +end_of_export: + db->init.iDb = 0; + db->flags = saved_flags; + db->mDbFlags = saved_mDbFlags; + db->nChange = saved_nChange; + db->nTotalChange = saved_nTotalChange; + db->mTrace = saved_mTrace; + + if(zSql) sqlite3_free(zSql); + + if(rc) { + if(pzErrMsg != NULL) { + sqlite3_result_error(context, pzErrMsg, -1); + sqlite3DbFree(db, pzErrMsg); + } else { + sqlite3_result_error(context, sqlite3ErrStr(rc), -1); + } + } +} +#endif +/* END SQLCIPHER */ + +/************** End of sqlcipher.c *******************************************/ +/************** Begin file crypto_libtomcrypt.c ******************************/ +/* +** SQLCipher +** http://sqlcipher.net +** +** Copyright (c) 2008 - 2013, ZETETIC LLC +** All rights reserved. +** +** Redistribution and use in source and binary forms, with or without +** modification, are permitted provided that the following conditions are met: +** * Redistributions of source code must retain the above copyright +** notice, this list of conditions and the following disclaimer. +** * Redistributions in binary form must reproduce the above copyright +** notice, this list of conditions and the following disclaimer in the +** documentation and/or other materials provided with the distribution. +** * Neither the name of the ZETETIC LLC nor the +** names of its contributors may be used to endorse or promote products +** derived from this software without specific prior written permission. +** +** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY +** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY +** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +** +*/ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +#ifdef SQLCIPHER_CRYPTO_LIBTOMCRYPT +/* #include "sqliteInt.h" */ +/* #include "sqlcipher.h" */ +#include + +#define FORTUNA_MAX_SZ 32 +static prng_state prng; +static volatile unsigned int ltc_init = 0; +static volatile unsigned int ltc_ref_count = 0; + +#define LTC_CIPHER "rijndael" + +static int sqlcipher_ltc_add_random(void *ctx, void *buffer, int length) { + int rc = 0; + int data_to_read = length; + int block_sz = data_to_read < FORTUNA_MAX_SZ ? data_to_read : FORTUNA_MAX_SZ; + const unsigned char * data = (const unsigned char *)buffer; + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_add_random: entering SQLCIPHER_MUTEX_PROVIDER_RAND"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_RAND)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_add_random: entered SQLCIPHER_MUTEX_PROVIDER_RAND"); + + while(data_to_read > 0){ + rc = fortuna_add_entropy(data, block_sz, &prng); + rc = rc != CRYPT_OK ? SQLITE_ERROR : SQLITE_OK; + if(rc != SQLITE_OK){ + break; + } + data_to_read -= block_sz; + data += block_sz; + block_sz = data_to_read < FORTUNA_MAX_SZ ? data_to_read : FORTUNA_MAX_SZ; + } + fortuna_ready(&prng); + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_add_random: leaving SQLCIPHER_MUTEX_PROVIDER_RAND"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_RAND)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_add_random: left SQLCIPHER_MUTEX_PROVIDER_RAND"); + + return rc; +} + +static int sqlcipher_ltc_activate(void *ctx) { + unsigned char random_buffer[FORTUNA_MAX_SZ]; + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_activate: entering SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_activate: entered SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + + sqlcipher_memset(random_buffer, 0, FORTUNA_MAX_SZ); + if(ltc_init == 0) { + if(register_prng(&fortuna_desc) < 0) return SQLITE_ERROR; + if(register_cipher(&rijndael_desc) < 0) return SQLITE_ERROR; + if(register_hash(&sha512_desc) < 0) return SQLITE_ERROR; + if(register_hash(&sha256_desc) < 0) return SQLITE_ERROR; + if(register_hash(&sha1_desc) < 0) return SQLITE_ERROR; + if(fortuna_start(&prng) != CRYPT_OK) { + return SQLITE_ERROR; + } + + ltc_init = 1; + } + ltc_ref_count++; + +#ifndef SQLCIPHER_TEST + sqlite3_randomness(FORTUNA_MAX_SZ, random_buffer); +#endif + + if(sqlcipher_ltc_add_random(ctx, random_buffer, FORTUNA_MAX_SZ) != SQLITE_OK) { + return SQLITE_ERROR; + } + sqlcipher_memset(random_buffer, 0, FORTUNA_MAX_SZ); + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_activate: leaving SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_activate: left SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + + return SQLITE_OK; +} + +static int sqlcipher_ltc_deactivate(void *ctx) { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_deactivate: entering SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_deactivate: entered SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + + ltc_ref_count--; + if(ltc_ref_count == 0){ + fortuna_done(&prng); + sqlcipher_memset((void *)&prng, 0, sizeof(prng)); + } + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_deactivate: leaving SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_deactivate: left SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + + return SQLITE_OK; +} + +static const char* sqlcipher_ltc_get_provider_name(void *ctx) { + return "libtomcrypt"; +} + +static const char* sqlcipher_ltc_get_provider_version(void *ctx) { + return SCRYPT; +} + +static int sqlcipher_ltc_random(void *ctx, void *buffer, int length) { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_random: entering SQLCIPHER_MUTEX_PROVIDER_RAND"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_RAND)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_random: entered SQLCIPHER_MUTEX_PROVIDER_RAND"); + + fortuna_read(buffer, length, &prng); + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_random: leaving SQLCIPHER_MUTEX_PROVIDER_RAND"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_RAND)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_ltc_random: left SQLCIPHER_MUTEX_PROVIDER_RAND"); + + return SQLITE_OK; +} + +static int sqlcipher_ltc_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) { + int rc, hash_idx; + hmac_state hmac; + unsigned long outlen; + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + hash_idx = find_hash("sha1"); + break; + case SQLCIPHER_HMAC_SHA256: + hash_idx = find_hash("sha256"); + break; + case SQLCIPHER_HMAC_SHA512: + hash_idx = find_hash("sha512"); + break; + default: + return SQLITE_ERROR; + } + + if(hash_idx < 0) return SQLITE_ERROR; + outlen = hash_descriptor[hash_idx].hashsize; + + if(in == NULL) return SQLITE_ERROR; + if((rc = hmac_init(&hmac, hash_idx, hmac_key, key_sz)) != CRYPT_OK) return SQLITE_ERROR; + if((rc = hmac_process(&hmac, in, in_sz)) != CRYPT_OK) return SQLITE_ERROR; + if(in2 != NULL && (rc = hmac_process(&hmac, in2, in2_sz)) != CRYPT_OK) return SQLITE_ERROR; + if((rc = hmac_done(&hmac, out, &outlen)) != CRYPT_OK) return SQLITE_ERROR; + return SQLITE_OK; +} + +static int sqlcipher_ltc_kdf(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) { + int rc, hash_idx; + unsigned long outlen = key_sz; + + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + hash_idx = find_hash("sha1"); + break; + case SQLCIPHER_HMAC_SHA256: + hash_idx = find_hash("sha256"); + break; + case SQLCIPHER_HMAC_SHA512: + hash_idx = find_hash("sha512"); + break; + default: + return SQLITE_ERROR; + } + if(hash_idx < 0) return SQLITE_ERROR; + + if((rc = pkcs_5_alg2(pass, pass_sz, salt, salt_sz, + workfactor, hash_idx, key, &outlen)) != CRYPT_OK) { + return SQLITE_ERROR; + } + return SQLITE_OK; +} + +static const char* sqlcipher_ltc_get_cipher(void *ctx) { + return "aes-256-cbc"; +} + +static int sqlcipher_ltc_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) { + int rc, cipher_idx; + symmetric_CBC cbc; + + if((cipher_idx = find_cipher(LTC_CIPHER)) == -1) return SQLITE_ERROR; + if((rc = cbc_start(cipher_idx, iv, key, key_sz, 0, &cbc)) != CRYPT_OK) return SQLITE_ERROR; + rc = mode == 1 ? cbc_encrypt(in, out, in_sz, &cbc) : cbc_decrypt(in, out, in_sz, &cbc); + if(rc != CRYPT_OK) return SQLITE_ERROR; + cbc_done(&cbc); + return SQLITE_OK; +} + +static int sqlcipher_ltc_get_key_sz(void *ctx) { + int cipher_idx = find_cipher(LTC_CIPHER); + return cipher_descriptor[cipher_idx].max_key_length; +} + +static int sqlcipher_ltc_get_iv_sz(void *ctx) { + int cipher_idx = find_cipher(LTC_CIPHER); + return cipher_descriptor[cipher_idx].block_length; +} + +static int sqlcipher_ltc_get_block_sz(void *ctx) { + int cipher_idx = find_cipher(LTC_CIPHER); + return cipher_descriptor[cipher_idx].block_length; +} + +static int sqlcipher_ltc_get_hmac_sz(void *ctx, int algorithm) { + int hash_idx; + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + hash_idx = find_hash("sha1"); + break; + case SQLCIPHER_HMAC_SHA256: + hash_idx = find_hash("sha256"); + break; + case SQLCIPHER_HMAC_SHA512: + hash_idx = find_hash("sha512"); + break; + default: + return 0; + } + + if(hash_idx < 0) return 0; + + return hash_descriptor[hash_idx].hashsize; +} + +static int sqlcipher_ltc_ctx_init(void **ctx) { + sqlcipher_ltc_activate(NULL); + return SQLITE_OK; +} + +static int sqlcipher_ltc_ctx_free(void **ctx) { + sqlcipher_ltc_deactivate(&ctx); + return SQLITE_OK; +} + +static int sqlcipher_ltc_fips_status(void *ctx) { + return 0; +} + +int sqlcipher_ltc_setup(sqlcipher_provider *p) { + p->activate = sqlcipher_ltc_activate; + p->deactivate = sqlcipher_ltc_deactivate; + p->get_provider_name = sqlcipher_ltc_get_provider_name; + p->random = sqlcipher_ltc_random; + p->hmac = sqlcipher_ltc_hmac; + p->kdf = sqlcipher_ltc_kdf; + p->cipher = sqlcipher_ltc_cipher; + p->get_cipher = sqlcipher_ltc_get_cipher; + p->get_key_sz = sqlcipher_ltc_get_key_sz; + p->get_iv_sz = sqlcipher_ltc_get_iv_sz; + p->get_block_sz = sqlcipher_ltc_get_block_sz; + p->get_hmac_sz = sqlcipher_ltc_get_hmac_sz; + p->ctx_init = sqlcipher_ltc_ctx_init; + p->ctx_free = sqlcipher_ltc_ctx_free; + p->add_random = sqlcipher_ltc_add_random; + p->fips_status = sqlcipher_ltc_fips_status; + p->get_provider_version = sqlcipher_ltc_get_provider_version; + return SQLITE_OK; +} + +#endif +#endif +/* END SQLCIPHER */ + +/************** End of crypto_libtomcrypt.c **********************************/ +/************** Begin file crypto_nss.c **************************************/ +/* +** SQLCipher +** http://sqlcipher.net +** +** Copyright (c) 2008 - 2013, ZETETIC LLC +** All rights reserved. +** +** Redistribution and use in source and binary forms, with or without +** modification, are permitted provided that the following conditions are met: +** * Redistributions of source code must retain the above copyright +** notice, this list of conditions and the following disclaimer. +** * Redistributions in binary form must reproduce the above copyright +** notice, this list of conditions and the following disclaimer in the +** documentation and/or other materials provided with the distribution. +** * Neither the name of the ZETETIC LLC nor the +** names of its contributors may be used to endorse or promote products +** derived from this software without specific prior written permission. +** +** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY +** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY +** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +** +*/ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +#ifdef SQLCIPHER_CRYPTO_NSS +/* #include "sqlcipher.h" */ +#include +#include +#include + +static NSSInitContext* nss_init_context = NULL; +static unsigned int nss_init_count = 0; + +int sqlcipher_nss_setup(sqlcipher_provider *p); + +static int sqlcipher_nss_activate(void *ctx) { + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_nss_activate: entering SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_nss_activate: entered SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + if (nss_init_context == NULL) { + nss_init_context = NSS_InitContext("", "", "", "", NULL, + NSS_INIT_READONLY | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB | + NSS_INIT_FORCEOPEN | NSS_INIT_OPTIMIZESPACE | NSS_INIT_NOROOTINIT); + } + nss_init_count++; + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_nss_activate: leaving SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_nss_activate: left SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + return SQLITE_OK; +} + +static int sqlcipher_nss_deactivate(void *ctx) { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_nss_activate: entering SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_nss_activate: entered SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + + nss_init_count--; + if (nss_init_count == 0 && nss_init_context != NULL) { + NSS_ShutdownContext(nss_init_context); + nss_init_context = NULL; + } + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_nss_activate: leaving SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_nss_activate: left SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + return SQLITE_OK; +} + +static int sqlcipher_nss_add_random(void *ctx, void *buffer, int length) { + return SQLITE_OK; +} + +/* generate a defined number of random bytes */ +static int sqlcipher_nss_random (void *ctx, void *buffer, int length) { + // PK11_GenerateRandom should be thread-safe. + return (PK11_GenerateRandom((unsigned char *)buffer, length) == SECSuccess) ? SQLITE_OK : SQLITE_ERROR; +} + +static const char* sqlcipher_nss_get_provider_name(void *ctx) { + return "nss"; +} + +static const char* sqlcipher_nss_get_provider_version(void *ctx) { + return NSS_GetVersion(); +} + +static const char* sqlcipher_nss_get_cipher(void *ctx) { + return "aes-256-cbc"; +} + +static int sqlcipher_nss_get_key_sz(void *ctx) { + return AES_256_KEY_LENGTH; +} + +static int sqlcipher_nss_get_iv_sz(void *ctx) { + return AES_BLOCK_SIZE; +} + +static int sqlcipher_nss_get_block_sz(void *ctx) { + return AES_BLOCK_SIZE; +} + +static int sqlcipher_nss_get_hmac_sz(void *ctx, int algorithm) { + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + return SHA1_LENGTH; + break; + case SQLCIPHER_HMAC_SHA256: + return SHA256_LENGTH; + break; + case SQLCIPHER_HMAC_SHA512: + return SHA512_LENGTH; + break; + default: + return 0; + } +} + +static int sqlcipher_nss_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) { + int rc = SQLITE_OK; + unsigned int length; + unsigned int outLen; + PK11Context* context = NULL; + PK11SlotInfo * slot = NULL; + PK11SymKey* symKey = NULL; + if(in == NULL) goto error; + CK_MECHANISM_TYPE mech; + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + mech = CKM_SHA_1_HMAC; + break; + case SQLCIPHER_HMAC_SHA256: + mech = CKM_SHA256_HMAC; + break; + case SQLCIPHER_HMAC_SHA512: + mech = CKM_SHA512_HMAC; + break; + default: + goto error; + } + length = sqlcipher_nss_get_hmac_sz(ctx, algorithm); + slot = PK11_GetInternalSlot(); + if (slot == NULL) goto error; + SECItem keyItem; + keyItem.data = hmac_key; + keyItem.len = key_sz; + symKey = PK11_ImportSymKey(slot, mech, PK11_OriginUnwrap, + CKA_SIGN, &keyItem, NULL); + if (symKey == NULL) goto error; + SECItem noParams; + noParams.data = 0; + noParams.len = 0; + context = PK11_CreateContextBySymKey(mech, CKA_SIGN, symKey, &noParams); + if (context == NULL) goto error; + if (PK11_DigestBegin(context) != SECSuccess) goto error; + if (PK11_DigestOp(context, in, in_sz) != SECSuccess) goto error; + if (in2 != NULL) { + if (PK11_DigestOp(context, in2, in2_sz) != SECSuccess) goto error; + } + if (PK11_DigestFinal(context, out, &outLen, length) != SECSuccess) goto error; + + goto cleanup; + error: + rc = SQLITE_ERROR; + cleanup: + if (context) PK11_DestroyContext(context, PR_TRUE); + if (symKey) PK11_FreeSymKey(symKey); + if (slot) PK11_FreeSlot(slot); + return rc; +} + +static int sqlcipher_nss_kdf(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) { + int rc = SQLITE_OK; + PK11SlotInfo * slot = NULL; + SECAlgorithmID * algid = NULL; + PK11SymKey* symKey = NULL; + SECOidTag oidtag; + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + oidtag = SEC_OID_HMAC_SHA1; + break; + case SQLCIPHER_HMAC_SHA256: + oidtag = SEC_OID_HMAC_SHA256; + break; + case SQLCIPHER_HMAC_SHA512: + oidtag = SEC_OID_HMAC_SHA512; + break; + default: + goto error; + } + SECItem secSalt; + secSalt.data = salt; + secSalt.len = salt_sz; + // Always pass SEC_OID_HMAC_SHA1 (i.e. PBMAC1) as this parameter + // is unused for key generation. It is currently only used + // for PBKDF2 authentication or key (un)wrapping when specifying an + // encryption algorithm (PBES2). + algid = PK11_CreatePBEV2AlgorithmID(SEC_OID_PKCS5_PBKDF2, SEC_OID_HMAC_SHA1, + oidtag, key_sz, workfactor, &secSalt); + if (algid == NULL) goto error; + slot = PK11_GetInternalSlot(); + if (slot == NULL) goto error; + SECItem pwItem; + pwItem.data = (unsigned char *) pass; // PK11_PBEKeyGen doesn't modify the key. + pwItem.len = pass_sz; + symKey = PK11_PBEKeyGen(slot, algid, &pwItem, PR_FALSE, NULL); + if (symKey == NULL) goto error; + if (PK11_ExtractKeyValue(symKey) != SECSuccess) goto error; + // No need to free keyData as it is a buffer managed by symKey. + SECItem* keyData = PK11_GetKeyData(symKey); + if (keyData == NULL) goto error; + memcpy(key, keyData->data, key_sz); + + goto cleanup; + error: + rc = SQLITE_ERROR; + cleanup: + if (slot) PK11_FreeSlot(slot); + if (algid) SECOID_DestroyAlgorithmID(algid, PR_TRUE); + if (symKey) PK11_FreeSymKey(symKey); + return rc; +} + +static int sqlcipher_nss_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) { + int rc = SQLITE_OK; + PK11SlotInfo * slot = NULL; + PK11SymKey* symKey = NULL; + unsigned int outLen; + SECItem params; + params.data = iv; + params.len = sqlcipher_nss_get_iv_sz(ctx); + slot = PK11_GetInternalSlot(); + if (slot == NULL) goto error; + SECItem keyItem; + keyItem.data = key; + keyItem.len = key_sz; + symKey = PK11_ImportSymKey(slot, CKM_AES_CBC, PK11_OriginUnwrap, + CKA_ENCRYPT, &keyItem, NULL); + if (symKey == NULL) goto error; + SECStatus rv; + if (mode == CIPHER_ENCRYPT) { + rv = PK11_Encrypt(symKey, CKM_AES_CBC, ¶ms, out, &outLen, + in_sz + 16, in, in_sz); + } else { + rv = PK11_Decrypt(symKey, CKM_AES_CBC, ¶ms, out, &outLen, + in_sz + 16, in, in_sz); + } + if (rv != SECSuccess) goto error; + + goto cleanup; + error: + rc = SQLITE_ERROR; + cleanup: + if (slot) PK11_FreeSlot(slot); + if (symKey) PK11_FreeSymKey(symKey); + return rc; +} + +static int sqlcipher_nss_ctx_init(void **ctx) { + sqlcipher_nss_activate(NULL); + return SQLITE_OK; +} + +static int sqlcipher_nss_ctx_free(void **ctx) { + sqlcipher_nss_deactivate(NULL); + return SQLITE_OK; +} + +static int sqlcipher_nss_fips_status(void *ctx) { + return 0; +} + +int sqlcipher_nss_setup(sqlcipher_provider *p) { + p->activate = sqlcipher_nss_activate; + p->deactivate = sqlcipher_nss_deactivate; + p->random = sqlcipher_nss_random; + p->get_provider_name = sqlcipher_nss_get_provider_name; + p->hmac = sqlcipher_nss_hmac; + p->kdf = sqlcipher_nss_kdf; + p->cipher = sqlcipher_nss_cipher; + p->get_cipher = sqlcipher_nss_get_cipher; + p->get_key_sz = sqlcipher_nss_get_key_sz; + p->get_iv_sz = sqlcipher_nss_get_iv_sz; + p->get_block_sz = sqlcipher_nss_get_block_sz; + p->get_hmac_sz = sqlcipher_nss_get_hmac_sz; + p->ctx_init = sqlcipher_nss_ctx_init; + p->ctx_free = sqlcipher_nss_ctx_free; + p->add_random = sqlcipher_nss_add_random; + p->fips_status = sqlcipher_nss_fips_status; + p->get_provider_version = sqlcipher_nss_get_provider_version; + return SQLITE_OK; +} + +#endif +#endif +/* END SQLCIPHER */ + +/************** End of crypto_nss.c ******************************************/ +/************** Begin file crypto_openssl.c **********************************/ +/* +** SQLCipher +** http://sqlcipher.net +** +** Copyright (c) 2008 - 2013, ZETETIC LLC +** All rights reserved. +** +** Redistribution and use in source and binary forms, with or without +** modification, are permitted provided that the following conditions are met: +** * Redistributions of source code must retain the above copyright +** notice, this list of conditions and the following disclaimer. +** * Redistributions in binary form must reproduce the above copyright +** notice, this list of conditions and the following disclaimer in the +** documentation and/or other materials provided with the distribution. +** * Neither the name of the ZETETIC LLC nor the +** names of its contributors may be used to endorse or promote products +** derived from this software without specific prior written permission. +** +** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY +** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY +** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +** +*/ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +#ifdef SQLCIPHER_CRYPTO_OPENSSL +/* #include "sqliteInt.h" */ +/* #include "sqlcipher.h" */ +#include /* amalgamator: dontcache */ +#include /* amalgamator: dontcache */ +#include /* amalgamator: dontcache */ +#include /* amalgamator: dontcache */ +#include /* amalgamator: dontcache */ +#include /* amalgamator: dontcache */ + +static unsigned int openssl_init_count = 0; + +static void sqlcipher_openssl_log_errors() { + unsigned long err = 0; + while((err = ERR_get_error()) != 0) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_log_errors: ERR_get_error() returned %lx: %s", err, ERR_error_string(err, NULL)); + } +} + +#if (defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L) || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L) +static HMAC_CTX *HMAC_CTX_new(void) +{ + HMAC_CTX *ctx = OPENSSL_malloc(sizeof(*ctx)); + if (ctx != NULL) { + HMAC_CTX_init(ctx); + } + return ctx; +} + +/* Per 1.1.0 (https://wiki.openssl.org/index.php/1.1_API_Changes) + HMAC_CTX_free should call HMAC_CTX_cleanup, then EVP_MD_CTX_Cleanup. + HMAC_CTX_cleanup internally calls EVP_MD_CTX_cleanup so these + calls are not needed. */ +static void HMAC_CTX_free(HMAC_CTX *ctx) +{ + if (ctx != NULL) { + HMAC_CTX_cleanup(ctx); + OPENSSL_free(ctx); + } +} +#endif + +static int sqlcipher_openssl_add_random(void *ctx, void *buffer, int length) { +#ifndef SQLCIPHER_OPENSSL_NO_MUTEX_RAND + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_add_random: entering SQLCIPHER_MUTEX_PROVIDER_RAND"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_RAND)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_add_random: entered SQLCIPHER_MUTEX_PROVIDER_RAND"); +#endif + RAND_add(buffer, length, 0); +#ifndef SQLCIPHER_OPENSSL_NO_MUTEX_RAND + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_add_random: leaving SQLCIPHER_MUTEX_PROVIDER_RAND"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_RAND)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_add_random: left SQLCIPHER_MUTEX_PROVIDER_RAND"); +#endif + return SQLITE_OK; +} + +#define OPENSSL_CIPHER EVP_aes_256_cbc() + +/* activate and initialize sqlcipher. Most importantly, this will automatically + intialize OpenSSL's EVP system if it hasn't already be externally. Note that + this function may be called multiple times as new codecs are intiialized. + Thus it performs some basic counting to ensure that only the last and final + sqlcipher_openssl_deactivate() will free the EVP structures. +*/ +static int sqlcipher_openssl_activate(void *ctx) { + /* initialize openssl and increment the internal init counter + but only if it hasn't been initalized outside of SQLCipher by this program + e.g. on startup */ + int rc = 0; + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_activate: entering SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_activate: entered SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + +#if (defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L) + ERR_load_crypto_strings(); +#endif + +#ifdef SQLCIPHER_FIPS + if(!FIPS_mode()){ + if(!(rc = FIPS_mode_set(1))){ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_activate: FIPS_mode_set() returned %d", rc); + sqlcipher_openssl_log_errors(); + } + } +#endif + + openssl_init_count++; + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_activate: leaving SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_activate: left SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + return SQLITE_OK; +} + +/* deactivate SQLCipher, most imporantly decremeting the activation count and + freeing the EVP structures on the final deactivation to ensure that + OpenSSL memory is cleaned up */ +static int sqlcipher_openssl_deactivate(void *ctx) { + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_deactivate: entering SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_deactivate: entered SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + + openssl_init_count--; + + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_deactivate: leaving SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_ACTIVATE)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_deactivate: left SQLCIPHER_MUTEX_PROVIDER_ACTIVATE"); + return SQLITE_OK; +} + +static const char* sqlcipher_openssl_get_provider_name(void *ctx) { + return "openssl"; +} + +static const char* sqlcipher_openssl_get_provider_version(void *ctx) { +#if (defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L) + return OPENSSL_VERSION_TEXT; +#else + return OpenSSL_version(OPENSSL_VERSION); +#endif +} + +/* generate a defined number of random bytes */ +static int sqlcipher_openssl_random (void *ctx, void *buffer, int length) { + int rc = 0; + /* concurrent calls to RAND_bytes can cause a crash under some openssl versions when a + naive application doesn't use CRYPTO_set_locking_callback and + CRYPTO_THREADID_set_callback to ensure openssl thread safety. + This is simple workaround to prevent this common crash + but a more proper solution is that applications setup platform-appropriate + thread saftey in openssl externally */ +#ifndef SQLCIPHER_OPENSSL_NO_MUTEX_RAND + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_random: entering SQLCIPHER_MUTEX_PROVIDER_RAND"); + sqlite3_mutex_enter(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_RAND)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_random: entered SQLCIPHER_MUTEX_PROVIDER_RAND"); +#endif + rc = RAND_bytes((unsigned char *)buffer, length); +#ifndef SQLCIPHER_OPENSSL_NO_MUTEX_RAND + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_random: leaving SQLCIPHER_MUTEX_PROVIDER_RAND"); + sqlite3_mutex_leave(sqlcipher_mutex(SQLCIPHER_MUTEX_PROVIDER_RAND)); + sqlcipher_log(SQLCIPHER_LOG_TRACE, SQLCIPHER_LOG_MUTEX, "sqlcipher_openssl_random: left SQLCIPHER_MUTEX_PROVIDER_RAND"); +#endif + if(!rc) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_random: RAND_bytes() returned %d", rc); + sqlcipher_openssl_log_errors(); + return SQLITE_ERROR; + } + return SQLITE_OK; +} + +static int sqlcipher_openssl_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) { + int rc = 0; + +#if (defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x30000000L) + unsigned int outlen; + HMAC_CTX* hctx = NULL; + + if(in == NULL) goto error; + + hctx = HMAC_CTX_new(); + if(hctx == NULL) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_CTX_new() failed"); + sqlcipher_openssl_log_errors(); + goto error; + } + + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + if(!(rc = HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Init_ex() with key size %d and EVP_sha1() returned %d", key_sz, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + break; + case SQLCIPHER_HMAC_SHA256: + if(!(rc = HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha256(), NULL))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Init_ex() with key size %d and EVP_sha256() returned %d", key_sz, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + break; + case SQLCIPHER_HMAC_SHA512: + if(!(rc = HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha512(), NULL))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Init_ex() with key size %d and EVP_sha512() returned %d", key_sz, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + break; + default: + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: invalid algorithm %d", algorithm); + goto error; + } + + if(!(rc = HMAC_Update(hctx, in, in_sz))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Update() on 1st input buffer of %d bytes using algorithm %d returned %d", in_sz, algorithm, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + if(in2 != NULL) { + if(!(rc = HMAC_Update(hctx, in2, in2_sz))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Update() on 2nd input buffer of %d bytes using algorithm %d returned %d", in2_sz, algorithm, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + } + + if(!(rc = HMAC_Final(hctx, out, &outlen))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: HMAC_Final() using algorithm %d returned %d", algorithm, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + rc = SQLITE_OK; + goto cleanup; + +error: + rc = SQLITE_ERROR; + +cleanup: + if(hctx) HMAC_CTX_free(hctx); + +#else + size_t outlen; + EVP_MAC *mac = NULL; + EVP_MAC_CTX *hctx = NULL; + OSSL_PARAM sha1[] = { { "digest", OSSL_PARAM_UTF8_STRING, "sha1", 4, 0 }, OSSL_PARAM_END }; + OSSL_PARAM sha256[] = { { "digest", OSSL_PARAM_UTF8_STRING, "sha256", 6, 0 }, OSSL_PARAM_END }; + OSSL_PARAM sha512[] = { { "digest", OSSL_PARAM_UTF8_STRING, "sha512", 6, 0 }, OSSL_PARAM_END }; + + if(in == NULL) goto error; + + mac = EVP_MAC_fetch(NULL, "HMAC", NULL); + if(mac == NULL) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: EVP_MAC_fetch for HMAC failed"); + sqlcipher_openssl_log_errors(); + goto error; + } + + hctx = EVP_MAC_CTX_new(mac); + if(hctx == NULL) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: EVP_MAC_CTX_new() failed"); + sqlcipher_openssl_log_errors(); + goto error; + } + + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + if(!(rc = EVP_MAC_init(hctx, hmac_key, key_sz, sha1))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: EVP_MAC_init() with key size %d and sha1 returned %d", key_sz, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + break; + case SQLCIPHER_HMAC_SHA256: + if(!(rc = EVP_MAC_init(hctx, hmac_key, key_sz, sha256))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: EVP_MAC_init() with key size %d and sha256 returned %d", key_sz, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + break; + case SQLCIPHER_HMAC_SHA512: + if(!(rc = EVP_MAC_init(hctx, hmac_key, key_sz, sha512))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: EVP_MAC_init() with key size %d and sha512 returned %d", key_sz, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + break; + default: + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: invalid algorithm %d", algorithm); + goto error; + } + + if(!(rc = EVP_MAC_update(hctx, in, in_sz))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: EVP_MAC_update() on 1st input buffer of %d bytes using algorithm %d returned %d", in_sz, algorithm, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + if(in2 != NULL) { + if(!(rc = EVP_MAC_update(hctx, in2, in2_sz))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: EVP_MAC_update() on 2nd input buffer of %d bytes using algorithm %d returned %d", in_sz, algorithm, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + } + + if(!(rc = EVP_MAC_final(hctx, NULL, &outlen, 0))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: 1st EVP_MAC_final() for output length calculation using algorithm %d returned %d", algorithm, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + if(!(rc = EVP_MAC_final(hctx, out, &outlen, outlen))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_hmac: 2nd EVP_MAC_final() using algorithm %d returned %d", algorithm, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + rc = SQLITE_OK; + goto cleanup; + +error: + rc = SQLITE_ERROR; + +cleanup: + if(hctx) EVP_MAC_CTX_free(hctx); + if(mac) EVP_MAC_free(mac); + +#endif + + return rc; +} + +static int sqlcipher_openssl_kdf(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) { + int rc = 0; + + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + if(!(rc = PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha1(), key_sz, key))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_kdf: PKCS5_PBKDF2_HMAC() for EVP_sha1() workfactor %d and key size %d returned %d", workfactor, key_sz, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + break; + case SQLCIPHER_HMAC_SHA256: + if(!(rc = PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha256(), key_sz, key))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_kdf: PKCS5_PBKDF2_HMAC() for EVP_sha256() workfactor %d and key size %d returned %d", workfactor, key_sz, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + break; + case SQLCIPHER_HMAC_SHA512: + if(!(rc = PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha512(), key_sz, key))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_kdf: PKCS5_PBKDF2_HMAC() for EVP_sha512() workfactor %d and key size %d returned %d", workfactor, key_sz, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + break; + default: + return SQLITE_ERROR; + } + + rc = SQLITE_OK; + goto cleanup; +error: + rc = SQLITE_ERROR; +cleanup: + return rc; +} + +static int sqlcipher_openssl_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) { + int tmp_csz, csz, rc = 0; + EVP_CIPHER_CTX* ectx = EVP_CIPHER_CTX_new(); + if(ectx == NULL) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_cipher: EVP_CIPHER_CTX_new failed"); + sqlcipher_openssl_log_errors(); + goto error; + } + + if(!(rc = EVP_CipherInit_ex(ectx, OPENSSL_CIPHER, NULL, NULL, NULL, mode))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_cipher: EVP_CipherInit_ex for mode %d returned %d", mode, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + if(!(rc = EVP_CIPHER_CTX_set_padding(ectx, 0))) { /* no padding */ + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_cipher: EVP_CIPHER_CTX_set_padding 0 returned %d", rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + if(!(rc = EVP_CipherInit_ex(ectx, NULL, NULL, key, iv, mode))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_cipher: EVP_CipherInit_ex for mode %d returned %d", mode, rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + if(!(rc = EVP_CipherUpdate(ectx, out, &tmp_csz, in, in_sz))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_cipher: EVP_CipherUpdate returned %d", rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + csz = tmp_csz; + out += tmp_csz; + if(!(rc = EVP_CipherFinal_ex(ectx, out, &tmp_csz))) { + sqlcipher_log(SQLCIPHER_LOG_ERROR, SQLCIPHER_LOG_PROVIDER, "sqlcipher_openssl_cipher: EVP_CipherFinal_ex returned %d", rc); + sqlcipher_openssl_log_errors(); + goto error; + } + + csz += tmp_csz; + assert(in_sz == csz); + + rc = SQLITE_OK; + goto cleanup; +error: + rc = SQLITE_ERROR; +cleanup: + if(ectx) EVP_CIPHER_CTX_free(ectx); + return rc; +} + +static const char* sqlcipher_openssl_get_cipher(void *ctx) { + return OBJ_nid2sn(EVP_CIPHER_nid(OPENSSL_CIPHER)); +} + +static int sqlcipher_openssl_get_key_sz(void *ctx) { + return EVP_CIPHER_key_length(OPENSSL_CIPHER); +} + +static int sqlcipher_openssl_get_iv_sz(void *ctx) { + return EVP_CIPHER_iv_length(OPENSSL_CIPHER); +} + +static int sqlcipher_openssl_get_block_sz(void *ctx) { + return EVP_CIPHER_block_size(OPENSSL_CIPHER); +} + +static int sqlcipher_openssl_get_hmac_sz(void *ctx, int algorithm) { + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + return EVP_MD_size(EVP_sha1()); + break; + case SQLCIPHER_HMAC_SHA256: + return EVP_MD_size(EVP_sha256()); + break; + case SQLCIPHER_HMAC_SHA512: + return EVP_MD_size(EVP_sha512()); + break; + default: + return 0; + } +} + +static int sqlcipher_openssl_ctx_init(void **ctx) { + return sqlcipher_openssl_activate(*ctx); +} + +static int sqlcipher_openssl_ctx_free(void **ctx) { + return sqlcipher_openssl_deactivate(NULL); +} + +static int sqlcipher_openssl_fips_status(void *ctx) { +#ifdef SQLCIPHER_FIPS + return FIPS_mode(); +#else + return 0; +#endif +} + +int sqlcipher_openssl_setup(sqlcipher_provider *p) { + p->activate = sqlcipher_openssl_activate; + p->deactivate = sqlcipher_openssl_deactivate; + p->get_provider_name = sqlcipher_openssl_get_provider_name; + p->random = sqlcipher_openssl_random; + p->hmac = sqlcipher_openssl_hmac; + p->kdf = sqlcipher_openssl_kdf; + p->cipher = sqlcipher_openssl_cipher; + p->get_cipher = sqlcipher_openssl_get_cipher; + p->get_key_sz = sqlcipher_openssl_get_key_sz; + p->get_iv_sz = sqlcipher_openssl_get_iv_sz; + p->get_block_sz = sqlcipher_openssl_get_block_sz; + p->get_hmac_sz = sqlcipher_openssl_get_hmac_sz; + p->ctx_init = sqlcipher_openssl_ctx_init; + p->ctx_free = sqlcipher_openssl_ctx_free; + p->add_random = sqlcipher_openssl_add_random; + p->fips_status = sqlcipher_openssl_fips_status; + p->get_provider_version = sqlcipher_openssl_get_provider_version; + return SQLITE_OK; +} + +#endif +#endif +/* END SQLCIPHER */ + +/************** End of crypto_openssl.c **************************************/ +/************** Begin file crypto_cc.c ***************************************/ +/* +** SQLCipher +** http://sqlcipher.net +** +** Copyright (c) 2008 - 2013, ZETETIC LLC +** All rights reserved. +** +** Redistribution and use in source and binary forms, with or without +** modification, are permitted provided that the following conditions are met: +** * Redistributions of source code must retain the above copyright +** notice, this list of conditions and the following disclaimer. +** * Redistributions in binary form must reproduce the above copyright +** notice, this list of conditions and the following disclaimer in the +** documentation and/or other materials provided with the distribution. +** * Neither the name of the ZETETIC LLC nor the +** names of its contributors may be used to endorse or promote products +** derived from this software without specific prior written permission. +** +** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY +** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY +** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +** +*/ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC +#ifdef SQLCIPHER_CRYPTO_CC +/* #include "sqlcipher.h" */ +#include +#include +#include + +int sqlcipher_cc_setup(sqlcipher_provider *p); + +static int sqlcipher_cc_add_random(void *ctx, void *buffer, int length) { + return SQLITE_OK; +} + +/* generate a defined number of random bytes */ +static int sqlcipher_cc_random (void *ctx, void *buffer, int length) { + return (SecRandomCopyBytes(kSecRandomDefault, length, (uint8_t *)buffer) == kCCSuccess) ? SQLITE_OK : SQLITE_ERROR; +} + +static const char* sqlcipher_cc_get_provider_name(void *ctx) { + return "commoncrypto"; +} + +static const char* sqlcipher_cc_get_provider_version(void *ctx) { +#if TARGET_OS_MAC + CFTypeRef version; + CFBundleRef bundle = CFBundleGetBundleWithIdentifier(CFSTR("com.apple.security")); + if(bundle == NULL) { + return "unknown"; + } + version = CFBundleGetValueForInfoDictionaryKey(bundle, CFSTR("CFBundleShortVersionString")); + return CFStringGetCStringPtr(version, kCFStringEncodingUTF8); +#else + return "unknown"; +#endif +} + +static int sqlcipher_cc_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) { + CCHmacContext hmac_context; + if(in == NULL) return SQLITE_ERROR; + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + CCHmacInit(&hmac_context, kCCHmacAlgSHA1, hmac_key, key_sz); + break; + case SQLCIPHER_HMAC_SHA256: + CCHmacInit(&hmac_context, kCCHmacAlgSHA256, hmac_key, key_sz); + break; + case SQLCIPHER_HMAC_SHA512: + CCHmacInit(&hmac_context, kCCHmacAlgSHA512, hmac_key, key_sz); + break; + default: + return SQLITE_ERROR; + } + CCHmacUpdate(&hmac_context, in, in_sz); + if(in2 != NULL) CCHmacUpdate(&hmac_context, in2, in2_sz); + CCHmacFinal(&hmac_context, out); + return SQLITE_OK; +} + +static int sqlcipher_cc_kdf(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) { + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + if(CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)pass, pass_sz, salt, salt_sz, kCCPRFHmacAlgSHA1, workfactor, key, key_sz) != kCCSuccess) return SQLITE_ERROR; + break; + case SQLCIPHER_HMAC_SHA256: + if(CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)pass, pass_sz, salt, salt_sz, kCCPRFHmacAlgSHA256, workfactor, key, key_sz) != kCCSuccess) return SQLITE_ERROR; + break; + case SQLCIPHER_HMAC_SHA512: + if(CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)pass, pass_sz, salt, salt_sz, kCCPRFHmacAlgSHA512, workfactor, key, key_sz) != kCCSuccess) return SQLITE_ERROR; + break; + default: + return SQLITE_ERROR; + } + return SQLITE_OK; +} + +static int sqlcipher_cc_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) { + CCCryptorRef cryptor; + size_t tmp_csz, csz; + CCOperation op = mode == CIPHER_ENCRYPT ? kCCEncrypt : kCCDecrypt; + + if(CCCryptorCreate(op, kCCAlgorithmAES128, 0, key, kCCKeySizeAES256, iv, &cryptor) != kCCSuccess) return SQLITE_ERROR; + if(CCCryptorUpdate(cryptor, in, in_sz, out, in_sz, &tmp_csz) != kCCSuccess) return SQLITE_ERROR; + csz = tmp_csz; + out += tmp_csz; + if(CCCryptorFinal(cryptor, out, in_sz - csz, &tmp_csz) != kCCSuccess) return SQLITE_ERROR; + csz += tmp_csz; + if(CCCryptorRelease(cryptor) != kCCSuccess) return SQLITE_ERROR; + assert(in_sz == csz); + + return SQLITE_OK; +} + +static const char* sqlcipher_cc_get_cipher(void *ctx) { + return "aes-256-cbc"; +} + +static int sqlcipher_cc_get_key_sz(void *ctx) { + return kCCKeySizeAES256; +} + +static int sqlcipher_cc_get_iv_sz(void *ctx) { + return kCCBlockSizeAES128; +} + +static int sqlcipher_cc_get_block_sz(void *ctx) { + return kCCBlockSizeAES128; +} + +static int sqlcipher_cc_get_hmac_sz(void *ctx, int algorithm) { + switch(algorithm) { + case SQLCIPHER_HMAC_SHA1: + return CC_SHA1_DIGEST_LENGTH; + break; + case SQLCIPHER_HMAC_SHA256: + return CC_SHA256_DIGEST_LENGTH; + break; + case SQLCIPHER_HMAC_SHA512: + return CC_SHA512_DIGEST_LENGTH; + break; + default: + return 0; + } +} + +static int sqlcipher_cc_ctx_init(void **ctx) { + return SQLITE_OK; +} + +static int sqlcipher_cc_ctx_free(void **ctx) { + return SQLITE_OK; +} + +static int sqlcipher_cc_fips_status(void *ctx) { + return 0; +} + +int sqlcipher_cc_setup(sqlcipher_provider *p) { + p->random = sqlcipher_cc_random; + p->get_provider_name = sqlcipher_cc_get_provider_name; + p->hmac = sqlcipher_cc_hmac; + p->kdf = sqlcipher_cc_kdf; + p->cipher = sqlcipher_cc_cipher; + p->get_cipher = sqlcipher_cc_get_cipher; + p->get_key_sz = sqlcipher_cc_get_key_sz; + p->get_iv_sz = sqlcipher_cc_get_iv_sz; + p->get_block_sz = sqlcipher_cc_get_block_sz; + p->get_hmac_sz = sqlcipher_cc_get_hmac_sz; + p->ctx_init = sqlcipher_cc_ctx_init; + p->ctx_free = sqlcipher_cc_ctx_free; + p->add_random = sqlcipher_cc_add_random; + p->fips_status = sqlcipher_cc_fips_status; + p->get_provider_version = sqlcipher_cc_get_provider_version; + return SQLITE_OK; +} + +#endif +#endif +/* END SQLCIPHER */ + +/************** End of crypto_cc.c *******************************************/ /************** Begin file walker.c ******************************************/ /* ** 2008 August 16 @@ -120687,6 +125765,43 @@ static void attachFunc( if( rc==SQLITE_OK && pNew->zDbSName==0 ){ rc = SQLITE_NOMEM_BKPT; } + +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + if( rc==SQLITE_OK ){ + extern int sqlcipherCodecAttach(sqlite3*, int, const void*, int); + extern void sqlcipherCodecGetKey(sqlite3*, int, void**, int*); + int nKey; + char *zKey; + int t = sqlite3_value_type(argv[2]); + switch( t ){ + case SQLITE_INTEGER: + case SQLITE_FLOAT: + zErrDyn = sqlite3DbStrDup(db, "Invalid key value"); + rc = SQLITE_ERROR; + break; + + case SQLITE_TEXT: + case SQLITE_BLOB: + nKey = sqlite3_value_bytes(argv[2]); + zKey = (char *)sqlite3_value_blob(argv[2]); + rc = sqlcipherCodecAttach(db, db->nDb-1, zKey, nKey); + break; + + case SQLITE_NULL: + /* No key specified. Use the key from URI filename, or if none, + ** use the key from the main database. */ + if( sqlite3CodecQueryParameters(db, zName, zPath)==0 ){ + sqlcipherCodecGetKey(db, 0, (void**)&zKey, &nKey); + if( nKey || sqlite3BtreeGetRequestedReserve(db->aDb[0].pBt)>0 ){ + rc = sqlcipherCodecAttach(db, db->nDb-1, zKey, nKey); + } + } + break; + } + } +#endif +/* END SQLCIPHER */ sqlite3_free_filename( zPath ); /* If the file was opened successfully, read the schema for the new database. @@ -130878,6 +135993,14 @@ SQLITE_PRIVATE void sqlite3RegisterPerConnectionBuiltinFunctions(sqlite3 *db){ if( rc==SQLITE_NOMEM ){ sqlite3OomFault(db); } +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + { + extern void sqlcipher_exportFunc(sqlite3_context *, int, sqlite3_value **); + sqlite3CreateFunc(db, "sqlcipher_export", -1, SQLITE_TEXT, 0, sqlcipher_exportFunc, 0, 0, 0, 0, 0); + } +#endif +/* END SQLCIPHER */ } /* @@ -138098,6 +143221,7 @@ SQLITE_PRIVATE void sqlite3AutoLoadExtensions(sqlite3 *db){ */ /* The various pragma types */ +#define PragTyp_KEY 255 #define PragTyp_ACTIVATE_EXTENSIONS 0 #define PragTyp_ANALYSIS_LIMIT 1 #define PragTyp_HEADER_VALUE 2 @@ -138434,6 +143558,20 @@ static const PragmaName aPragmaName[] = { /* ePragFlg: */ PragFlg_Result0, /* ColNames: */ 0, 0, /* iArg: */ 0 }, +/* BEGIN SQLCIPHER */ +#if defined(SQLITE_HAS_CODEC) + {/* zName: */ "hexkey", + /* ePragTyp: */ PragTyp_KEY, + /* ePragFlg: */ 0, + /* ColNames: */ 0, 0, + /* iArg: */ 2 }, + {/* zName: */ "hexrekey", + /* ePragTyp: */ PragTyp_KEY, + /* ePragFlg: */ 0, + /* ColNames: */ 0, 0, + /* iArg: */ 3 }, +#endif +/* END SQLCIPHER */ #if !defined(SQLITE_OMIT_FLAG_PRAGMAS) #if !defined(SQLITE_OMIT_CHECK) {/* zName: */ "ignore_check_constraints", @@ -138486,6 +143624,15 @@ static const PragmaName aPragmaName[] = { /* ColNames: */ 0, 0, /* iArg: */ 0 }, #endif +/* BEGIN SQLCIPHER */ +#if defined(SQLITE_HAS_CODEC) + {/* zName: */ "key", + /* ePragTyp: */ PragTyp_KEY, + /* ePragFlg: */ 0, + /* ColNames: */ 0, 0, + /* iArg: */ 0 }, +#endif +/* END SQLCIPHER */ #if !defined(SQLITE_OMIT_FLAG_PRAGMAS) {/* zName: */ "legacy_alter_table", /* ePragTyp: */ PragTyp_FLAG, @@ -138593,6 +143740,17 @@ static const PragmaName aPragmaName[] = { /* ePragFlg: */ PragFlg_Result0|PragFlg_NoColumns1, /* ColNames: */ 0, 0, /* iArg: */ SQLITE_RecTriggers }, +#endif +/* BEGIN SQLCIPHER */ +#if defined(SQLITE_HAS_CODEC) + {/* zName: */ "rekey", + /* ePragTyp: */ PragTyp_KEY, + /* ePragFlg: */ 0, + /* ColNames: */ 0, 0, + /* iArg: */ 1 }, +#endif +/* END SQLCIPHER */ +#if !defined(SQLITE_OMIT_FLAG_PRAGMAS) {/* zName: */ "reverse_unordered_selects", /* ePragTyp: */ PragTyp_FLAG, /* ePragFlg: */ PragFlg_Result0|PragFlg_NoColumns1, @@ -138682,6 +143840,20 @@ static const PragmaName aPragmaName[] = { /* ColNames: */ 0, 0, /* iArg: */ 0 }, #endif +/* BEGIN SQLCIPHER */ +#if defined(SQLITE_HAS_CODEC) + {/* zName: */ "textkey", + /* ePragTyp: */ PragTyp_KEY, + /* ePragFlg: */ 0, + /* ColNames: */ 0, 0, + /* iArg: */ 4 }, + {/* zName: */ "textrekey", + /* ePragTyp: */ PragTyp_KEY, + /* ePragFlg: */ 0, + /* ColNames: */ 0, 0, + /* iArg: */ 5 }, +#endif +/* END SQLCIPHER */ {/* zName: */ "threads", /* ePragTyp: */ PragTyp_THREADS, /* ePragFlg: */ PragFlg_Result0, @@ -139149,6 +144321,11 @@ SQLITE_PRIVATE void sqlite3Pragma( Db *pDb; /* The specific database being pragmaed */ Vdbe *v = sqlite3GetVdbe(pParse); /* Prepared statement */ const PragmaName *pPragma; /* The pragma */ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + extern int sqlcipher_codec_pragma(sqlite3*, int, Parse *, const char *, const char *); +#endif +/* END SQLCIPHER */ if( v==0 ) return; sqlite3VdbeRunOnlyOnce(v); @@ -139216,9 +144393,19 @@ SQLITE_PRIVATE void sqlite3Pragma( } pParse->nErr++; pParse->rc = rc; + goto pragma_out; } +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + if(sqlcipher_codec_pragma(db, iDb, pParse, zLeft, zRight)) { + /* sqlcipher_codec_pragma executes internal */ + goto pragma_out; + } +#endif +/* END SQLCIPHER */ + /* Locate the pragma in the lookup table */ pPragma = pragmaLocate(zLeft); if( pPragma==0 ){ @@ -141460,6 +146647,55 @@ SQLITE_PRIVATE void sqlite3Pragma( } #endif +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + /* Pragma iArg + ** ---------- ------ + ** key 0 + ** rekey 1 + ** hexkey 2 + ** hexrekey 3 + ** textkey 4 + ** textrekey 5 + */ + case PragTyp_KEY: { + if( zRight ){ + char zBuf[40]; + const char *zKey = zRight; + int n; + if( pPragma->iArg==2 || pPragma->iArg==3 ){ + u8 iByte; + int i; + for(i=0, iByte=0; iiArg<4 ? sqlite3Strlen30(zRight) : -1; + } + if( (pPragma->iArg & 1)==0 ){ + rc = sqlite3_key_v2(db, zDb, zKey, n); + }else{ + rc = sqlite3_rekey_v2(db, zDb, zKey, n); + } + if( rc==SQLITE_OK && n!=0 ){ + sqlite3VdbeSetNumCols(v, 1); + sqlite3VdbeSetColName(v, 0, COLNAME_NAME, "ok", SQLITE_STATIC); + returnSingleText(v, "ok"); + } else { + sqlite3ErrorMsg(pParse, "An error occurred with PRAGMA key or rekey. " + "PRAGMA key requires a key of one or more characters. " + "PRAGMA rekey can only be run on an existing encrypted database. " + "Use sqlcipher_export() and ATTACH to convert encrypted/plaintext databases."); + goto pragma_out; + } + } + break; + } +#endif +/* END SQLCIPHER */ #if defined(SQLITE_ENABLE_CEROD) case PragTyp_ACTIVATE_EXTENSIONS: if( zRight ){ if( sqlite3StrNICmp(zRight, "cerod-", 6)==0 ){ @@ -155218,6 +160454,19 @@ SQLITE_PRIVATE SQLITE_NOINLINE int sqlite3RunVacuum( } nRes = sqlite3BtreeGetRequestedReserve(pMain); + /* A VACUUM cannot change the pagesize of an encrypted database. */ +/* BEGIN SQLCIPHER */ +#ifdef SQLITE_HAS_CODEC + if( db->nextPagesize ){ + extern void sqlcipherCodecGetKey(sqlite3*, int, void**, int*); + int nKey; + char *zKey; + sqlcipherCodecGetKey(db, iDb, (void**)&zKey, &nKey); + if( nKey ) db->nextPagesize = 0; + } +#endif +/* END SQLCIPHER */ + sqlite3BtreeSetCacheSize(pTemp, db->aDb[iDb].pSchema->cache_size); sqlite3BtreeSetSpillSize(pTemp, sqlite3BtreeSetSpillSize(pMain,0)); sqlite3BtreeSetPagerFlags(pTemp, pgflags|PAGER_CACHESPILL); @@ -182999,6 +188248,43 @@ static const char *uriParameter(const char *zFilename, const char *zParam){ return 0; } +/* BEGIN SQLCIPHER */ +#if defined(SQLITE_HAS_CODEC) +/* +** Process URI filename query parameters relevant to the SQLite Encryption +** Extension. Return true if any of the relevant query parameters are +** seen and return false if not. +*/ +SQLITE_PRIVATE int sqlite3CodecQueryParameters( + sqlite3 *db, /* Database connection */ + const char *zDb, /* Which schema is being created/attached */ + const char *zUri /* URI filename */ +){ + const char *zKey; + if( zUri==0 ){ + return 0; + }else if( (zKey = uriParameter(zUri, "hexkey"))!=0 && zKey[0] ){ + u8 iByte; + int i; + char zDecoded[40]; + for(i=0, iByte=0; i +#include // Use system-provided SQLCipher #endif + #include #include @@ -145,7 +149,6 @@ void _sqlite3_result_blob(sqlite3_context* ctx, const void* b, int l) { sqlite3_result_blob(ctx, b, l, SQLITE_TRANSIENT); } - int _sqlite3_create_function( sqlite3 *db, const char *zFunctionName, @@ -203,6 +206,7 @@ static int sqlite3_system_errno(sqlite3 *db) { #endif */ import "C" + import ( "context" "database/sql" @@ -1109,6 +1113,7 @@ func (d *SQLiteDriver) Open(dsn string) (driver.Conn, error) { writableSchema := -1 vfsName := "" var cacheSize *int64 + var encryptionKey string pos := strings.IndexRune(dsn, '?') if pos >= 1 { @@ -1133,6 +1138,36 @@ func (d *SQLiteDriver) Open(dsn string) (driver.Conn, error) { if val := params.Get("_auth_salt"); val != "" { authSalt = val } + if val := params.Get("_pragma_key"); val != "" { + encryptionKey = val + } + // Find the position of the `?` indicating the start of query parameters + pos := strings.IndexRune(dsn, '?') + if pos >= 1 { + // Extract the part of the DSN containing the query parameters + query := dsn[pos+1:] + params, err := url.ParseQuery(query) + if err != nil { + return nil, err + } + + // Extract the `_pragma_key` if it exists + if val := params.Get("_pragma_key"); val != "" { + encryptionKey = val + // Remove `_pragma_key` from the parameters + params.Del("_pragma_key") + } + + // Reconstruct the DSN without the `_pragma_key` + baseDSN := dsn[:pos] + if len(params) > 0 { + // Only append the remaining parameters if there are any left + dsn = fmt.Sprintf("%s?%s", baseDSN, params.Encode()) + } else { + // If no parameters are left, just use the base DSN + dsn = baseDSN + } + } // _loc if val := params.Get("_loc"); val != "" { @@ -1487,6 +1522,13 @@ func (d *SQLiteDriver) Open(dsn string) (driver.Conn, error) { return nil } + // Set the encryption key after opening the database + if encryptionKey != "" { + if err := exec(fmt.Sprintf("PRAGMA key = '%s';", encryptionKey)); err != nil { + C.sqlite3_close_v2(db) + return nil, err + } + } // Busy timeout if err := exec(fmt.Sprintf("PRAGMA busy_timeout = %d;", busyTimeout)); err != nil { C.sqlite3_close_v2(db) diff --git a/sqlite3_libsqlite3.go b/sqlite3_libsqlite3.go index 6ef23086..ce4502bc 100644 --- a/sqlite3_libsqlite3.go +++ b/sqlite3_libsqlite3.go @@ -10,14 +10,16 @@ package sqlite3 /* #cgo CFLAGS: -DUSE_LIBSQLITE3 -#cgo linux LDFLAGS: -lsqlite3 -#cgo darwin,amd64 LDFLAGS: -L/usr/local/opt/sqlite/lib -lsqlite3 -#cgo darwin,amd64 CFLAGS: -I/usr/local/opt/sqlite/include -#cgo darwin,arm64 LDFLAGS: -L/opt/homebrew/opt/sqlite/lib -lsqlite3 -#cgo darwin,arm64 CFLAGS: -I/opt/homebrew/opt/sqlite/include -#cgo openbsd LDFLAGS: -lsqlite3 -#cgo solaris LDFLAGS: -lsqlite3 -#cgo windows LDFLAGS: -lsqlite3 -#cgo zos LDFLAGS: -lsqlite3 +#cgo linux LDFLAGS: -lsqlcipher // Use system SQLCipher instead of SQLite +#cgo darwin,amd64 LDFLAGS: -L/usr/local/opt/sqlcipher/lib -lsqlcipher +#cgo darwin,amd64 CFLAGS: -I/usr/local/opt/sqlcipher/include +#cgo darwin,arm64 LDFLAGS: -L/opt/homebrew/opt/sqlcipher/lib -lsqlcipher +#cgo darwin,arm64 CFLAGS: -I/opt/homebrew/opt/sqlcipher/include +#cgo openbsd LDFLAGS: -lsqlcipher +#cgo solaris LDFLAGS: -lsqlcipher +#cgo windows LDFLAGS: -lsqlcipher +#cgo zos LDFLAGS: -lsqlcipher +#include +#include */ import "C" diff --git a/sqlite3_opt_allow_uri_authority.go b/sqlite3_opt_allow_uri_authority.go index 51240cbf..47355511 100644 --- a/sqlite3_opt_allow_uri_authority.go +++ b/sqlite3_opt_allow_uri_authority.go @@ -11,6 +11,6 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_ALLOW_URI_AUTHORITY -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher */ import "C" diff --git a/sqlite3_opt_app_armor.go b/sqlite3_opt_app_armor.go index 565dbc29..a571cbc7 100644 --- a/sqlite3_opt_app_armor.go +++ b/sqlite3_opt_app_armor.go @@ -11,6 +11,6 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_ENABLE_API_ARMOR -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher */ import "C" diff --git a/sqlite3_opt_column_metadata.go b/sqlite3_opt_column_metadata.go index 63659b46..343f8208 100644 --- a/sqlite3_opt_column_metadata.go +++ b/sqlite3_opt_column_metadata.go @@ -8,7 +8,8 @@ package sqlite3 #cgo CFLAGS: -DSQLITE_ENABLE_COLUMN_METADATA #include #else -#include +#cgo CFLAGS: -DSQLITE_HAS_CODEC +#include #endif */ import "C" diff --git a/sqlite3_opt_foreign_keys.go b/sqlite3_opt_foreign_keys.go index 82c944e1..ace7472a 100644 --- a/sqlite3_opt_foreign_keys.go +++ b/sqlite3_opt_foreign_keys.go @@ -11,6 +11,6 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_DEFAULT_FOREIGN_KEYS=1 -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher */ import "C" diff --git a/sqlite3_opt_fts5.go b/sqlite3_opt_fts5.go index 2645f284..defaf433 100644 --- a/sqlite3_opt_fts5.go +++ b/sqlite3_opt_fts5.go @@ -10,6 +10,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_ENABLE_FTS5 -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_icu.go b/sqlite3_opt_icu.go index 2d47827b..fd01dfa8 100644 --- a/sqlite3_opt_icu.go +++ b/sqlite3_opt_icu.go @@ -9,12 +9,16 @@ package sqlite3 /* -#cgo LDFLAGS: -licuuc -licui18n +#cgo LDFLAGS: -licuuc -licui18n -lcrypto -lsqlcipher #cgo CFLAGS: -DSQLITE_ENABLE_ICU #cgo darwin,amd64 CFLAGS: -I/usr/local/opt/icu4c/include #cgo darwin,amd64 LDFLAGS: -L/usr/local/opt/icu4c/lib #cgo darwin,arm64 CFLAGS: -I/opt/homebrew/opt/icu4c/include #cgo darwin,arm64 LDFLAGS: -L/opt/homebrew/opt/icu4c/lib -#cgo openbsd LDFLAGS: -lsqlite3 +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_introspect.go b/sqlite3_opt_introspect.go index cd2e5401..95a96bd8 100644 --- a/sqlite3_opt_introspect.go +++ b/sqlite3_opt_introspect.go @@ -11,6 +11,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_INTROSPECTION_PRAGMAS -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_math_functions.go b/sqlite3_opt_math_functions.go index bd62d9a2..5a253fd3 100644 --- a/sqlite3_opt_math_functions.go +++ b/sqlite3_opt_math_functions.go @@ -10,6 +10,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_ENABLE_MATH_FUNCTIONS -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_os_trace.go b/sqlite3_opt_os_trace.go index 9a30566b..16284f87 100644 --- a/sqlite3_opt_os_trace.go +++ b/sqlite3_opt_os_trace.go @@ -11,5 +11,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_FORCE_OS_TRACE=1 #cgo CFLAGS: -DSQLITE_DEBUG_OS_TRACE=1 +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_preupdate_hook.go b/sqlite3_opt_preupdate_hook.go index 8cce278f..d5d21867 100644 --- a/sqlite3_opt_preupdate_hook.go +++ b/sqlite3_opt_preupdate_hook.go @@ -11,12 +11,12 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_ENABLE_PREUPDATE_HOOK -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher #ifndef USE_LIBSQLITE3 -#include "sqlite3-binding.h" +#include "sqlite3-binding.h" // Use amalgamation if enabled #else -#include +#include // Use system-provided SQLCipher #endif #include #include diff --git a/sqlite3_opt_secure_delete.go b/sqlite3_opt_secure_delete.go index 6bb05b84..e9036ca4 100644 --- a/sqlite3_opt_secure_delete.go +++ b/sqlite3_opt_secure_delete.go @@ -11,6 +11,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_SECURE_DELETE=1 -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_secure_delete_fast.go b/sqlite3_opt_secure_delete_fast.go index 982020ae..d9eeeedf 100644 --- a/sqlite3_opt_secure_delete_fast.go +++ b/sqlite3_opt_secure_delete_fast.go @@ -11,6 +11,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_SECURE_DELETE=FAST -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_serialize_omit.go b/sqlite3_opt_serialize_omit.go index d00ead0b..a25bc3e9 100644 --- a/sqlite3_opt_serialize_omit.go +++ b/sqlite3_opt_serialize_omit.go @@ -9,6 +9,12 @@ import ( /* #cgo CFLAGS: -DSQLITE_OMIT_DESERIALIZE +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_stat4.go b/sqlite3_opt_stat4.go index 799fbb0f..8040a6dc 100644 --- a/sqlite3_opt_stat4.go +++ b/sqlite3_opt_stat4.go @@ -11,6 +11,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_ENABLE_STAT4 -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_unlock_notify.go b/sqlite3_opt_unlock_notify.go index 3ac8050a..04547dcf 100644 --- a/sqlite3_opt_unlock_notify.go +++ b/sqlite3_opt_unlock_notify.go @@ -10,6 +10,12 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_ENABLE_UNLOCK_NOTIFY +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif #include #ifndef USE_LIBSQLITE3 @@ -21,6 +27,7 @@ package sqlite3 extern void unlock_notify_callback(void *arg, int argc); */ import "C" + import ( "fmt" "math" diff --git a/sqlite3_opt_userauth.go b/sqlite3_opt_userauth.go index 76d84016..cc67844a 100644 --- a/sqlite3_opt_userauth.go +++ b/sqlite3_opt_userauth.go @@ -10,11 +10,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_USER_AUTHENTICATION -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher #ifndef USE_LIBSQLITE3 -#include "sqlite3-binding.h" +#include "sqlite3-binding.h" // Use amalgamation if enabled #else -#include +#include // Use system-provided SQLCipher #endif #include @@ -45,21 +45,22 @@ _sqlite3_user_delete(sqlite3* db, const char* zUsername) static int _sqlite3_auth_enabled(sqlite3* db) { - int exists = -1; + int exists = -1; - sqlite3_stmt *stmt; - sqlite3_prepare_v2(db, "select count(type) from sqlite_master WHERE type='table' and name='sqlite_user';", -1, &stmt, NULL); + sqlite3_stmt *stmt; + sqlite3_prepare_v2(db, "select count(type) from sqlite_master WHERE type='table' and name='sqlite_user';", -1, &stmt, NULL); - while ( sqlite3_step(stmt) == SQLITE_ROW) { - exists = sqlite3_column_int(stmt, 0); - } + while (sqlite3_step(stmt) == SQLITE_ROW) { + exists = sqlite3_column_int(stmt, 0); + } - sqlite3_finalize(stmt); + sqlite3_finalize(stmt); - return exists; + return exists; } */ import "C" + import ( "errors" "unsafe" diff --git a/sqlite3_opt_vacuum_full.go b/sqlite3_opt_vacuum_full.go index df13c9d2..db4186c1 100644 --- a/sqlite3_opt_vacuum_full.go +++ b/sqlite3_opt_vacuum_full.go @@ -11,6 +11,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_DEFAULT_AUTOVACUUM=1 -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_vacuum_incr.go b/sqlite3_opt_vacuum_incr.go index a2e48814..07c58f3f 100644 --- a/sqlite3_opt_vacuum_incr.go +++ b/sqlite3_opt_vacuum_incr.go @@ -11,6 +11,11 @@ package sqlite3 /* #cgo CFLAGS: -DSQLITE_DEFAULT_AUTOVACUUM=2 -#cgo LDFLAGS: -lm +#cgo LDFLAGS: -lcrypto -lsqlcipher +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_opt_vtable.go b/sqlite3_opt_vtable.go index 9b164b3e..afdd1d2a 100644 --- a/sqlite3_opt_vtable.go +++ b/sqlite3_opt_vtable.go @@ -18,11 +18,12 @@ package sqlite3 #cgo CFLAGS: -DSQLITE_TRACE_SIZE_LIMIT=15 #cgo CFLAGS: -DSQLITE_ENABLE_COLUMN_METADATA=1 #cgo CFLAGS: -Wno-deprecated-declarations +#cgo LDFLAGS: -lcrypto -lsqlcipher #ifndef USE_LIBSQLITE3 -#include "sqlite3-binding.h" +#include "sqlite3-binding.h" // Use amalgamation if enabled #else -#include +#include // Use system-provided SQLCipher #endif #include #include diff --git a/sqlite3_other.go b/sqlite3_other.go index 1f9a7550..9184e72b 100644 --- a/sqlite3_other.go +++ b/sqlite3_other.go @@ -10,9 +10,15 @@ package sqlite3 /* #cgo CFLAGS: -I. -#cgo linux LDFLAGS: -ldl -#cgo linux,ppc LDFLAGS: -lpthread -#cgo linux,ppc64 LDFLAGS: -lpthread -#cgo linux,ppc64le LDFLAGS: -lpthread +#cgo linux LDFLAGS: -ldl -lcrypto -lsqlcipher +#cgo linux,ppc LDFLAGS: -lpthread -lcrypto -lsqlcipher +#cgo linux,ppc64 LDFLAGS: -lpthread -lcrypto -lsqlcipher +#cgo linux,ppc64le LDFLAGS: -lpthread -lcrypto -lsqlcipher + +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_solaris.go b/sqlite3_solaris.go index fb4d3251..73475b1b 100644 --- a/sqlite3_solaris.go +++ b/sqlite3_solaris.go @@ -10,6 +10,12 @@ package sqlite3 /* #cgo CFLAGS: -D__EXTENSIONS__=1 -#cgo LDFLAGS: -lc +#cgo LDFLAGS: -lc -lcrypto -lsqlcipher + +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/sqlite3_windows.go b/sqlite3_windows.go index f863bcd3..d6d25f3e 100644 --- a/sqlite3_windows.go +++ b/sqlite3_windows.go @@ -14,5 +14,12 @@ package sqlite3 #cgo CFLAGS: -fno-stack-protector #cgo CFLAGS: -mno-stack-arg-probe #cgo windows,386 CFLAGS: -D_USE_32BIT_TIME_T +#cgo LDFLAGS: -lcrypto -lsqlcipher + +#ifndef USE_LIBSQLITE3 +#include "sqlite3-binding.h" // Use amalgamation if enabled +#else +#include // Use system-provided SQLCipher +#endif */ import "C" diff --git a/upgrade/go.mod b/upgrade/go.mod index 1413ffa7..01c0bd08 100644 --- a/upgrade/go.mod +++ b/upgrade/go.mod @@ -1,4 +1,4 @@ -module github.com/mattn/go-sqlite3/upgrade +module github.com/fhir-fli/go-sqlite3-sqlcipher/upgrade go 1.19