From 487e15dc239ccdb3344d1c99ce120e872bab4a74 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 20 Sep 2012 18:34:38 -0400 Subject: Imported Upstream version 2.0.6 --- src/crypto.c | 58 ++++++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 40 insertions(+), 18 deletions(-) (limited to 'src/crypto.c') diff --git a/src/crypto.c b/src/crypto.c index 5c8b2d6..3423b0a 100644 --- a/src/crypto.c +++ b/src/crypto.c @@ -38,9 +38,18 @@ #include "btreeInt.h" #include "crypto.h" +/* Generate code to return a string value */ +void codec_vdbe_return_static_string(Parse *pParse, const char *zLabel, const char *value){ + Vdbe *v = sqlite3GetVdbe(pParse); + sqlite3VdbeSetNumCols(v, 1); + sqlite3VdbeSetColName(v, 0, COLNAME_NAME, zLabel, SQLITE_STATIC); + sqlite3VdbeAddOp4(v, OP_String8, 0, 1, 0, value, 0); + sqlite3VdbeAddOp2(v, OP_ResultRow, 1, 1); +} + int codec_set_kdf_iter(sqlite3* db, int nDb, int kdf_iter, int for_ctx) { struct Db *pDb = &db->aDb[nDb]; - CODEC_TRACE(("codec_set_kdf_iter: entered db=%d nDb=%d kdf_iter=%d for_ctx=%d\n", db, nDb, kdf_iter, for_ctx)); + CODEC_TRACE(("codec_set_kdf_iter: entered db=%p nDb=%d kdf_iter=%d for_ctx=%d\n", db, nDb, kdf_iter, for_ctx)); if(pDb->pBt) { codec_ctx *ctx; @@ -52,7 +61,7 @@ int codec_set_kdf_iter(sqlite3* db, int nDb, int kdf_iter, int for_ctx) { int codec_set_fast_kdf_iter(sqlite3* db, int nDb, int kdf_iter, int for_ctx) { struct Db *pDb = &db->aDb[nDb]; - CODEC_TRACE(("codec_set_kdf_iter: entered db=%d nDb=%d kdf_iter=%d for_ctx=%d\n", db, nDb, kdf_iter, for_ctx)); + CODEC_TRACE(("codec_set_kdf_iter: entered db=%p nDb=%d kdf_iter=%d for_ctx=%d\n", db, nDb, kdf_iter, for_ctx)); if(pDb->pBt) { codec_ctx *ctx; @@ -70,17 +79,24 @@ static int codec_set_btree_to_codec_pagesize(sqlite3 *db, Db *pDb, codec_ctx *ct sqlite3_mutex_enter(db->mutex); db->nextPagesize = page_sz; - pDb->pBt->pBt->pageSizeFixed = 0; + + /* before forcing the page size we need to unset the BTS_PAGESIZE_FIXED flag, else + sqliteBtreeSetPageSize will block the change */ + pDb->pBt->pBt->btsFlags &= ~BTS_PAGESIZE_FIXED; CODEC_TRACE(("codec_set_btree_to_codec_pagesize: sqlite3BtreeSetPageSize() size=%d reserve=%d\n", page_sz, reserve_sz)); rc = sqlite3BtreeSetPageSize(pDb->pBt, page_sz, reserve_sz, 0); sqlite3_mutex_leave(db->mutex); return rc; } +void codec_set_default_use_hmac(int use) { + sqlcipher_set_default_use_hmac(use); +} + int codec_set_use_hmac(sqlite3* db, int nDb, int use) { struct Db *pDb = &db->aDb[nDb]; - CODEC_TRACE(("codec_set_use_hmac: entered db=%d nDb=%d use=%d\n", db, nDb, use)); + CODEC_TRACE(("codec_set_use_hmac: entered db=%p nDb=%d use=%d\n", db, nDb, use)); if(pDb->pBt) { int rc; @@ -90,8 +106,6 @@ int codec_set_use_hmac(sqlite3* db, int nDb, int use) { rc = sqlcipher_codec_ctx_set_use_hmac(ctx, use); if(rc != SQLITE_OK) return rc; /* since the use of hmac has changed, the page size may also change */ - /* Note: before forcing the page size we need to force pageSizeFixed to 0, else - sqliteBtreeSetPageSize will block the change */ return codec_set_btree_to_codec_pagesize(db, pDb, ctx); } } @@ -100,7 +114,7 @@ int codec_set_use_hmac(sqlite3* db, int nDb, int use) { int codec_set_page_size(sqlite3* db, int nDb, int size) { struct Db *pDb = &db->aDb[nDb]; - CODEC_TRACE(("codec_set_page_size: entered db=%d nDb=%d size=%d\n", db, nDb, size)); + CODEC_TRACE(("codec_set_page_size: entered db=%p nDb=%d size=%d\n", db, nDb, size)); if(pDb->pBt) { int rc; @@ -124,7 +138,7 @@ int codec_set_page_size(sqlite3* db, int nDb, int size) { */ int codec_set_cipher_name(sqlite3* db, int nDb, const char *cipher_name, int for_ctx) { struct Db *pDb = &db->aDb[nDb]; - CODEC_TRACE(("codec_set_cipher_name: entered db=%d nDb=%d cipher_name=%s for_ctx=%d\n", db, nDb, cipher_name, for_ctx)); + CODEC_TRACE(("codec_set_cipher_name: entered db=%p nDb=%d cipher_name=%s for_ctx=%d\n", db, nDb, cipher_name, for_ctx)); if(pDb->pBt) { codec_ctx *ctx; @@ -136,7 +150,7 @@ int codec_set_cipher_name(sqlite3* db, int nDb, const char *cipher_name, int for int codec_set_pass_key(sqlite3* db, int nDb, const void *zKey, int nKey, int for_ctx) { struct Db *pDb = &db->aDb[nDb]; - CODEC_TRACE(("codec_set_pass_key: entered db=%d nDb=%d cipher_name=%s nKey=%d for_ctx=%d\n", db, nDb, zKey, nKey, for_ctx)); + CODEC_TRACE(("codec_set_pass_key: entered db=%p nDb=%d zKey=%s nKey=%d for_ctx=%d\n", db, nDb, (char *)zKey, nKey, for_ctx)); if(pDb->pBt) { codec_ctx *ctx; sqlite3pager_get_codec(pDb->pBt->pBt->pPager, (void **) &ctx); @@ -207,7 +221,7 @@ void sqlite3FreeCodecArg(void *pCodecArg) { int sqlite3CodecAttach(sqlite3* db, int nDb, const void *zKey, int nKey) { struct Db *pDb = &db->aDb[nDb]; - CODEC_TRACE(("sqlite3CodecAttach: entered nDb=%d zKey=%s, nKey=%d\n", nDb, zKey, nKey)); + CODEC_TRACE(("sqlite3CodecAttach: entered nDb=%d zKey=%s, nKey=%d\n", nDb, (char *)zKey, nKey)); sqlcipher_activate(); @@ -224,6 +238,11 @@ int sqlite3CodecAttach(sqlite3* db, int nDb, const void *zKey, int nKey) { codec_set_btree_to_codec_pagesize(db, pDb, ctx); + /* force secure delete. This has the benefit of wiping internal data when deleted + and also ensures that all pages are written to disk (i.e. not skipped by + sqlite3PagerDontWrite optimizations) */ + sqlite3BtreeSecureDelete(pDb->pBt, 1); + /* if fd is null, then this is an in-memory database and we dont' want to overwrite the AutoVacuum settings if not null, then set to the default */ @@ -241,7 +260,7 @@ void sqlite3_activate_see(const char* in) { } int sqlite3_key(sqlite3 *db, const void *pKey, int nKey) { - CODEC_TRACE(("sqlite3_key: entered db=%d pKey=%s nKey=%d\n", db, pKey, nKey)); + CODEC_TRACE(("sqlite3_key: entered db=%p pKey=%s nKey=%d\n", db, (char *)pKey, nKey)); /* attach key if db and pKey are not null and nKey is > 0 */ if(db && pKey && nKey) { sqlite3CodecAttach(db, 0, pKey, nKey); // operate only on the main db @@ -261,11 +280,11 @@ int sqlite3_key(sqlite3 *db, const void *pKey, int nKey) { ** 3. If there is a key present, re-encrypt the database with the new key */ int sqlite3_rekey(sqlite3 *db, const void *pKey, int nKey) { - CODEC_TRACE(("sqlite3_rekey: entered db=%d pKey=%s, nKey=%d\n", db, pKey, nKey)); + CODEC_TRACE(("sqlite3_rekey: entered db=%p pKey=%s, nKey=%d\n", db, (char *)pKey, nKey)); sqlcipher_activate(); if(db && pKey && nKey) { struct Db *pDb = &db->aDb[0]; - CODEC_TRACE(("sqlite3_rekey: database pDb=%d\n", pDb)); + CODEC_TRACE(("sqlite3_rekey: database pDb=%p\n", pDb)); if(pDb->pBt) { codec_ctx *ctx; int rc, page_count; @@ -298,11 +317,14 @@ int sqlite3_rekey(sqlite3 *db, const void *pKey, int nKey) { rc = sqlite3PagerGet(pPager, pgno, &page); if(rc == SQLITE_OK) { /* write page see pager_incr_changecounter for example */ rc = sqlite3PagerWrite(page); - //printf("sqlite3PagerWrite(%d)\n", pgno); if(rc == SQLITE_OK) { sqlite3PagerUnref(page); - } - } + } else { + CODEC_TRACE(("sqlite3_rekey: error %d occurred writing page %d\n", rc, pgno)); + } + } else { + CODEC_TRACE(("sqlite3_rekey: error %d occurred getting page %d\n", rc, pgno)); + } } } @@ -313,7 +335,7 @@ int sqlite3_rekey(sqlite3 *db, const void *pKey, int nKey) { sqlcipher_codec_key_copy(ctx, CIPHER_WRITE_CTX); } else { CODEC_TRACE(("sqlite3_rekey: rollback\n")); - sqlite3BtreeRollback(pDb->pBt); + sqlite3BtreeRollback(pDb->pBt, SQLITE_ABORT_ROLLBACK); } sqlite3_mutex_leave(db->mutex); @@ -325,7 +347,7 @@ int sqlite3_rekey(sqlite3 *db, const void *pKey, int nKey) { void sqlite3CodecGetKey(sqlite3* db, int nDb, void **zKey, int *nKey) { struct Db *pDb = &db->aDb[nDb]; - CODEC_TRACE(("sqlite3CodecGetKey: entered db=%d, nDb=%d\n", db, nDb)); + CODEC_TRACE(("sqlite3CodecGetKey: entered db=%p, nDb=%d\n", db, nDb)); if( pDb->pBt ) { codec_ctx *ctx; -- cgit v1.2.3