Add read-only PRAGMA cipher_provider

developernotes · developernotes · commit 9c4d19eb4f8e · 2013-06-05T11:28:32.000-05:00
Provides a readonly name of the cipher provider.  Available once
the codec_ctx has been properly initialized as the provider name
is sourced from the sqlcipher_provider implementation.
diff --git a/src/crypto.c b/src/crypto.c
@@ -91,6 +91,11 @@ int codec_pragma(sqlite3* db, int iDb, Parse *pParse, const char *zLeft, const c
 
   CODEC_TRACE(("codec_pragma: entered db=%p iDb=%d pParse=%p zLeft=%s zRight=%s ctx=%p\n", db, iDb, pParse, zLeft, zRight, ctx));
 
+  if( sqlite3StrICmp(zLeft, "cipher_provider")==0 && !zRight ){
+    if(ctx) { codec_vdbe_return_static_string(pParse, "cipher_provider",
+                                              sqlcipher_codec_get_cipher_provider(ctx));
+    }
+  } else
   if( sqlite3StrICmp(zLeft, "cipher_version")==0 && !zRight ){
     codec_vdbe_return_static_string(pParse, "cipher_version", codec_get_cipher_version());
   }else
diff --git a/src/crypto.h b/src/crypto.h
@@ -195,6 +195,7 @@ int sqlcipher_codec_ctx_set_flag(codec_ctx *ctx, unsigned int flag);
 int sqlcipher_codec_ctx_unset_flag(codec_ctx *ctx, unsigned int flag);
 int sqlcipher_codec_ctx_get_flag(codec_ctx *ctx, unsigned int flag, int for_ctx);
 
+const char* sqlcipher_codec_get_cipher_provider(codec_ctx *ctx);
 #endif
 #endif
 /* END CRYPTO */
diff --git a/src/crypto_impl.c b/src/crypto_impl.c
@@ -792,5 +792,8 @@ int sqlcipher_codec_key_copy(codec_ctx *ctx, int source) {
   }
 }
 
+const char* sqlcipher_codec_get_cipher_provider(codec_ctx *ctx) {
+  return ctx->read_ctx->provider->get_provider_name(ctx->read_ctx);
+}
 
 #endif
diff --git a/src/crypto_libtomcrypt.c b/src/crypto_libtomcrypt.c
@@ -28,12 +28,16 @@ static int sqlcipher_ltc_deactivate(void *ctx) {
   fortuna_done(&(ltc->prng));
 }
 
+static const char* sqlcipher_ltc_get_provider_name(void *ctx) {
+  return "libtomcrypt";
+}
+
 static int sqlcipher_ltc_random(void *ctx, void *buffer, int length) {
   int random_value;
   int random_buffer_sz = 256;
   char random_buffer[random_buffer_sz];
-  ltc_ctx *ltc = (ltc_ctx*)ctx;
 
+  ltc_ctx *ltc = (ltc_ctx*)ctx;
   sqlite3_randomness(sizeof(random_value), &random_value);
   sqlite3_snprintf(random_buffer_sz, random_buffer, "%d", random_value);
   if(fortuna_add_entropy(random_buffer, random_buffer_sz, &(ltc->prng)) != CRYPT_OK) return SQLITE_ERROR;
@@ -128,7 +132,8 @@ static int sqlcipher_ltc_ctx_free(void **ctx) {
 
 int sqlcipher_ltc_setup(sqlcipher_provider *p) {
   p->activate = sqlcipher_ltc_activate;  
-  p->deactivate = sqlcipher_ltc_deactivate;  
+  p->deactivate = sqlcipher_ltc_deactivate;
+  p->get_provider_name = sqlcipher_ltc_get_provider_name;
   p->random = sqlcipher_ltc_random;
   p->hmac = sqlcipher_ltc_hmac;
   p->kdf = sqlcipher_ltc_kdf;
diff --git a/src/crypto_openssl.c b/src/crypto_openssl.c
@@ -60,6 +60,10 @@ static int sqlcipher_openssl_deactivate(void *ctx) {
   sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_MASTER));
 }
 
+static const char* sqlcipher_openssl_get_provider_name(void *ctx) {
+  return "openssl";
+}
+
 /* generate a defined number of pseudorandom bytes */
 static int sqlcipher_openssl_random (void *ctx, void *buffer, int length) {
   return RAND_bytes((unsigned char *)buffer, length);
@@ -148,7 +152,8 @@ static int sqlcipher_openssl_ctx_free(void **ctx) {
 
 int sqlcipher_openssl_setup(sqlcipher_provider *p) {
   p->activate = sqlcipher_openssl_activate;  
-  p->deactivate = sqlcipher_openssl_deactivate;  
+  p->deactivate = sqlcipher_openssl_deactivate;
+  p->get_provider_name = sqlcipher_openssl_get_provider_name;
   p->random = sqlcipher_openssl_random;
   p->hmac = sqlcipher_openssl_hmac;
   p->kdf = sqlcipher_openssl_kdf;
diff --git a/src/sqlcipher.h b/src/sqlcipher.h
@@ -39,6 +39,7 @@
 typedef struct {
   int (*activate)(void *ctx);
   int (*deactivate)(void *ctx);
+  const char* (*get_provider_name)(void *ctx);
   int (*random)(void *ctx, void *buffer, int length);
   int (*hmac)(void *ctx, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out);
   int (*kdf)(void *ctx, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key);

Original file line number	Diff line number	Diff line change
`@@ -792,5 +792,8 @@ int sqlcipher_codec_key_copy(codec_ctx *ctx, int source) {`
`792`	`792`	`}`
`793`	`793`	`}`
`794`	`794`
	`795`	`+const char* sqlcipher_codec_get_cipher_provider(codec_ctx *ctx) {`
	`796`	`+ return ctx->read_ctx->provider->get_provider_name(ctx->read_ctx);`
	`797`	`+}`
`795`	`798`
`796`	`799`	`#endif`