Fix for cipher_migrate on passphrases longer than 64 characters and raw keys
This commit is contained in:
parent
b03221fc90
commit
bba319a716
|
@ -995,14 +995,14 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
|
||||||
char *attach_command = sqlite3_mprintf("ATTACH DATABASE '%s-migrated' as migrate KEY '%q';",
|
char *attach_command = sqlite3_mprintf("ATTACH DATABASE '%s-migrated' as migrate KEY '%q';",
|
||||||
db_filename, key);
|
db_filename, key);
|
||||||
|
|
||||||
int rc = sqlcipher_check_connection(db_filename, key, key_sz, "", &user_version);
|
int rc = sqlcipher_check_connection(db_filename, key, ctx->read_ctx->pass_sz, "", &user_version);
|
||||||
if(rc == SQLITE_OK){
|
if(rc == SQLITE_OK){
|
||||||
CODEC_TRACE(("No upgrade required - exiting\n"));
|
CODEC_TRACE(("No upgrade required - exiting\n"));
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Version 2 - check for 4k with hmac format
|
// Version 2 - check for 4k with hmac format
|
||||||
rc = sqlcipher_check_connection(db_filename, key, key_sz, pragma_4k_kdf_iter, &user_version);
|
rc = sqlcipher_check_connection(db_filename, key, ctx->read_ctx->pass_sz, pragma_4k_kdf_iter, &user_version);
|
||||||
if(rc == SQLITE_OK) {
|
if(rc == SQLITE_OK) {
|
||||||
CODEC_TRACE(("Version 2 format found\n"));
|
CODEC_TRACE(("Version 2 format found\n"));
|
||||||
upgrade_4k_format = 1;
|
upgrade_4k_format = 1;
|
||||||
|
@ -1011,7 +1011,7 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
|
||||||
// Version 1 - check both no hmac and 4k together
|
// Version 1 - check both no hmac and 4k together
|
||||||
pragma_1x_and_4k = sqlite3_mprintf("%s%s", pragma_hmac_off,
|
pragma_1x_and_4k = sqlite3_mprintf("%s%s", pragma_hmac_off,
|
||||||
pragma_4k_kdf_iter);
|
pragma_4k_kdf_iter);
|
||||||
rc = sqlcipher_check_connection(db_filename, key, key_sz, pragma_1x_and_4k, &user_version);
|
rc = sqlcipher_check_connection(db_filename, key, ctx->read_ctx->pass_sz, pragma_1x_and_4k, &user_version);
|
||||||
sqlite3_free(pragma_1x_and_4k);
|
sqlite3_free(pragma_1x_and_4k);
|
||||||
if(rc == SQLITE_OK) {
|
if(rc == SQLITE_OK) {
|
||||||
CODEC_TRACE(("Version 1 format found\n"));
|
CODEC_TRACE(("Version 1 format found\n"));
|
||||||
|
|
|
@ -2162,6 +2162,42 @@ file delete -force test.db
|
||||||
file delete -force test2.db
|
file delete -force test2.db
|
||||||
file delete -force test3.db
|
file delete -force test3.db
|
||||||
|
|
||||||
|
do_test can-migrate-with-keys-longer-than-64-characters {
|
||||||
|
sqlite_orig db test.db
|
||||||
|
execsql {
|
||||||
|
PRAGMA key = "012345678901234567890123456789012345678901234567890123456789012345";
|
||||||
|
PRAGMA kdf_iter = 4000;
|
||||||
|
PRAGMA user_version = 5;
|
||||||
|
}
|
||||||
|
db close
|
||||||
|
sqlite_orig db test.db
|
||||||
|
execsql {
|
||||||
|
PRAGMA key = "012345678901234567890123456789012345678901234567890123456789012345";
|
||||||
|
PRAGMA cipher_migrate;
|
||||||
|
PRAGMA user_version;
|
||||||
|
}
|
||||||
|
} {0 5}
|
||||||
|
db close
|
||||||
|
file delete -force test.db
|
||||||
|
|
||||||
|
do_test can-migrate-with-raw-hex-key {
|
||||||
|
sqlite_orig db test.db
|
||||||
|
execsql {
|
||||||
|
PRAGMA key = "x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
|
||||||
|
PRAGMA kdf_iter = 4000;
|
||||||
|
PRAGMA cipher_use_hmac = off;
|
||||||
|
PRAGMA user_version = 5;
|
||||||
|
}
|
||||||
|
db close
|
||||||
|
sqlite_orig db test.db
|
||||||
|
execsql {
|
||||||
|
PRAGMA key = "x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
|
||||||
|
PRAGMA cipher_migrate;
|
||||||
|
PRAGMA user_version;
|
||||||
|
}
|
||||||
|
} {0 5}
|
||||||
|
db close
|
||||||
|
file delete -force test.db
|
||||||
|
|
||||||
sqlite3_test_control_pending_byte $old_pending_byte
|
sqlite3_test_control_pending_byte $old_pending_byte
|
||||||
finish_test
|
finish_test
|
||||||
|
|
Loading…
Reference in New Issue