3 ** crypto.h developed by Stephen Lombardo (Zetetic LLC)
4 ** sjlombardo at zetetic dot net
7 ** Copyright (c) 2008, ZETETIC LLC
8 ** All rights reserved.
10 ** Redistribution and use in source and binary forms, with or without
11 ** modification, are permitted provided that the following conditions are met:
12 ** * Redistributions of source code must retain the above copyright
13 ** notice, this list of conditions and the following disclaimer.
14 ** * Redistributions in binary form must reproduce the above copyright
15 ** notice, this list of conditions and the following disclaimer in the
16 ** documentation and/or other materials provided with the distribution.
17 ** * Neither the name of the ZETETIC LLC nor the
18 ** names of its contributors may be used to endorse or promote products
19 ** derived from this software without specific prior written permission.
21 ** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY
22 ** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
23 ** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 ** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY
25 ** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 ** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 ** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
28 ** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29 ** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
30 ** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 #ifdef SQLITE_HAS_CODEC
38 #include "sqliteInt.h"
44 #include <android/log.h>
49 #if defined(_WIN32) || defined(SQLITE_OS_WINRT)
50 #include <windows.h> /* amalgamator: dontcache */
52 #include <sys/time.h> /* amalgamator: dontcache */
56 #if defined(__unix__) || defined(__APPLE__) || defined(_AIX)
57 #include <errno.h> /* amalgamator: dontcache */
58 #include <unistd.h> /* amalgamator: dontcache */
59 #include <sys/resource.h> /* amalgamator: dontcache */
60 #include <sys/mman.h> /* amalgamator: dontcache */
64 #include "sqlcipher.h"
66 /* extensions defined in pager.c */
67 void *sqlcipherPagerGetCodec(Pager
*);
68 void sqlcipherPagerSetCodec(Pager
*, void *(*)(void*,void*,Pgno
,int), void (*)(void*,int,int), void (*)(void*), void *);
69 int sqlite3pager_is_sj_pgno(Pager
*, Pgno
);
70 void sqlite3pager_error(Pager
*, int);
71 void sqlite3pager_reset(Pager
*pPager
);
72 /* end extensions defined in pager.c */
74 #if !defined (SQLCIPHER_CRYPTO_CC) \
75 && !defined (SQLCIPHER_CRYPTO_LIBTOMCRYPT) \
76 && !defined (SQLCIPHER_CRYPTO_NSS) \
77 && !defined (SQLCIPHER_CRYPTO_OPENSSL)
78 #define SQLCIPHER_CRYPTO_OPENSSL
81 #define FILE_HEADER_SZ 16
83 #define CIPHER_XSTR(s) CIPHER_STR(s)
84 #define CIPHER_STR(s) #s
86 #ifndef CIPHER_VERSION_NUMBER
87 #define CIPHER_VERSION_NUMBER 4.5.7
90 #ifndef CIPHER_VERSION_BUILD
91 #define CIPHER_VERSION_BUILD community
94 #define CIPHER_DECRYPT 0
95 #define CIPHER_ENCRYPT 1
97 #define CIPHER_READ_CTX 0
98 #define CIPHER_WRITE_CTX 1
99 #define CIPHER_READWRITE_CTX 2
102 #define PBKDF2_ITER 256000
105 #define SQLCIPHER_FLAG_GET(FLAG,BIT) ((FLAG & BIT) != 0)
106 #define SQLCIPHER_FLAG_SET(FLAG,BIT) FLAG |= BIT
107 #define SQLCIPHER_FLAG_UNSET(FLAG,BIT) FLAG &= ~BIT
109 /* possible flags for codec_ctx->flags */
110 #define CIPHER_FLAG_HMAC (1 << 0)
111 #define CIPHER_FLAG_LE_PGNO (1 << 1)
112 #define CIPHER_FLAG_BE_PGNO (1 << 2)
113 #define CIPHER_FLAG_KEY_USED (1 << 3)
114 #define CIPHER_FLAG_HAS_KDF_SALT (1 << 4)
117 #ifndef DEFAULT_CIPHER_FLAGS
118 #define DEFAULT_CIPHER_FLAGS CIPHER_FLAG_HMAC | CIPHER_FLAG_LE_PGNO
122 /* by default, sqlcipher will use a reduced number of iterations to generate
123 the HMAC key / or transform a raw cipher key
125 #ifndef FAST_PBKDF2_ITER
126 #define FAST_PBKDF2_ITER 2
129 /* this if a fixed random array that will be xor'd with the database salt to ensure that the
130 salt passed to the HMAC key derivation function is not the same as that used to derive
131 the encryption key. This can be overridden at compile time but it will make the resulting
132 binary incompatible with the default builds when using HMAC. A future version of SQLcipher
133 will likely allow this to be defined at runtime via pragma */
134 #ifndef HMAC_SALT_MASK
135 #define HMAC_SALT_MASK 0x3a
138 #ifndef CIPHER_MAX_IV_SZ
139 #define CIPHER_MAX_IV_SZ 16
142 #ifndef CIPHER_MAX_KEY_SZ
143 #define CIPHER_MAX_KEY_SZ 64
148 ** Simple shared routines for converting hex char strings to binary data
150 static int cipher_hex2int(char c
) {
151 return (c
>='0' && c
<='9') ? (c
)-'0' :
152 (c
>='A' && c
<='F') ? (c
)-'A'+10 :
153 (c
>='a' && c
<='f') ? (c
)-'a'+10 : 0;
156 static void cipher_hex2bin(const unsigned char *hex
, int sz
, unsigned char *out
){
158 for(i
= 0; i
< sz
; i
+= 2){
159 out
[i
/2] = (cipher_hex2int(hex
[i
])<<4) | cipher_hex2int(hex
[i
+1]);
163 static void cipher_bin2hex(const unsigned char* in
, int sz
, char *out
) {
165 for(i
=0; i
< sz
; i
++) {
166 sqlite3_snprintf(3, out
+ (i
*2), "%02x ", in
[i
]);
170 static int cipher_isHex(const unsigned char *hex
, int sz
){
172 for(i
= 0; i
< sz
; i
++) {
173 unsigned char c
= hex
[i
];
174 if ((c
< '0' || c
> '9') &&
175 (c
< 'A' || c
> 'F') &&
176 (c
< 'a' || c
> 'f')) {
183 /* possible flags for simulating specific test conditions */
184 #ifdef SQLCIPHER_TEST
185 #define TEST_FAIL_ENCRYPT 0x01
186 #define TEST_FAIL_DECRYPT 0x02
187 #define TEST_FAIL_MIGRATE 0x04
188 unsigned int sqlcipher_get_test_flags(void);
189 void sqlcipher_set_test_flags(unsigned int);
190 int sqlcipher_get_test_rand(void);
191 void sqlcipher_set_test_rand(int);
192 int sqlcipher_get_test_fail(void);
195 /* extensions defined in crypto_impl.c */
196 /* the default implementation of SQLCipher uses a cipher_ctx
197 to keep track of read / write state separately. The following
198 struct and associated functions are defined here */
203 unsigned char *hmac_key
;
221 int plaintext_header_sz
;
225 unsigned char *kdf_salt
;
226 unsigned char *hmac_kdf_salt
;
227 unsigned char *buffer
;
229 cipher_ctx
*read_ctx
;
230 cipher_ctx
*write_ctx
;
231 sqlcipher_provider
*provider
;
235 /* crypto.c functions */
236 int sqlcipher_codec_pragma(sqlite3
*, int, Parse
*, const char *, const char*);
237 int sqlcipherCodecAttach(sqlite3
*, int, const void *, int);
238 void sqlcipherCodecGetKey(sqlite3
*, int, void**, int*);
239 void sqlcipher_exportFunc(sqlite3_context
*, int, sqlite3_value
**);
241 /* crypto_impl.c functions */
243 void sqlcipher_init_memmethods(void);
245 /* activation and initialization */
246 void sqlcipher_activate(void);
247 void sqlcipher_deactivate(void);
249 int sqlcipher_codec_ctx_init(codec_ctx
**, Db
*, Pager
*, const void *, int);
250 void sqlcipher_codec_ctx_free(codec_ctx
**);
251 int sqlcipher_codec_key_derive(codec_ctx
*);
252 int sqlcipher_codec_key_copy(codec_ctx
*, int);
254 /* page cipher implementation */
255 int sqlcipher_page_cipher(codec_ctx
*, int, Pgno
, int, int, unsigned char *, unsigned char *);
257 /* context setters & getters */
258 void sqlcipher_codec_ctx_set_error(codec_ctx
*, int);
260 void sqlcipher_codec_get_pass(codec_ctx
*, void **, int *);
261 int sqlcipher_codec_ctx_set_pass(codec_ctx
*, const void *, int, int);
262 void sqlcipher_codec_get_keyspec(codec_ctx
*, void **zKey
, int *nKey
);
264 int sqlcipher_codec_ctx_set_pagesize(codec_ctx
*, int);
265 int sqlcipher_codec_ctx_get_pagesize(codec_ctx
*);
266 int sqlcipher_codec_ctx_get_reservesize(codec_ctx
*);
268 void sqlcipher_set_default_pagesize(int page_size
);
269 int sqlcipher_get_default_pagesize(void);
271 void sqlcipher_set_default_kdf_iter(int iter
);
272 int sqlcipher_get_default_kdf_iter(void);
273 int sqlcipher_codec_ctx_set_kdf_iter(codec_ctx
*, int);
274 int sqlcipher_codec_ctx_get_kdf_iter(codec_ctx
*ctx
);
276 int sqlcipher_codec_ctx_set_kdf_salt(codec_ctx
*ctx
, unsigned char *salt
, int sz
);
277 int sqlcipher_codec_ctx_get_kdf_salt(codec_ctx
*ctx
, void **salt
);
279 int sqlcipher_codec_ctx_set_fast_kdf_iter(codec_ctx
*, int);
280 int sqlcipher_codec_ctx_get_fast_kdf_iter(codec_ctx
*);
282 const char* sqlcipher_codec_ctx_get_cipher(codec_ctx
*ctx
);
284 void* sqlcipher_codec_ctx_get_data(codec_ctx
*);
286 void sqlcipher_set_default_use_hmac(int use
);
287 int sqlcipher_get_default_use_hmac(void);
289 void sqlcipher_set_hmac_salt_mask(unsigned char mask
);
290 unsigned char sqlcipher_get_hmac_salt_mask(void);
292 int sqlcipher_codec_ctx_set_use_hmac(codec_ctx
*ctx
, int use
);
293 int sqlcipher_codec_ctx_get_use_hmac(codec_ctx
*ctx
);
295 const char* sqlcipher_codec_get_cipher_provider(codec_ctx
*ctx
);
296 int sqlcipher_codec_ctx_migrate(codec_ctx
*ctx
);
297 int sqlcipher_codec_add_random(codec_ctx
*ctx
, const char *data
, int random_sz
);
298 int sqlcipher_cipher_profile(sqlite3
*db
, const char *destination
);
299 int sqlcipher_codec_get_store_pass(codec_ctx
*ctx
);
300 void sqlcipher_codec_get_pass(codec_ctx
*ctx
, void **zKey
, int *nKey
);
301 void sqlcipher_codec_set_store_pass(codec_ctx
*ctx
, int value
);
302 int sqlcipher_codec_fips_status(codec_ctx
*ctx
);
303 const char* sqlcipher_codec_get_provider_version(codec_ctx
*ctx
);
305 int sqlcipher_set_default_plaintext_header_size(int size
);
306 int sqlcipher_get_default_plaintext_header_size(void);
307 int sqlcipher_codec_ctx_set_plaintext_header_size(codec_ctx
*ctx
, int size
);
308 int sqlcipher_codec_ctx_get_plaintext_header_size(codec_ctx
*ctx
);
310 int sqlcipher_set_default_hmac_algorithm(int algorithm
);
311 int sqlcipher_get_default_hmac_algorithm(void);
312 int sqlcipher_codec_ctx_set_hmac_algorithm(codec_ctx
*ctx
, int algorithm
);
313 int sqlcipher_codec_ctx_get_hmac_algorithm(codec_ctx
*ctx
);
315 int sqlcipher_set_default_kdf_algorithm(int algorithm
);
316 int sqlcipher_get_default_kdf_algorithm(void);
317 int sqlcipher_codec_ctx_set_kdf_algorithm(codec_ctx
*ctx
, int algorithm
);
318 int sqlcipher_codec_ctx_get_kdf_algorithm(codec_ctx
*ctx
);
320 void sqlcipher_set_mem_security(int);
321 int sqlcipher_get_mem_security(void);
323 int sqlcipher_find_db_index(sqlite3
*db
, const char *zDb
);
325 int sqlcipher_codec_ctx_integrity_check(codec_ctx
*, Parse
*, char *);
327 int sqlcipher_set_log(const char *destination
);
328 void sqlcipher_set_log_level(unsigned int level
);
329 void sqlcipher_log(unsigned int tag
, const char *message
, ...);
331 #define SQLCIPHER_LOG_NONE 0x00
332 #define SQLCIPHER_LOG_ERROR 0x01
333 #define SQLCIPHER_LOG_WARN 0x02
334 #define SQLCIPHER_LOG_INFO 0x04
335 #define SQLCIPHER_LOG_DEBUG 0x08
336 #define SQLCIPHER_LOG_TRACE 0x10
337 #define SQLCIPHER_LOG_ALL 0xffffffff
339 void sqlcipher_vdbe_return_string(Parse
*, const char*, const char*, int);
341 #ifdef CODEC_DEBUG_PAGEDATA
342 #define CODEC_HEXDUMP(DESC,BUFFER,LEN) \
346 for(__pctr=0; __pctr < LEN; __pctr++) { \
347 if(__pctr % 16 == 0) printf("\n%05x: ",__pctr); \
348 printf("%02x ",((unsigned char*) BUFFER)[__pctr]); \
354 #define CODEC_HEXDUMP(DESC,BUFFER,LEN)