src/crypto.h

   1 /*
   2 ** SQLCipher
   3 ** crypto.h developed by Stephen Lombardo (Zetetic LLC)
   4 ** sjlombardo at zetetic dot net
   5 ** http://zetetic.net
   6 **
   7 ** Copyright (c) 2008, ZETETIC LLC
   8 ** All rights reserved.
   9 **
  10 ** Redistribution and use in source and binary forms, with or without
  11 ** modification, are permitted provided that the following conditions are met:
  12 **     * Redistributions of source code must retain the above copyright
  13 **       notice, this list of conditions and the following disclaimer.
  14 **     * Redistributions in binary form must reproduce the above copyright
  15 **       notice, this list of conditions and the following disclaimer in the
  16 **       documentation and/or other materials provided with the distribution.
  17 **     * Neither the name of the ZETETIC LLC nor the
  18 **       names of its contributors may be used to endorse or promote products
  19 **       derived from this software without specific prior written permission.
  20 **
  21 ** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY
  22 ** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  23 ** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  24 ** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY
  25 ** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  26 ** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  27 ** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  28 ** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  29 ** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  30 ** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  31 **
  32 */
  33 /* BEGIN SQLCIPHER */
  34 #ifdef SQLITE_HAS_CODEC
  35 #ifndef CRYPTO_H
  36 #define CRYPTO_H
  37
  38 #include "sqliteInt.h"
  39 #include "btreeInt.h"
  40 #include "pager.h"
  41 #include "vdbeInt.h"
  42
  43 #if !defined(SQLCIPHER_OMIT_LOG_DEVICE)
  44 #if defined(__ANDROID__)
  45 #include <android/log.h>
  46 #elif defined(__APPLE__)
  47 #include <TargetConditionals.h>
  48 #include <os/log.h>
  49 #endif
  50 #endif
  51
  52 #include <time.h>
  53
  54 #if defined(_WIN32) || defined(SQLITE_OS_WINRT)
  55 #include <windows.h> /*  amalgamator: dontcache */
  56 #else
  57 #include <sys/time.h> /* amalgamator: dontcache */
  58 #endif
  59
  60 #ifndef OMIT_MEMLOCK
  61 #if defined(__unix__) || defined(__APPLE__) || defined(_AIX)
  62 #include <errno.h> /* amalgamator: dontcache */
  63 #include <unistd.h> /* amalgamator: dontcache */
  64 #include <sys/resource.h> /* amalgamator: dontcache */
  65 #include <sys/mman.h> /* amalgamator: dontcache */
  66 #endif
  67 #endif
  68
  69 #include "sqlcipher.h"
  70
  71 /* extensions defined in pager.c */
  72 void *sqlcipherPagerGetCodec(Pager*);
  73 void sqlcipherPagerSetCodec(Pager*, void *(*)(void*,void*,Pgno,int),  void (*)(void*,int,int),  void (*)(void*), void *);
  74 int sqlite3pager_is_sj_pgno(Pager*, Pgno);
  75 void sqlite3pager_error(Pager*, int);
  76 void sqlite3pager_reset(Pager *pPager);
  77 /* end extensions defined in pager.c */
  78
  79 #if !defined (SQLCIPHER_CRYPTO_CC) \
  80    && !defined (SQLCIPHER_CRYPTO_LIBTOMCRYPT) \
  81    && !defined (SQLCIPHER_CRYPTO_NSS) \
  82    && !defined (SQLCIPHER_CRYPTO_OPENSSL)
  83 #define SQLCIPHER_CRYPTO_OPENSSL
  84 #endif
  85
  86 #define FILE_HEADER_SZ 16
  87
  88 #define CIPHER_XSTR(s) CIPHER_STR(s)
  89 #define CIPHER_STR(s) #s
  90
  91 #ifndef CIPHER_VERSION_NUMBER
  92 #define CIPHER_VERSION_NUMBER 4.6.1
  93 #endif
  94
  95 #ifndef CIPHER_VERSION_BUILD
  96 #define CIPHER_VERSION_BUILD community
  97 #endif
  98
  99 #define CIPHER_DECRYPT 0
 100 #define CIPHER_ENCRYPT 1
 101
 102 #define CIPHER_READ_CTX 0
 103 #define CIPHER_WRITE_CTX 1
 104 #define CIPHER_READWRITE_CTX 2
 105
 106 #ifndef PBKDF2_ITER
 107 #define PBKDF2_ITER 256000
 108 #endif
 109
 110 #define SQLCIPHER_FLAG_GET(FLAG,BIT) ((FLAG & BIT) != 0)
 111 #define SQLCIPHER_FLAG_SET(FLAG,BIT) FLAG |= BIT
 112 #define SQLCIPHER_FLAG_UNSET(FLAG,BIT) FLAG &= ~BIT
 113
 114 /* possible flags for codec_ctx->flags */
 115 #define CIPHER_FLAG_HMAC          (1 << 0)
 116 #define CIPHER_FLAG_LE_PGNO       (1 << 1)
 117 #define CIPHER_FLAG_BE_PGNO       (1 << 2)
 118 #define CIPHER_FLAG_KEY_USED      (1 << 3)
 119 #define CIPHER_FLAG_HAS_KDF_SALT  (1 << 4)
 120
 121
 122 #ifndef DEFAULT_CIPHER_FLAGS
 123 #define DEFAULT_CIPHER_FLAGS CIPHER_FLAG_HMAC | CIPHER_FLAG_LE_PGNO
 124 #endif
 125
 126
 127 /* by default, sqlcipher will use a reduced number of iterations to generate
 128    the HMAC key / or transform a raw cipher key
 129    */
 130 #ifndef FAST_PBKDF2_ITER
 131 #define FAST_PBKDF2_ITER 2
 132 #endif
 133
 134 /* this if a fixed random array that will be xor'd with the database salt to ensure that the
 135    salt passed to the HMAC key derivation function is not the same as that used to derive
 136    the encryption key. This can be overridden at compile time but it will make the resulting
 137    binary incompatible with the default builds when using HMAC. A future version of SQLcipher
 138    will likely allow this to be defined at runtime via pragma */
 139 #ifndef HMAC_SALT_MASK
 140 #define HMAC_SALT_MASK 0x3a
 141 #endif
 142
 143 #ifndef CIPHER_MAX_IV_SZ
 144 #define CIPHER_MAX_IV_SZ 16
 145 #endif
 146
 147 #ifndef CIPHER_MAX_KEY_SZ
 148 #define CIPHER_MAX_KEY_SZ 64
 149 #endif
 150
 151
 152 /*
 153 **  Simple shared routines for converting hex char strings to binary data
 154  */
 155 static int cipher_hex2int(char c) {
 156   return (c>='0' && c<='9') ? (c)-'0' :
 157          (c>='A' && c<='F') ? (c)-'A'+10 :
 158          (c>='a' && c<='f') ? (c)-'a'+10 : 0;
 159 }
 160
 161 static void cipher_hex2bin(const unsigned char *hex, int sz, unsigned char *out){
 162   int i;
 163   for(i = 0; i < sz; i += 2){
 164     out[i/2] = (cipher_hex2int(hex[i])<<4) | cipher_hex2int(hex[i+1]);
 165   }
 166 }
 167
 168 static void cipher_bin2hex(const unsigned char* in, int sz, char *out) {
 169     int i;
 170     for(i=0; i < sz; i++) {
 171       sqlite3_snprintf(3, out + (i*2), "%02x ", in[i]);
 172     }
 173 }
 174
 175 static int cipher_isHex(const unsigned char *hex, int sz){
 176   int i;
 177   for(i = 0; i < sz; i++) {
 178     unsigned char c = hex[i];
 179     if ((c < '0' || c > '9') &&
 180         (c < 'A' || c > 'F') &&
 181         (c < 'a' || c > 'f')) {
 182       return 0;
 183     }
 184   }
 185   return 1;
 186 }
 187
 188 /* possible flags for simulating specific test conditions */
 189 #ifdef SQLCIPHER_TEST
 190 #define TEST_FAIL_ENCRYPT 0x01
 191 #define TEST_FAIL_DECRYPT 0x02
 192 #define TEST_FAIL_MIGRATE 0x04
 193 unsigned int sqlcipher_get_test_flags(void);
 194 void sqlcipher_set_test_flags(unsigned int);
 195 int sqlcipher_get_test_rand(void);
 196 void sqlcipher_set_test_rand(int);
 197 int sqlcipher_get_test_fail(void);
 198 #endif
 199
 200 /* extensions defined in crypto_impl.c */
 201 /* the default implementation of SQLCipher uses a cipher_ctx
 202    to keep track of read / write state separately. The following
 203    struct and associated functions are defined here */
 204 typedef struct {
 205   int derive_key;
 206   int pass_sz;
 207   unsigned char *key;
 208   unsigned char *hmac_key;
 209   unsigned char *pass;
 210   char *keyspec;
 211 } cipher_ctx;
 212
 213
 214 typedef struct {
 215   int store_pass;
 216   int kdf_iter;
 217   int fast_kdf_iter;
 218   int kdf_salt_sz;
 219   int key_sz;
 220   int iv_sz;
 221   int block_sz;
 222   int page_sz;
 223   int keyspec_sz;
 224   int reserve_sz;
 225   int hmac_sz;
 226   int plaintext_header_sz;
 227   int hmac_algorithm;
 228   int kdf_algorithm;
 229   unsigned int flags;
 230   unsigned char *kdf_salt;
 231   unsigned char *hmac_kdf_salt;
 232   unsigned char *buffer;
 233   Btree *pBt;
 234   cipher_ctx *read_ctx;
 235   cipher_ctx *write_ctx;
 236   sqlcipher_provider *provider;
 237   void *provider_ctx;
 238 } codec_ctx ;
 239
 240 /* crypto.c functions */
 241 int sqlcipher_codec_pragma(sqlite3*, int, Parse*, const char *, const char*);
 242 int sqlcipherCodecAttach(sqlite3*, int, const void *, int);
 243 void sqlcipherCodecGetKey(sqlite3*, int, void**, int*);
 244 void sqlcipher_exportFunc(sqlite3_context *, int, sqlite3_value **);
 245
 246 /* crypto_impl.c functions */
 247
 248 void sqlcipher_init_memmethods(void);
 249
 250 /* activation and initialization */
 251 void sqlcipher_activate(void);
 252 void sqlcipher_deactivate(void);
 253
 254 int sqlcipher_codec_ctx_init(codec_ctx **, Db *, Pager *, const void *, int);
 255 void sqlcipher_codec_ctx_free(codec_ctx **);
 256 int sqlcipher_codec_key_derive(codec_ctx *);
 257 int sqlcipher_codec_key_copy(codec_ctx *, int);
 258
 259 /* page cipher implementation */
 260 int sqlcipher_page_cipher(codec_ctx *, int, Pgno, int, int, unsigned char *, unsigned char *);
 261
 262 /* context setters & getters */
 263 void sqlcipher_codec_ctx_set_error(codec_ctx *, int);
 264
 265 void sqlcipher_codec_get_pass(codec_ctx *, void **, int *);
 266 int sqlcipher_codec_ctx_set_pass(codec_ctx *, const void *, int, int);
 267 void sqlcipher_codec_get_keyspec(codec_ctx *, void **zKey, int *nKey);
 268
 269 int sqlcipher_codec_ctx_set_pagesize(codec_ctx *, int);
 270 int sqlcipher_codec_ctx_get_pagesize(codec_ctx *);
 271 int sqlcipher_codec_ctx_get_reservesize(codec_ctx *);
 272
 273 void sqlcipher_set_default_pagesize(int page_size);
 274 int sqlcipher_get_default_pagesize(void);
 275
 276 void sqlcipher_set_default_kdf_iter(int iter);
 277 int sqlcipher_get_default_kdf_iter(void);
 278 int sqlcipher_codec_ctx_set_kdf_iter(codec_ctx *, int);
 279 int sqlcipher_codec_ctx_get_kdf_iter(codec_ctx *ctx);
 280
 281 int sqlcipher_codec_ctx_set_kdf_salt(codec_ctx *ctx, unsigned char *salt, int sz);
 282 int sqlcipher_codec_ctx_get_kdf_salt(codec_ctx *ctx, void **salt);
 283
 284 int sqlcipher_codec_ctx_set_fast_kdf_iter(codec_ctx *, int);
 285 int sqlcipher_codec_ctx_get_fast_kdf_iter(codec_ctx *);
 286
 287 const char* sqlcipher_codec_ctx_get_cipher(codec_ctx *ctx);
 288
 289 void* sqlcipher_codec_ctx_get_data(codec_ctx *);
 290
 291 void sqlcipher_set_default_use_hmac(int use);
 292 int sqlcipher_get_default_use_hmac(void);
 293
 294 void sqlcipher_set_hmac_salt_mask(unsigned char mask);
 295 unsigned char sqlcipher_get_hmac_salt_mask(void);
 296
 297 int sqlcipher_codec_ctx_set_use_hmac(codec_ctx *ctx, int use);
 298 int sqlcipher_codec_ctx_get_use_hmac(codec_ctx *ctx);
 299
 300 const char* sqlcipher_codec_get_cipher_provider(codec_ctx *ctx);
 301 int sqlcipher_codec_ctx_migrate(codec_ctx *ctx);
 302 int sqlcipher_codec_add_random(codec_ctx *ctx, const char *data, int random_sz);
 303 int sqlcipher_cipher_profile(sqlite3 *db, const char *destination);
 304 int sqlcipher_codec_get_store_pass(codec_ctx *ctx);
 305 void sqlcipher_codec_get_pass(codec_ctx *ctx, void **zKey, int *nKey);
 306 void sqlcipher_codec_set_store_pass(codec_ctx *ctx, int value);
 307 int sqlcipher_codec_fips_status(codec_ctx *ctx);
 308 const char* sqlcipher_codec_get_provider_version(codec_ctx *ctx);
 309
 310 int sqlcipher_set_default_plaintext_header_size(int size);
 311 int sqlcipher_get_default_plaintext_header_size(void);
 312 int sqlcipher_codec_ctx_set_plaintext_header_size(codec_ctx *ctx, int size);
 313 int sqlcipher_codec_ctx_get_plaintext_header_size(codec_ctx *ctx);
 314
 315 int sqlcipher_set_default_hmac_algorithm(int algorithm);
 316 int sqlcipher_get_default_hmac_algorithm(void);
 317 int sqlcipher_codec_ctx_set_hmac_algorithm(codec_ctx *ctx, int algorithm);
 318 int sqlcipher_codec_ctx_get_hmac_algorithm(codec_ctx *ctx);
 319
 320 int sqlcipher_set_default_kdf_algorithm(int algorithm);
 321 int sqlcipher_get_default_kdf_algorithm(void);
 322 int sqlcipher_codec_ctx_set_kdf_algorithm(codec_ctx *ctx, int algorithm);
 323 int sqlcipher_codec_ctx_get_kdf_algorithm(codec_ctx *ctx);
 324
 325 void sqlcipher_set_mem_security(int);
 326 int sqlcipher_get_mem_security(void);
 327
 328 int sqlcipher_find_db_index(sqlite3 *db, const char *zDb);
 329
 330 int sqlcipher_codec_ctx_integrity_check(codec_ctx *, Parse *, char *);
 331
 332 int sqlcipher_set_log(const char *destination);
 333 void sqlcipher_set_log_level(unsigned int level);
 334 unsigned int sqlcipher_get_log_level();
 335 void sqlcipher_set_log_source(unsigned int source);
 336 unsigned int sqlcipher_get_log_source();
 337
 338 char *sqlcipher_get_log_level_str(unsigned int);
 339 char *sqlcipher_get_log_source_str(unsigned int);
 340
 341 #define SQLCIPHER_LOG_NONE          0x00
 342 #define SQLCIPHER_LOG_ERROR         0x01
 343 #define SQLCIPHER_LOG_WARN          0x02
 344 #define SQLCIPHER_LOG_INFO          0x04
 345 #define SQLCIPHER_LOG_DEBUG         0x08
 346 #define SQLCIPHER_LOG_TRACE         0x10
 347 #define SQLCIPHER_LOG_ALL           0xffffffff
 348
 349 #define SQLCIPHER_LOG_CORE          0x01
 350 #define SQLCIPHER_LOG_MEMORY        0x02
 351 #define SQLCIPHER_LOG_MUTEX         0x04
 352 #define SQLCIPHER_LOG_PROVIDER      0x08
 353
 354 #ifdef SQLCIPHER_OMIT_LOG
 355 #define sqlcipher_log(level, source, message, ...)
 356 #else
 357 void sqlcipher_log(unsigned int level, unsigned int source, const char *message, ...);
 358 #endif
 359
 360 void sqlcipher_vdbe_return_string(Parse*, const char*, const char*, int);
 361
 362 #ifdef CODEC_DEBUG_PAGEDATA
 363 #define CODEC_HEXDUMP(DESC,BUFFER,LEN)  \
 364   { \
 365     int __pctr; \
 366     printf(DESC); \
 367     for(__pctr=0; __pctr < LEN; __pctr++) { \
 368       if(__pctr % 16 == 0) printf("\n%05x: ",__pctr); \
 369       printf("%02x ",((unsigned char*) BUFFER)[__pctr]); \
 370     } \
 371     printf("\n"); \
 372     fflush(stdout); \
 373   }
 374 #else
 375 #define CODEC_HEXDUMP(DESC,BUFFER,LEN)
 376 #endif
 377
 378 #endif
 379 #endif
 380 /* END SQLCIPHER */
 381