Skip to content

Commit cf7e9f9

Browse files
sjlombardosjlombardo
committed
improved error handling for providers
1 parent f177869 commit cf7e9f9

5 files changed

Lines changed: 80 additions & 62 deletions

File tree

src/crypto.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -262,7 +262,7 @@ void sqlcipher_codec_set_store_pass(codec_ctx *ctx, int value);
262262
int sqlcipher_codec_fips_status(codec_ctx *ctx);
263263
const char* sqlcipher_codec_get_provider_version(codec_ctx *ctx);
264264

265-
int sqlcipher_codec_hmac(const codec_ctx *ctx, const unsigned char *hmac_key, int key_sz,
265+
int sqlcipher_codec_hmac_sha1(const codec_ctx *ctx, const unsigned char *hmac_key, int key_sz,
266266
unsigned char* in, int in_sz, unsigned char *in2, int in2_sz,
267267
unsigned char *out);
268268

src/crypto_cc.c

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ static int sqlcipher_cc_add_random(void *ctx, void *buffer, int length) {
4343

4444
/* generate a defined number of random bytes */
4545
static int sqlcipher_cc_random (void *ctx, void *buffer, int length) {
46-
return (SecRandomCopyBytes(kSecRandomDefault, length, (uint8_t *)buffer) == 0) ? SQLITE_OK : SQLITE_ERROR;
46+
return (SecRandomCopyBytes(kSecRandomDefault, length, (uint8_t *)buffer) == kCCSuccess) ? SQLITE_OK : SQLITE_ERROR;
4747
}
4848

4949
static const char* sqlcipher_cc_get_provider_name(void *ctx) {
@@ -89,13 +89,13 @@ static int sqlcipher_cc_hmac(void *ctx, int algorithm, unsigned char *hmac_key,
8989
static int sqlcipher_cc_kdf(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) {
9090
switch(algorithm) {
9191
case SQLCIPHER_HMAC_SHA1:
92-
CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)pass, pass_sz, salt, salt_sz, kCCPRFHmacAlgSHA1, workfactor, key, key_sz);
92+
if(CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)pass, pass_sz, salt, salt_sz, kCCPRFHmacAlgSHA1, workfactor, key, key_sz) != kCCSuccess) return SQLITE_ERROR;
9393
break;
9494
case SQLCIPHER_HMAC_SHA256:
95-
CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)pass, pass_sz, salt, salt_sz, kCCPRFHmacAlgSHA256, workfactor, key, key_sz);
95+
if(CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)pass, pass_sz, salt, salt_sz, kCCPRFHmacAlgSHA256, workfactor, key, key_sz) != kCCSuccess) return SQLITE_ERROR;
9696
break;
9797
case SQLCIPHER_HMAC_SHA512:
98-
CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)pass, pass_sz, salt, salt_sz, kCCPRFHmacAlgSHA512, workfactor, key, key_sz);
98+
if(CCKeyDerivationPBKDF(kCCPBKDF2, (const char *)pass, pass_sz, salt, salt_sz, kCCPRFHmacAlgSHA512, workfactor, key, key_sz) != kCCSuccess) return SQLITE_ERROR;
9999
break;
100100
default:
101101
return SQLITE_ERROR;
@@ -108,13 +108,13 @@ static int sqlcipher_cc_cipher(void *ctx, int mode, unsigned char *key, int key_
108108
size_t tmp_csz, csz;
109109
CCOperation op = mode == CIPHER_ENCRYPT ? kCCEncrypt : kCCDecrypt;
110110

111-
CCCryptorCreate(op, kCCAlgorithmAES128, 0, key, kCCKeySizeAES256, iv, &cryptor);
112-
CCCryptorUpdate(cryptor, in, in_sz, out, in_sz, &tmp_csz);
111+
if(CCCryptorCreate(op, kCCAlgorithmAES128, 0, key, kCCKeySizeAES256, iv, &cryptor) != kCCSuccess) return SQLITE_ERROR;
112+
if(CCCryptorUpdate(cryptor, in, in_sz, out, in_sz, &tmp_csz) != kCCSuccess) return SQLITE_ERROR;
113113
csz = tmp_csz;
114114
out += tmp_csz;
115-
CCCryptorFinal(cryptor, out, in_sz - csz, &tmp_csz);
115+
if(CCCryptorFinal(cryptor, out, in_sz - csz, &tmp_csz) != kCCSuccess) return SQLITE_ERROR;
116116
csz += tmp_csz;
117-
CCCryptorRelease(cryptor);
117+
if(CCCryptorRelease(cryptor) != kCCSuccess) return SQLITE_ERROR;
118118
assert(in_sz == csz);
119119

120120
return SQLITE_OK;

src/crypto_impl.c

Lines changed: 23 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -969,12 +969,11 @@ static int sqlcipher_page_hmac(codec_ctx *ctx, cipher_ctx *c_ctx, Pgno pgno, uns
969969
/* include the encrypted page data, initialization vector, and page number in HMAC. This will
970970
prevent both tampering with the ciphertext, manipulation of the IV, or resequencing otherwise
971971
valid pages out of order in a database */
972-
ctx->provider->hmac(
972+
return ctx->provider->hmac(
973973
ctx->provider_ctx, ctx->hmac_algorithm, c_ctx->hmac_key,
974974
ctx->key_sz, in,
975975
in_sz, (unsigned char*) &pgno_raw,
976976
sizeof(pgno), out);
977-
return SQLITE_OK;
978977
}
979978

980979
/*
@@ -1007,22 +1006,20 @@ int sqlcipher_page_cipher(codec_ctx *ctx, int for_ctx, Pgno pgno, int mode, int
10071006
/* the key size should never be zero. If it is, error out. */
10081007
if(ctx->key_sz == 0) {
10091008
CODEC_TRACE("codec_cipher: error possible context corruption, key_sz is zero for pgno=%d\n", pgno);
1010-
sqlcipher_memset(out, 0, page_sz);
1011-
return SQLITE_ERROR;
1009+
goto error;
10121010
}
10131011

10141012
if(mode == CIPHER_ENCRYPT) {
10151013
/* start at front of the reserve block, write random data to the end */
1016-
if(ctx->provider->random(ctx->provider_ctx, iv_out, ctx->reserve_sz) != SQLITE_OK) return SQLITE_ERROR;
1014+
if(ctx->provider->random(ctx->provider_ctx, iv_out, ctx->reserve_sz) != SQLITE_OK) goto error;
10171015
} else { /* CIPHER_DECRYPT */
10181016
memcpy(iv_out, iv_in, ctx->iv_sz); /* copy the iv from the input to output buffer */
10191017
}
10201018

10211019
if((ctx->flags & CIPHER_FLAG_HMAC) && (mode == CIPHER_DECRYPT) && !ctx->skip_read_hmac) {
10221020
if(sqlcipher_page_hmac(ctx, c_ctx, pgno, in, size + ctx->iv_sz, hmac_out) != SQLITE_OK) {
1023-
sqlcipher_memset(out, 0, page_sz);
1024-
CODEC_TRACE("codec_cipher: hmac operations failed for pgno=%d\n", pgno);
1025-
return SQLITE_ERROR;
1021+
CODEC_TRACE("codec_cipher: hmac operation on decrypt failed for pgno=%d\n", pgno);
1022+
goto error;
10261023
}
10271024

10281025
CODEC_TRACE("codec_cipher: comparing hmac on in=%p out=%p hmac_sz=%d\n", hmac_in, hmac_out, ctx->hmac_sz);
@@ -1040,21 +1037,29 @@ int sqlcipher_page_cipher(codec_ctx *ctx, int for_ctx, Pgno pgno, int mode, int
10401037
since the check failed, the page was either tampered with or corrupted. wipe the output buffer,
10411038
and return SQLITE_ERROR to the caller */
10421039
CODEC_TRACE("codec_cipher: hmac check failed for pgno=%d returning SQLITE_ERROR\n", pgno);
1043-
sqlcipher_memset(out, 0, page_sz);
1044-
return SQLITE_ERROR;
1040+
goto error;
10451041
}
10461042
}
10471043
}
10481044

1049-
ctx->provider->cipher(ctx->provider_ctx, mode, c_ctx->key, ctx->key_sz, iv_out, in, size, out);
1045+
if(ctx->provider->cipher(ctx->provider_ctx, mode, c_ctx->key, ctx->key_sz, iv_out, in, size, out) != SQLITE_OK) {
1046+
CODEC_TRACE("codec_cipher: cipher operation mode=%d failed for pgno=%d returning SQLITE_ERROR\n", mode, pgno);
1047+
goto error;
1048+
};
10501049

10511050
if((ctx->flags & CIPHER_FLAG_HMAC) && (mode == CIPHER_ENCRYPT)) {
1052-
sqlcipher_page_hmac(ctx, c_ctx, pgno, out_start, size + ctx->iv_sz, hmac_out);
1051+
if(sqlcipher_page_hmac(ctx, c_ctx, pgno, out_start, size + ctx->iv_sz, hmac_out) != SQLITE_OK) {
1052+
CODEC_TRACE("codec_cipher: hmac operation on encrypt failed for pgno=%d\n", pgno);
1053+
goto error;
1054+
};
10531055
}
10541056

10551057
CODEC_HEXDUMP("codec_cipher: output page data", out_start, page_sz);
10561058

10571059
return SQLITE_OK;
1060+
error:
1061+
sqlcipher_memset(out, 0, page_sz);
1062+
return SQLITE_ERROR;
10581063
}
10591064

10601065
/**
@@ -1099,9 +1104,9 @@ static int sqlcipher_cipher_ctx_key_derive(codec_ctx *ctx, cipher_ctx *c_ctx) {
10991104
cipher_hex2bin(z + (ctx->key_sz * 2), (ctx->kdf_salt_sz * 2), ctx->kdf_salt);
11001105
} else {
11011106
CODEC_TRACE("cipher_ctx_key_derive: deriving key using full PBKDF2 with %d iterations\n", c_ctx->kdf_iter);
1102-
ctx->provider->kdf(ctx->provider_ctx, ctx->kdf_algorithm, c_ctx->pass, c_ctx->pass_sz,
1107+
if(ctx->provider->kdf(ctx->provider_ctx, ctx->kdf_algorithm, c_ctx->pass, c_ctx->pass_sz,
11031108
ctx->kdf_salt, ctx->kdf_salt_sz, ctx->kdf_iter,
1104-
ctx->key_sz, c_ctx->key);
1109+
ctx->key_sz, c_ctx->key) != SQLITE_OK) return SQLITE_ERROR;
11051110
}
11061111

11071112
/* set the context "keyspec" containing the hex-formatted key and salt to be used when attaching databases */
@@ -1127,9 +1132,9 @@ static int sqlcipher_cipher_ctx_key_derive(codec_ctx *ctx, cipher_ctx *c_ctx) {
11271132
c_ctx->fast_kdf_iter);
11281133

11291134

1130-
ctx->provider->kdf(ctx->provider_ctx, ctx->kdf_algorithm, c_ctx->key, ctx->key_sz,
1135+
if(ctx->provider->kdf(ctx->provider_ctx, ctx->kdf_algorithm, c_ctx->key, ctx->key_sz,
11311136
ctx->hmac_kdf_salt, ctx->kdf_salt_sz, ctx->fast_kdf_iter,
1132-
ctx->key_sz, c_ctx->hmac_key);
1137+
ctx->key_sz, c_ctx->hmac_key) != SQLITE_OK) return SQLITE_ERROR;
11331138
}
11341139

11351140
c_ctx->derive_key = 0;
@@ -1465,11 +1470,10 @@ const char* sqlcipher_codec_get_provider_version(codec_ctx *ctx) {
14651470
return ctx->provider->get_provider_version(ctx->provider_ctx);
14661471
}
14671472

1468-
int sqlcipher_codec_hmac(const codec_ctx *ctx, const unsigned char *hmac_key, int key_sz,
1473+
int sqlcipher_codec_hmac_sha1(const codec_ctx *ctx, const unsigned char *hmac_key, int key_sz,
14691474
unsigned char* in, int in_sz, unsigned char *in2, int in2_sz,
14701475
unsigned char *out) {
1471-
ctx->provider->hmac(ctx->provider_ctx, SQLCIPHER_HMAC_SHA1, (unsigned char *)hmac_key, key_sz, in, in_sz, in2, in2_sz, out);
1472-
return SQLITE_OK;
1476+
return ctx->provider->hmac(ctx->provider_ctx, SQLCIPHER_HMAC_SHA1, (unsigned char *)hmac_key, key_sz, in, in_sz, in2, in2_sz, out);
14731477
}
14741478

14751479

src/crypto_libtomcrypt.c

Lines changed: 0 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -175,9 +175,6 @@ static int sqlcipher_ltc_hmac(void *ctx, int algorithm, unsigned char *hmac_key,
175175
static int sqlcipher_ltc_kdf(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) {
176176
int rc, hash_idx;
177177
unsigned long outlen = key_sz;
178-
unsigned long random_buffer_sz = sizeof(char) * 256;
179-
unsigned char *random_buffer = sqlcipher_malloc(random_buffer_sz);
180-
sqlcipher_memset(random_buffer, 0, random_buffer_sz);
181178

182179
switch(algorithm) {
183180
case SQLCIPHER_HMAC_SHA1:
@@ -198,12 +195,6 @@ static int sqlcipher_ltc_kdf(void *ctx, int algorithm, const unsigned char *pass
198195
workfactor, hash_idx, key, &outlen)) != CRYPT_OK) {
199196
return SQLITE_ERROR;
200197
}
201-
if((rc = pkcs_5_alg2(key, key_sz, salt, salt_sz,
202-
1, hash_idx, random_buffer, &random_buffer_sz)) != CRYPT_OK) {
203-
return SQLITE_ERROR;
204-
}
205-
sqlcipher_ltc_add_random(ctx, random_buffer, random_buffer_sz);
206-
sqlcipher_free(random_buffer, random_buffer_sz);
207198
return SQLITE_OK;
208199
}
209200

src/crypto_openssl.c

Lines changed: 48 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -209,63 +209,86 @@ static int sqlcipher_openssl_random (void *ctx, void *buffer, int length) {
209209

210210
static int sqlcipher_openssl_hmac(void *ctx, int algorithm, unsigned char *hmac_key, int key_sz, unsigned char *in, int in_sz, unsigned char *in2, int in2_sz, unsigned char *out) {
211211
unsigned int outlen;
212-
HMAC_CTX* hctx = HMAC_CTX_new();
213-
if(hctx == NULL || in == NULL) return SQLITE_ERROR;
212+
int rc = SQLITE_OK;
213+
HMAC_CTX* hctx = NULL;
214+
215+
if(in == NULL) goto error;
216+
217+
hctx = HMAC_CTX_new();
218+
if(hctx == NULL) goto error;
214219

215220
switch(algorithm) {
216221
case SQLCIPHER_HMAC_SHA1:
217-
HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL);
222+
if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha1(), NULL)) goto error;
218223
break;
219224
case SQLCIPHER_HMAC_SHA256:
220-
HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha256(), NULL);
221-
return EVP_MD_size(EVP_sha256());;
225+
if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha256(), NULL)) goto error;
222226
break;
223227
case SQLCIPHER_HMAC_SHA512:
224-
HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha512(), NULL);
228+
if(!HMAC_Init_ex(hctx, hmac_key, key_sz, EVP_sha512(), NULL)) goto error;
225229
break;
226230
default:
227-
return SQLITE_ERROR;
231+
goto error;
228232
}
229233

230-
HMAC_Update(hctx, in, in_sz);
231-
if(in2 != NULL) HMAC_Update(hctx, in2, in2_sz);
232-
HMAC_Final(hctx, out, &outlen);
233-
HMAC_CTX_free(hctx);
234-
return SQLITE_OK;
234+
if(!HMAC_Update(hctx, in, in_sz)) goto error;
235+
if(in2 != NULL) {
236+
if(!HMAC_Update(hctx, in2, in2_sz)) goto error;
237+
}
238+
if(!HMAC_Final(hctx, out, &outlen)) goto error;
239+
240+
goto cleanup;
241+
error:
242+
rc = SQLITE_ERROR;
243+
cleanup:
244+
if(hctx) HMAC_CTX_free(hctx);
245+
return rc;
235246
}
236247

237248
static int sqlcipher_openssl_kdf(void *ctx, int algorithm, const unsigned char *pass, int pass_sz, unsigned char* salt, int salt_sz, int workfactor, int key_sz, unsigned char *key) {
249+
int rc = SQLITE_OK;
250+
238251
switch(algorithm) {
239252
case SQLCIPHER_HMAC_SHA1:
240-
PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha1(), key_sz, key);
253+
if(!PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha1(), key_sz, key)) goto error;
241254
break;
242255
case SQLCIPHER_HMAC_SHA256:
243-
PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha256(), key_sz, key);
256+
if(!PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha256(), key_sz, key)) goto error;
244257
break;
245258
case SQLCIPHER_HMAC_SHA512:
246-
PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha512(), key_sz, key);
259+
if(!PKCS5_PBKDF2_HMAC((const char *)pass, pass_sz, salt, salt_sz, workfactor, EVP_sha512(), key_sz, key)) goto error;
247260
break;
248261
default:
249262
return SQLITE_ERROR;
250263
}
251-
return SQLITE_OK;
264+
265+
goto cleanup;
266+
error:
267+
rc = SQLITE_ERROR;
268+
cleanup:
269+
return rc;
252270
}
253271

254272
static int sqlcipher_openssl_cipher(void *ctx, int mode, unsigned char *key, int key_sz, unsigned char *iv, unsigned char *in, int in_sz, unsigned char *out) {
255-
int tmp_csz, csz;
273+
int tmp_csz, csz, rc = SQLITE_OK;
256274
EVP_CIPHER_CTX* ectx = EVP_CIPHER_CTX_new();
257-
if(ectx == NULL) return SQLITE_ERROR;
258-
EVP_CipherInit_ex(ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, NULL, mode);
259-
EVP_CIPHER_CTX_set_padding(ectx, 0); /* no padding */
260-
EVP_CipherInit_ex(ectx, NULL, NULL, key, iv, mode);
261-
EVP_CipherUpdate(ectx, out, &tmp_csz, in, in_sz);
275+
if(ectx == NULL) goto error;
276+
if(!EVP_CipherInit_ex(ectx, ((openssl_ctx *)ctx)->evp_cipher, NULL, NULL, NULL, mode)) goto error;
277+
if(!EVP_CIPHER_CTX_set_padding(ectx, 0)) goto error; /* no padding */
278+
if(!EVP_CipherInit_ex(ectx, NULL, NULL, key, iv, mode)) goto error;
279+
if(!EVP_CipherUpdate(ectx, out, &tmp_csz, in, in_sz)) goto error;
262280
csz = tmp_csz;
263281
out += tmp_csz;
264-
EVP_CipherFinal_ex(ectx, out, &tmp_csz);
282+
if(!EVP_CipherFinal_ex(ectx, out, &tmp_csz)) goto error;
265283
csz += tmp_csz;
266-
EVP_CIPHER_CTX_free(ectx);
267284
assert(in_sz == csz);
268-
return SQLITE_OK;
285+
286+
goto cleanup;
287+
error:
288+
rc = SQLITE_ERROR;
289+
cleanup:
290+
if(ectx) EVP_CIPHER_CTX_free(ectx);
291+
return rc;
269292
}
270293

271294
static const char* sqlcipher_openssl_get_cipher(void *ctx) {

0 commit comments

Comments
 (0)