pragma to print hmac salt mask

2025-02-23 09:18:11 +00:00 · 2012-11-16 13:32:03 -05:00 · 2012-11-16 13:32:03 -05:00 · ef3ca72e31
commit ef3ca72e31
parent c76596b12d
4 changed files with 41 additions and 6 deletions
--- a/src/crypto.c
+++ b/src/crypto.c
@ -188,12 +188,18 @@ int codec_pragma(sqlite3* db, int iDb, Parse *pParse, const char *zLeft, const c
    }
  }else
  if( sqlite3StrICmp(zLeft,"cipher_hmac_salt_mask")==0 ){
-    if(zRight) {
-      if (sqlite3StrNICmp(zRight ,"x'", 2) == 0 && sqlite3Strlen30(zRight) == 5) {
-        unsigned char mask = 0;
-        const char *hex = zRight+2;
-        cipher_hex2bin(hex,2,&mask);
-        sqlcipher_set_hmac_salt_mask(mask);
+    if(ctx) {
+      if(zRight) {
+        if (sqlite3StrNICmp(zRight ,"x'", 2) == 0 && sqlite3Strlen30(zRight) == 5) {
+          unsigned char mask = 0;
+          const char *hex = zRight+2;
+          cipher_hex2bin(hex,2,&mask);
+          sqlcipher_set_hmac_salt_mask(mask);
+        }
+      } else {
+          char *hmac_salt_mask = sqlite3_mprintf("%02x", sqlcipher_get_hmac_salt_mask());
+          codec_vdbe_return_static_string(pParse, "cipher_hmac_salt_mask", hmac_salt_mask);
+          sqlite3_free(hmac_salt_mask);
      }
    }
  }else {
--- a/src/crypto.h
+++ b/src/crypto.h
@ -184,6 +184,7 @@ void sqlcipher_set_default_use_hmac(int use);
 int sqlcipher_get_default_use_hmac();

 void sqlcipher_set_hmac_salt_mask(unsigned char mask);
+unsigned char sqlcipher_get_hmac_salt_mask();

 int sqlcipher_codec_ctx_set_use_hmac(codec_ctx *ctx, int use);
 int sqlcipher_codec_ctx_get_use_hmac(codec_ctx *ctx, int for_ctx);
--- a/src/crypto_impl.c
+++ b/src/crypto_impl.c
@ -404,6 +404,10 @@ void sqlcipher_set_hmac_salt_mask(unsigned char mask) {
  hmac_salt_mask = mask;
 }

+unsigned char sqlcipher_get_hmac_salt_mask() {
+  return hmac_salt_mask;
+}
+
 /* set the codec flag for whether this individual database should be using hmac */
 int sqlcipher_codec_ctx_set_use_hmac(codec_ctx *ctx, int use) {
  int reserve = EVP_MAX_IV_LENGTH; /* base reserve size will be IV only */ 
--- a/test/crypto.test
+++ b/test/crypto.test
@ -1758,6 +1758,30 @@ do_test verify-pragma-cipher-changed {
 db close
 file delete -force test.db

+# verify the pragma cipher_hmac_salt_mask reports default
+do_test verify-pragma-hmac-salt-mask-reports-default {
+    sqlite_orig db test.db
+    execsql {
+        PRAGMA key = 'test';
+        PRAGMA cipher_hmac_salt_mask;
+    }
+} {3a}
+db close
+file delete -force test.db
+
+# verify the pragma cipher_hmac_salt_mask reports
+# reports value changed
+do_test verify-pragma-hmac-salt-mask-reports-value-changed {
+    sqlite_orig db test.db
+    execsql {
+        PRAGMA key = 'test';
+        PRAGMA cipher_hmac_salt_mask = "x'11'";
+        PRAGMA cipher_hmac_salt_mask;
+    }
+} {11}
+db close
+file delete -force test.db
+
 # open a 2.0 beta database with 4000 round hmac kdf and 0x00 
 # hmac salt mask 
 # verify it can be opened