Skip to content

Commit 15fe89b

Browse files
sjlombardosjlombardo
committed
rework kdf salt flags
1 parent bdc020d commit 15fe89b

File tree

2 files changed

+6
-9
lines changed

2 files changed

+6
-9
lines changed

src/crypto.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,7 @@ void sqlite3pager_reset(Pager *pPager);
107107
#define CIPHER_FLAG_LE_PGNO (1 << 1)
108108
#define CIPHER_FLAG_BE_PGNO (1 << 2)
109109
#define CIPHER_FLAG_KEY_USED (1 << 3)
110+
#define CIPHER_FLAG_HAS_KDF_SALT (1 << 4)
110111

111112
#ifndef DEFAULT_CIPHER_FLAGS
112113
#define DEFAULT_CIPHER_FLAGS CIPHER_FLAG_HMAC | CIPHER_FLAG_LE_PGNO
@@ -215,7 +216,6 @@ typedef struct {
215216
int plaintext_header_sz;
216217
int hmac_algorithm;
217218
int kdf_algorithm;
218-
unsigned int need_kdf_salt;
219219
unsigned int flags;
220220
unsigned char *kdf_salt;
221221
unsigned char *hmac_kdf_salt;

src/crypto_impl.c

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -792,7 +792,7 @@ void* sqlcipher_codec_ctx_get_data(codec_ctx *ctx) {
792792
static int sqlcipher_codec_ctx_init_kdf_salt(codec_ctx *ctx) {
793793
sqlite3_file *fd = sqlite3PagerFile(ctx->pBt->pBt->pPager);
794794

795-
if(!ctx->need_kdf_salt) {
795+
if(sqlcipher_codec_ctx_get_flag(ctx, CIPHER_FLAG_HAS_KDF_SALT)) {
796796
return SQLITE_OK; /* don't reload salt when not needed */
797797
}
798798

@@ -805,14 +805,14 @@ static int sqlcipher_codec_ctx_init_kdf_salt(codec_ctx *ctx) {
805805
return SQLITE_ERROR;
806806
}
807807
}
808-
ctx->need_kdf_salt = 0;
808+
sqlcipher_codec_ctx_set_flag(ctx, CIPHER_FLAG_HAS_KDF_SALT);
809809
return SQLITE_OK;
810810
}
811811

812812
int sqlcipher_codec_ctx_set_kdf_salt(codec_ctx *ctx, unsigned char *salt, int size) {
813813
if(size >= ctx->kdf_salt_sz) {
814814
memcpy(ctx->kdf_salt, salt, ctx->kdf_salt_sz);
815-
ctx->need_kdf_salt = 0;
815+
sqlcipher_codec_ctx_set_flag(ctx, CIPHER_FLAG_HAS_KDF_SALT);
816816
return SQLITE_OK;
817817
}
818818
sqlcipher_log(SQLCIPHER_LOG_ERROR, "sqlcipher_codec_ctx_set_kdf_salt: attempt to set salt of incorrect size %d", size);
@@ -821,7 +821,7 @@ int sqlcipher_codec_ctx_set_kdf_salt(codec_ctx *ctx, unsigned char *salt, int si
821821

822822
int sqlcipher_codec_ctx_get_kdf_salt(codec_ctx *ctx, void** salt) {
823823
int rc = SQLITE_OK;
824-
if(ctx->need_kdf_salt) {
824+
if(!sqlcipher_codec_ctx_get_flag(ctx, CIPHER_FLAG_HAS_KDF_SALT)) {
825825
if((rc = sqlcipher_codec_ctx_init_kdf_salt(ctx)) != SQLITE_OK) {
826826
sqlcipher_log(SQLCIPHER_LOG_ERROR, "sqlcipher_codec_ctx_get_kdf_salt: error %d from sqlcipher_codec_ctx_init_kdf_salt", rc);
827827
}
@@ -914,9 +914,6 @@ int sqlcipher_codec_ctx_init(codec_ctx **iCtx, Db *pDb, Pager *pPager, const voi
914914
/* setup default flags */
915915
ctx->flags = default_flags;
916916

917-
/* defer attempt to read KDF salt until first use */
918-
ctx->need_kdf_salt = 1;
919-
920917
/* setup the crypto provider */
921918
sqlcipher_log(SQLCIPHER_LOG_DEBUG, "sqlcipher_codec_ctx_init: allocating provider");
922919
ctx->provider = (sqlcipher_provider *) sqlcipher_malloc(sizeof(sqlcipher_provider));
@@ -1181,7 +1178,7 @@ static int sqlcipher_cipher_ctx_key_derive(codec_ctx *ctx, cipher_ctx *c_ctx) {
11811178
if(c_ctx->pass && c_ctx->pass_sz) { /* if key material is present on the context for derivation */
11821179

11831180
/* if necessary, initialize the salt from the header or random source */
1184-
if(ctx->need_kdf_salt) {
1181+
if(!sqlcipher_codec_ctx_get_flag(ctx, CIPHER_FLAG_HAS_KDF_SALT)) {
11851182
if((rc = sqlcipher_codec_ctx_init_kdf_salt(ctx)) != SQLITE_OK) {
11861183
sqlcipher_log(SQLCIPHER_LOG_ERROR, "sqlcipher_cipher_ctx_key_derive: error %d from sqlcipher_codec_ctx_init_kdf_salt", rc);
11871184
return rc;

0 commit comments

Comments
 (0)