3 ** http://sqlcipher.net
5 ** Copyright (c) 2008 - 2013, ZETETIC LLC
6 ** All rights reserved.
8 ** Redistribution and use in source and binary forms, with or without
9 ** modification, are permitted provided that the following conditions are met:
10 ** * Redistributions of source code must retain the above copyright
11 ** notice, this list of conditions and the following disclaimer.
12 ** * Redistributions in binary form must reproduce the above copyright
13 ** notice, this list of conditions and the following disclaimer in the
14 ** documentation and/or other materials provided with the distribution.
15 ** * Neither the name of the ZETETIC LLC nor the
16 ** names of its contributors may be used to endorse or promote products
17 ** derived from this software without specific prior written permission.
19 ** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY
20 ** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
21 ** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
22 ** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY
23 ** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
24 ** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
25 ** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
26 ** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 ** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28 ** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 #ifdef SQLITE_HAS_CODEC
33 #ifdef SQLCIPHER_CRYPTO_LIBTOMCRYPT
34 #include "sqliteInt.h"
35 #include "sqlcipher.h"
42 static unsigned int ltc_init
= 0;
44 static int sqlcipher_ltc_add_random(void *ctx
, void *buffer
, int length
) {
45 ltc_ctx
*ltc
= (ltc_ctx
*)ctx
;
46 int rc
= fortuna_add_entropy(buffer
, length
, &(ltc
->prng
));
47 return rc
!= CRYPT_OK
? SQLITE_ERROR
: SQLITE_OK
;
50 static int sqlcipher_ltc_activate(void *ctx
) {
51 ltc_ctx
*ltc
= (ltc_ctx
*)ctx
;
52 int random_buffer_sz
= 32;
53 unsigned char random_buffer
[random_buffer_sz
];
56 if(register_prng(&fortuna_desc
) != CRYPT_OK
) return SQLITE_ERROR
;
57 if(register_cipher(&rijndael_desc
) != CRYPT_OK
) return SQLITE_ERROR
;
58 if(register_hash(&sha1_desc
) != CRYPT_OK
) return SQLITE_ERROR
;
61 if(fortuna_start(&(ltc
->prng
)) != CRYPT_OK
) {
64 sqlite3_randomness(random_buffer_sz
, &random_buffer
);
65 if(sqlcipher_ltc_add_random(ctx
, random_buffer
, random_buffer_sz
) != SQLITE_OK
) {
68 if(sqlcipher_ltc_add_random(ctx
, <c
, sizeof(ltc_ctx
*)) != SQLITE_OK
) {
71 if(fortuna_ready(&(ltc
->prng
)) != CRYPT_OK
) {
77 static int sqlcipher_ltc_deactivate(void *ctx
) {
78 ltc_ctx
*ltc
= (ltc_ctx
*)ctx
;
79 fortuna_done(&(ltc
->prng
));
82 static const char* sqlcipher_ltc_get_provider_name(void *ctx
) {
86 static int sqlcipher_ltc_random(void *ctx
, void *buffer
, int length
) {
87 ltc_ctx
*ltc
= (ltc_ctx
*)ctx
;
90 if((rc
= fortuna_ready(&(ltc
->prng
))) != CRYPT_OK
) {
93 fortuna_read(buffer
, length
, &(ltc
->prng
));
97 static int sqlcipher_ltc_hmac(void *ctx
, unsigned char *hmac_key
, int key_sz
, unsigned char *in
, int in_sz
, unsigned char *in2
, int in2_sz
, unsigned char *out
) {
100 unsigned long outlen
= key_sz
;
102 hash_idx
= find_hash("sha1");
103 if((rc
= hmac_init(&hmac
, hash_idx
, hmac_key
, key_sz
)) != CRYPT_OK
) return SQLITE_ERROR
;
104 if((rc
= hmac_process(&hmac
, in
, in_sz
)) != CRYPT_OK
) return SQLITE_ERROR
;
105 if((rc
= hmac_process(&hmac
, in2
, in2_sz
)) != CRYPT_OK
) return SQLITE_ERROR
;
106 if((rc
= hmac_done(&hmac
, out
, &outlen
)) != CRYPT_OK
) return SQLITE_ERROR
;
110 static int sqlcipher_ltc_kdf(void *ctx
, const char *pass
, int pass_sz
, unsigned char* salt
, int salt_sz
, int workfactor
, int key_sz
, unsigned char *key
) {
112 unsigned long outlen
= key_sz
;
113 unsigned long random_buffer_sz
= 256;
114 char random_buffer
[random_buffer_sz
];
115 ltc_ctx
*ltc
= (ltc_ctx
*)ctx
;
117 hash_idx
= find_hash("sha1");
118 if((rc
= pkcs_5_alg2(pass
, pass_sz
, salt
, salt_sz
,
119 workfactor
, hash_idx
, key
, &outlen
)) != CRYPT_OK
) {
122 if((rc
= pkcs_5_alg2(key
, key_sz
, salt
, salt_sz
,
123 1, hash_idx
, random_buffer
, &random_buffer_sz
)) != CRYPT_OK
) {
126 sqlcipher_ltc_add_random(ctx
, random_buffer
, random_buffer_sz
);
130 static const char* sqlcipher_ltc_get_cipher(void *ctx
) {
134 static int sqlcipher_ltc_cipher(void *ctx
, int mode
, unsigned char *key
, int key_sz
, unsigned char *iv
, unsigned char *in
, int in_sz
, unsigned char *out
) {
135 int rc
, cipher_idx
, hash_idx
;
138 if((cipher_idx
= find_cipher(sqlcipher_ltc_get_cipher(ctx
))) == -1) return SQLITE_ERROR
;
139 if((rc
= cbc_start(cipher_idx
, iv
, key
, key_sz
, 0, &cbc
)) != CRYPT_OK
) return SQLITE_ERROR
;
140 rc
= mode
== 1 ? cbc_encrypt(in
, out
, in_sz
, &cbc
) : cbc_decrypt(in
, out
, in_sz
, &cbc
);
141 if(rc
!= CRYPT_OK
) return SQLITE_ERROR
;
146 static int sqlcipher_ltc_set_cipher(void *ctx
, const char *cipher_name
) {
150 static int sqlcipher_ltc_get_key_sz(void *ctx
) {
151 int cipher_idx
= find_cipher(sqlcipher_ltc_get_cipher(ctx
));
152 return cipher_descriptor
[cipher_idx
].max_key_length
;
155 static int sqlcipher_ltc_get_iv_sz(void *ctx
) {
156 int cipher_idx
= find_cipher(sqlcipher_ltc_get_cipher(ctx
));
157 return cipher_descriptor
[cipher_idx
].block_length
;
160 static int sqlcipher_ltc_get_block_sz(void *ctx
) {
161 int cipher_idx
= find_cipher(sqlcipher_ltc_get_cipher(ctx
));
162 return cipher_descriptor
[cipher_idx
].block_length
;
165 static int sqlcipher_ltc_get_hmac_sz(void *ctx
) {
166 int hash_idx
= find_hash("sha1");
167 return hash_descriptor
[hash_idx
].hashsize
;
170 static int sqlcipher_ltc_ctx_copy(void *target_ctx
, void *source_ctx
) {
171 memcpy(target_ctx
, source_ctx
, sizeof(ltc_ctx
));
175 static int sqlcipher_ltc_ctx_cmp(void *c1
, void *c2
) {
179 static int sqlcipher_ltc_ctx_init(void **ctx
) {
180 *ctx
= sqlcipher_malloc(sizeof(ltc_ctx
));
181 if(*ctx
== NULL
) return SQLITE_NOMEM
;
182 sqlcipher_ltc_activate(*ctx
);
186 static int sqlcipher_ltc_ctx_free(void **ctx
) {
187 sqlcipher_ltc_deactivate(&ctx
);
188 sqlcipher_free(*ctx
, sizeof(ltc_ctx
));
192 int sqlcipher_ltc_setup(sqlcipher_provider
*p
) {
193 p
->activate
= sqlcipher_ltc_activate
;
194 p
->deactivate
= sqlcipher_ltc_deactivate
;
195 p
->get_provider_name
= sqlcipher_ltc_get_provider_name
;
196 p
->random
= sqlcipher_ltc_random
;
197 p
->hmac
= sqlcipher_ltc_hmac
;
198 p
->kdf
= sqlcipher_ltc_kdf
;
199 p
->cipher
= sqlcipher_ltc_cipher
;
200 p
->set_cipher
= sqlcipher_ltc_set_cipher
;
201 p
->get_cipher
= sqlcipher_ltc_get_cipher
;
202 p
->get_key_sz
= sqlcipher_ltc_get_key_sz
;
203 p
->get_iv_sz
= sqlcipher_ltc_get_iv_sz
;
204 p
->get_block_sz
= sqlcipher_ltc_get_block_sz
;
205 p
->get_hmac_sz
= sqlcipher_ltc_get_hmac_sz
;
206 p
->ctx_copy
= sqlcipher_ltc_ctx_copy
;
207 p
->ctx_cmp
= sqlcipher_ltc_ctx_cmp
;
208 p
->ctx_init
= sqlcipher_ltc_ctx_init
;
209 p
->ctx_free
= sqlcipher_ltc_ctx_free
;
210 p
->add_random
= sqlcipher_ltc_add_random
;