From bf9abfc350a4fe40260aa787f6454df5866f2f34 Mon Sep 17 00:00:00 2001 From: Richard Ramos Date: Tue, 27 Sep 2022 16:27:20 -0400 Subject: [PATCH] feat: make kdf iterations configurable when creating a multiaccount (#2796) --- VERSION | 2 +- api/geth_backend.go | 28 +++++-- appdatabase/database.go | 16 ++-- appdatabase/database_test.go | 4 +- appdatabase/node_config_test.go | 3 +- appdatabase/test_helpers.go | 6 +- appmetrics/database_test.go | 3 +- cmd/ping-community/main.go | 4 +- cmd/populate-db/main.go | 4 +- cmd/statusd/main.go | 3 +- multiaccounts/database.go | 25 +++++- multiaccounts/database_test.go | 9 ++- multiaccounts/migrations/bindata.go | 77 +++++++++++-------- .../sql/1660238799_accounts_kdf.up.sql | 2 + multiaccounts/settings/database_test.go | 5 +- node/status_node_rpc_client_test.go | 3 +- protocol/common/message_sender_test.go | 4 +- protocol/communities/manager_test.go | 2 +- protocol/communities/persistence_test.go | 2 +- protocol/communities_messenger_test.go | 3 +- .../encryption_multi_device_test.go | 2 +- protocol/encryption/encryption_test.go | 4 +- .../multidevice/persistence_test.go | 2 +- .../persistence_keys_storage_test.go | 2 +- protocol/encryption/persistence_test.go | 2 +- protocol/encryption/protocol_test.go | 4 +- .../encryption/sharedsecret/service_test.go | 2 +- protocol/ens/persistence_test.go | 2 +- protocol/messenger.go | 9 ++- protocol/messenger_config.go | 4 +- protocol/messenger_sync_settings_test.go | 3 +- protocol/messenger_test.go | 3 +- protocol/persistence_test.go | 2 +- .../pushnotificationclient/client_test.go | 2 +- .../persistence_test.go | 2 +- .../persistence_test.go | 2 +- .../pushnotificationserver/server_test.go | 2 +- protocol/sqlite/db.go | 11 +-- protocol/sqlite/db_test.go | 8 +- protocol/transport/transport_test.go | 2 +- protocol/verification/persistence_test.go | 2 +- rpc/client_test.go | 3 +- rpc/network/network_test.go | 3 +- server/payload_manager_test.go | 12 +-- services/appmetrics/api_test.go | 3 +- services/browsers/api_test.go | 3 +- services/ens/api_test.go | 3 +- services/gif/gif_test.go | 3 +- services/local-notifications/database_test.go | 3 +- services/mailservers/api_test.go | 3 +- services/permissions/api_test.go | 3 +- services/wakuext/api_test.go | 5 +- services/wallet/saved_addresses_test.go | 3 +- services/wallet/token_test.go | 3 +- services/wallet/transaction_test.go | 3 +- services/wallet/transfer/block_test.go | 3 +- services/wallet/transfer/database_test.go | 3 +- services/web3provider/api_test.go | 3 +- sqlite/sqlite.go | 36 ++++++--- 59 files changed, 238 insertions(+), 137 deletions(-) create mode 100644 multiaccounts/migrations/sql/1660238799_accounts_kdf.up.sql diff --git a/VERSION b/VERSION index b59780734..5af665a17 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.110.3 +0.111.0 diff --git a/api/geth_backend.go b/api/geth_backend.go index 54173069f..0b38a2665 100644 --- a/api/geth_backend.go +++ b/api/geth_backend.go @@ -266,7 +266,7 @@ func (b *GethStatusBackend) ensureAppDBOpened(account multiaccounts.Account, pas _ = os.Rename(oldPath+"-wal", newPath+"-wal") } - b.appDB, err = appdatabase.InitializeDB(newPath, password) + b.appDB, err = appdatabase.InitializeDB(newPath, password, account.KDFIterations) if err != nil { b.log.Error("failed to initialize db", "err", err) return err @@ -296,6 +296,15 @@ func (b *GethStatusBackend) setupLogSettings() error { // TODO: we should use a proper struct with optional values instead of duplicating the regular functions // with small variants for keycard, this created too many bugs func (b *GethStatusBackend) startNodeWithKey(acc multiaccounts.Account, password string, keyHex string) error { + if acc.KDFIterations == 0 { + kdfIterations, err := b.multiaccountsDB.GetAccountKDFIterationsNumber(acc.KeyUID) + if err != nil { + return err + } + + acc.KDFIterations = kdfIterations + } + err := b.ensureAppDBOpened(acc, password) if err != nil { return err @@ -498,7 +507,7 @@ func (b *GethStatusBackend) ExportUnencryptedDatabase(acc multiaccounts.Account, _ = os.Rename(oldPath+"-wal", newPath+"-wal") } - err = appdatabase.DecryptDatabase(newPath, directory, password) + err = appdatabase.DecryptDatabase(newPath, directory, password, acc.KDFIterations) if err != nil { b.log.Error("failed to initialize db", "err", err) return err @@ -518,7 +527,7 @@ func (b *GethStatusBackend) ImportUnencryptedDatabase(acc multiaccounts.Account, path := filepath.Join(b.rootDataDir, fmt.Sprintf("%s.db", acc.KeyUID)) - err := appdatabase.EncryptDatabase(databasePath, path, password) + err := appdatabase.EncryptDatabase(databasePath, path, password, acc.KDFIterations) if err != nil { b.log.Error("failed to initialize db", "err", err) return err @@ -538,7 +547,11 @@ func (b *GethStatusBackend) ChangeDatabasePassword(keyUID string, password strin } } - err := appdatabase.ChangeDatabasePassword(dbPath, password, newPassword) + kdfIterations, err := b.multiaccountsDB.GetAccountKDFIterationsNumber(keyUID) + if err != nil { + return err + } + err = appdatabase.ChangeDatabasePassword(dbPath, password, kdfIterations, newPassword) if err != nil { if config != nil { keyDir := config.KeyStoreDir @@ -594,7 +607,12 @@ func (b *GethStatusBackend) ConvertToKeycardAccount(keyStoreDir string, account } func (b *GethStatusBackend) VerifyDatabasePassword(keyUID string, password string) error { - err := b.ensureAppDBOpened(multiaccounts.Account{KeyUID: keyUID}, password) + kdfIterations, err := b.multiaccountsDB.GetAccountKDFIterationsNumber(keyUID) + if err != nil { + return err + } + + err = b.ensureAppDBOpened(multiaccounts.Account{KeyUID: keyUID, KDFIterations: kdfIterations}, password) if err != nil { return err } diff --git a/appdatabase/database.go b/appdatabase/database.go index 187d1f1e7..a25fea167 100644 --- a/appdatabase/database.go +++ b/appdatabase/database.go @@ -15,8 +15,8 @@ import ( const nodeCfgMigrationDate = 1640111208 // InitializeDB creates db file at a given path and applies migrations. -func InitializeDB(path, password string) (*sql.DB, error) { - db, err := sqlite.OpenDB(path, password) +func InitializeDB(path, password string, kdfIterationsNumber int) (*sql.DB, error) { + db, err := sqlite.OpenDB(path, password, kdfIterationsNumber) if err != nil { return nil, err } @@ -61,18 +61,18 @@ func InitializeDB(path, password string) (*sql.DB, error) { // DecryptDatabase creates an unencrypted copy of the database and copies it // over to the given directory -func DecryptDatabase(oldPath, newPath, password string) error { - return sqlite.DecryptDB(oldPath, newPath, password) +func DecryptDatabase(oldPath, newPath, password string, kdfIterationsNumber int) error { + return sqlite.DecryptDB(oldPath, newPath, password, kdfIterationsNumber) } // EncryptDatabase creates an encrypted copy of the database and copies it to the // user path -func EncryptDatabase(oldPath, newPath, password string) error { - return sqlite.EncryptDB(oldPath, newPath, password) +func EncryptDatabase(oldPath, newPath, password string, kdfIterationsNumber int) error { + return sqlite.EncryptDB(oldPath, newPath, password, kdfIterationsNumber) } -func ChangeDatabasePassword(path, password, newPassword string) error { - return sqlite.ChangeEncryptionKey(path, password, newPassword) +func ChangeDatabasePassword(path string, password string, kdfIterationsNumber int, newPassword string) error { + return sqlite.ChangeEncryptionKey(path, password, kdfIterationsNumber, newPassword) } // GetDBFilename takes an instance of sql.DB and returns the filename of the "main" database diff --git a/appdatabase/database_test.go b/appdatabase/database_test.go index e181d5c79..8ca45e80b 100644 --- a/appdatabase/database_test.go +++ b/appdatabase/database_test.go @@ -4,6 +4,8 @@ import ( "testing" "github.com/stretchr/testify/require" + + "github.com/status-im/status-go/sqlite" ) func Test_GetDBFilename(t *testing.T) { @@ -19,7 +21,7 @@ func Test_GetDBFilename(t *testing.T) { require.True(t, len(fn) > 0) // Test with in memory instance - mdb, err := InitializeDB(":memory:", "test") + mdb, err := InitializeDB(":memory:", "test", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) defer func() { require.NoError(t, mdb.Close()) diff --git a/appdatabase/node_config_test.go b/appdatabase/node_config_test.go index 05ee2d3c1..f98f9ea7e 100644 --- a/appdatabase/node_config_test.go +++ b/appdatabase/node_config_test.go @@ -20,12 +20,13 @@ import ( "github.com/status-im/status-go/nodecfg" "github.com/status-im/status-go/params" "github.com/status-im/status-go/protocol/pushnotificationserver" + "github.com/status-im/status-go/sqlite" ) func setupTestDB(t *testing.T) (*sql.DB, func()) { tmpfile, err := ioutil.TempFile("", "settings-tests-") require.NoError(t, err) - db, err := InitializeDB(tmpfile.Name(), "settings-tests") + db, err := InitializeDB(tmpfile.Name(), "settings-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return db, func() { require.NoError(t, db.Close()) diff --git a/appdatabase/test_helpers.go b/appdatabase/test_helpers.go index 09f32e68c..57af16f66 100644 --- a/appdatabase/test_helpers.go +++ b/appdatabase/test_helpers.go @@ -8,13 +8,15 @@ import ( "github.com/status-im/status-go/protocol/sqlite" ) +const kdfIterationsNumberForTests = 3200 + // SetupTestSQLDB creates a temporary sqlite database file, initialises and then returns with a teardown func func SetupTestSQLDB(prefix string) (*sql.DB, func() error, error) { tmpfile, err := ioutil.TempFile("", prefix) if err != nil { return nil, nil, err } - db, err := InitializeDB(tmpfile.Name(), prefix) + db, err := InitializeDB(tmpfile.Name(), prefix, kdfIterationsNumberForTests) if err != nil { return nil, nil, err } @@ -29,7 +31,7 @@ func SetupTestSQLDB(prefix string) (*sql.DB, func() error, error) { } func SetupTestMemorySQLDB(prefix string) (*sql.DB, error) { - db, err := InitializeDB(sqlite.InMemoryPath, prefix) + db, err := InitializeDB(sqlite.InMemoryPath, prefix, kdfIterationsNumberForTests) if err != nil { return nil, err } diff --git a/appmetrics/database_test.go b/appmetrics/database_test.go index 67f576126..2944e6983 100644 --- a/appmetrics/database_test.go +++ b/appmetrics/database_test.go @@ -9,6 +9,7 @@ import ( "time" "github.com/status-im/status-go/appdatabase" + "github.com/status-im/status-go/sqlite" "github.com/stretchr/testify/require" ) @@ -16,7 +17,7 @@ import ( func setupTestDB(t *testing.T) (*Database, func()) { tmpfile, err := ioutil.TempFile("", "appmetrics-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "appmetrics-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "appmetrics-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return NewDB(db), func() { diff --git a/cmd/ping-community/main.go b/cmd/ping-community/main.go index 13cae4a69..701c79c33 100644 --- a/cmd/ping-community/main.go +++ b/cmd/ping-community/main.go @@ -23,6 +23,7 @@ import ( "github.com/status-im/status-go/multiaccounts" "github.com/status-im/status-go/multiaccounts/accounts" "github.com/status-im/status-go/multiaccounts/settings" + "github.com/status-im/status-go/sqlite" "github.com/status-im/status-go/logutils" "github.com/status-im/status-go/params" @@ -395,7 +396,8 @@ func ImportAccount(seedPhrase string, backend *api.GethStatusBackend) error { } account := multiaccounts.Account{ - KeyUID: generatedAccountInfo.KeyUID, + KeyUID: generatedAccountInfo.KeyUID, + KDFIterations: sqlite.ReducedKDFIterationsNumber, } settings, err := defaultSettings(generatedAccountInfo, derivedAddresses, &seedPhrase) if err != nil { diff --git a/cmd/populate-db/main.go b/cmd/populate-db/main.go index c90346094..7d7c16743 100644 --- a/cmd/populate-db/main.go +++ b/cmd/populate-db/main.go @@ -33,6 +33,7 @@ import ( "github.com/status-im/status-go/protocol/protobuf" "github.com/status-im/status-go/protocol/requests" wakuextn "github.com/status-im/status-go/services/wakuext" + "github.com/status-im/status-go/sqlite" ) type testTimeSource struct{} @@ -444,7 +445,8 @@ func ImportAccount(seedPhrase string, backend *api.GethStatusBackend) error { } account := multiaccounts.Account{ - KeyUID: generatedAccountInfo.KeyUID, + KeyUID: generatedAccountInfo.KeyUID, + KDFIterations: sqlite.ReducedKDFIterationsNumber, } settings, err := defaultSettings(generatedAccountInfo, derivedAddresses, &seedPhrase) if err != nil { diff --git a/cmd/statusd/main.go b/cmd/statusd/main.go index c4c004240..9418fb35c 100644 --- a/cmd/statusd/main.go +++ b/cmd/statusd/main.go @@ -31,6 +31,7 @@ import ( "github.com/status-im/status-go/params" "github.com/status-im/status-go/profiling" "github.com/status-im/status-go/protocol" + "github.com/status-im/status-go/sqlite" ) const ( @@ -206,7 +207,7 @@ func main() { return } - db, err := appdatabase.InitializeDB(config.DataDir+"/"+installationID.String()+".db", "") + db, err := appdatabase.InitializeDB(config.DataDir+"/"+installationID.String()+".db", "", sqlite.ReducedKDFIterationsNumber) if err != nil { logger.Error("failed to initialize app db", "error", err) return diff --git a/multiaccounts/database.go b/multiaccounts/database.go index c61a330ab..b40d6000c 100644 --- a/multiaccounts/database.go +++ b/multiaccounts/database.go @@ -22,6 +22,7 @@ type Account struct { KeycardPairing string `json:"keycard-pairing"` KeyUID string `json:"key-uid"` Images []images.IdentityImage `json:"images"` + KDFIterations int `json:"kdfIterations,omitempty"` } func (a *Account) ToProtobuf() *protobuf.MultiAccount { @@ -106,8 +107,16 @@ func (db *Database) Close() error { return db.db.Close() } +func (db *Database) GetAccountKDFIterationsNumber(keyUID string) (kdfIterationsNumber int, err error) { + err = db.db.QueryRow("SELECT kdfIterations FROM accounts WHERE keyUid = ?", keyUID).Scan(&kdfIterationsNumber) + if err != nil { + return -1, err + } + return +} + func (db *Database) GetAccounts() (rst []Account, err error) { - rows, err := db.db.Query("SELECT a.name, a.loginTimestamp, a.identicon, a.colorHash, a.colorId, a.keycardPairing, a.keyUid, ii.name, ii.image_payload, ii.width, ii.height, ii.file_size, ii.resize_target, ii.clock FROM accounts AS a LEFT JOIN identity_images AS ii ON ii.key_uid = a.keyUid ORDER BY loginTimestamp DESC") + rows, err := db.db.Query("SELECT a.name, a.loginTimestamp, a.identicon, a.colorHash, a.colorId, a.keycardPairing, a.keyUid, a.kdfIterations, ii.name, ii.image_payload, ii.width, ii.height, ii.file_size, ii.resize_target, ii.clock FROM accounts AS a LEFT JOIN identity_images AS ii ON ii.key_uid = a.keyUid ORDER BY loginTimestamp DESC") if err != nil { return nil, err } @@ -138,6 +147,7 @@ func (db *Database) GetAccounts() (rst []Account, err error) { &accColorID, &acc.KeycardPairing, &acc.KeyUID, + &acc.KDFIterations, &iiName, &ii.Payload, &iiWidth, @@ -275,7 +285,11 @@ func (db *Database) SaveAccount(account Account) error { return err } - _, err = db.db.Exec("INSERT OR REPLACE INTO accounts (name, identicon, colorHash, colorId, keycardPairing, keyUid) VALUES (?, ?, ?, ?, ?, ?)", account.Name, account.Identicon, colorHash, account.ColorID, account.KeycardPairing, account.KeyUID) + if account.KDFIterations <= 0 { + account.KDFIterations = sqlite.ReducedKDFIterationsNumber + } + + _, err = db.db.Exec("INSERT OR REPLACE INTO accounts (name, identicon, colorHash, colorId, keycardPairing, keyUid, kdfIterations) VALUES (?, ?, ?, ?, ?, ?, ?)", account.Name, account.Identicon, colorHash, account.ColorID, account.KeycardPairing, account.KeyUID, account.KDFIterations) if err != nil { return err } @@ -292,7 +306,12 @@ func (db *Database) UpdateAccount(account Account) error { if err != nil { return err } - _, err = db.db.Exec("UPDATE accounts SET name = ?, identicon = ?, colorHash = ?, colorId = ?, keycardPairing = ? WHERE keyUid = ?", account.Name, account.Identicon, colorHash, account.ColorID, account.KeycardPairing, account.KeyUID) + + if account.KDFIterations <= 0 { + account.KDFIterations = sqlite.ReducedKDFIterationsNumber + } + + _, err = db.db.Exec("UPDATE accounts SET name = ?, identicon = ?, colorHash = ?, colorId = ?, keycardPairing = ?, kdfIterations = ? WHERE keyUid = ?", account.Name, account.Identicon, colorHash, account.ColorID, account.KeycardPairing, account.KDFIterations, account.KeyUID) return err } diff --git a/multiaccounts/database_test.go b/multiaccounts/database_test.go index e90374bdf..5b2b819fa 100644 --- a/multiaccounts/database_test.go +++ b/multiaccounts/database_test.go @@ -7,6 +7,7 @@ import ( "testing" "github.com/status-im/status-go/images" + "github.com/status-im/status-go/protocol/sqlite" "github.com/stretchr/testify/require" ) @@ -25,7 +26,7 @@ func setupTestDB(t *testing.T) (*Database, func()) { func TestAccounts(t *testing.T) { db, stop := setupTestDB(t) defer stop() - expected := Account{Name: "string", KeyUID: "string", ColorHash: [][]int{{4, 3}, {4, 0}, {4, 3}, {4, 0}}, ColorID: 10} + expected := Account{Name: "string", KeyUID: "string", ColorHash: [][]int{{4, 3}, {4, 0}, {4, 3}, {4, 0}}, ColorID: 10, KDFIterations: sqlite.ReducedKDFIterationsNumber} require.NoError(t, db.SaveAccount(expected)) accounts, err := db.GetAccounts() require.NoError(t, err) @@ -36,7 +37,7 @@ func TestAccounts(t *testing.T) { func TestAccountsUpdate(t *testing.T) { db, stop := setupTestDB(t) defer stop() - expected := Account{KeyUID: "string", ColorHash: [][]int{{4, 3}, {4, 0}, {4, 3}, {4, 0}}, ColorID: 10} + expected := Account{KeyUID: "string", ColorHash: [][]int{{4, 3}, {4, 0}, {4, 3}, {4, 0}}, ColorID: 10, KDFIterations: sqlite.ReducedKDFIterationsNumber} require.NoError(t, db.SaveAccount(expected)) expected.Name = "chars" require.NoError(t, db.UpdateAccount(expected)) @@ -50,7 +51,7 @@ func TestLoginUpdate(t *testing.T) { db, stop := setupTestDB(t) defer stop() - accounts := []Account{{Name: "first", KeyUID: "0x1"}, {Name: "second", KeyUID: "0x2"}} + accounts := []Account{{Name: "first", KeyUID: "0x1", KDFIterations: sqlite.ReducedKDFIterationsNumber}, {Name: "second", KeyUID: "0x2", KDFIterations: sqlite.ReducedKDFIterationsNumber}} for _, acc := range accounts { require.NoError(t, db.SaveAccount(acc)) } @@ -154,7 +155,7 @@ func TestDatabase_GetAccountsWithIdentityImages(t *testing.T) { {Name: "string", KeyUID: keyUID2 + "2"}, {Name: "string", KeyUID: keyUID2 + "3"}, } - expected := `[{"name":"string","timestamp":100,"identicon":"data","colorHash":null,"colorId":0,"keycard-pairing":"","key-uid":"0xdeadbeef","images":[{"keyUid":"0xdeadbeef","type":"large","uri":"data:image/png;base64,iVBORw0KGgoAAAANSUg=","width":240,"height":300,"fileSize":1024,"resizeTarget":240,"clock":0},{"keyUid":"0xdeadbeef","type":"thumbnail","uri":"data:image/jpeg;base64,/9j/2wCEAFA3PEY8MlA=","width":80,"height":80,"fileSize":256,"resizeTarget":80,"clock":0}]},{"name":"string","timestamp":10,"identicon":"","colorHash":null,"colorId":0,"keycard-pairing":"","key-uid":"0x1337beef","images":null},{"name":"string","timestamp":0,"identicon":"","colorHash":null,"colorId":0,"keycard-pairing":"","key-uid":"0x1337beef2","images":null},{"name":"string","timestamp":0,"identicon":"","colorHash":null,"colorId":0,"keycard-pairing":"","key-uid":"0x1337beef3","images":[{"keyUid":"0x1337beef3","type":"large","uri":"data:image/png;base64,iVBORw0KGgoAAAANSUg=","width":240,"height":300,"fileSize":1024,"resizeTarget":240,"clock":0},{"keyUid":"0x1337beef3","type":"thumbnail","uri":"data:image/jpeg;base64,/9j/2wCEAFA3PEY8MlA=","width":80,"height":80,"fileSize":256,"resizeTarget":80,"clock":0}]}]` + expected := `[{"name":"string","timestamp":100,"identicon":"data","colorHash":null,"colorId":0,"keycard-pairing":"","key-uid":"0xdeadbeef","images":[{"keyUid":"0xdeadbeef","type":"large","uri":"data:image/png;base64,iVBORw0KGgoAAAANSUg=","width":240,"height":300,"fileSize":1024,"resizeTarget":240,"clock":0},{"keyUid":"0xdeadbeef","type":"thumbnail","uri":"data:image/jpeg;base64,/9j/2wCEAFA3PEY8MlA=","width":80,"height":80,"fileSize":256,"resizeTarget":80,"clock":0}],"kdfIterations":3200},{"name":"string","timestamp":10,"identicon":"","colorHash":null,"colorId":0,"keycard-pairing":"","key-uid":"0x1337beef","images":null,"kdfIterations":3200},{"name":"string","timestamp":0,"identicon":"","colorHash":null,"colorId":0,"keycard-pairing":"","key-uid":"0x1337beef2","images":null,"kdfIterations":3200},{"name":"string","timestamp":0,"identicon":"","colorHash":null,"colorId":0,"keycard-pairing":"","key-uid":"0x1337beef3","images":[{"keyUid":"0x1337beef3","type":"large","uri":"data:image/png;base64,iVBORw0KGgoAAAANSUg=","width":240,"height":300,"fileSize":1024,"resizeTarget":240,"clock":0},{"keyUid":"0x1337beef3","type":"thumbnail","uri":"data:image/jpeg;base64,/9j/2wCEAFA3PEY8MlA=","width":80,"height":80,"fileSize":256,"resizeTarget":80,"clock":0}],"kdfIterations":3200}]` for _, a := range testAccs { require.NoError(t, db.SaveAccount(a)) diff --git a/multiaccounts/migrations/bindata.go b/multiaccounts/migrations/bindata.go index 3832f1a9a..ca64311ae 100644 --- a/multiaccounts/migrations/bindata.go +++ b/multiaccounts/migrations/bindata.go @@ -9,6 +9,7 @@ // 1648646095_image_clock.down.sql (939B) // 1648646095_image_clock.up.sql (69B) // 1649317600_add_color_hash.up.sql (201B) +// 1660238799_accounts_kdf.up.sql (115B) // doc.go (74B) package migrations @@ -29,7 +30,7 @@ import ( func bindataRead(data []byte, name string) ([]byte, error) { gz, err := gzip.NewReader(bytes.NewBuffer(data)) if err != nil { - return nil, fmt.Errorf("read %q: %v", name, err) + return nil, fmt.Errorf("read %q: %w", name, err) } var buf bytes.Buffer @@ -37,7 +38,7 @@ func bindataRead(data []byte, name string) ([]byte, error) { clErr := gz.Close() if err != nil { - return nil, fmt.Errorf("read %q: %v", name, err) + return nil, fmt.Errorf("read %q: %w", name, err) } if clErr != nil { return nil, err @@ -258,6 +259,26 @@ func _1649317600_add_color_hashUpSql() (*asset, error) { return a, nil } +var __1660238799_accounts_kdfUpSql = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x72\xf4\x09\x71\x0d\x52\x08\x71\x74\xf2\x71\x55\x48\x4c\x4e\xce\x2f\xcd\x2b\x29\x56\x70\x74\x71\x51\x70\xf6\xf7\x09\xf5\xf5\x53\xc8\x4e\x49\xf3\x2c\x49\x2d\x4a\x2c\xc9\xcc\xcf\x2b\x56\xf0\xf4\x0b\x51\xf0\xf3\x0f\x51\xf0\x0b\xf5\xf1\x51\x70\x71\x75\x73\x0c\xf5\x09\x51\x30\x36\x32\x30\xb0\xe6\x0a\x0d\x70\x71\x0c\x41\x32\x23\xd8\x35\x04\x4d\xb3\x2d\x54\x25\x20\x00\x00\xff\xff\x37\x9c\xbc\xd5\x73\x00\x00\x00") + +func _1660238799_accounts_kdfUpSqlBytes() ([]byte, error) { + return bindataRead( + __1660238799_accounts_kdfUpSql, + "1660238799_accounts_kdf.up.sql", + ) +} + +func _1660238799_accounts_kdfUpSql() (*asset, error) { + bytes, err := _1660238799_accounts_kdfUpSqlBytes() + if err != nil { + return nil, err + } + + info := bindataFileInfo{name: "1660238799_accounts_kdf.up.sql", size: 115, mode: os.FileMode(0664), modTime: time.Unix(1661173104, 0)} + a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xdf, 0xe6, 0x7a, 0x69, 0x25, 0x42, 0x3b, 0x9c, 0x20, 0xf5, 0xcb, 0xae, 0xb0, 0xb3, 0x1b, 0x66, 0xc2, 0x5d, 0xd0, 0xc1, 0x59, 0xe8, 0xa9, 0xc5, 0x69, 0x58, 0x8f, 0xae, 0xe6, 0xd1, 0x4c, 0x53}} + return a, nil +} + var _docGo = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x2c\xc9\xb1\x0d\xc4\x20\x0c\x05\xd0\x9e\x29\xfe\x02\xd8\xfd\x6d\xe3\x4b\xac\x2f\x44\x82\x09\x78\x7f\xa5\x49\xfd\xa6\x1d\xdd\xe8\xd8\xcf\x55\x8a\x2a\xe3\x47\x1f\xbe\x2c\x1d\x8c\xfa\x6f\xe3\xb4\x34\xd4\xd9\x89\xbb\x71\x59\xb6\x18\x1b\x35\x20\xa2\x9f\x0a\x03\xa2\xe5\x0d\x00\x00\xff\xff\x60\xcd\x06\xbe\x4a\x00\x00\x00") func docGoBytes() ([]byte, error) { @@ -369,27 +390,22 @@ func AssetNames() []string { // _bindata is a table, holding each asset generator, mapped to its name. var _bindata = map[string]func() (*asset, error){ - "0001_accounts.down.sql": _0001_accountsDownSql, - - "0001_accounts.up.sql": _0001_accountsUpSql, - - "1605007189_identity_images.down.sql": _1605007189_identity_imagesDownSql, - - "1605007189_identity_images.up.sql": _1605007189_identity_imagesUpSql, - + "0001_accounts.down.sql": _0001_accountsDownSql, + "0001_accounts.up.sql": _0001_accountsUpSql, + "1605007189_identity_images.down.sql": _1605007189_identity_imagesDownSql, + "1605007189_identity_images.up.sql": _1605007189_identity_imagesUpSql, "1606224181_drop_photo_path_from_accounts.down.sql": _1606224181_drop_photo_path_from_accountsDownSql, - - "1606224181_drop_photo_path_from_accounts.up.sql": _1606224181_drop_photo_path_from_accountsUpSql, - - "1648646095_image_clock.down.sql": _1648646095_image_clockDownSql, - - "1648646095_image_clock.up.sql": _1648646095_image_clockUpSql, - - "1649317600_add_color_hash.up.sql": _1649317600_add_color_hashUpSql, - - "doc.go": docGo, + "1606224181_drop_photo_path_from_accounts.up.sql": _1606224181_drop_photo_path_from_accountsUpSql, + "1648646095_image_clock.down.sql": _1648646095_image_clockDownSql, + "1648646095_image_clock.up.sql": _1648646095_image_clockUpSql, + "1649317600_add_color_hash.up.sql": _1649317600_add_color_hashUpSql, + "1660238799_accounts_kdf.up.sql": _1660238799_accounts_kdfUpSql, + "doc.go": docGo, } +// AssetDebug is true if the assets were built with the debug flag enabled. +const AssetDebug = false + // AssetDir returns the file names below a certain // directory embedded in the file by go-bindata. // For example if you run go-bindata on data/... and data contains the @@ -431,16 +447,17 @@ type bintree struct { } var _bintree = &bintree{nil, map[string]*bintree{ - "0001_accounts.down.sql": &bintree{_0001_accountsDownSql, map[string]*bintree{}}, - "0001_accounts.up.sql": &bintree{_0001_accountsUpSql, map[string]*bintree{}}, - "1605007189_identity_images.down.sql": &bintree{_1605007189_identity_imagesDownSql, map[string]*bintree{}}, - "1605007189_identity_images.up.sql": &bintree{_1605007189_identity_imagesUpSql, map[string]*bintree{}}, - "1606224181_drop_photo_path_from_accounts.down.sql": &bintree{_1606224181_drop_photo_path_from_accountsDownSql, map[string]*bintree{}}, - "1606224181_drop_photo_path_from_accounts.up.sql": &bintree{_1606224181_drop_photo_path_from_accountsUpSql, map[string]*bintree{}}, - "1648646095_image_clock.down.sql": &bintree{_1648646095_image_clockDownSql, map[string]*bintree{}}, - "1648646095_image_clock.up.sql": &bintree{_1648646095_image_clockUpSql, map[string]*bintree{}}, - "1649317600_add_color_hash.up.sql": &bintree{_1649317600_add_color_hashUpSql, map[string]*bintree{}}, - "doc.go": &bintree{docGo, map[string]*bintree{}}, + "0001_accounts.down.sql": {_0001_accountsDownSql, map[string]*bintree{}}, + "0001_accounts.up.sql": {_0001_accountsUpSql, map[string]*bintree{}}, + "1605007189_identity_images.down.sql": {_1605007189_identity_imagesDownSql, map[string]*bintree{}}, + "1605007189_identity_images.up.sql": {_1605007189_identity_imagesUpSql, map[string]*bintree{}}, + "1606224181_drop_photo_path_from_accounts.down.sql": {_1606224181_drop_photo_path_from_accountsDownSql, map[string]*bintree{}}, + "1606224181_drop_photo_path_from_accounts.up.sql": {_1606224181_drop_photo_path_from_accountsUpSql, map[string]*bintree{}}, + "1648646095_image_clock.down.sql": {_1648646095_image_clockDownSql, map[string]*bintree{}}, + "1648646095_image_clock.up.sql": {_1648646095_image_clockUpSql, map[string]*bintree{}}, + "1649317600_add_color_hash.up.sql": {_1649317600_add_color_hashUpSql, map[string]*bintree{}}, + "1660238799_accounts_kdf.up.sql": {_1660238799_accounts_kdfUpSql, map[string]*bintree{}}, + "doc.go": {docGo, map[string]*bintree{}}, }} // RestoreAsset restores an asset under the given directory. diff --git a/multiaccounts/migrations/sql/1660238799_accounts_kdf.up.sql b/multiaccounts/migrations/sql/1660238799_accounts_kdf.up.sql new file mode 100644 index 000000000..ed3a15b0d --- /dev/null +++ b/multiaccounts/migrations/sql/1660238799_accounts_kdf.up.sql @@ -0,0 +1,2 @@ +ALTER TABLE accounts ADD COLUMN kdfIterations INT NOT NULL DEFAULT 3200; +UPDATE accounts SET kdfIterations = 3200; diff --git a/multiaccounts/settings/database_test.go b/multiaccounts/settings/database_test.go index 9bb72151f..1e41e883c 100644 --- a/multiaccounts/settings/database_test.go +++ b/multiaccounts/settings/database_test.go @@ -11,6 +11,7 @@ import ( "github.com/status-im/status-go/eth-node/types" "github.com/status-im/status-go/multiaccounts/errors" "github.com/status-im/status-go/params" + "github.com/status-im/status-go/sqlite" ) var ( @@ -68,7 +69,7 @@ func TestClosingsqlDB(t *testing.T) { password := "settings-tests" // Make connection with sql.DB - db, err := appdatabase.InitializeDB(testFileName, password) + db, err := appdatabase.InitializeDB(testFileName, password, sqlite.ReducedKDFIterationsNumber) // handle removing the test file on any exit defer func() { @@ -93,7 +94,7 @@ func TestClosingsqlDB(t *testing.T) { require.NoError(t, err) // Make another connection with sql.DB - db2, err := appdatabase.InitializeDB(testFileName, password) + db2, err := appdatabase.InitializeDB(testFileName, password, sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) // Init settings.Database struct using second connection diff --git a/node/status_node_rpc_client_test.go b/node/status_node_rpc_client_test.go index 5718407f7..eca3d79ce 100644 --- a/node/status_node_rpc_client_test.go +++ b/node/status_node_rpc_client_test.go @@ -13,6 +13,7 @@ import ( "github.com/status-im/status-go/appdatabase" "github.com/status-im/status-go/multiaccounts" "github.com/status-im/status-go/params" + "github.com/status-im/status-go/sqlite" ) type TestServiceAPI struct{} @@ -26,7 +27,7 @@ func setupTestDB() (*sql.DB, func() error, error) { if err != nil { return nil, nil, err } - db, err := appdatabase.InitializeDB(tmpfile.Name(), "tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "tests", sqlite.ReducedKDFIterationsNumber) if err != nil { return nil, nil, err } diff --git a/protocol/common/message_sender_test.go b/protocol/common/message_sender_test.go index 49665fe1d..e6e82327a 100644 --- a/protocol/common/message_sender_test.go +++ b/protocol/common/message_sender_test.go @@ -60,7 +60,7 @@ func (s *MessageSenderSuite) SetupTest() { identity, err := crypto.GenerateKey() s.Require().NoError(err) - database, err := sqlite.Open(filepath.Join(s.tmpDir, "sender-test.sql"), "some-key") + database, err := sqlite.Open(filepath.Join(s.tmpDir, "sender-test.sql"), "some-key", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) encryptionProtocol := encryption.New( @@ -196,7 +196,7 @@ func (s *MessageSenderSuite) TestHandleDecodedMessagesDatasyncEncrypted() { s.Require().NoError(err) // Create sender encryption protocol. - senderDatabase, err := sqlite.Open(filepath.Join(s.tmpDir, "sender.db.sql"), "") + senderDatabase, err := sqlite.Open(filepath.Join(s.tmpDir, "sender.db.sql"), "", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) senderEncryptionProtocol := encryption.New( senderDatabase, diff --git a/protocol/communities/manager_test.go b/protocol/communities/manager_test.go index 3dff6704d..55b23c5a9 100644 --- a/protocol/communities/manager_test.go +++ b/protocol/communities/manager_test.go @@ -38,7 +38,7 @@ type ManagerSuite struct { func (s *ManagerSuite) SetupTest() { dbPath, err := ioutil.TempFile("", "") s.NoError(err, "creating temp file for db") - db, err := appdatabase.InitializeDB(dbPath.Name(), "") + db, err := appdatabase.InitializeDB(dbPath.Name(), "", sqlite.ReducedKDFIterationsNumber) s.NoError(err, "creating sqlite db instance") err = sqlite.Migrate(db) s.NoError(err, "protocol migrate") diff --git a/protocol/communities/persistence_test.go b/protocol/communities/persistence_test.go index ff9f8df95..79aa326d6 100644 --- a/protocol/communities/persistence_test.go +++ b/protocol/communities/persistence_test.go @@ -33,7 +33,7 @@ func (s *PersistenceSuite) SetupTest() { dbPath, err := ioutil.TempFile("", "") s.NoError(err, "creating temp file for db") - db, err := appdatabase.InitializeDB(dbPath.Name(), "") + db, err := appdatabase.InitializeDB(dbPath.Name(), "", sqlite.ReducedKDFIterationsNumber) s.NoError(err, "creating sqlite db instance") err = sqlite.Migrate(db) diff --git a/protocol/communities_messenger_test.go b/protocol/communities_messenger_test.go index d024c7d7f..8a3a4df7b 100644 --- a/protocol/communities_messenger_test.go +++ b/protocol/communities_messenger_test.go @@ -30,6 +30,7 @@ import ( "github.com/status-im/status-go/protocol/encryption/multidevice" "github.com/status-im/status-go/protocol/protobuf" "github.com/status-im/status-go/protocol/requests" + "github.com/status-im/status-go/protocol/sqlite" "github.com/status-im/status-go/protocol/tt" "github.com/status-im/status-go/waku" ) @@ -134,7 +135,7 @@ func (s *MessengerCommunitiesSuite) newMessengerWithKey(shh types.Waku, privateK options := []Option{ WithCustomLogger(s.logger), - WithDatabaseConfig(":memory:", "somekey"), + WithDatabaseConfig(":memory:", "somekey", sqlite.ReducedKDFIterationsNumber), WithMultiAccounts(madb), WithAccount(iai.ToMultiAccount()), WithDatasync(), diff --git a/protocol/encryption/encryption_multi_device_test.go b/protocol/encryption/encryption_multi_device_test.go index 600cff4ec..abca3ea23 100644 --- a/protocol/encryption/encryption_multi_device_test.go +++ b/protocol/encryption/encryption_multi_device_test.go @@ -56,7 +56,7 @@ func setupUser(user string, s *EncryptionServiceMultiDeviceSuite, n int) error { if err != nil { return err } - db, err := sqlite.Open(dbPath.Name(), "some-key") + db, err := sqlite.Open(dbPath.Name(), "some-key", sqlite.ReducedKDFIterationsNumber) if err != nil { return err } diff --git a/protocol/encryption/encryption_test.go b/protocol/encryption/encryption_test.go index a57ec63fa..3a22d147b 100644 --- a/protocol/encryption/encryption_test.go +++ b/protocol/encryption/encryption_test.go @@ -47,7 +47,7 @@ func (s *EncryptionServiceTestSuite) initDatabases(config encryptorConfig) { s.bobDBPath, err = ioutil.TempFile("", "bob.db.sql") s.Require().NoError(err) - db, err := sqlite.Open(s.aliceDBPath.Name(), "alice-key") + db, err := sqlite.Open(s.aliceDBPath.Name(), "alice-key", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) config.InstallationID = aliceInstallationID s.alice = NewWithEncryptorConfig( @@ -57,7 +57,7 @@ func (s *EncryptionServiceTestSuite) initDatabases(config encryptorConfig) { s.logger.With(zap.String("user", "alice")), ) - db, err = sqlite.Open(s.bobDBPath.Name(), "bob-key") + db, err = sqlite.Open(s.bobDBPath.Name(), "bob-key", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) config.InstallationID = bobInstallationID s.bob = NewWithEncryptorConfig( diff --git a/protocol/encryption/multidevice/persistence_test.go b/protocol/encryption/multidevice/persistence_test.go index fd1ad0a93..9710e0d8d 100644 --- a/protocol/encryption/multidevice/persistence_test.go +++ b/protocol/encryption/multidevice/persistence_test.go @@ -28,7 +28,7 @@ type SQLLitePersistenceTestSuite struct { func (s *SQLLitePersistenceTestSuite) SetupTest() { os.Remove(dbPath) - db, err := sqlite.Open(dbPath, "test-key") + db, err := sqlite.Open(dbPath, "test-key", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) s.service = newSQLitePersistence(db) diff --git a/protocol/encryption/persistence_keys_storage_test.go b/protocol/encryption/persistence_keys_storage_test.go index f4d994af6..878fc98fb 100644 --- a/protocol/encryption/persistence_keys_storage_test.go +++ b/protocol/encryption/persistence_keys_storage_test.go @@ -36,7 +36,7 @@ func (s *SQLLitePersistenceKeysStorageTestSuite) SetupTest() { key := "blahblahblah" - db, err := sqlite.Open(filepath.Join(dir, "db.sql"), key) + db, err := sqlite.Open(filepath.Join(dir, "db.sql"), key, sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) p := newSQLitePersistence(db) diff --git a/protocol/encryption/persistence_test.go b/protocol/encryption/persistence_test.go index 1f806b1ba..98a799701 100644 --- a/protocol/encryption/persistence_test.go +++ b/protocol/encryption/persistence_test.go @@ -29,7 +29,7 @@ func (s *SQLLitePersistenceTestSuite) SetupTest() { dir, err := ioutil.TempDir("", "sqlite-persistence") s.Require().NoError(err) - db, err := sqlite.Open(filepath.Join(dir, "db.sql"), "test-key") + db, err := sqlite.Open(filepath.Join(dir, "db.sql"), "test-key", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) s.service = newSQLitePersistence(db) diff --git a/protocol/encryption/protocol_test.go b/protocol/encryption/protocol_test.go index 27f753816..b7e2406f1 100644 --- a/protocol/encryption/protocol_test.go +++ b/protocol/encryption/protocol_test.go @@ -41,7 +41,7 @@ func (s *ProtocolServiceTestSuite) SetupTest() { s.Require().NoError(err) bobDBKey := "bob" - db, err := sqlite.Open(s.aliceDBPath.Name(), aliceDBKey) + db, err := sqlite.Open(s.aliceDBPath.Name(), aliceDBKey, sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) s.alice = New( db, @@ -49,7 +49,7 @@ func (s *ProtocolServiceTestSuite) SetupTest() { s.logger.With(zap.String("user", "alice")), ) - db, err = sqlite.Open(s.bobDBPath.Name(), bobDBKey) + db, err = sqlite.Open(s.bobDBPath.Name(), bobDBKey, sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) s.bob = New( db, diff --git a/protocol/encryption/sharedsecret/service_test.go b/protocol/encryption/sharedsecret/service_test.go index a23e9a61a..a33d9c544 100644 --- a/protocol/encryption/sharedsecret/service_test.go +++ b/protocol/encryption/sharedsecret/service_test.go @@ -32,7 +32,7 @@ func (s *SharedSecretTestSuite) SetupTest() { s.Require().NoError(err) s.path = dbFile.Name() - db, err := sqlite.Open(s.path, "") + db, err := sqlite.Open(s.path, "", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) s.service = New(db, s.logger) diff --git a/protocol/ens/persistence_test.go b/protocol/ens/persistence_test.go index 20004e5d3..1ffc94819 100644 --- a/protocol/ens/persistence_test.go +++ b/protocol/ens/persistence_test.go @@ -13,7 +13,7 @@ func TestGetENSToBeVerified(t *testing.T) { name := "test.eth" updatedName := "test2.eth" - db, err := sqlite.Open(sqlite.InMemoryPath, "") + db, err := sqlite.Open(sqlite.InMemoryPath, "", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) err = sqlite.Migrate(db) diff --git a/protocol/messenger.go b/protocol/messenger.go index c568a71de..8d4fa9520 100644 --- a/protocol/messenger.go +++ b/protocol/messenger.go @@ -174,8 +174,9 @@ type mailserverCycle struct { } type dbConfig struct { - dbPath string - dbKey string + dbPath string + dbKey string + dbKDFIterations int } type EnvelopeEventsInterceptor struct { @@ -260,9 +261,9 @@ func NewMessenger( return nil, errors.New("database instance or database path needs to be provided") } if c.db == nil { - logger.Info("opening a database", zap.String("dbPath", c.dbConfig.dbPath)) + logger.Info("opening a database", zap.String("dbPath", c.dbConfig.dbPath), zap.Int("KDFIterations", c.dbConfig.dbKDFIterations)) var err error - database, err = appdatabase.InitializeDB(c.dbConfig.dbPath, c.dbConfig.dbKey) + database, err = appdatabase.InitializeDB(c.dbConfig.dbPath, c.dbConfig.dbKey, c.dbConfig.dbKDFIterations) if err != nil { return nil, errors.Wrap(err, "failed to initialize database from the db config") } diff --git a/protocol/messenger_config.go b/protocol/messenger_config.go index ce1ee0fb7..e8e0e7f71 100644 --- a/protocol/messenger_config.go +++ b/protocol/messenger_config.go @@ -114,9 +114,9 @@ func WithCustomLogger(logger *zap.Logger) Option { } } -func WithDatabaseConfig(dbPath, dbKey string) Option { +func WithDatabaseConfig(dbPath string, dbKey string, dbKDFIterations int) Option { return func(c *config) error { - c.dbConfig = dbConfig{dbPath: dbPath, dbKey: dbKey} + c.dbConfig = dbConfig{dbPath: dbPath, dbKey: dbKey, dbKDFIterations: dbKDFIterations} return nil } } diff --git a/protocol/messenger_sync_settings_test.go b/protocol/messenger_sync_settings_test.go index 270b9264e..b6a48e190 100644 --- a/protocol/messenger_sync_settings_test.go +++ b/protocol/messenger_sync_settings_test.go @@ -18,6 +18,7 @@ import ( "github.com/status-im/status-go/multiaccounts/settings" "github.com/status-im/status-go/params" "github.com/status-im/status-go/protocol/encryption/multidevice" + "github.com/status-im/status-go/protocol/sqlite" "github.com/status-im/status-go/protocol/tt" "github.com/status-im/status-go/services/stickers" "github.com/status-im/status-go/waku" @@ -165,7 +166,7 @@ func (s *MessengerSyncSettingsSuite) newMessengerWithKey(shh types.Waku, private options := []Option{ WithCustomLogger(s.logger), - WithDatabaseConfig(tmpFile.Name(), ""), + WithDatabaseConfig(tmpFile.Name(), "", sqlite.ReducedKDFIterationsNumber), WithDatasync(), } return s.newMessengerWithOptions(shh, privateKey, options) diff --git a/protocol/messenger_test.go b/protocol/messenger_test.go index ee92b32d6..46801bf74 100644 --- a/protocol/messenger_test.go +++ b/protocol/messenger_test.go @@ -29,6 +29,7 @@ import ( "github.com/status-im/status-go/protocol/common" "github.com/status-im/status-go/protocol/protobuf" "github.com/status-im/status-go/protocol/requests" + "github.com/status-im/status-go/protocol/sqlite" "github.com/status-im/status-go/protocol/tt" v1protocol "github.com/status-im/status-go/protocol/v1" "github.com/status-im/status-go/waku" @@ -125,7 +126,7 @@ func newMessengerWithKey(shh types.Waku, privateKey *ecdsa.PrivateKey, logger *z options := []Option{ WithCustomLogger(logger), - WithDatabaseConfig(":memory:", "somekey"), + WithDatabaseConfig(":memory:", "somekey", sqlite.ReducedKDFIterationsNumber), WithMultiAccounts(madb), WithAccount(iai.ToMultiAccount()), WithDatasync(), diff --git a/protocol/persistence_test.go b/protocol/persistence_test.go index c96e7d219..350926b71 100644 --- a/protocol/persistence_test.go +++ b/protocol/persistence_test.go @@ -722,7 +722,7 @@ func openTestDB() (*sql.DB, error) { if err != nil { return nil, err } - return sqlite.Open(dbPath.Name(), "") + return sqlite.Open(dbPath.Name(), "", sqlite.ReducedKDFIterationsNumber) } func insertMinimalMessage(p *sqlitePersistence, id string) error { diff --git a/protocol/pushnotificationclient/client_test.go b/protocol/pushnotificationclient/client_test.go index 9ddafb323..63cea24a1 100644 --- a/protocol/pushnotificationclient/client_test.go +++ b/protocol/pushnotificationclient/client_test.go @@ -43,7 +43,7 @@ func (s *ClientSuite) SetupTest() { s.Require().NoError(err) s.tmpFile = tmpFile - database, err := sqlite.Open(s.tmpFile.Name(), "") + database, err := sqlite.Open(s.tmpFile.Name(), "", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) s.persistence = NewPersistence(database) diff --git a/protocol/pushnotificationclient/persistence_test.go b/protocol/pushnotificationclient/persistence_test.go index cdb401b43..36e67bb95 100644 --- a/protocol/pushnotificationclient/persistence_test.go +++ b/protocol/pushnotificationclient/persistence_test.go @@ -38,7 +38,7 @@ func (s *SQLitePersistenceSuite) SetupTest() { s.Require().NoError(err) s.tmpFile = tmpFile - database, err := sqlite.Open(s.tmpFile.Name(), "") + database, err := sqlite.Open(s.tmpFile.Name(), "", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) s.persistence = NewPersistence(database) } diff --git a/protocol/pushnotificationserver/persistence_test.go b/protocol/pushnotificationserver/persistence_test.go index 4a39140cb..e8d16d06b 100644 --- a/protocol/pushnotificationserver/persistence_test.go +++ b/protocol/pushnotificationserver/persistence_test.go @@ -29,7 +29,7 @@ func (s *SQLitePersistenceSuite) SetupTest() { s.Require().NoError(err) s.tmpFile = tmpFile - database, err := sqlite.Open(s.tmpFile.Name(), "") + database, err := sqlite.Open(s.tmpFile.Name(), "", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) s.persistence = NewSQLitePersistence(database) } diff --git a/protocol/pushnotificationserver/server_test.go b/protocol/pushnotificationserver/server_test.go index c46977d29..c835bdc52 100644 --- a/protocol/pushnotificationserver/server_test.go +++ b/protocol/pushnotificationserver/server_test.go @@ -43,7 +43,7 @@ func (s *ServerSuite) SetupTest() { s.Require().NoError(err) s.tmpFile = tmpFile - database, err := sqlite.Open(s.tmpFile.Name(), "") + database, err := sqlite.Open(s.tmpFile.Name(), "", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) s.persistence = NewSQLitePersistence(database) diff --git a/protocol/sqlite/db.go b/protocol/sqlite/db.go index d42f96d85..5a68703f6 100644 --- a/protocol/sqlite/db.go +++ b/protocol/sqlite/db.go @@ -14,16 +14,11 @@ import ( mvdsmigrations "github.com/vacp2p/mvds/persistenceutil" ) -// The default number of kdf iterations in sqlcipher (from version 3.0.0) -// https://github.com/sqlcipher/sqlcipher/blob/fda4c68bb474da7e955be07a2b807bda1bb19bd2/CHANGELOG.md#300---2013-11-05 -// https://www.zetetic.net/sqlcipher/sqlcipher-api/#kdf_iter -const defaultKdfIterationsNumber = 64000 // nolint: deadcode,varcheck,unused - // The reduced number of kdf iterations (for performance reasons) which is // currently used for derivation of the database key // https://github.com/status-im/status-go/pull/1343 // https://notes.status.im/i8Y_l7ccTiOYq09HVgoFwA -const reducedKdfIterationsNumber = 3200 +const ReducedKDFIterationsNumber = 3200 const InMemoryPath = ":memory:" @@ -37,8 +32,8 @@ type MigrationConfig struct { // Open opens or initializes a new database for a given file path. // MigrationConfig is optional but if provided migrations are applied automatically. -func Open(path, key string) (*sql.DB, error) { - return openAndMigrate(path, key, reducedKdfIterationsNumber) +func Open(path, key string, kdfIterationNumber int) (*sql.DB, error) { + return openAndMigrate(path, key, kdfIterationNumber) } // OpenInMemory opens an in memory SQLite database. diff --git a/protocol/sqlite/db_test.go b/protocol/sqlite/db_test.go index e5b6aca7f..a12c3b604 100644 --- a/protocol/sqlite/db_test.go +++ b/protocol/sqlite/db_test.go @@ -17,7 +17,7 @@ func TestOpen(t *testing.T) { dbPath := filepath.Join(dir, "db.sql") // Open the db for the first time. - db, err := openAndMigrate(dbPath, "some-key", reducedKdfIterationsNumber) + db, err := openAndMigrate(dbPath, "some-key", ReducedKDFIterationsNumber) require.NoError(t, err) // Insert some data. @@ -30,7 +30,7 @@ func TestOpen(t *testing.T) { // Open again with different key should fail // because the file already exists and it should not // be recreated. - _, err = openAndMigrate(dbPath, "different-key", reducedKdfIterationsNumber) + _, err = openAndMigrate(dbPath, "different-key", ReducedKDFIterationsNumber) require.Error(t, err) } @@ -40,7 +40,7 @@ func TestOpen(t *testing.T) { // then execute again, and we should be all migrated. func TestCommunitiesMigrationDirty(t *testing.T) { // Open the db for the first time. - db, err := open(InMemoryPath, "some-key", reducedKdfIterationsNumber) + db, err := open(InMemoryPath, "some-key", ReducedKDFIterationsNumber) require.NoError(t, err) // Create a communities table, so that migration will fail @@ -88,7 +88,7 @@ func TestCommunitiesMigrationDirty(t *testing.T) { // dirty to false and then execute again, and we should be all migrated. func TestCommunitiesMigrationNotDirty(t *testing.T) { // Open the db for the first time. - db, err := open(InMemoryPath, "some-key", reducedKdfIterationsNumber) + db, err := open(InMemoryPath, "some-key", ReducedKDFIterationsNumber) require.NoError(t, err) // Create a communities table, so that migration will fail diff --git a/protocol/transport/transport_test.go b/protocol/transport/transport_test.go index 48107f6f9..dd1c7f699 100644 --- a/protocol/transport/transport_test.go +++ b/protocol/transport/transport_test.go @@ -16,7 +16,7 @@ func TestNewTransport(t *testing.T) { dbPath, err := ioutil.TempFile("", "transport.sql") require.NoError(t, err) defer os.Remove(dbPath.Name()) - db, err := sqlite.Open(dbPath.Name(), "some-key") + db, err := sqlite.Open(dbPath.Name(), "some-key", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) logger := tt.MustCreateTestLogger() diff --git a/protocol/verification/persistence_test.go b/protocol/verification/persistence_test.go index 23b3c5003..4e8641381 100644 --- a/protocol/verification/persistence_test.go +++ b/protocol/verification/persistence_test.go @@ -26,7 +26,7 @@ func (s *PersistenceSuite) SetupTest() { dbPath, err := ioutil.TempFile("", "") s.NoError(err, "creating temp file for db") - db, err := sqlite.Open(dbPath.Name(), "") + db, err := sqlite.Open(dbPath.Name(), "", sqlite.ReducedKDFIterationsNumber) s.NoError(err, "creating sqlite db instance") s.db = &Persistence{db: db} diff --git a/rpc/client_test.go b/rpc/client_test.go index 0c1c72f0d..b0ef35367 100644 --- a/rpc/client_test.go +++ b/rpc/client_test.go @@ -14,6 +14,7 @@ import ( "github.com/status-im/status-go/appdatabase" "github.com/status-im/status-go/params" + "github.com/status-im/status-go/sqlite" gethrpc "github.com/ethereum/go-ethereum/rpc" ) @@ -21,7 +22,7 @@ import ( func setupTestNetworkDB(t *testing.T) (*sql.DB, func()) { tmpfile, err := ioutil.TempFile("", "rpc-network-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "rpc-network-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "rpc-network-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return db, func() { require.NoError(t, db.Close()) diff --git a/rpc/network/network_test.go b/rpc/network/network_test.go index 84a7ca5d0..3f5d081cb 100644 --- a/rpc/network/network_test.go +++ b/rpc/network/network_test.go @@ -10,6 +10,7 @@ import ( "github.com/status-im/status-go/appdatabase" "github.com/status-im/status-go/params" + "github.com/status-im/status-go/sqlite" ) var initNetworks = []params.Network{ @@ -83,7 +84,7 @@ var initNetworks = []params.Network{ func setupTestNetworkDB(t *testing.T) (*sql.DB, func()) { tmpfile, err := ioutil.TempFile("", "wallet-network-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-network-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-network-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return db, func() { require.NoError(t, db.Close()) diff --git a/server/payload_manager_test.go b/server/payload_manager_test.go index 27b4b7628..0a083bf94 100644 --- a/server/payload_manager_test.go +++ b/server/payload_manager_test.go @@ -14,6 +14,7 @@ import ( "github.com/status-im/status-go/images" "github.com/status-im/status-go/multiaccounts" + "github.com/status-im/status-go/protocol/sqlite" "github.com/status-im/status-go/t/utils" ) @@ -21,11 +22,12 @@ var ( password = "password" keyUID = "0xdeadbeef" expected = multiaccounts.Account{ - Name: "cool account", - KeyUID: keyUID, - ColorHash: [][]int{{4, 3}, {4, 0}, {4, 3}, {4, 0}}, - ColorID: 10, - Images: images.SampleIdentityImages(), + Name: "cool account", + KeyUID: keyUID, + ColorHash: [][]int{{4, 3}, {4, 0}, {4, 3}, {4, 0}}, + ColorID: 10, + Images: images.SampleIdentityImages(), + KDFIterations: sqlite.ReducedKDFIterationsNumber, } account1Hash = []byte{0x8f, 0xba, 0x35, 0x1, 0x2b, 0x9d, 0xad, 0xf0, 0x2d, 0x3c, 0x4d, 0x6, 0xb5, 0x22, 0x2, 0x47, 0xd4, 0x1c, 0xf4, 0x31, 0x2f, 0xb, 0x5b, 0x27, 0x5d, 0x43, 0x97, 0x58, 0x2d, 0xf0, 0xe1, 0xbe} account2Hash = []byte{0x9, 0xf8, 0x5c, 0xe9, 0x92, 0x96, 0x2d, 0x88, 0x2b, 0x8e, 0x42, 0x3f, 0xa4, 0x93, 0x6c, 0xad, 0xe9, 0xc0, 0x1b, 0x8a, 0x8, 0x8c, 0x5e, 0x7a, 0x84, 0xa2, 0xf, 0x9f, 0x77, 0x58, 0x2c, 0x2c} diff --git a/services/appmetrics/api_test.go b/services/appmetrics/api_test.go index cb5b50378..b4283f7ee 100644 --- a/services/appmetrics/api_test.go +++ b/services/appmetrics/api_test.go @@ -9,6 +9,7 @@ import ( "github.com/status-im/status-go/appdatabase" "github.com/status-im/status-go/appmetrics" + "github.com/status-im/status-go/sqlite" "github.com/stretchr/testify/require" ) @@ -16,7 +17,7 @@ import ( func setupTestDB(t *testing.T) (*appmetrics.Database, func()) { tmpfile, err := ioutil.TempFile("", "appmetrics-service") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "appmetrics-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "appmetrics-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return appmetrics.NewDB(db), func() { require.NoError(t, db.Close()) diff --git a/services/browsers/api_test.go b/services/browsers/api_test.go index df550c7e7..6e050ad84 100644 --- a/services/browsers/api_test.go +++ b/services/browsers/api_test.go @@ -9,12 +9,13 @@ import ( "github.com/stretchr/testify/require" "github.com/status-im/status-go/appdatabase" + "github.com/status-im/status-go/sqlite" ) func setupTestDB(t *testing.T) (*Database, func()) { tmpfile, err := ioutil.TempFile("", "browsers-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "browsers-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "browsers-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return NewDB(db), func() { require.NoError(t, db.Close()) diff --git a/services/ens/api_test.go b/services/ens/api_test.go index 365b4a44d..0eb5b0e2a 100644 --- a/services/ens/api_test.go +++ b/services/ens/api_test.go @@ -14,6 +14,7 @@ import ( "github.com/status-im/status-go/appdatabase" "github.com/status-im/status-go/params" statusRPC "github.com/status-im/status-go/rpc" + "github.com/status-im/status-go/sqlite" "github.com/status-im/status-go/t/utils" "github.com/status-im/status-go/transactions/fake" ) @@ -21,7 +22,7 @@ import ( func createDB(t *testing.T) (*sql.DB, func()) { tmpfile, err := ioutil.TempFile("", "service-ens-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "service-ens-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "service-ens-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return db, func() { require.NoError(t, db.Close()) diff --git a/services/gif/gif_test.go b/services/gif/gif_test.go index e360eb1c2..a6da0895c 100644 --- a/services/gif/gif_test.go +++ b/services/gif/gif_test.go @@ -11,12 +11,13 @@ import ( "github.com/status-im/status-go/appdatabase" "github.com/status-im/status-go/multiaccounts/accounts" + "github.com/status-im/status-go/sqlite" ) func setupSQLTestDb(t *testing.T) (*sql.DB, func()) { tmpfile, err := ioutil.TempFile("", "local-notifications-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "local-notifications-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "local-notifications-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return db, func() { require.NoError(t, os.Remove(tmpfile.Name())) diff --git a/services/local-notifications/database_test.go b/services/local-notifications/database_test.go index 8bf1586a9..7b23e4390 100644 --- a/services/local-notifications/database_test.go +++ b/services/local-notifications/database_test.go @@ -9,12 +9,13 @@ import ( "github.com/stretchr/testify/require" "github.com/status-im/status-go/appdatabase" + "github.com/status-im/status-go/sqlite" ) func setupAppTestDb(t *testing.T) (*sql.DB, func()) { tmpfile, err := ioutil.TempFile("", "local-notifications-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "local-notifications-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "local-notifications-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return db, func() { require.NoError(t, os.Remove(tmpfile.Name())) diff --git a/services/mailservers/api_test.go b/services/mailservers/api_test.go index c89e03856..dd1b1e01c 100644 --- a/services/mailservers/api_test.go +++ b/services/mailservers/api_test.go @@ -11,12 +11,13 @@ import ( "github.com/status-im/status-go/appdatabase" "github.com/status-im/status-go/eth-node/types" "github.com/status-im/status-go/protocol/transport" + "github.com/status-im/status-go/sqlite" ) func setupTestDB(t *testing.T) (*Database, func()) { tmpfile, err := ioutil.TempFile("", "mailservers-service") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "mailservers-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "mailservers-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return NewDB(db), func() { require.NoError(t, db.Close()) diff --git a/services/permissions/api_test.go b/services/permissions/api_test.go index a1d7c5e49..43b198f47 100644 --- a/services/permissions/api_test.go +++ b/services/permissions/api_test.go @@ -12,12 +12,13 @@ import ( "github.com/stretchr/testify/require" "github.com/status-im/status-go/appdatabase" + "github.com/status-im/status-go/sqlite" ) func setupTestDB(t *testing.T) (*Database, func()) { tmpfile, err := ioutil.TempFile("", "perm-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "perm-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "perm-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return NewDB(db), func() { require.NoError(t, db.Close()) diff --git a/services/wakuext/api_test.go b/services/wakuext/api_test.go index b514fc6ba..59300bc99 100644 --- a/services/wakuext/api_test.go +++ b/services/wakuext/api_test.go @@ -26,6 +26,7 @@ import ( "github.com/status-im/status-go/multiaccounts" "github.com/status-im/status-go/params" "github.com/status-im/status-go/services/ext" + "github.com/status-im/status-go/sqlite" "github.com/status-im/status-go/t/helpers" "github.com/status-im/status-go/waku" ) @@ -126,7 +127,7 @@ func TestInitProtocol(t *testing.T) { tmpdir, err := ioutil.TempDir("", "test-shhext-service-init-protocol") require.NoError(t, err) - sqlDB, err := appdatabase.InitializeDB(fmt.Sprintf("%s/db.sql", tmpdir), "password") + sqlDB, err := appdatabase.InitializeDB(fmt.Sprintf("%s/db.sql", tmpdir), "password", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) tmpfile, err := ioutil.TempFile("", "multi-accounts-tests-") @@ -188,7 +189,7 @@ func (s *ShhExtSuite) createAndAddNode() { s.Require().NoError(err) nodeWrapper := ext.NewTestNodeWrapper(nil, gethbridge.NewGethWakuWrapper(w)) service := New(config, nodeWrapper, nil, nil, db) - sqlDB, err := appdatabase.InitializeDB(fmt.Sprintf("%s/%d", s.dir, idx), "password") + sqlDB, err := appdatabase.InitializeDB(fmt.Sprintf("%s/%d", s.dir, idx), "password", sqlite.ReducedKDFIterationsNumber) s.Require().NoError(err) tmpfile, err := ioutil.TempFile("", "multi-accounts-tests-") diff --git a/services/wallet/saved_addresses_test.go b/services/wallet/saved_addresses_test.go index 0d0569a09..5c19a1770 100644 --- a/services/wallet/saved_addresses_test.go +++ b/services/wallet/saved_addresses_test.go @@ -10,12 +10,13 @@ import ( "github.com/ethereum/go-ethereum/common" "github.com/status-im/status-go/appdatabase" + "github.com/status-im/status-go/sqlite" ) func setupTestSavedAddressesDB(t *testing.T) (*SavedAddressesManager, func()) { tmpfile, err := ioutil.TempFile("", "wallet-saved_addresses-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-saved_addresses-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-saved_addresses-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return &SavedAddressesManager{db}, func() { require.NoError(t, db.Close()) diff --git a/services/wallet/token_test.go b/services/wallet/token_test.go index e26dfdb20..eb390734a 100644 --- a/services/wallet/token_test.go +++ b/services/wallet/token_test.go @@ -10,12 +10,13 @@ import ( "github.com/ethereum/go-ethereum/common" "github.com/status-im/status-go/appdatabase" + "github.com/status-im/status-go/sqlite" ) func setupTestTokenDB(t *testing.T) (*TokenManager, func()) { tmpfile, err := ioutil.TempFile("", "wallet-token-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-token-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-token-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return &TokenManager{db, nil, nil}, func() { require.NoError(t, db.Close()) diff --git a/services/wallet/transaction_test.go b/services/wallet/transaction_test.go index 4d1133eb5..4b5fe862e 100644 --- a/services/wallet/transaction_test.go +++ b/services/wallet/transaction_test.go @@ -12,12 +12,13 @@ import ( "github.com/status-im/status-go/appdatabase" "github.com/status-im/status-go/services/wallet/bigint" + "github.com/status-im/status-go/sqlite" ) func setupTestTransactionDB(t *testing.T) (*TransactionManager, func()) { tmpfile, err := ioutil.TempFile("", "wallet-transactions-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return &TransactionManager{db, nil, nil, nil, nil}, func() { require.NoError(t, db.Close()) diff --git a/services/wallet/transfer/block_test.go b/services/wallet/transfer/block_test.go index 2a13b9f1a..12eda2e96 100644 --- a/services/wallet/transfer/block_test.go +++ b/services/wallet/transfer/block_test.go @@ -10,12 +10,13 @@ import ( "github.com/ethereum/go-ethereum/common" "github.com/status-im/status-go/appdatabase" + "github.com/status-im/status-go/sqlite" ) func setupTestTransferDB(t *testing.T) (*Block, func()) { tmpfile, err := ioutil.TempFile("", "wallet-transfer-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return &Block{db}, func() { require.NoError(t, db.Close()) diff --git a/services/wallet/transfer/database_test.go b/services/wallet/transfer/database_test.go index b4bec4b96..639bf8c0d 100644 --- a/services/wallet/transfer/database_test.go +++ b/services/wallet/transfer/database_test.go @@ -12,12 +12,13 @@ import ( "github.com/ethereum/go-ethereum/core/types" "github.com/status-im/status-go/appdatabase" + "github.com/status-im/status-go/sqlite" ) func setupTestDB(t *testing.T) (*Database, *Block, func()) { tmpfile, err := ioutil.TempFile("", "wallet-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "wallet-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return NewDB(db), &Block{db}, func() { require.NoError(t, db.Close()) diff --git a/services/web3provider/api_test.go b/services/web3provider/api_test.go index f233b5b5d..cd3581d5e 100644 --- a/services/web3provider/api_test.go +++ b/services/web3provider/api_test.go @@ -17,6 +17,7 @@ import ( "github.com/status-im/status-go/multiaccounts/settings" "github.com/status-im/status-go/params" "github.com/status-im/status-go/services/permissions" + "github.com/status-im/status-go/sqlite" "github.com/status-im/status-go/t/utils" "github.com/status-im/status-go/transactions/fake" @@ -27,7 +28,7 @@ import ( func createDB(t *testing.T) (*sql.DB, func()) { tmpfile, err := ioutil.TempFile("", "provider-tests-") require.NoError(t, err) - db, err := appdatabase.InitializeDB(tmpfile.Name(), "provider-tests") + db, err := appdatabase.InitializeDB(tmpfile.Name(), "provider-tests", sqlite.ReducedKDFIterationsNumber) require.NoError(t, err) return db, func() { require.NoError(t, db.Close()) diff --git a/sqlite/sqlite.go b/sqlite/sqlite.go index 5ab7a87d0..8e7623ff9 100644 --- a/sqlite/sqlite.go +++ b/sqlite/sqlite.go @@ -7,23 +7,26 @@ import ( "os" _ "github.com/mutecomm/go-sqlcipher" // We require go sqlcipher that overrides default implementation + + "github.com/status-im/status-go/protocol/sqlite" ) const ( // The reduced number of kdf iterations (for performance reasons) which is - // currently used for derivation of the database key + // used as the default value // https://github.com/status-im/status-go/pull/1343 // https://notes.status.im/i8Y_l7ccTiOYq09HVgoFwA - kdfIterationsNumber = 3200 + ReducedKDFIterationsNumber = 3200 + // WALMode for sqlite. WALMode = "wal" inMemoryPath = ":memory:" ) // DecryptDB completely removes the encryption from the db -func DecryptDB(oldPath, newPath, key string) error { +func DecryptDB(oldPath string, newPath string, key string, kdfIterationsNumber int) error { - db, err := openDB(oldPath, key) + db, err := openDB(oldPath, key, kdfIterationsNumber) if err != nil { return err } @@ -42,8 +45,7 @@ func DecryptDB(oldPath, newPath, key string) error { } // EncryptDB takes a plaintext database and adds encryption -func EncryptDB(unencryptedPath, encryptedPath, key string) error { - +func EncryptDB(unencryptedPath string, encryptedPath string, key string, kdfIterationsNumber int) error { _ = os.Remove(encryptedPath) db, err := OpenUnecryptedDB(unencryptedPath) @@ -56,6 +58,10 @@ func EncryptDB(unencryptedPath, encryptedPath, key string) error { return err } + if kdfIterationsNumber <= 0 { + kdfIterationsNumber = sqlite.ReducedKDFIterationsNumber + } + _, err = db.Exec(fmt.Sprintf("PRAGMA encrypted.kdf_iter = '%d'", kdfIterationsNumber)) if err != nil { return err @@ -69,7 +75,7 @@ func EncryptDB(unencryptedPath, encryptedPath, key string) error { return err } -func openDB(path, key string) (*sql.DB, error) { +func openDB(path string, key string, kdfIterationsNumber int) (*sql.DB, error) { db, err := sql.Open("sqlite3", path) if err != nil { return nil, err @@ -86,6 +92,10 @@ func openDB(path, key string) (*sql.DB, error) { return nil, errors.New("failed to set key pragma") } + if kdfIterationsNumber <= 0 { + kdfIterationsNumber = sqlite.ReducedKDFIterationsNumber + } + if _, err = db.Exec(fmt.Sprintf("PRAGMA kdf_iter = '%d'", kdfIterationsNumber)); err != nil { return nil, err } @@ -106,8 +116,8 @@ func openDB(path, key string) (*sql.DB, error) { } // OpenDB opens not-encrypted database. -func OpenDB(path, key string) (*sql.DB, error) { - return openDB(path, key) +func OpenDB(path string, key string, kdfIterationsNumber int) (*sql.DB, error) { + return openDB(path, key, kdfIterationsNumber) } // OpenUnecryptedDB opens database with setting PRAGMA key. @@ -138,8 +148,12 @@ func OpenUnecryptedDB(path string) (*sql.DB, error) { return db, nil } -func ChangeEncryptionKey(path, key, newKey string) error { - db, err := openDB(path, key) +func ChangeEncryptionKey(path string, key string, kdfIterationsNumber int, newKey string) error { + if kdfIterationsNumber <= 0 { + kdfIterationsNumber = sqlite.ReducedKDFIterationsNumber + } + + db, err := openDB(path, key, kdfIterationsNumber) if err != nil { return err