From c35c778656b2d7c6af521ebe29252c7e18022be3 Mon Sep 17 00:00:00 2001
From: Frank Braun <frank@cryptogroup.net>
Date: Fri, 28 Aug 2020 18:37:34 +0000
Subject: [PATCH] improve documentation for plain text passwords

Related to issue #15
---
 README.md      | 11 +++++++++++
 util/create.go |  3 ++-
 util/select.go |  3 ++-
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 29833e7..1fac4e4 100644
--- a/README.md
+++ b/README.md
@@ -50,6 +50,17 @@ db, _ := sql.Open("sqlite3", dbname)
 `_pragma_cipher_page_size` is the page size of the encrypted database (set if
 you want a different value than the default size).
 
+```go
+key := url.QueryEscape("secret")
+dbname := fmt.Sprintf("db?_pragma_key=%s&_pragma_cipher_page_size=4096", key)
+db, _ := sql.Open("sqlite3", dbname)
+```
+
+This uses a passphrase directly as `_pragma_key` with the key derivation function in
+SQLCipher. Do not forget the `url.QueryEscape()` call in your code!
+
+See also [PRAGMA key](https://www.zetetic.net/sqlcipher/sqlcipher-api/#PRAGMA_key).
+
 API documentation can be found here:
 http://godoc.org/github.com/mutecomm/go-sqlcipher
 
diff --git a/util/create.go b/util/create.go
index 471b8c6..fc37762 100644
--- a/util/create.go
+++ b/util/create.go
@@ -3,13 +3,14 @@ package main
 import (
 	"database/sql"
 	"fmt"
+	"net/url"
 	"os"
 
 	_ "github.com/mutecomm/go-sqlcipher/v4"
 )
 
 func create(dbname, password string) error {
-	dbnameWithDSN := dbname + fmt.Sprintf("?_pragma_key=%s&_pragma_cipher_page_size=4096", password)
+	dbnameWithDSN := dbname + fmt.Sprintf("?_pragma_key=%s&_pragma_cipher_page_size=4096", url.QueryEscape(password))
 	db, err := sql.Open("sqlite3", dbnameWithDSN)
 	if err != nil {
 		return err
diff --git a/util/select.go b/util/select.go
index 7e59e03..36d7b27 100644
--- a/util/select.go
+++ b/util/select.go
@@ -3,13 +3,14 @@ package main
 import (
 	"database/sql"
 	"fmt"
+	"net/url"
 	"os"
 
 	_ "github.com/mutecomm/go-sqlcipher/v4"
 )
 
 func selectFromDB(dbname, password string) error {
-	dbnameWithDSN := dbname + fmt.Sprintf("?_pragma_key=%s&_pragma_cipher_page_size=4096", password)
+	dbnameWithDSN := dbname + fmt.Sprintf("?_pragma_key=%s&_pragma_cipher_page_size=4096", url.QueryEscape(password))
 	db, err := sql.Open("sqlite3", dbnameWithDSN)
 	if err != nil {
 		return err