rework attach to require explicit key

src/crypto.c

@@ -314,8 +314,9 @@ int sqlite3CodecAttach(sqlite3* db, int nDb, const void *zKey, int nKey) {
       sqlite3BtreeSetAutoVacuum(pDb->pBt, SQLITE_DEFAULT_AUTOVACUUM);
     }
     sqlite3_mutex_leave(db->mutex);
+    return SQLITE_OK;
   }
-  return SQLITE_OK;
+  return SQLITE_ERROR;
 }
 
 void sqlite3_activate_see(const char* in) {
@@ -409,18 +410,8 @@ int sqlite3_rekey(sqlite3 *db, const void *pKey, int nKey) {
 void sqlite3CodecGetKey(sqlite3* db, int nDb, void **zKey, int *nKey) {
   struct Db *pDb = &db->aDb[nDb];
   CODEC_TRACE(("sqlite3CodecGetKey: entered db=%p, nDb=%d\n", db, nDb));
-  
+  *zKey = NULL;
-  if( pDb->pBt ) {
+  *nKey = 0;
-    codec_ctx *ctx;
-    sqlite3pager_get_codec(pDb->pBt->pBt->pPager, (void **) &ctx);
-
-    if(ctx) { /* if the codec has an attached codec_context user the raw key data */
-      sqlcipher_codec_get_pass(ctx, zKey, nKey);
-    } else {
-      *zKey = NULL;
-      *nKey = 0;
-    }
-  }
 }
 
 

test/crypto.test

@@ -381,9 +381,30 @@ do_test rekey-delete-and-query-wal-3 {
 db close
 file delete -force test.db
 
+# attach an encrypted database
+# without specifying key, verify it fails
+setup test.db "'testkey'"
+do_test attach-database-with-default-key {
+  sqlite_orig db2 test2.db
+
+  execsql {
+    PRAGMA key = 'testkey';
+    CREATE TABLE t2(a,b);
+    INSERT INTO t2 VALUES ('test1', 'test2'); 
+  } db2
+ 
+  catchsql {
+    ATTACH 'test.db' AS db;
+  } db2
+
+} {1 {unable to open database: test.db}}
+db2 close
+file delete -force test.db
+file delete -force test2.db
+
 # attach an encrypted database
 # where both database have the same
-# key
+# key explicitly
 setup test.db "'testkey'"
 do_test attach-database-with-same-key {
   sqlite_orig db2 test2.db
@@ -396,7 +417,7 @@ do_test attach-database-with-same-key {
  
   execsql {
     SELECT count(*) FROM t2;
-    ATTACH 'test.db' AS db;
+    ATTACH 'test.db' AS db KEY 'testkey';
     SELECT count(*) FROM db.t1;
   } db2
 
@@ -581,7 +602,7 @@ file delete -force test.db
 
 # create an unencrypted database, attach a new encrypted volume
 # copy data between, verify the encypted database is good afterwards
-do_test unencryped-attach {
+do_test unencrypted-attach {
   sqlite_orig db test.db
 
   execsql {
@@ -1335,7 +1356,7 @@ do_test default-use-hmac-attach {
     PRAGMA cipher_default_use_hmac = OFF;
     PRAGMA key = 'testkey';
     SELECT count(*) FROM t1;
-    ATTACH 'sqlcipher-1.1.8-testkey.db' AS db2;
+    ATTACH 'sqlcipher-1.1.8-testkey.db' AS db2 KEY 'testkey';
     SELECT count(*) from db2.t1;
     PRAGMA cipher_default_use_hmac = ON;
   } 
@@ -1352,7 +1373,7 @@ do_test attach-1.1.8-database-from-2.0-fails {
   catchsql {
     PRAGMA key = 'testkey';
     CREATE table t1(a,b);
-    ATTACH 'sqlcipher-1.1.8-testkey.db' AS db2;
+    ATTACH 'sqlcipher-1.1.8-testkey.db' AS db2 KEY 'testkey';
   } 
 } {1 {file is encrypted or is not a database}}
 db close
@@ -1376,7 +1397,7 @@ do_test change-default-use-hmac-attach {
     PRAGMA key = 'testkey';
     SELECT count(*) FROM t1;
     PRAGMA cipher_default_use_hmac = OFF;
-    ATTACH 'sqlcipher-1.1.8-testkey.db' AS db2;
+    ATTACH 'sqlcipher-1.1.8-testkey.db' AS db2 KEY 'testkey';
     SELECT count(*) from db2.t1;
     PRAGMA cipher_default_use_hmac = ON;
   }