Fix for cipher_migrate on passphrases longer than 64 characters and raw keys

This commit is contained in:
Nick Parker 2013-12-06 11:03:50 -06:00
parent b03221fc90
commit bba319a716
2 changed files with 39 additions and 3 deletions

View File

@ -995,14 +995,14 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
char *attach_command = sqlite3_mprintf("ATTACH DATABASE '%s-migrated' as migrate KEY '%q';", char *attach_command = sqlite3_mprintf("ATTACH DATABASE '%s-migrated' as migrate KEY '%q';",
db_filename, key); db_filename, key);
int rc = sqlcipher_check_connection(db_filename, key, key_sz, "", &user_version); int rc = sqlcipher_check_connection(db_filename, key, ctx->read_ctx->pass_sz, "", &user_version);
if(rc == SQLITE_OK){ if(rc == SQLITE_OK){
CODEC_TRACE(("No upgrade required - exiting\n")); CODEC_TRACE(("No upgrade required - exiting\n"));
goto exit; goto exit;
} }
// Version 2 - check for 4k with hmac format // Version 2 - check for 4k with hmac format
rc = sqlcipher_check_connection(db_filename, key, key_sz, pragma_4k_kdf_iter, &user_version); rc = sqlcipher_check_connection(db_filename, key, ctx->read_ctx->pass_sz, pragma_4k_kdf_iter, &user_version);
if(rc == SQLITE_OK) { if(rc == SQLITE_OK) {
CODEC_TRACE(("Version 2 format found\n")); CODEC_TRACE(("Version 2 format found\n"));
upgrade_4k_format = 1; upgrade_4k_format = 1;
@ -1011,7 +1011,7 @@ int sqlcipher_codec_ctx_migrate(codec_ctx *ctx) {
// Version 1 - check both no hmac and 4k together // Version 1 - check both no hmac and 4k together
pragma_1x_and_4k = sqlite3_mprintf("%s%s", pragma_hmac_off, pragma_1x_and_4k = sqlite3_mprintf("%s%s", pragma_hmac_off,
pragma_4k_kdf_iter); pragma_4k_kdf_iter);
rc = sqlcipher_check_connection(db_filename, key, key_sz, pragma_1x_and_4k, &user_version); rc = sqlcipher_check_connection(db_filename, key, ctx->read_ctx->pass_sz, pragma_1x_and_4k, &user_version);
sqlite3_free(pragma_1x_and_4k); sqlite3_free(pragma_1x_and_4k);
if(rc == SQLITE_OK) { if(rc == SQLITE_OK) {
CODEC_TRACE(("Version 1 format found\n")); CODEC_TRACE(("Version 1 format found\n"));

View File

@ -2162,6 +2162,42 @@ file delete -force test.db
file delete -force test2.db file delete -force test2.db
file delete -force test3.db file delete -force test3.db
do_test can-migrate-with-keys-longer-than-64-characters {
sqlite_orig db test.db
execsql {
PRAGMA key = "012345678901234567890123456789012345678901234567890123456789012345";
PRAGMA kdf_iter = 4000;
PRAGMA user_version = 5;
}
db close
sqlite_orig db test.db
execsql {
PRAGMA key = "012345678901234567890123456789012345678901234567890123456789012345";
PRAGMA cipher_migrate;
PRAGMA user_version;
}
} {0 5}
db close
file delete -force test.db
do_test can-migrate-with-raw-hex-key {
sqlite_orig db test.db
execsql {
PRAGMA key = "x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
PRAGMA kdf_iter = 4000;
PRAGMA cipher_use_hmac = off;
PRAGMA user_version = 5;
}
db close
sqlite_orig db test.db
execsql {
PRAGMA key = "x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
PRAGMA cipher_migrate;
PRAGMA user_version;
}
} {0 5}
db close
file delete -force test.db
sqlite3_test_control_pending_byte $old_pending_byte sqlite3_test_control_pending_byte $old_pending_byte
finish_test finish_test