| blob | db7241df0df8c168c012cab3810796b2863fce2b |
1 # SQLCipher
2 # codec.test developed by Stephen Lombardo (Zetetic LLC)
3 # sjlombardo at zetetic dot net
4 # http://zetetic.net
5 #
6 # Copyright (c) 2018, ZETETIC LLC
7 # Redistribution and use in source and binary forms, with or without
8 # modification, are permitted provided that the following conditions are met:
9 # * Redistributions of source code must retain the above copyright
10 # notice, this list of conditions and the following disclaimer.
11 # * Redistributions in binary form must reproduce the above copyright
12 # notice, this list of conditions and the following disclaimer in the
13 # documentation and/or other materials provided with the distribution.
14 # * Neither the name of the ZETETIC LLC nor the
15 # names of its contributors may be used to endorse or promote products
16 # derived from this software without specific prior written permission.
17 #
18 # THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY
19 # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
21 # DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY
22 # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
23 # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
24 # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
27 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 #
29 # This file implements regression tests for SQLite library. The
30 # focus of this script is testing code cipher features.
31 #
32 # NOTE: tester.tcl has overridden the definition of sqlite3 to
33 # automatically pass in a key value. Thus tests in this file
34 # should explicitly close and open db with sqlite_orig in order
35 # to bypass default key assignment.
37 set testdir [file dirname $argv0]
38 source $testdir/tester.tcl
39 source $testdir/sqlcipher.tcl
41 set old_pending_byte [sqlite3_test_control_pending_byte 0x40000000]
43 # create an unencrypted database, attach a new encrypted volume
44 # copy data between, verify the encypted database is good afterwards
45 do_test unencrypted-attach {
46 sqlite_orig db test.db
48 execsql {
49 CREATE TABLE t1(a,b);
50 BEGIN;
51 }
53 for {set i 1} {$i<=1000} {incr i} {
54 set r [expr {int(rand()*500000)}]
55 execsql "INSERT INTO t1 VALUES($i,$r);"
56 }
58 execsql {
59 COMMIT;
60 ATTACH DATABASE 'test2.db' AS db2 KEY 'testkey';
61 CREATE TABLE db2.t1(a,b);
62 INSERT INTO db2.t1 SELECT * FROM t1;
63 DETACH DATABASE db2;
64 }
66 sqlite_orig db2 test2.db
67 execsql {
68 PRAGMA key='testkey';
69 SELECT count(*) FROM t1;
70 } db2
71 } {ok 1000}
72 db2 close
73 file delete -force test.db
74 file delete -force test2.db
76 # create an unencrypted database, attach a new encrypted volume
77 # using a raw key copy data between, verify the encypted
78 # database is good afterwards
79 do_test unencrypted-attach-raw-key {
80 sqlite_orig db test.db
82 execsql {
83 CREATE TABLE t1(a,b);
84 BEGIN;
85 }
87 for {set i 1} {$i<=1000} {incr i} {
88 set r [expr {int(rand()*500000)}]
89 execsql "INSERT INTO t1 VALUES($i,$r);"
90 }
92 execsql {
93 COMMIT;
94 ATTACH DATABASE 'test2.db' AS db2 KEY "x'10483C6EB40B6C31A448C22A66DED3B5E5E8D5119CAC8327B655C8B5C4836481'";
95 CREATE TABLE db2.t1(a,b);
96 INSERT INTO db2.t1 SELECT * FROM t1;
97 DETACH DATABASE db2;
98 }
100 sqlite_orig db2 test2.db
101 execsql {
102 PRAGMA key="x'10483C6EB40B6C31A448C22A66DED3B5E5E8D5119CAC8327B655C8B5C4836481'";
103 SELECT count(*) FROM t1;
104 } db2
105 } {ok 1000}
106 db2 close
107 file delete -force test.db
108 file delete -force test2.db
110 # open a 4.0 database
111 do_test compat-open-4.0-database {
112 sqlite_orig db $sampleDir/sqlcipher-4.0-testkey.db
113 execsql {
114 PRAGMA key = 'testkey';
115 PRAGMA integrity_check;
116 SELECT count(*) FROM t1;
117 }
118 } {ok ok 78536}
119 db close
121 # create an encrypted database, attach an default-key encrypted volume
122 # copy data between, verify the second database
123 do_test encrypted-attach-default-key {
124 sqlite_orig db test.db
126 execsql {
127 PRAGMA key='testkey';
128 CREATE TABLE t1(a,b);
129 BEGIN;
130 }
132 for {set i 1} {$i<=1000} {incr i} {
133 set r [expr {int(rand()*500000)}]
134 execsql "INSERT INTO t1 VALUES($i,$r);"
135 }
137 execsql {
138 COMMIT;
139 ATTACH DATABASE 'test2.db' AS test;
140 CREATE TABLE test.t1(a,b);
141 INSERT INTO test.t1 SELECT * FROM t1;
142 DETACH DATABASE test;
143 }
145 sqlite_orig db2 test2.db
147 execsql {
148 PRAGMA key='testkey';
149 SELECT count(*) FROM t1;
150 } db2
151 } {ok 1000}
152 db close
153 db2 close
154 file delete -force test.db
155 file delete -force test2.db
157 # create an encrypted database, attach an unencrypted volume
158 # copy data between, verify the unencypted database is good afterwards
159 do_test encrypted-attach-unencrypted {
160 sqlite_orig db test.db
162 execsql {
163 CREATE TABLE t1(a,b);
164 }
166 sqlite_orig db2 test2.db
167 execsql {
168 PRAGMA key = 'testkey';
169 CREATE TABLE t1(a,b);
170 BEGIN;
171 } db2
173 for {set i 1} {$i<=1000} {incr i} {
174 set r [expr {int(rand()*500000)}]
175 execsql "INSERT INTO t1 VALUES($i,$r);" db2
176 }
178 execsql {
179 COMMIT;
180 ATTACH DATABASE 'test.db' AS test KEY '';
181 INSERT INTO test.t1 SELECT * FROM t1;
182 DETACH DATABASE test;
183 } db2
185 execsql {
186 SELECT count(*) FROM t1;
187 }
188 } {1000}
189 db close
190 db2 close
191 file delete -force test.db
192 file delete -force test2.db
194 # create an unencrypted database, attach an encrypted database
195 # then copy the data to it via sqlcipher_export and verify results
196 do_test unencrypted-to-encrypted-export {
197 sqlite_orig db test.db
199 execsql {
200 CREATE TABLE t1(a,b);
201 BEGIN;
202 }
204 for {set i 1} {$i<=1000} {incr i} {
205 set r [expr {int(rand()*500000)}]
206 execsql "INSERT INTO t1 VALUES($i,$r);"
207 }
209 execsql {
210 COMMIT;
211 ATTACH DATABASE 'test2.db' AS test2 KEY 'testkey2';
212 SELECT sqlcipher_export('test2');
213 DETACH DATABASE test2;
214 }
215 db close
217 sqlite_orig db test2.db
218 execsql {
219 PRAGMA key = 'testkey2';
220 SELECT count(*) FROM t1;
221 }
223 execsql {
224 SELECT count(*) FROM t1;
225 }
226 } {1000}
227 db close
228 file delete -force test.db
229 file delete -force test2.db
231 do_test unencrypted-corrupt-to-encrypted-export {
232 sqlite_orig db test.db
234 execsql {
235 CREATE TABLE t1(a,b);
236 INSERT INTO t1 VALUES (1,2);
238 PRAGMA writable_schema = ON;
240 UPDATE sqlite_schema SET sql = 'CREATE TABLE IF NOT EXISTS t1(a,b)'
241 WHERE tbl_name = 't1';
243 PRAGMA writable_schema = OFF;
244 INSERT INTO t1 VALUES (3,4);
246 SELECT * FROM t1;
248 ATTACH DATABASE 'test2.db' AS test2 KEY 'testkey2';
250 SELECT sqlcipher_export('test2');
251 }
252 db close
254 sqlite_orig db test2.db
255 execsql {
256 PRAGMA key = 'testkey2';
257 SELECT count(*) FROM sqlite_schema;
258 SELECT count(*) FROM t1;
259 }
260 } {ok 1 2}
261 db close
262 file delete -force test.db
263 file delete -force test2.db
266 # create an encrypted database, attach an unencrypted database
267 # with data in it, then import the data back into the encrypted DB
268 # and verify
269 do_test unencrypted-to-encrypted-import {
270 sqlite_orig db test.db
272 execsql {
273 CREATE TABLE t1(a,b);
274 BEGIN;
275 }
277 for {set i 1} {$i<=1000} {incr i} {
278 set r [expr {int(rand()*500000)}]
279 execsql "INSERT INTO t1 VALUES($i,$r);"
280 }
282 execsql {
283 COMMIT;
284 }
285 db close
287 sqlite_orig db test2.db
289 execsql {
290 PRAGMA key = 'testkey2';
291 ATTACH DATABASE 'test.db' AS test KEY '';
292 SELECT sqlcipher_export('main', 'test');
293 DETACH DATABASE test;
294 }
295 db close
297 sqlite_orig db test2.db
298 execsql {
299 PRAGMA key = 'testkey2';
300 SELECT count(*) FROM t1;
301 }
302 } {ok 1000}
303 db close
304 file delete -force test.db
305 file delete -force test2.db
307 # create an unencrypted database, attach an unencrypted volume
308 # copy data between, verify the unencypted database is good afterwards
309 do_test unencrypted-attach-unencrypted {
310 sqlite_orig db test.db
312 execsql {
313 CREATE TABLE t1(a,b);
314 }
316 sqlite_orig db2 test2.db
317 execsql {
318 CREATE TABLE t1(a,b);
319 BEGIN;
320 } db2
322 for {set i 1} {$i<=1000} {incr i} {
323 set r [expr {int(rand()*500000)}]
324 execsql "INSERT INTO t1 VALUES($i,$r);" db2
325 }
327 execsql {
328 COMMIT;
329 ATTACH DATABASE 'test.db' AS test;
330 INSERT INTO test.t1 SELECT * FROM t1;
331 DETACH DATABASE test;
332 } db2
334 execsql {
335 SELECT count(*) FROM t1;
336 }
337 } {1000}
338 db close
339 db2 close
340 file delete -force test.db
341 file delete -force test2.db
344 # open a 1.1.8 database using the new code, HMAC disabled
345 do_test open-1.1.8-database {
346 file copy -force $sampleDir/sqlcipher-1.1.8-testkey.db test.db
347 sqlite_orig db test.db
348 execsql {
349 PRAGMA key = 'testkey';
350 PRAGMA cipher_use_hmac = off;
351 PRAGMA kdf_iter = 4000;
352 PRAGMA cipher_page_size = 1024;
353 PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
354 SELECT count(*) FROM t1;
355 SELECT distinct * FROM t1;
356 }
357 } {ok 75709 1 1 one one 1 2 one two 1 2}
358 db close
359 file delete -force test.db
361 # open a 1.1.8 database without hmac, then copy the data
362 do_test attach-and-copy-1.1.8 {
363 file copy -force $sampleDir/sqlcipher-1.1.8-testkey.db test.db
364 sqlite_orig db test.db
366 execsql {
367 PRAGMA key = 'testkey';
368 PRAGMA cipher_use_hmac = OFF;
369 PRAGMA kdf_iter = 4000;
370 PRAGMA cipher_page_size = 1024;
371 PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
372 ATTACH DATABASE 'test-new.db' AS db2 KEY 'testkey-hmac';
373 CREATE TABLE db2.t1(a,b);
374 INSERT INTO db2.t1 SELECT * FROM main.t1;
375 DETACH DATABASE db2;
376 }
377 db close
379 sqlite_orig db test-new.db
380 execsql {
381 PRAGMA key = 'testkey-hmac';
382 SELECT count(*) FROM t1;
383 SELECT distinct * FROM t1;
384 }
385 } {ok 75709 1 1 one one 1 2 one two 1 2}
386 db close
387 file delete -force test.db
388 file delete -force test-new.db
390 # open a standard database, then attach a new
391 # database with completely different options.
392 # copy data between them, and verify that the
393 # new database can be opened with the proper data
394 do_test attached-database-pragmas {
395 sqlite_orig db test.db
397 execsql {
398 PRAGMA key = 'testkey';
399 CREATE TABLE t1(a,b);
400 BEGIN;
401 }
403 for {set i 1} {$i<=1000} {incr i} {
404 set r [expr {int(rand()*500000)}]
405 execsql "INSERT INTO t1 VALUES($i,'value $r');"
406 }
408 execsql {
409 COMMIT;
410 ATTACH DATABASE 'test2.db' AS db2 KEY 'testkey2';
411 PRAGMA db2.cipher_page_size = 8192;
412 PRAGMA db2.kdf_iter = 1000;
413 PRAGMA db2.cipher_use_hmac = OFF;
414 CREATE TABLE db2.t1(a,b);
415 INSERT INTO db2.t1 SELECT * FROM main.t1;
416 DETACH DATABASE db2;
417 }
418 db close
420 sqlite_orig db test2.db
421 execsql {
422 PRAGMA key = 'testkey2';
423 PRAGMA cipher_page_size = 8192;
424 PRAGMA kdf_iter = 1000;
425 PRAGMA cipher_use_hmac = OFF;
426 SELECT count(*) FROM t1;
427 }
428 } {ok 1000}
429 db close
430 file delete -force test.db
431 file delete -force test2.db
433 # use the sqlcipher_export function
434 # on a non-existent database. Verify
435 # the error gets through.
436 do_test export-error {
437 sqlite_orig db test.db
439 catchsql {
440 PRAGMA key = 'testkey';
441 CREATE TABLE t1(a,b);
442 SELECT sqlcipher_export('nodb');
443 }
444 } {1 {unknown database nodb}}
445 db close
446 file delete -force test.db
448 # verify sqlcipher_export with NULL parameters
449 do_test export-nulls {
450 sqlite_orig db test.db
452 catchsql {
453 SELECT sqlcipher_export(NULL);
454 }
456 } {1 {target database can't be NULL}}
457 db close
458 file delete -force test.db
460 do_test export-nulls {
461 sqlite_orig db test.db
463 catchsql {
464 SELECT sqlcipher_export('main', NULL);
465 }
467 } {1 {target database can't be NULL}}
468 db close
469 file delete -force test.db
472 # use the sqlcipher_export function
474 # use the sqlcipher_export function
475 # to copy a complicated database.
476 # tests autoincrement fields,
477 # indexes, views, and triggers,
478 # tables and virtual tables
479 do_test export-database {
480 sqlite_orig db test.db
482 execsql {
483 PRAGMA key = 'testkey';
484 CREATE TABLE t1(a INTEGER PRIMARY KEY AUTOINCREMENT, b, c);
485 CREATE UNIQUE INDEX b_idx ON t1(b);
486 CREATE INDEX c_idx ON t1(c);
488 CREATE TABLE t2(b,c);
489 CREATE TRIGGER t2_after_insert AFTER INSERT ON t2
490 BEGIN
491 INSERT INTO t1(b,c) VALUES (new.b, new.c);
492 END;
494 CREATE VIEW v1 AS
495 SELECT c FROM t1;
497 CREATE VIRTUAL TABLE fts USING fts5(a,b);
499 BEGIN;
500 -- start with one known value
501 INSERT INTO t2 VALUES(1000000,'value 1000000');
502 }
504 for {set i 1} {$i<=999} {incr i} {
505 set r [expr {int(rand()*500000)}]
506 execsql "INSERT INTO t2 VALUES($i,'value $r');"
507 }
509 execsql {
510 INSERT INTO fts SELECT b,c FROM t1;
511 COMMIT;
513 ATTACH DATABASE 'test2.db' AS db2 KEY 'testkey2';
514 PRAGMA db2.cipher_page_size = 8192;
516 SELECT sqlcipher_export('db2');
518 DETACH DATABASE db2;
519 }
520 db close
522 sqlite_orig db test2.db
523 execsql {
524 PRAGMA key = 'testkey2';
525 PRAGMA cipher_page_size = 8192;
526 SELECT count(*) FROM t1;
527 SELECT count(*) FROM v1;
528 SELECT count(*) FROM sqlite_sequence;
529 SELECT seq FROM sqlite_sequence WHERE name = 't1';
530 INSERT INTO t2 VALUES(10001, 'value 938383');
531 SELECT count(*) FROM t1; -- verify the trigger worked
532 SELECT seq FROM sqlite_sequence WHERE name = 't1'; -- verify that autoincrement worked
533 SELECT a FROM fts WHERE b MATCH '1000000';
534 }
535 } {ok 1000 1000 1 1000 1001 1001 1000000}
536 db close
537 file delete -force test.db
538 file delete -force test2.db
540 # use the sqlcipher_export function
541 # to copy a complicated attached database to the main database
542 do_test export-attached-database {
543 sqlite_orig db test.db
545 execsql {
546 PRAGMA key = 'testkey';
547 CREATE TABLE t1(a INTEGER PRIMARY KEY AUTOINCREMENT, b, c);
548 CREATE UNIQUE INDEX b_idx ON t1(b);
549 CREATE INDEX c_idx ON t1(c);
551 CREATE TABLE t2(b,c);
552 CREATE TRIGGER t2_after_insert AFTER INSERT ON t2
553 BEGIN
554 INSERT INTO t1(b,c) VALUES (new.b, new.c);
555 END;
557 CREATE VIEW v1 AS
558 SELECT c FROM t1;
560 CREATE VIRTUAL TABLE fts USING fts5(a,b);
562 BEGIN;
563 -- start with one known value
564 INSERT INTO t2 VALUES(1000000,'value 1000000');
565 }
567 for {set i 1} {$i<=999} {incr i} {
568 set r [expr {int(rand()*500000)}]
569 execsql "INSERT INTO t2 VALUES($i,'value $r');"
570 }
572 execsql {
573 INSERT INTO fts SELECT b,c FROM t1;
574 COMMIT;
575 }
576 db close
578 sqlite_orig db test2.db
579 execsql {
580 PRAGMA key = 'testkey2';
582 CREATE TABLE t3(a INTEGER PRIMARY KEY AUTOINCREMENT, b, c);
583 CREATE UNIQUE INDEX d_idx ON t3(b);
584 INSERT INTO t3(b,c) VALUES ('one', 'two');
586 ATTACH DATABASE 'test.db' AS db KEY 'testkey';
588 SELECT sqlcipher_export('main', 'db');
590 DETACH DATABASE db;
591 INSERT INTO t3(b,c) VALUES ('three', 'four');
592 }
593 db close
595 sqlite_orig db test2.db
596 execsql {
597 PRAGMA key = 'testkey2';
598 SELECT count(*) FROM t1;
599 SELECT count(*) FROM v1;
600 SELECT count(*) FROM sqlite_sequence;
601 SELECT seq FROM sqlite_sequence WHERE name = 't1';
602 INSERT INTO t2 VALUES(10001, 'value 938383');
603 SELECT count(*) FROM t1; -- verify the trigger worked
604 SELECT seq FROM sqlite_sequence WHERE name = 't1'; -- verify that autoincrement worked
605 SELECT a FROM fts WHERE b MATCH '1000000';
606 SELECT count(*) FROM t3;
607 }
608 } {ok 1000 1000 2 1000 1001 1001 1000000 2}
609 db close
610 file delete -force test.db
611 file delete -force test2.db
614 # open the database then insert a bunch of data.
615 # then delete it and run a manual vacuum
616 # verify that the file has become smaller
617 # but can still be opened with the proper
618 # key. also test vacuum into functionality introduced
619 # in sqlite 3.27.1
620 do_test vacuum {
621 sqlite_orig db test.db
622 set rc {}
624 execsql {
625 PRAGMA key = 'testkey';
626 CREATE table t1(a,b);
627 BEGIN;
628 }
630 for {set i 1} {$i<=10000} {incr i} {
631 set r [expr {int(rand()*500000)}]
632 execsql "INSERT INTO t1 VALUES($i,'value $r');"
633 }
635 lappend rc [execsql {
636 COMMIT;
637 SELECT count(*) FROM t1;
638 }]
640 # grab current size of file
641 set sz [file size test.db]
643 execsql {
644 DELETE FROM t1 WHERE rowid > 5000;
645 VACUUM into 'test-vacuum.db';
646 VACUUM;
647 }
648 db close
650 # grab separate vacuum file size
651 set sz2 [file size test-vacuum.db]
653 # grab test.db file size, post vacuum
654 set sz3 [file size test.db]
656 # verify that the new size is
657 # smaller than the old size
658 if {$sz > $sz2} { lappend rc true }
659 if {$sz > $sz3} { lappend rc true }
661 sqlite_orig db test-vacuum.db
662 lappend rc [execsql {
663 PRAGMA key = 'testkey';
664 SELECT count(*) FROM t1;
665 }]
666 db close
668 sqlite_orig db test.db
669 lappend rc [execsql {
670 PRAGMA key = 'testkey';
671 SELECT count(*) FROM t1;
672 }]
674 } {10000 true true {ok 5000} {ok 5000}}
675 db close
676 file delete -force test.db
677 file delete -force test-vacuum.db
679 # open a 1.1.8 database (no HMAC, 4K iter), then
680 # try to open another 1.1.8 database. The
681 # attached database should have the same hmac
682 # setting as the original
683 do_test default-hmac-kdf-attach {
684 file copy -force $sampleDir/sqlcipher-1.1.8-testkey.db test.db
685 file copy -force $sampleDir/sqlcipher-1.1.8-testkey.db sqlcipher-1.1.8-testkey.db
686 sqlite_orig db test.db
687 execsql {
688 PRAGMA cipher_default_use_hmac = OFF;
689 PRAGMA cipher_default_kdf_iter = 4000;
690 PRAGMA cipher_default_page_size = 1024;
691 PRAGMA cipher_default_kdf_algorithm = PBKDF2_HMAC_SHA1;
692 PRAGMA key = 'testkey';
693 SELECT count(*) FROM t1;
694 ATTACH 'sqlcipher-1.1.8-testkey.db' AS db2 KEY 'testkey';
695 SELECT count(*) from db2.t1;
696 PRAGMA cipher_default_use_hmac = ON;
697 PRAGMA cipher_default_kdf_iter = 256000;
698 PRAGMA cipher_default_page_size = 4096;
699 PRAGMA cipher_default_kdf_algorithm = PBKDF2_HMAC_SHA512;
700 }
701 } {ok 75709 75709}
702 db close
703 file delete -force test.db
704 file delete -force sqlcipher-1.1.8-testkey.db
706 # open a 2.0 database (with HMAC), then
707 # try to a 1.1.8 database. this should
708 # fail because the hmac setting for the
709 # attached database is not compatible
710 do_test attach-1.1.8-database-from-2.0-fails {
711 file copy -force $sampleDir/sqlcipher-1.1.8-testkey.db sqlcipher-1.1.8-testkey.db
712 sqlite_orig db test.db
713 catchsql {
714 PRAGMA key = 'testkey';
715 CREATE table t1(a,b);
716 ATTACH 'sqlcipher-1.1.8-testkey.db' AS db2 KEY 'testkey';
717 }
718 } {1 {file is not a database}}
719 db close
720 file delete -force test.db
721 file delete -force sqlcipher-1.1.8-testkey.db
723 # open a 2.0 database (with HMAC, 4k iter), then
724 # set the default hmac setting to OFF.
725 # try to a 1.1.8 database. this should
726 # succeed now that hmac is off by default
727 # before the attach
728 do_test change-default-hmac-kdf-attach {
729 file copy -force $sampleDir/sqlcipher-1.1.8-testkey.db sqlcipher-1.1.8-testkey.db
730 sqlite_orig db test.db
731 execsql {
732 PRAGMA key = 'testkey';
733 CREATE table t1(a,b);
734 INSERT INTO t1(a,b) VALUES (1,2);
735 }
736 db close
737 sqlite_orig db test.db
738 execsql {
739 PRAGMA key = 'testkey';
740 SELECT count(*) FROM t1;
741 PRAGMA cipher_default_use_hmac = OFF;
742 PRAGMA cipher_default_kdf_iter = 4000;
743 PRAGMA cipher_default_page_size = 1024;
744 PRAGMA cipher_default_kdf_algorithm = PBKDF2_HMAC_SHA1;
745 ATTACH 'sqlcipher-1.1.8-testkey.db' AS db2 KEY 'testkey';
746 SELECT count(*) from db2.t1;
747 PRAGMA cipher_default_use_hmac = ON;
748 PRAGMA cipher_default_kdf_iter = 256000;
749 PRAGMA cipher_default_page_size = 4096;
750 PRAGMA cipher_default_kdf_algorithm = PBKDF2_HMAC_SHA512;
751 }
752 } {ok 1 75709}
753 db close
754 file delete -force test.db
755 file delete -force sqlcipher-1.1.8-testkey.db
758 # create a new database, insert some data
759 # and delete some data with
760 # auto_vacuum on
761 do_test auto-vacuum-full {
762 sqlite_orig db test.db
764 execsql {
765 PRAGMA key = 'test123';
766 PRAGMA auto_vacuum = FULL;
767 CREATE TABLE t1(a,b);
768 BEGIN;
769 }
771 for {set i 1} {$i<10000} {incr i} {
772 set r [expr {int(rand()*32767)}]
773 set r1 [expr {int(rand()*32767)}]
774 execsql "INSERT INTO t1 VALUES($r,$r1);"
775 }
776 set r [expr {int(rand()*32767)}]
777 execsql "DELETE FROM t1 WHERE a < $r;"
779 execsql {
780 COMMIT;
781 PRAGMA integrity_check;
782 PRAGMA freelist_count;
783 SELECT (count(*) > 0) FROM t1;
784 }
785 } {ok 0 1}
786 db close
787 file delete -force test.db
789 # create a new database, insert some data
790 # and delete some data with
791 # auto_vacuum incremental
792 do_test auto-vacuum-incremental {
793 sqlite_orig db test.db
795 execsql {
796 PRAGMA key = 'test123';
797 PRAGMA auto_vacuum = INCREMENTAL;
798 CREATE TABLE t1(a,b);
799 BEGIN;
800 }
802 for {set i 1} {$i<10000} {incr i} {
803 set r [expr {int(rand()*32767)}]
804 set r1 [expr {int(rand()*32767)}]
805 execsql "INSERT INTO t1 VALUES($r,$r1);"
806 }
807 set r [expr {int(rand()*32767)}]
808 execsql "DELETE FROM t1 WHERE a < $r;"
810 execsql {
811 COMMIT;
812 PRAGMA incremental_vacuum;
813 PRAGMA freelist_count;
814 PRAGMA integrity_check;
815 SELECT (count(*) > 0) FROM t1;
816 }
817 } {0 ok 1}
818 db close
819 file delete -force test.db
822 # create a database with many hundred tables such that the schema
823 # will overflow the first several pages of the database. verify the schema
824 # is intact on open.
825 do_test multipage-schema {
826 sqlite_orig db test.db
827 execsql {
828 PRAGMA key = 'testkey';
829 BEGIN EXCLUSIVE;
830 } db
832 for {set i 1} {$i<=300} {incr i} {
833 execsql "CREATE TABLE tab$i (a TEXT, b TEXT, c TEXT, d TEXT, e TEXT, f TEXT, g TEXT, h TEXT, i TEXT, j TEXT, k, TEXT, l, m TEXT, n TEXT, o TEXT, p TEXT);" db
834 }
836 execsql {
837 COMMIT;
838 } db
840 db close
841 sqlite_orig db test.db
843 execsql {
844 PRAGMA key = 'testkey';
845 SELECT count(*) FROM sqlite_schema where type = 'table';
846 } db
848 } {ok 300}
849 db close
850 file delete -force test.db
852 # create a database with many hundred tables such that the schema
853 # will overflow the first several pages of the database. this time, enable
854 # autovacuum on the database, which will cause sqlite to do some "short reads"
855 # after the end of the main database file. verify that there are no HMAC errors
856 # resulting from the short reads, and that the schema is intact when
857 # the database is reopened
858 do_test multipage-schema-autovacuum-shortread {
859 sqlite_orig db test.db
860 execsql {
861 PRAGMA key = 'testkey';
862 PRAGMA auto_vacuum = FULL;
863 BEGIN EXCLUSIVE;
864 } db
866 for {set i 1} {$i<=300} {incr i} {
867 execsql "CREATE TABLE tab$i (a TEXT, b TEXT, c TEXT, d TEXT, e TEXT, f TEXT, g TEXT, h TEXT, i TEXT, j TEXT, k, TEXT, l, m TEXT, n TEXT, o TEXT, p TEXT);" db
868 }
870 execsql {
871 COMMIT;
872 } db
874 db close
875 sqlite_orig db test.db
877 execsql {
878 PRAGMA key = 'testkey';
879 SELECT count(*) FROM sqlite_schema where type = 'table';
880 } db
882 } {ok 300}
883 db close
884 file delete -force test.db
886 # same as multi-page-schema-autovacuum-shortread, except
887 # using write ahead log mode
888 do_test multipage-schema-autovacuum-shortread-wal {
889 sqlite_orig db test.db
890 execsql {
891 PRAGMA key = 'testkey';
892 PRAGMA auto_vacuum = FULL;
893 PRAGMA journal_mode = WAL;
894 BEGIN EXCLUSIVE;
895 } db
897 for {set i 1} {$i<=300} {incr i} {
898 execsql "CREATE TABLE tab$i (a TEXT, b TEXT, c TEXT, d TEXT, e TEXT, f TEXT, g TEXT, h TEXT, i TEXT, j TEXT, k, TEXT, l, m TEXT, n TEXT, o TEXT, p TEXT);" db
899 }
901 execsql {
902 COMMIT;
903 } db
905 db close
906 sqlite_orig db test.db
908 execsql {
909 PRAGMA key = 'testkey';
910 SELECT count(*) FROM sqlite_schema where type = 'table';
911 } db
912 } {ok 300}
913 db close
914 file delete -force test.db
916 # open a 3.0 database with little endian hmac page numbers (default)
917 # verify it can be opened
918 do_test open-3.0-le-database {
919 sqlite_orig db $sampleDir/sqlcipher-3.0-testkey.db
920 execsql {
921 PRAGMA key = 'testkey';
922 PRAGMA cipher_page_size = 1024;
923 PRAGMA kdf_iter = 64000;
924 PRAGMA cipher_hmac_algorithm = HMAC_SHA1;
925 PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
926 SELECT count(*) FROM t1;
927 SELECT distinct * FROM t1;
928 }
929 } {ok 78536 1 1 one one 1 2 one two}
930 db close
932 # open a 2.0 database with little endian hmac page numbers (default)
933 # verify it can be opened
934 do_test open-2.0-le-database {
935 sqlite_orig db $sampleDir/sqlcipher-2.0-le-testkey.db
936 execsql {
937 PRAGMA key = 'testkey';
938 PRAGMA kdf_iter = 4000;
939 PRAGMA cipher_page_size = 1024;
940 PRAGMA cipher_hmac_algorithm = HMAC_SHA1;
941 PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
942 SELECT count(*) FROM t1;
943 SELECT distinct * FROM t1;
944 }
945 } {ok 78536 1 1 one one 1 2 one two}
946 db close
948 # open a 2.0 database with big-endian hmac page numbers
949 # verify it can be opened
950 do_test open-2.0-be-database {
951 sqlite_orig db $sampleDir/sqlcipher-2.0-be-testkey.db
952 execsql {
953 PRAGMA key = 'testkey';
954 PRAGMA cipher_hmac_pgno = be;
955 PRAGMA kdf_iter = 4000;
956 PRAGMA cipher_page_size = 1024;
957 PRAGMA cipher_hmac_algorithm = HMAC_SHA1;
958 PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
959 SELECT count(*) FROM t1;
960 SELECT distinct * FROM t1;
961 }
962 } {ok {PRAGMA cipher_hmac_pgno is deprecated, please remove from use} 78536 1 1 one one 1 2 one two}
963 db close
965 # open a 2.0 database with big-endian hmac page numbers
966 # attach a new database with little endian page numbers (default)
967 # copy schema between the two, and verify the latter
968 # can be opened
969 do_test be-to-le-migration {
970 sqlite_orig db $sampleDir/sqlcipher-2.0-be-testkey.db
972 execsql {
973 PRAGMA key = 'testkey';
974 PRAGMA cipher_hmac_pgno = be;
975 PRAGMA kdf_iter = 4000;
976 PRAGMA cipher_page_size = 1024;
977 PRAGMA cipher_hmac_algorithm = HMAC_SHA1;
978 PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
979 ATTACH DATABASE 'test.db' AS db2 KEY 'testkey';
980 CREATE TABLE db2.t1(a,b);
981 INSERT INTO db2.t1 SELECT * FROM main.t1;
982 DETACH DATABASE db2;
983 }
984 db close
986 sqlite_orig db test.db
987 execsql {
988 PRAGMA key = 'testkey';
989 SELECT count(*) FROM t1;
990 SELECT distinct * FROM t1;
991 }
992 } {ok 78536 1 1 one one 1 2 one two}
993 db close
994 file delete -force test.db
998 # open a 2.0 beta database with 4000 round hmac kdf and 0x00
999 # hmac salt mask
1000 # verify it can be opened
1001 do_test open-2.0-beta-database {
1002 sqlite_orig db $sampleDir/sqlcipher-2.0-beta-testkey.db
1003 execsql {
1004 PRAGMA key = 'testkey';
1005 PRAGMA kdf_iter = 4000;
1006 PRAGMA fast_kdf_iter = 4000;
1007 PRAGMA cipher_hmac_salt_mask = "x'00'";
1008 PRAGMA cipher_page_size = 1024;
1009 PRAGMA cipher_hmac_algorithm = HMAC_SHA1;
1010 PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
1011 SELECT count(*) FROM t1;
1012 SELECT distinct * FROM t1;
1013 }
1014 } {ok {PRAGMA fast_kdf_iter is deprecated, please remove from use} {PRAGMA cipher_hmac_salt_mask is deprecated, please remove from use} 38768 test-0-0 test-0-1 test-1-0 test-1-1}
1015 db close
1017 # open a 2.0 beta database
1018 # attach a new standard database
1019 # copy schema between the two, and verify the latter
1020 # can be opened
1021 do_test 2.0-beta-to-2.0-migration {
1022 sqlite_orig db $sampleDir/sqlcipher-2.0-beta-testkey.db
1024 execsql {
1025 PRAGMA key = 'testkey';
1026 PRAGMA cipher_hmac_salt_mask = "x'00'";
1027 PRAGMA kdf_iter = 4000;
1028 PRAGMA fast_kdf_iter = 4000;
1029 PRAGMA cipher_page_size = 1024;
1030 PRAGMA cipher_hmac_algorithm = HMAC_SHA1;
1031 PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
1032 SELECT count(*) FROM sqlite_schema;
1034 PRAGMA cipher_hmac_salt_mask = "x'3a'";
1035 ATTACH DATABASE 'test.db' AS db2 KEY 'testkey';
1037 CREATE TABLE db2.t1(a,b);
1038 INSERT INTO db2.t1 SELECT * FROM main.t1;
1039 DETACH DATABASE db2;
1040 }
1041 db close
1043 sqlite_orig db test.db
1044 execsql {
1045 PRAGMA key = 'testkey';
1046 SELECT distinct * FROM t1;
1047 }
1048 } {ok test-0-0 test-0-1 test-1-0 test-1-1}
1049 db close
1050 file delete -force test.db
1052 do_test migrate-1.1.8-database-to-current-format {
1053 file copy -force $sampleDir/sqlcipher-1.1.8-testkey.db test.db
1054 sqlite_orig db test.db
1055 execsql {
1056 PRAGMA key = 'testkey';
1057 PRAGMA cipher_migrate;
1058 }
1059 db close
1061 sqlite_orig db test.db
1062 execsql {
1063 PRAGMA key = 'testkey';
1064 SELECT count(*) FROM sqlite_schema;
1065 }
1066 } {ok 1}
1067 db close
1068 file delete -force test.db
1070 do_test migrate-2-0-le-database-to-current-format {
1071 file copy -force $sampleDir/sqlcipher-2.0-le-testkey.db test.db
1072 sqlite_orig db test.db
1073 execsql {
1074 PRAGMA key = 'testkey';
1075 PRAGMA cipher_migrate;
1076 }
1077 db close
1079 sqlite_orig db test.db
1080 execsql {
1081 PRAGMA key = 'testkey';
1082 SELECT count(*) FROM sqlite_schema;
1083 }
1084 } {ok 1}
1085 db close
1086 file delete -force test.db
1088 do_test migrate-3-0-database-to-current-format {
1089 file copy -force $sampleDir/sqlcipher-3.0-testkey.db test.db
1090 sqlite_orig db test.db
1091 set rc {}
1093 lappend rc [execsql {
1094 PRAGMA key = 'testkey';
1095 PRAGMA cipher_migrate;
1096 SELECT count(*) FROM sqlite_schema;
1097 }]
1098 db close
1100 sqlite_orig db test.db
1101 lappend rc [execsql {
1102 PRAGMA key = 'testkey';
1103 SELECT count(*) FROM sqlite_schema;
1104 PRAGMA journal_mode;
1105 }]
1106 } {{ok 0 1} {ok 1 delete}}
1107 db close
1108 file delete -force test.db
1110 do_test migrate-wal-database-to-current {
1111 file copy -force $sampleDir/sqlcipher-3.0-testkey.db test.db
1112 sqlite_orig db test.db
1113 set rc {}
1115 lappend rc [execsql {
1116 PRAGMA key = 'testkey';
1117 PRAGMA cipher_page_size = 1024; PRAGMA kdf_iter = 64000; PRAGMA cipher_hmac_algorithm = HMAC_SHA1; PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
1118 PRAGMA journal_mode = wal;
1119 }]
1120 db close
1122 sqlite_orig db test.db
1123 lappend rc [execsql {
1124 PRAGMA key = 'testkey';
1125 PRAGMA cipher_migrate;
1126 PRAGMA journal_mode;
1127 }]
1128 db close
1130 sqlite_orig db test.db
1131 lappend rc [execsql {
1132 PRAGMA key = 'testkey';
1133 SELECT count(*) FROM sqlite_schema;
1134 PRAGMA journal_mode;
1135 }]
1136 } {{ok wal} {ok 0 wal} {ok 1 wal}}
1137 db close
1138 file delete -force test.db
1140 # test original database is left untouched after
1141 # a failed migration e.g. due to low disk space
1142 do_test migrate-failure {
1143 file copy -force $sampleDir/sqlcipher-3.0-testkey.db test.db
1144 sqlite_orig db test.db
1146 set rc {}
1148 lappend rc [execsql {
1149 PRAGMA key = 'testkey';
1150 PRAGMA cipher_test_on = fail_migrate;
1151 PRAGMA cipher_migrate;
1152 }]
1153 db close
1155 lappend rc [file exists test.db-migrated]
1157 sqlite_orig db test.db
1158 lappend rc [execsql {
1159 PRAGMA key = 'testkey';
1160 PRAGMA cipher_test_off = fail_migrate;
1161 PRAGMA cipher_compatibility = 3;
1162 SELECT count(*) FROM sqlite_schema;
1163 }]
1164 } {{ok 1} 0 {ok 1}}
1165 db close
1166 file delete -force test.db
1168 # leave database is a readable state after a
1169 # a failed migration
1170 do_test migrate-failure-readable {
1171 file copy -force $sampleDir/sqlcipher-3.0-testkey.db test.db
1172 sqlite_orig db test.db
1174 set rc {}
1175 lappend rc [execsql {
1176 PRAGMA key = 'testkey';
1177 PRAGMA cipher_test_on = fail_migrate;
1178 PRAGMA cipher_migrate;
1179 }]
1181 lappend rc [catchsql {
1182 SELECT count(*) FROM sqlite_schema;
1183 }]
1184 db close
1186 sqlite_orig db test.db
1187 lappend rc [execsql {
1188 PRAGMA cipher_test_off = fail_migrate;
1189 PRAGMA cipher_test;
1190 }]
1191 } {{ok 1} {1 {SQL logic error}} 0}
1192 db close
1193 file delete -force test.db
1195 do_test key-database-by-name {
1196 sqlite_orig db test.db
1197 execsql {
1198 attach database 'new.db' as new;
1199 pragma new.key = 'foo';
1200 create table new.t1(a,b);
1201 insert into new.t1(a,b) values('foo', 'bar');
1202 detach database new;
1203 }
1204 db close
1206 sqlite_orig db new.db
1207 execsql {
1208 pragma key = 'foo';
1209 select * from t1;
1210 }
1211 } {ok foo bar}
1212 db close
1213 file delete -force test.db
1214 file delete -force new.db
1216 do_test key-multiple-databases-with-different-keys-using-pragma {
1217 sqlite_orig db test.db
1218 execsql {
1219 pragma key = 'foobar';
1220 create table t1(a,b);
1221 insert into t1(a,b) values('baz','qux');
1222 attach database 'new.db' as new;
1223 pragma new.key = 'foo';
1224 create table new.t1(a,b);
1225 insert into new.t1(a,b) values('foo', 'bar');
1226 detach database new;
1227 }
1228 db close
1230 sqlite_orig db new.db
1231 execsql {
1232 pragma key = 'foo';
1233 attach database 'test.db' as test key 'foobar';
1234 select * from t1;
1235 select * from test.t1;
1236 }
1237 } {ok foo bar baz qux}
1238 db close
1239 file delete -force test.db
1240 file delete -force new.db
1243 # Requires SQLCipher to be built with -DSQLCIPHER_TEST
1244 if_built_with_libtomcrypt verify-random-data-alters-file-content {
1245 file delete -force test.db
1246 file delete -force test2.db
1247 file delete -force test3.db
1248 set rc {}
1250 sqlite_orig db test.db
1251 execsql {
1252 PRAGMA key="x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
1253 create table t1(a,b);
1254 }
1255 db close
1256 sqlite_orig db test2.db
1257 execsql {
1258 PRAGMA key="x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
1259 create table t1(a,b);
1260 }
1261 db close
1262 sqlite_orig db test3.db
1263 execsql {
1264 PRAGMA key="x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
1265 PRAGMA cipher_add_random = "x'deadbaad'";
1266 create table t1(a,b);
1267 }
1268 db close
1269 lappend rc [cmpFilesChunked test.db test2.db]
1270 lappend rc [cmpFilesChunked test2.db test3.db]
1271 } {0 1}
1272 file delete -force test.db
1273 file delete -force test2.db
1274 file delete -force test3.db
1276 do_test can-migrate-with-keys-longer-than-64-characters {
1277 sqlite_orig db test.db
1278 execsql {
1279 PRAGMA key = "012345678901234567890123456789012345678901234567890123456789012345";
1280 PRAGMA cipher_page_size = 1024;
1281 PRAGMA kdf_iter = 4000;
1282 PRAGMA cipher_hmac_algorithm = HMAC_SHA1;
1283 PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1;
1284 PRAGMA user_version = 5;
1285 }
1286 db close
1288 sqlite_orig db test.db
1289 execsql {
1290 PRAGMA key = "012345678901234567890123456789012345678901234567890123456789012345";
1291 PRAGMA cipher_migrate;
1292 }
1293 db close
1295 sqlite_orig db test.db
1296 execsql {
1297 PRAGMA key = "012345678901234567890123456789012345678901234567890123456789012345";
1298 PRAGMA user_version;
1299 }
1300 } {ok 5}
1301 db close
1302 file delete -force test.db
1304 do_test can-migrate-with-raw-hex-key {
1305 sqlite_orig db test.db
1306 execsql {
1307 PRAGMA key = "x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
1308 PRAGMA cipher_page_size = 1024;
1309 PRAGMA kdf_iter = 4000;
1310 PRAGMA cipher_use_hmac = off;
1311 PRAGMA user_version = 5;
1312 }
1313 db close
1315 sqlite_orig db test.db
1316 execsql {
1317 PRAGMA key = "x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
1318 PRAGMA cipher_migrate;
1319 }
1320 db close
1322 sqlite_orig db test.db
1323 execsql {
1324 PRAGMA key = "x'2DD29CA851E7B56E4697B0E1F08507293D761A05CE4D1B628663F411A8086D99'";
1325 PRAGMA user_version;
1326 }
1328 } {ok 5}
1329 db close
1330 file delete -force test.db
1332 do_test attach_database_with_non_default_page_size {
1333 sqlite_orig db test2.db
1334 execsql {
1335 PRAGMA key = 'test';
1336 PRAGMA cipher_page_size = 8192;
1337 CREATE TABLE t1(a,b);
1338 INSERT INTO t1(a,b) values('one for the money', 'two for the show');
1339 INSERT INTO t1(a,b) values('three to get ready', 'now, go cat, go');
1340 }
1341 db close
1343 sqlite_orig db test.db
1344 execsql {
1345 PRAGMA cipher_default_page_size = 8192;
1346 PRAGMA key = 'test';
1347 ATTACH DATABASE 'test2.db' as test2 KEY 'test';
1348 SELECT count(*) FROM test2.t1;
1349 PRAGMA cipher_default_page_size = 4096;
1350 }
1351 } {ok 2}
1352 db close
1353 file delete -force test.db test2.db
1355 do_test verify-cipher-export-with-trace-configured {
1356 sqlite_orig db plain.db
1357 execsql {
1358 CREATE TABLE t1(a,b);
1359 INSERT INTO t1(a,b) VALUES(1,2);
1360 }
1361 set TRACE_OUT {}
1362 db trace trace_proc
1363 execsql {
1364 ATTACH DATABASE 'encrypted.db' AS encrypted KEY 'encrypted';
1365 SELECT sqlcipher_export('encrypted');
1366 DETACH DATABASE encrypted;
1367 }
1368 set TRACE_OUT
1369 } {{ATTACH DATABASE 'encrypted.db' AS encrypted KEY 'encrypted';} {SELECT sqlcipher_export('encrypted');} {DETACH DATABASE encrypted;}}
1370 set TRACE_OUT {}
1371 db close
1372 file delete -force plain.db
1373 file delete -force encrypted.db
1375 # open a 1.1.8 database using cipher_compatibility
1376 do_test compat-open-1.1.8-database {
1377 sqlite_orig db $sampleDir/sqlcipher-1.1.8-testkey.db
1378 execsql {
1379 PRAGMA key = 'testkey';
1380 PRAGMA cipher_compatibility = 1;
1381 PRAGMA integrity_check;
1382 SELECT count(*) FROM t1;
1383 }
1384 } {ok ok 75709}
1385 db close
1387 # open a 2.0 database using cipher_compatibility
1388 do_test compat-open-2.0-database {
1389 sqlite_orig db $sampleDir/sqlcipher-2.0-le-testkey.db
1390 execsql {
1391 PRAGMA key = 'testkey';
1392 PRAGMA cipher_compatibility = 2;
1393 PRAGMA integrity_check;
1394 SELECT count(*) FROM t1;
1395 }
1396 } {ok ok 78536}
1397 db close
1399 # open a 3.0 database using cipher_compatibility
1400 do_test compat-open-3.0-database {
1401 sqlite_orig db $sampleDir/sqlcipher-3.0-testkey.db
1402 execsql {
1403 PRAGMA key = 'testkey';
1404 PRAGMA cipher_compatibility = 3;
1405 PRAGMA integrity_check;
1406 SELECT count(*) FROM t1;
1407 }
1408 } {ok ok 78536}
1409 db close
1411 # open a 4.0 database using cipher_compatibility
1412 do_test compat-open-4.0-database {
1413 sqlite_orig db $sampleDir/sqlcipher-4.0-testkey.db
1414 execsql {
1415 PRAGMA key = 'testkey';
1416 PRAGMA cipher_compatibility = 4;
1417 PRAGMA integrity_check;
1418 SELECT count(*) FROM t1;
1419 }
1420 } {ok ok 78536}
1421 db close
1423 # open a 1.1.8 database using cipher_default_compatibility
1424 do_test default-compat-open-1.1.8-database {
1425 sqlite_orig db $sampleDir/sqlcipher-1.1.8-testkey.db
1426 execsql {
1427 PRAGMA cipher_default_compatibility = 1;
1428 PRAGMA key = 'testkey';
1429 PRAGMA integrity_check;
1430 SELECT count(*) FROM t1;
1431 }
1432 } {ok ok 75709}
1433 db close
1435 # open a 2.0 database using cipher_default_compatibility
1436 do_test default-compat-open-2.0-database {
1437 sqlite_orig db $sampleDir/sqlcipher-2.0-le-testkey.db
1438 execsql {
1439 PRAGMA cipher_default_compatibility = 2;
1440 PRAGMA key = 'testkey';
1441 PRAGMA integrity_check;
1442 SELECT count(*) FROM t1;
1443 }
1444 } {ok ok 78536}
1446 # open a 3.0 database using cipher_default_compatibility
1447 do_test default-compat-open-3.0-database {
1448 sqlite_orig db $sampleDir/sqlcipher-3.0-testkey.db
1449 execsql {
1450 PRAGMA cipher_default_compatibility = 3;
1451 PRAGMA key = 'testkey';
1452 PRAGMA integrity_check;
1453 SELECT count(*) FROM t1;
1454 }
1455 } {ok ok 78536}
1457 # re-open a 4.0 database using cipher_default_compatibility
1458 do_test default-compat-open-4.0-database {
1459 sqlite_orig db $sampleDir/sqlcipher-4.0-testkey.db
1460 execsql {
1461 PRAGMA cipher_default_compatibility = 4;
1462 PRAGMA key = 'testkey';
1463 PRAGMA integrity_check;
1464 SELECT count(*) FROM t1;
1465 }
1466 } {ok ok 78536}
1468 sqlite3_test_control_pending_byte $old_pending_byte
1470 finish_test