src/crypto.h

   1 /*
   2 ** SQLCipher
   3 ** crypto.h developed by Stephen Lombardo (Zetetic LLC)
   4 ** sjlombardo at zetetic dot net
   5 ** http://zetetic.net
   6 **
   7 ** Copyright (c) 2008, ZETETIC LLC
   8 ** All rights reserved.
   9 **
  10 ** Redistribution and use in source and binary forms, with or without
  11 ** modification, are permitted provided that the following conditions are met:
  12 **     * Redistributions of source code must retain the above copyright
  13 **       notice, this list of conditions and the following disclaimer.
  14 **     * Redistributions in binary form must reproduce the above copyright
  15 **       notice, this list of conditions and the following disclaimer in the
  16 **       documentation and/or other materials provided with the distribution.
  17 **     * Neither the name of the ZETETIC LLC nor the
  18 **       names of its contributors may be used to endorse or promote products
  19 **       derived from this software without specific prior written permission.
  20 **
  21 ** THIS SOFTWARE IS PROVIDED BY ZETETIC LLC ''AS IS'' AND ANY
  22 ** EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  23 ** WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  24 ** DISCLAIMED. IN NO EVENT SHALL ZETETIC LLC BE LIABLE FOR ANY
  25 ** DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  26 ** (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  27 ** LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  28 ** ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  29 ** (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  30 ** SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  31 **
  32 */
  33 /* BEGIN CRYPTO */
  34 #ifdef SQLITE_HAS_CODEC
  35 #ifndef CRYPTO_H
  36 #define CRYPTO_H
  37
  38 #define FILE_HEADER_SZ 16
  39
  40 #ifndef CIPHER_VERSION
  41 #define CIPHER_VERSION "2.0.6"
  42 #endif
  43
  44 #ifndef CIPHER
  45 #define CIPHER "aes-256-cbc"
  46 #endif
  47
  48 #define CIPHER_DECRYPT 0
  49 #define CIPHER_ENCRYPT 1
  50
  51 #define CIPHER_READ_CTX 0
  52 #define CIPHER_WRITE_CTX 1
  53 #define CIPHER_READWRITE_CTX 2
  54
  55 #ifndef PBKDF2_ITER
  56 #define PBKDF2_ITER 4000
  57 #endif
  58
  59 /* possible flags for cipher_ctx->flags */
  60 #define CIPHER_FLAG_HMAC 0x01
  61
  62 #ifndef DEFAULT_CIPHER_FLAGS
  63 #define DEFAULT_CIPHER_FLAGS CIPHER_FLAG_HMAC
  64 #endif
  65
  66
  67 /* by default, sqlcipher will use a reduced number of iterations to generate
  68    the HMAC key / or transform a raw cipher key
  69    */
  70 #ifndef FAST_PBKDF2_ITER
  71 #define FAST_PBKDF2_ITER 2
  72 #endif
  73
  74 /* this if a fixed random array that will be xor'd with the database salt to ensure that the
  75    salt passed to the HMAC key derivation function is not the same as that used to derive
  76    the encryption key. This can be overridden at compile time but it will make the resulting
  77    binary incompatible with the default builds when using HMAC. A future version of SQLcipher
  78    will likely allow this to be defined at runtime via pragma */
  79 #ifndef HMAC_SALT_MASK
  80 #define HMAC_SALT_MASK 0x3a
  81 #endif
  82
  83 #ifdef CODEC_DEBUG
  84 #define CODEC_TRACE(X)  {printf X;fflush(stdout);}
  85 #else
  86 #define CODEC_TRACE(X)
  87 #endif
  88
  89 #ifdef CODEC_DEBUG_PAGEDATA
  90 #define CODEC_HEXDUMP(DESC,BUFFER,LEN)  \
  91   { \
  92     int __pctr; \
  93     printf(DESC); \
  94     for(__pctr=0; __pctr < LEN; __pctr++) { \
  95       if(__pctr % 16 == 0) printf("\n%05x: ",__pctr); \
  96       printf("%02x ",((unsigned char*) BUFFER)[__pctr]); \
  97     } \
  98     printf("\n"); \
  99     fflush(stdout); \
 100   }
 101 #else
 102 #define CODEC_HEXDUMP(DESC,BUFFER,LEN)
 103 #endif
 104
 105 /* extensions defined in pager.c */
 106 void sqlite3pager_get_codec(Pager *pPager, void **ctx);
 107 int sqlite3pager_is_mj_pgno(Pager *pPager, Pgno pgno);
 108 sqlite3_file *sqlite3Pager_get_fd(Pager *pPager);
 109 void sqlite3pager_sqlite3PagerSetCodec(
 110   Pager *pPager,
 111   void *(*xCodec)(void*,void*,Pgno,int),
 112   void (*xCodecSizeChng)(void*,int,int),
 113   void (*xCodecFree)(void*),
 114   void *pCodec
 115 );
 116 void sqlite3pager_sqlite3PagerSetError(Pager *pPager, int error);
 117 /* end extensions defined in pager.c */
 118
 119 /*
 120 **  Simple shared routines for converting hex char strings to binary data
 121  */
 122 static int cipher_hex2int(char c) {
 123   return (c>='0' && c<='9') ? (c)-'0' :
 124          (c>='A' && c<='F') ? (c)-'A'+10 :
 125          (c>='a' && c<='f') ? (c)-'a'+10 : 0;
 126 }
 127
 128 static void cipher_hex2bin(const char *hex, int sz, unsigned char *out){
 129   int i;
 130   for(i = 0; i < sz; i += 2){
 131     out[i/2] = (cipher_hex2int(hex[i])<<4) | cipher_hex2int(hex[i+1]);
 132   }
 133 }
 134
 135 /* extensions defined in crypto_impl.c */
 136
 137 typedef struct codec_ctx codec_ctx;
 138
 139 /* utility functions */
 140 int sqlcipher_ismemset(const unsigned char *a0, unsigned char value, int len);
 141 int sqlcipher_memcmp(const unsigned char *a0, const unsigned char *a1, int len);
 142 int sqlcipher_pseudorandom(void *, int);
 143 void sqlcipher_free(void *, int);
 144
 145 /* activation and initialization */
 146 void sqlcipher_activate();
 147 int sqlcipher_codec_ctx_init(codec_ctx **, Db *, Pager *, sqlite3_file *, const void *, int);
 148 void sqlcipher_codec_ctx_free(codec_ctx **);
 149 int sqlcipher_codec_key_derive(codec_ctx *);
 150 int sqlcipher_codec_key_copy(codec_ctx *, int);
 151
 152 /* page cipher implementation */
 153 int sqlcipher_page_cipher(codec_ctx *, int, Pgno, int, int, unsigned char *, unsigned char *);
 154
 155 /* context setters & getters */
 156 void sqlcipher_codec_ctx_set_error(codec_ctx *, int);
 157
 158 int sqlcipher_codec_ctx_set_pass(codec_ctx *, const void *, int, int);
 159 void sqlcipher_codec_get_pass(codec_ctx *, void **zKey, int *nKey);
 160
 161 int sqlcipher_codec_ctx_set_pagesize(codec_ctx *, int);
 162 int sqlcipher_codec_ctx_get_pagesize(codec_ctx *);
 163 int sqlcipher_codec_ctx_get_reservesize(codec_ctx *);
 164
 165 int sqlcipher_codec_ctx_set_kdf_iter(codec_ctx *, int, int);
 166 void* sqlcipher_codec_ctx_get_kdf_salt(codec_ctx *ctx);
 167
 168 int sqlcipher_codec_ctx_set_fast_kdf_iter(codec_ctx *, int, int);
 169
 170 int sqlcipher_codec_ctx_set_cipher(codec_ctx *, const char *, int);
 171
 172 void* sqlcipher_codec_ctx_get_data(codec_ctx *);
 173
 174 void sqlcipher_exportFunc(sqlite3_context *, int, sqlite3_value **);
 175
 176 void sqlcipher_set_default_use_hmac(int use);
 177
 178 int sqlcipher_codec_ctx_set_use_hmac(codec_ctx *ctx, int use);
 179 /* end extensions defined in crypto_impl.c */
 180
 181 #endif
 182 #endif
 183 /* END CRYPTO */