Skip to content

Commit ef3ca72

Browse files
committed
pragma to print hmac salt mask
1 parent c76596b commit ef3ca72

File tree

4 files changed

+41
-6
lines changed

4 files changed

+41
-6
lines changed

src/crypto.c

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -188,12 +188,18 @@ int codec_pragma(sqlite3* db, int iDb, Parse *pParse, const char *zLeft, const c
188188
}
189189
}else
190190
if( sqlite3StrICmp(zLeft,"cipher_hmac_salt_mask")==0 ){
191-
if(zRight) {
192-
if (sqlite3StrNICmp(zRight ,"x'", 2) == 0 && sqlite3Strlen30(zRight) == 5) {
193-
unsigned char mask = 0;
194-
const char *hex = zRight+2;
195-
cipher_hex2bin(hex,2,&mask);
196-
sqlcipher_set_hmac_salt_mask(mask);
191+
if(ctx) {
192+
if(zRight) {
193+
if (sqlite3StrNICmp(zRight ,"x'", 2) == 0 && sqlite3Strlen30(zRight) == 5) {
194+
unsigned char mask = 0;
195+
const char *hex = zRight+2;
196+
cipher_hex2bin(hex,2,&mask);
197+
sqlcipher_set_hmac_salt_mask(mask);
198+
}
199+
} else {
200+
char *hmac_salt_mask = sqlite3_mprintf("%02x", sqlcipher_get_hmac_salt_mask());
201+
codec_vdbe_return_static_string(pParse, "cipher_hmac_salt_mask", hmac_salt_mask);
202+
sqlite3_free(hmac_salt_mask);
197203
}
198204
}
199205
}else {

src/crypto.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -184,6 +184,7 @@ void sqlcipher_set_default_use_hmac(int use);
184184
int sqlcipher_get_default_use_hmac();
185185

186186
void sqlcipher_set_hmac_salt_mask(unsigned char mask);
187+
unsigned char sqlcipher_get_hmac_salt_mask();
187188

188189
int sqlcipher_codec_ctx_set_use_hmac(codec_ctx *ctx, int use);
189190
int sqlcipher_codec_ctx_get_use_hmac(codec_ctx *ctx, int for_ctx);

src/crypto_impl.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -404,6 +404,10 @@ void sqlcipher_set_hmac_salt_mask(unsigned char mask) {
404404
hmac_salt_mask = mask;
405405
}
406406

407+
unsigned char sqlcipher_get_hmac_salt_mask() {
408+
return hmac_salt_mask;
409+
}
410+
407411
/* set the codec flag for whether this individual database should be using hmac */
408412
int sqlcipher_codec_ctx_set_use_hmac(codec_ctx *ctx, int use) {
409413
int reserve = EVP_MAX_IV_LENGTH; /* base reserve size will be IV only */

test/crypto.test

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1758,6 +1758,30 @@ do_test verify-pragma-cipher-changed {
17581758
db close
17591759
file delete -force test.db
17601760

1761+
# verify the pragma cipher_hmac_salt_mask reports default
1762+
do_test verify-pragma-hmac-salt-mask-reports-default {
1763+
sqlite_orig db test.db
1764+
execsql {
1765+
PRAGMA key = 'test';
1766+
PRAGMA cipher_hmac_salt_mask;
1767+
}
1768+
} {3a}
1769+
db close
1770+
file delete -force test.db
1771+
1772+
# verify the pragma cipher_hmac_salt_mask reports
1773+
# reports value changed
1774+
do_test verify-pragma-hmac-salt-mask-reports-value-changed {
1775+
sqlite_orig db test.db
1776+
execsql {
1777+
PRAGMA key = 'test';
1778+
PRAGMA cipher_hmac_salt_mask = "x'11'";
1779+
PRAGMA cipher_hmac_salt_mask;
1780+
}
1781+
} {11}
1782+
db close
1783+
file delete -force test.db
1784+
17611785
# open a 2.0 beta database with 4000 round hmac kdf and 0x00
17621786
# hmac salt mask
17631787
# verify it can be opened

0 commit comments

Comments
 (0)