Skip to content

Commit c224d04

Browse files
MKleusbergMKleusberg
committed
sqlcipher: Fix editing the encryption for SQLCipher4
With SQLCipher4 the encryption was not working as expected because the KDF and HMAC algorithms were not set properly. This is fixed in this commit so it should work now with SQLCipher4 as well as SQLCipher3. See issues #1690 and #1732.
1 parent 4a728bd commit c224d04

File tree

3 files changed

+10
-10
lines changed

3 files changed

+10
-10
lines changed

src/CipherDialog.cpp

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -70,8 +70,8 @@ CipherSettings CipherDialog::getCipherSettings() const
7070
cipherSettings.setPassword(password);
7171
cipherSettings.setPageSize(pageSize);
7272
cipherSettings.setKdfIterations(ui->spinKdfIterations->value());
73-
cipherSettings.setHmacAlgorithm(ui->comboHmacAlgorithm->currentText());
74-
cipherSettings.setKdfAlgorithm(ui->comboKdfAlgorithm->currentText());
73+
cipherSettings.setHmacAlgorithm(QString("HMAC_") + ui->comboHmacAlgorithm->currentText());
74+
cipherSettings.setKdfAlgorithm(QString("PBKDF2_HMAC_") + ui->comboKdfAlgorithm->currentText());
7575

7676
return cipherSettings;
7777
}

src/MainWindow.cpp

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3177,12 +3177,12 @@ void MainWindow::editEncryption()
31773177
qApp->processEvents();
31783178
if(ok)
31793179
ok = db.executeSQL(QString("PRAGMA sqlitebrowser_edit_encryption.cipher_page_size = %1").arg(cipherSettings.getPageSize()), false, false);
3180-
if(ok)
3181-
ok = db.executeSQL(QString("PRAGMA sqlitebrowser_edit_encryption.kdf_iter = %1").arg(cipherSettings.getKdfIterations()), false, false);
31823180
if(ok)
31833181
ok = db.executeSQL(QString("PRAGMA sqlitebrowser_edit_encryption.cipher_hmac_algorithm = %1").arg(cipherSettings.getHmacAlgorithm()), false, false);
31843182
if(ok)
31853183
ok = db.executeSQL(QString("PRAGMA sqlitebrowser_edit_encryption.cipher_kdf_algorithm = %1").arg(cipherSettings.getKdfAlgorithm()), false, false);
3184+
if(ok)
3185+
ok = db.executeSQL(QString("PRAGMA sqlitebrowser_edit_encryption.kdf_iter = %1").arg(cipherSettings.getKdfIterations()), false, false);
31863186

31873187
// Export the current database to the new one
31883188
qApp->processEvents();

src/sqlitedb.cpp

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -128,8 +128,8 @@ bool DBBrowserDB::open(const QString& db, bool readOnly)
128128
executeSQL(QString("PRAGMA key = %1").arg(cipherSettings->getPassword()), false, false);
129129
executeSQL(QString("PRAGMA cipher_page_size = %1;").arg(cipherSettings->getPageSize()), false, false);
130130
executeSQL(QString("PRAGMA kdf_iter = %1;").arg(cipherSettings->getKdfIterations()), false, false);
131-
executeSQL(QString("PRAGMA cipher_hmac_algorithm = HMAC_%1;").arg(cipherSettings->getHmacAlgorithm()), false, false);
132-
executeSQL(QString("PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_%1;").arg(cipherSettings->getKdfAlgorithm()), false, false);
131+
executeSQL(QString("PRAGMA cipher_hmac_algorithm = %1;").arg(cipherSettings->getHmacAlgorithm()), false, false);
132+
executeSQL(QString("PRAGMA cipher_kdf_algorithm = %1;").arg(cipherSettings->getKdfAlgorithm()), false, false);
133133
}
134134
#endif
135135
delete cipherSettings;
@@ -245,12 +245,12 @@ bool DBBrowserDB::attach(const QString& filePath, QString attach_as)
245245
QMessageBox::warning(nullptr, qApp->applicationName(), lastErrorMessage);
246246
return false;
247247
}
248-
if(!executeSQL(QString("PRAGMA %1.cipher_hmac_algorithm = HMAC_%2").arg(sqlb::escapeIdentifier(attach_as)).arg(cipherSettings->getHmacAlgorithm()), false))
248+
if(!executeSQL(QString("PRAGMA %1.cipher_hmac_algorithm = %2").arg(sqlb::escapeIdentifier(attach_as)).arg(cipherSettings->getHmacAlgorithm()), false))
249249
{
250250
QMessageBox::warning(nullptr, qApp->applicationName(), lastErrorMessage);
251251
return false;
252252
}
253-
if(!executeSQL(QString("PRAGMA %1.cipher_kdf_algorithm = PBKDF2_HMAC_%2").arg(sqlb::escapeIdentifier(attach_as)).arg(cipherSettings->getKdfAlgorithm()), false))
253+
if(!executeSQL(QString("PRAGMA %1.cipher_kdf_algorithm = %2").arg(sqlb::escapeIdentifier(attach_as)).arg(cipherSettings->getKdfAlgorithm()), false))
254254
{
255255
QMessageBox::warning(nullptr, qApp->applicationName(), lastErrorMessage);
256256
return false;
@@ -404,9 +404,9 @@ bool DBBrowserDB::tryEncryptionSettings(const QString& filePath, bool* encrypted
404404
if(cipherSettings->getKdfIterations() != enc_default_kdf_iter)
405405
sqlite3_exec(dbHandle, QString("PRAGMA kdf_iter = %1;").arg(cipherSettings->getKdfIterations()).toUtf8(), nullptr, nullptr, nullptr);
406406
if(cipherSettings->getHmacAlgorithm() != enc_default_hmac_algorithm)
407-
sqlite3_exec(dbHandle, QString("PRAGMA cipher_hmac_algorithm = HMAC_%1;").arg(cipherSettings->getHmacAlgorithm()).toUtf8(), nullptr, nullptr, nullptr);
407+
sqlite3_exec(dbHandle, QString("PRAGMA cipher_hmac_algorithm = %1;").arg(cipherSettings->getHmacAlgorithm()).toUtf8(), nullptr, nullptr, nullptr);
408408
if(cipherSettings->getKdfAlgorithm() != enc_default_kdf_algorithm)
409-
sqlite3_exec(dbHandle, QString("PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_%1;").arg(cipherSettings->getKdfAlgorithm()).toUtf8(), nullptr, nullptr, nullptr);
409+
sqlite3_exec(dbHandle, QString("PRAGMA cipher_kdf_algorithm = %1;").arg(cipherSettings->getKdfAlgorithm()).toUtf8(), nullptr, nullptr, nullptr);
410410

411411
*encrypted = true;
412412
#else

0 commit comments

Comments
 (0)